mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2025-01-18 10:47:24 -05:00
3806ecf338
Those are redundant, and yaml parser strips them in fact. By removing them, loading and saving yaml file without any change indeed produce the same output. This is useful for prepare_for_translation.py script (which adds lang and ref tags) - to produce only change that indeed was made.
216 lines
7.6 KiB
Markdown
216 lines
7.6 KiB
Markdown
---
|
|
lang: en
|
|
layout: doc
|
|
permalink: /doc/glossary/
|
|
redirect_from:
|
|
- /en/doc/glossary/
|
|
- /doc/Glossary/
|
|
- /wiki/Glossary/
|
|
ref: 140
|
|
title: Glossary
|
|
---
|
|
|
|
## admin qube
|
|
|
|
A type of [qube](#qube) used for administering Qubes OS.
|
|
|
|
* Currently, the only admin qube is [dom0](#dom0).
|
|
|
|
## app qube
|
|
|
|
Any [qube](#qube) that does not have a root filesystem of its own. Every app
|
|
qube is based on a [template](#template) from which it borrows the root
|
|
filesystem.
|
|
|
|
* Previously known as: `AppVM`, `TemplateBasedVM`.
|
|
|
|
* Historical note: This term originally meant "a qube intended for running user
|
|
software applications" (hence the name "app").
|
|
|
|
## disposable
|
|
|
|
A type of temporary [app qube](#app-qube) that self-destructs when its
|
|
originating window closes. Each disposable is based on a [disposable
|
|
template](#disposable-template).
|
|
|
|
See [How to Use Dispoables](/doc/how-to-use-disposables/).
|
|
|
|
* Previously known as: `DisposableVM`, `DispVM`.
|
|
|
|
## disposable template
|
|
|
|
Any [app qube](#app-qube) on which [disposables](#disposable) are based. A
|
|
disposable template shares its user directories (and, indirectly, the root
|
|
filesystem of the regular [template](#template) on which it is based) with all
|
|
[disposables](#disposable) based on it.
|
|
|
|
* Not to be confused with the concept of a regular [template](#template) that
|
|
is itself disposable, which does not exist in Qubes OS.
|
|
|
|
* Disposable templates must be app qubes. They cannot be regular
|
|
[templates](#template).
|
|
|
|
* Every [disposable](#disposable) is based on a disposable template, which is
|
|
in turn based on a regular [template](#template).
|
|
|
|
* Unlike [disposables](#disposable), disposable templates have the persistence
|
|
properties of normal [app qubes](#app-qube).
|
|
|
|
* Previously known as: `DisposableVM Template`, `DVM Template`, `DVM`.
|
|
|
|
## dom0
|
|
|
|
[Domain](#domain) zero. A type of [admin qube](#admin-qube). Also known as the
|
|
**host** domain, dom0 is the initial qube started by the Xen hypervisor on
|
|
boot. Dom0 runs the Xen management toolstack and has special privileges
|
|
relative to other domains, such as direct access to most hardware.
|
|
|
|
* The term "dom0" is a common noun and should follow the capitalization rules
|
|
of common nouns.
|
|
|
|
## domain
|
|
|
|
In Xen, a synonym for [VM](#vm).
|
|
|
|
See ["domain" on the Xen Wiki](https://wiki.xenproject.org/wiki/Domain).
|
|
|
|
* This term has no official meaning in Qubes OS.
|
|
|
|
## domU
|
|
|
|
Unprivileged [domain](#domain). Also known as **guest** domains, domUs are the
|
|
counterparts to dom0. In Xen, all VMs except dom0 are domUs. By default, most
|
|
domUs lack direct hardware access.
|
|
|
|
* The term "domU" is a common noun and should follow the capitalization rules
|
|
of common nouns.
|
|
|
|
* Sometimes the term [VM](#vm) is used as a synonym for domU. This is
|
|
technically inaccurate, as [dom0](#dom0) is also a VM in Xen.
|
|
|
|
## HVM
|
|
|
|
Hardware-assisted Virtual Machine. Any fully virtualized, or hardware-assisted,
|
|
[VM](#vm) utilizing the virtualization extensions of the host CPU. Although
|
|
HVMs are typically slower than paravirtualized qubes due to the required
|
|
emulation, HVMs allow the user to create domains based on any operating system.
|
|
|
|
See [Standalones and HVM](/doc/standalones-and-hvms/).
|
|
|
|
## management qube
|
|
|
|
A [qube](#qube) used for automated management of a Qubes OS installation via
|
|
[Salt](/doc/salt/).
|
|
|
|
## named disposable
|
|
|
|
A type of [disposable](#disposable) given a permanent name that continues to
|
|
exist even after it is shut down and can be restarted again. Like a regular
|
|
[disposable](#disposable), a named disposable has no persistent state: Any
|
|
changes made are lost when it is shut down.
|
|
|
|
* Only one instance of a named disposable can run at a time.
|
|
|
|
* Like a regular [disposable](#disposable), a named disposable always has the
|
|
same state when it starts, namely that of the [disposable
|
|
template](#disposable-template) on which it is based.
|
|
|
|
* Technical note: Named disposables are useful for certain [service
|
|
qubes](#service-qube), where the combination of persistent device assignment
|
|
and ephemeral qube state is desirable.
|
|
|
|
## netvm
|
|
|
|
The property of a [qube](#qube) that specifies from which qube, if any, it
|
|
receives network access. Despite the name, `netvm` is a *property* of a qube,
|
|
not a type of VM. For example, it is common for the `netvm` of an [app
|
|
qube](#app-qube) to be the [service qube](#service-qube) `sys-firewall`, which
|
|
in turn uses `sys-net` as its `netvm`.
|
|
|
|
* If a qube does not have a `netvm` (i.e., its `netvm` is set to `None`), then
|
|
that qube is offline. It is disconnected from all networking.
|
|
|
|
* The name derives from "Networking Virtual Machine." Before Qubes 4.0, there
|
|
was a type of [service qube](#service-qube) called a "NetVM." The name of the
|
|
`netvm` property is a holdover from that era.
|
|
|
|
## qube
|
|
|
|
A secure compartment in Qubes OS. Currently, qubes are implemented as Xen
|
|
[VMs](#vm), but Qubes OS is independent of its underlying compartmentalization
|
|
technology. VMs could be replaced with a different technology, and qubes would
|
|
still be called "qubes."
|
|
|
|
* **Important:** The term "qube" is a common noun and should follow the
|
|
capitalization rules of common nouns. For example, "I have three qubes" is
|
|
correct," while "I have three Qubes" is incorrect.
|
|
|
|
* Note that starting a sentence with the plural of "qube" (i.e., "Qubes...")
|
|
can be ambiguous, since it may not be clear whether the referent is a
|
|
plurality of qubes or [Qubes OS](#qubes-os).
|
|
|
|
* Example usage: "In Qubes OS, you do your banking in your 'banking' qube and
|
|
your web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube
|
|
is compromised, your banking activities will remain secure."
|
|
|
|
* Historical note: The term "qube" was originally invented as an alternative to
|
|
"VM" intended to make it easier for less technical users to understand Qubes
|
|
OS and learn how to use it.
|
|
|
|
## Qubes OS
|
|
|
|
A security-oriented operating system (OS). The main principle of Qubes OS is
|
|
security by compartmentalization (or isolation), in which activities are
|
|
compartmentalized (or isolated) in separate [qubes](#qube).
|
|
|
|
* **Important:** The official name is "Qubes OS" (note the capitalization and
|
|
the space between "Qubes" and "OS"). In casual conversation, this is often
|
|
shortened to "Qubes." Only in technical contexts where spaces are not
|
|
permitted (e.g., in usernames) may the space be omitted, as in `@QubesOS`.
|
|
|
|
## Qubes Windows Tools (QWT)
|
|
|
|
A set of programs and drivers that provide integration of Windows qubes with
|
|
the rest of the Qubes OS system.
|
|
|
|
See [Qubes Windows Tools](/doc/windows-tools/) and [Windows](/doc/windows/).
|
|
|
|
## service qube
|
|
|
|
Any [app qube](#app-qube) the primary purpose of which is to provide services
|
|
to other qubes. `sys-net` and `sys-firewall` are examples of service qubes.
|
|
|
|
## standalone
|
|
|
|
Any [qube](#qube) that has its own root filesystem and does not share it with
|
|
another qube. Distinct from both [templates](#template) and [app
|
|
qubes](#app-qube).
|
|
|
|
See [Standalones and HVMs](/doc/standalones-and-hvms/).
|
|
|
|
* Previously known as: `StandaloneVM`.
|
|
|
|
## template
|
|
|
|
Any [qube](#qube) that shares its root filesystem with another qube. A qube
|
|
that is borrowing a template's root filesystem is known as an [app
|
|
qube](#app-qube) and is said to be "based on" the template. Templates are
|
|
intended for installing and updating software applications, but not for running
|
|
them.
|
|
|
|
See [Templates](/doc/templates/).
|
|
|
|
* No template is an [app qube](#app-qube).
|
|
|
|
* A template cannot be based on another template.
|
|
|
|
* Regular templates cannot function as [disposable
|
|
templates](#disposable-template). (Disposable templates must be app qubes.)
|
|
|
|
* Previously known as: `TemplateVM`.
|
|
|
|
## VM
|
|
|
|
An abbreviation for "virtual machine." A software implementation of a machine
|
|
(for example, a computer) that executes programs like a physical machine.
|