Does this assume that only a single user on the device can install and use the service?

removed everything about installing the service and configuration permissions for now, will solve this later in a way that multiple users can install/use the service

What problems does this solve compared to the version on master? I assume it has to do with what errors are returned by Wait, but by just looking at this file alone is hard to tell what changed in the whole process orchestration compared to master.

Do we just want Close() to not make Wait() return a "context cancelled" error? I know we've changed how we approach this specific error a couple of times, so I'd just want to have some clarity on how to approach it in the future. ;)

i don't feel strongly about this, for some reason while writing i wanted it not to return an error after the processmanager was closed, if you have another opinion i can revert

Connect will have to perform its own equivalent of those commands, right?

no, the vnet service command will run when tshd re-execs itself, it should be handled by tsh fine

tsh vnet works fine on Windows. The macOS daemon works too.

At first I copied the wrong wintun.dll. I copied the arm64 version but my VM is actually amd64. This resulted in tsh vnet returning this:

$ ./build/tsh.exe vnet
VNet is ready.
ERROR: running admin process in the background
        service stopped running prematurely, status: {1 0 0 0 0 0 0}

Is it possible to convert the status to some kind of a text representation?

yeah switched to %+v which gives a better view

It's a little strange that the caller has to close the ProcessManager on error, but not on success - typically code goes the other way. Should we make sure the ProcessManager on errors here instead?

yeah this ended up weird when i kept this part here and moved process manager creation into the platform-specific functions. Now i've moved closing the ProcessManager down into the platform functions.