Add note on policies to glossary

This commit is contained in:
unman 2024-02-18 00:42:52 +00:00
parent 1d540888fe
commit df40f5eacf
No known key found for this signature in database
GPG Key ID: BB52274595B71262

View File

@ -128,10 +128,22 @@ example, it is common for the net qube of an [app qube](#app-qube) to be the
[service qube](#service-qube) `sys-firewall`, which in turn uses `sys-net` as
its net qube.
* If a qube does not have a net qube (i.e., its `netvm` is set to `None`), then
that qube is offline. It is disconnected from all networking.
* The name `netvm` derives from "Networking Virtual Machine." Before Qubes 4.0,
there was a type of [service qube](#service-qube) called a "NetVM." The name
of the `netvm` property is a holdover from that era.
## policies
In Qubes OS, "policies" govern interactions between qubes, powered by [Qubes' qrexec system](https://www.qubes-os.org/doc/qrexec/).
A single policy is a rule applied to a qube or set of qubes, that governs how and when information or assets may be shared with other qubes.
An example is the rules governing how files can be copied between qubes.
Policy rules are grouped together in files under `/etc/qubes/policy.d`
Policies are an important part of what makes Qubes OS special.
## qube
A secure compartment in Qubes OS. Currently, qubes are implemented as Xen
@ -145,8 +157,7 @@ still be called "qubes."
* Note that starting a sentence with the plural of "qube" (i.e., "Qubes...")
can be ambiguous, since it may not be clear whether the referent is a
plurality of qubes or [Qubes OS](#qubes-os). You may wish to rephrase
sentences in order to avoid this ambiguity.
plurality of qubes or [Qubes OS](#qubes-os).
* Example usage: "In Qubes OS, you do your banking in your 'banking' qube and
your web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube
@ -210,5 +221,5 @@ See [Templates](/doc/templates/).
## VM
An abbreviation for "virtual machine." A software implementation of a machine
(for example, a computer) that executes programs like a physical machine.
An abbreviation for "virtual machine." A software implementation of a computer
that provides the functionality of a physical machine.