第二个问题的第一个小问题，可以看 man sudo ,
Security policies may support credential caching to allow the user to run
sudo again for a period of time without requiring authentication. By de‐
fault, the sudoers policy caches credentials on a per-terminal basis for
15 minutes. See the timestamp_type and timestamp_timeout options in
sudoers(5) for more information. By running sudo with the -v option, a
user can update the cached credentials without running a command.
可以加个参数，可以看到第二次也要 password 了
When used without a command, invalidates the user's cached
credentials. In other words, the next time sudo is run a
password will be required. This option does not require a
password, and was added to allow a user to revoke sudo per‐
missions from a .logout file.