It’s possible but iirc the network stack of rootless KVM (qemu:///session) only support very basic networking option with SLiRP. Can it be configured to run Whonix as-is?
Possibly related:
Also worth noting is that, at least on Ubuntu, even with QEMU/KVM connection (Libvirt uri: qemu:///system ) QEMU aren’t run as root, but as a separate user “libvirt-qemu”.
Lets see, hopefully one day qubes-os gonna be having KVM based qubes which gonna help alot.
You can change the user in the libvirt config. Even auto chown for self-generating files like snapshots or images is possible.
By default it uses root though, if I’m not mistaken. At least on Debian I believe.
Pretty sure that’s not the case. The Qemu processes are run as user libvirt-qemu on my computer as we speak. You can ps -ef |grep qemu on host to see if this was true.