Function should_use_passwordless_sudo 

pub fn should_use_passwordless_sudo(settings: &Settings) -> bool

What: Check if passwordless privilege escalation should be used based on settings and system availability.

Inputs:

• settings: Reference to the application settings.

Output:

• true if passwordless execution should be used, false otherwise.

Details:

• This function is strictly about passwordless availability ({tool} -n true).
• For non-PasswordlessOnly modes, checks if use_passwordless_sudo is enabled in settings (legacy safety barrier).
• If legacy toggle is required but disabled, returns false immediately.
• If enabled, checks if passwordless execution is actually available on the system.
• Returns true only if both conditions are met.
• Tool capability constraints (for example: doas lacking stdin password support) are handled separately via should_use_interactive_auth_handoff.
• Test overrides flow through check_passwordless_sudo_available via privilege module.