1.1 Using Other Virtualization SoftwareIndex

You can use any virtualization software you like to create and run this server-style CentOS virtual machine, e.g. VirtualBox, Parallels, etc., but faculty only fully support questions about VMware (and maybe VirtualBox). It’s what we know.

It isn’t the virtualization software that’s important; it’s the running CentOS virtual machine.

2.1 Download Method 1: From the CSTECH Downloads FolderIndex

This method only works on the Algonquin campus. Use a wired connection to download big files such as ISO images; don’t use wireless!

1. On your laptop use a browser to go to the Web site http://cstech on campus.
2. Choose any room from the left side-bar (e.g. T114). Go to Drivers and Downloads, Linux, CentOS, CentOS-6.4-i386-minimal.
3. Choose exactly this 315508736-byte ISO file: CentOS-6.4-i386-minimal.iso
4. Also download the CentOS-6.4-i386-minimal-md5.txt file containing the md5sum file checksum hash.

2.2 Download Method 2: From the Internet (slow)Index

This is slower than the above methods. Use it only if you have to:

1. On your laptop use a browser to go to the Web site http://www.centos.org/.
2. Go to Downloads, Mirrors, Mirror List.
3. Pick an HTTP mirror and find the CentOS-6.4-i386-minimal.iso to download:
4. Choose exactly this 315508736-byte ISO file: CentOS-6.4-i386-minimal.iso
5. Also download the md5sum.txt file containing the md5sum file checksum hashes.

2.3 Verify the Downloaded ISOIndex

To verify the downloaded ISO, you can get a copy of the checksum file from the same Linux CentOS folder where you found the ISO image.

1. Verify that you have the exact ISO file named CentOS-6.4-i386-minimal.iso that is 315,508,736 bytes (301MB).

2. To verify the download, you will need some form of checksum program that runs on your local computer that can calculate md5 or sha hashes. Unix/Linux/OSX machines already have the md5sum command available; you don’t need to download anything; read the man page or just run md5sum followed by the ISO image name.

   For Windows users, one suggestion to use (thanks Richard!) is HashTab:

   1. Windows only: Download and install HashTab for Windows. (Unix/Linux/OSX users don’t need this program.)
   2. Copy the desired checksum hash to the clipboard (e.g. from the md5sum.txt file).
   3. Right click in the file you wish to verify, i.e. select your ISO image CentOS-6.4-i386-minimal.iso
   4. Click Properties and then file hashes.
      • It will compare the hashes to the one(s) in your clipboard.
      • MD5 and SHA-1 are the defaults, but it can be customized to include others.

3. Verify the checksum hash of the ISO file against the checksum hash recorded in any of the checksum files located in the same folder. (For example, open md5sum.txt and locate the checksum for your ISO file and compare it with the checksum of the ISO file you downloaded.)

Sysadmin Tip: You can install the free Cygwin package on your own Windows laptop to get BASH and all the Unix tools for Windows, including md5sum, find, etc. MacOSX users already have most of the tools installed and available in any Terminal window.

4.1 Verify Correct CentOS InstallationIndex

Log in on the console as the user root with the password that you remembered from the above installation and run the following verification commands. Your CentOS installation must pass all of the following verification steps:

1. Run: hostname and verify that it prints your eight-character Blackboard userid as the machine name.

2. In file /etc/sysconfig/network verify that the NETWORKING variable is set to yes and the HOSTNAME variable is set to your Blackboard userid.

3. Run: fdisk -clu and verify that your Disk /dev/sda is 2147 MB and that the disk partitions /dev/sda1 and /dev/sda2 have 1,536,000 and 560,128 blocks (a block is 1024 bytes). It should look almost exactly like the following, except your machine name and Disk identifier number will differ:

   [root@abcd0001 ~]# fdisk -clu
   
   Disk /dev/sda: 2147 MB, 2147483648 bytes
   255 heads, 63 sectors/track, 261 cylinders, total 4194304 sectors
   Units = sectors of 1 * 512 = 512 bytes
   Sector size (logical/physical): 512 bytes / 512 bytes
   I/O size (minimum/optimal): 512 bytes / 512 bytes
   Disk identifier: 0x00000000
   
      Device Boot    Start       End    Blocks   Id  System
   /dev/sda1   *      2048   3074047   1536000   83  Linux
   /dev/sda2       3074048   4194303    560128   82  Linux swap / Solaris

4. Run: rpm -q -a | wc and verify that you have exactly 198 packages installed.

5. Run: df -h and verify that your /dev/sda1 virtual disk partition mounted on / (the ROOT) has a Size of 1.5G (ignore the other sizes – they may differ slightly):

   [root@abcd0001 ~]# df -h
   Filesystem            Size  Used Avail Use% Mounted on
   /dev/sda1             1.5G  602M  800M  43% /
   tmpfs                 122M     0  122M   0% /dev/shm

6. Run: swapon -s and verify that partition /dev/sda2 is listed as an active swap partition:

   [root@abcd0001 ~]# swapon -s
   Filename              Type            Size    Used    Priority
   /dev/sda2             partition       560120  0       -1

You may need to delete this virtual machine and re-install if any of the above numbers or verification steps are wrong – consult with your instructor.

Networking is not enabled on this server yet. It is a good idea to configure your system a bit before enabling networking, so we will enable networking later.

4.2 Snapshot your Fresh InstallationIndex

Make sure your CentOS virtual machine passes the all above verify steps before saving it!

1. Shut down your CentOS machine by typing: shutdown -h now
   • NEVER power off a Linux machine using the VMware Power button!
   • ALWAYS power off a Linux machine using shutdown or halt.

2. In the VMware VM | Settings | Hardware page for this virtual machine:
   1. Change the Memory from 1024MB down to 256MB.
      • You will need to put Memory back up to 1024MB if you need to re-install the system from CD.
      • Keeping system memory small (e.g. 256MB) makes snapshots of running systems faster.
   2. Select the Sound Card and un-check everything. (You should have already done this when creating the VM.)
   3. Select the USB Controller and un-check everything. (You should have already done this.)
   4. Select Save or OK.

3. Use VMware (or your virtualization software) to create a Snapshot of your new VM. Label the Snapshot Fresh Minimal Installation and enter a dated comment explaining how you created it and what installation parameters you used:
   1. Minimal ISO: CentOS-6.4-i386-minimal.iso
   2. Memory 256MB
   3. Disk 2GB
   4. Hostname abcd0001 (should be your Blackboard userid)
   5. 198 packages
   6. no network at boot time

4. Use VM | Snapshot | Snapshot Manager to confirm your snapshot.
   • You will have this snapshot to come back to if you ever need it.

4.3 Problems with Snapshots of Running SystemsIndex

A snapshot of a running (not fully shut down) system is quick to resume if you ever need to go back to it, but a running snapshot has some potentially serious problems:

1. Snapshots take more space if you take them when the machine is running, since the snapshot has to save all the system memory. Snapshots are smaller if you take them of a system that is powered off.

2. Often you need to restore a snapshot and also make some VM | Settings changes. If you snapshot a running system, then you have to shut it down every time you restore it when you want to make VM | Settings changes. Better to create the snapshot of the powered-off system.

3. A snapshot of a running system can only safely be resumed (restarted) on the system that created it, or a system running a similar CPU type. You cannot safely back-up the running snapshot files onto a different CPU type and resume it there.

   A snapshot of a running system may be useless if you try to restart it on a different computer, such as might happen if your laptop computer fails and you need to borrow another.

When possible, make your important snapshots of virtual machines that are actually powered off.

5.1 Boot the Fresh Minimal Installation snapshotIndex

1. Boot your Fresh Minimal Installation snapshot from the previous section.

2. Log in as the root user.

5.2 Enable networkingIndex

Networking is not yet enabled on boot. Enable it, so that you can connect to your CentOS system using a proper SSH connection instead of using the limited VMware system console:

1. Back up the file /etc/sysconfig/network-scripts/ifcfg-eth0 then edit the original file and change the ONBOOT variable setting from ONBOOT=no to ONBOOT=yes. (Always edit the original file, not the back-up file!)

2. Run: service network restart
   • You should now see two lines for eth0:
     Bringing up interface eth0: and
     Determining IP information for eth0... done. [OK]
   • If you have network connection problems see Network Diagnostics.

3. Confirm that you have a working IP address on eth0:
   1. Run: ifconfig eth0 | fgrep 'inet addr' and see one line of output containing your system IP address (your inet addr). Write down this local IP address; you will need it shortly.
   2. Run: ip route | fgrep 'default' and see one line of output containing your default gateway IP address.
   3. Run: ping -c 1 X.X.X.X where X.X.X.X is your default gateway IP address. (This may not work if you are using Bridged networking on-campus at Algonquin College because the ITS department blocks ping.)

Sample output for the above commands is given below – your hostname and CentOS IP addresses (write it down) will differ:

[root@abcd0001 ~]# fgrep 'ONBOOT' /etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes

[root@abcd0001 ~]# service network restart
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:
Determining IP information for eth0... done.               [  OK  ]

[root@abcd0001 ~]# ifconfig eth0 | fgrep 'inet addr'
     inet addr:192.168.9.141  Bcast:192.168.9.255  Mask:255.255.255.0

[root@abcd0001 ~]# ip route | fgrep 'default'
default via 192.168.9.254 dev eth0

[root@abcd0001 ~]# ping -c 1 192.168.9.254
PING 192.168.9.254 (192.168.9.254) 56(84) bytes of data.
64 bytes from 192.168.9.254: icmp_seq=1 ttl=64 time=1.78 ms
--- 192.168.9.254 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 1.780/1.780/1.780/0.000 ms

Make sure the ping shows 0% packet loss (unless you are at Algonquin College, using Bridged networking, and ping is being blocked by ITS, sorry).

Did you write down your CentOS IP address?

5.3 Use an SSH connection instead of the consoleIndex

1. In your host operating system (not in CentOS), create an SSH remote connection to the CentOS IP address for your machine that you wrote down in the previous step. (This IP address was listed beside the output for inet addr for eth0.)
   • Connect using PuTTY on Windows, or ssh on Macintosh or Linux.
   • Log in to your own machine (not the CLS) as root with your root password.
   • Do not try to log in as root to the CLS! The CLS will lock out your IP address! Log in to your machine using your IP address!

2. Once you are logged in to your own CentOS machine, type who and see that root is logged in once on a VMware system console (tty1) and once remotely via an SSH pseudo-terminal (pts/0).

   [root@abcd0001 ~]# who
   root     tty1         Oct 15 23:26
   root     pts/0        Oct 16 01:22 (192.168.244.128)
   [root@abcd0001 ~]# tty
   /dev/pts/0

You may find it easier to use and configure your CentOS system using an SSH terminal connection that you can resize and in which you can use copy/paste instead of the fixed-size VMware CentOS console that you cannot resize or use copy/paste.

I recommend using the SSH connection for all sysadmin work (including the rest of this document). Do not use the crappy VMware console. Note that, unlike using the system console, SSH network connections do not survive across a VM Suspend and Restore. All SSH sessions active when you suspend your VM will be disconnected.

5.4 Remove confusing and dangerous root aliasesIndex

CentOS has provided the root account with some personal shell aliases that change the behaviour of some important commands and this is a bad idea. Type alias and you will see some aliases similar to these:

[root@abcd0001 ~]# alias
alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde'

The aliases for ls and which are harmless, but the options added in the aliases for cp, mv, and rm change the behaviour of these commands significantly. (How? RTFM for each command, but not on CentOS because the system has no manual pages installed!)

On real servers, the root account is often shared among several sysadmin, and so you must not define your own personal aliases in the root account. Commands must work exactly as expected, not the way aliases might change them to work.

We will remove these dangerous aliases from our root account:

1. Back up the file /root/.bashrc then edit the original file:
   1. Remove or comment out the alias for rm.
   2. Remove or comment out the alias for cp.
   3. Remove or comment out the alias for mv.
2. In addition to making the above essential changes, you might also optionally add unalias -a to make sure that no misleading aliases are defined for the root account.
   • Add this unalias line at the bottom (end) of the .bashrc, after all the existing lines in the file.

Keep your own personal aliases in your own account and source them when you need them. Do NOT put personal aliases into the root account itself. (Review Aliases for Sysadmin.)

5.5 Enable shell HistoryIndex

Shell history for root is important to a sysadmin. It’s one way of knowing what commands were typed as root.

Although the shell is saving its history upon exit, the history from different shells is not being saved, so history can be lost if you run more than one shell (e.g. multiple windows or multiple logins). Also, history is not being saved until a shell exits, which means you can also lose history if a shell is killed prematurely. We will fix this:

1. Confirm that you have already backed up the file /root/.bashrc then edit the original file again:

   1. Insert this line at the top (beginning) of the file:

      [ -z "${PS1-}" ] && return

   2. Add these lines at the bottom (end) of the file:

      # check the window size after each command and update LINES and COLUMNS
      # append history to history file instead of overwriting it
      shopt -s checkwinsize
      shopt -s histappend
      # keep a lot of shell history
      # keep time stamps on each entry
      # update history file after every command (not just on exit)
      export HISTSIZE=9000
      export HISTFILESIZE=99000
      export HISTTIMEFORMAT=
      PROMPT_COMMAND='history -a'

   3. Save your changes and exit your text editor back to the command prompt.

2. Run source ~/.bashrc to source the new file to set up the history in the current shell. Make sure you see no output and no errors!

3. After sourcing the file, print the changed history variables to confirm:

   [root@abcd0001 ~]# source ~/.bashrc
   [root@abcd0001 ~]# printenv | fgrep 'HIST'
   HISTSIZE=9000
   HISTFILESIZE=99000
   HISTCONTROL=ignoredups
   HISTTIMEFORMAT=
   
   [root@abcd0001 ~]# echo "$PROMPT_COMMAND"
   history -a

4. Check that the commands you just typed, above, are appearing at the bottom (end) of the root BASH history file .bash_history. (What command shows you the last few lines of a text file?)

5.6 Enable localhost for your machine nameIndex

The file /etc/hosts usually contains a local copy of the name of the current machine, paired with the localhost IP address. CentOS is missing this, which means you can’t ping your own host name.

1. Back up the file /etc/hosts then edit the original file and add your machine’s host name by adding the line 127.0.0.2 abcd0001 where abcd0001 is replaced by your machine’s host name:

   [root@abcd0001 ~]# cat /etc/hosts
   127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
   127.0.0.2   abcd0001
   ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

2. Confirm that you can now ping your own machine name with zero packet loss:

   [root@abcd0001 ~]# echo "$HOSTNAME"
   abcd0001
   [root@abcd0001 ~]# ping -c 1 "$HOSTNAME"
   PING abcd0001 (127.0.0.2) 56(84) bytes of data.
   64 bytes from abcd0001 (127.0.0.2): icmp_seq=1 ttl=64 time=0.072 ms
   --- abcd0001 ping statistics ---
   1 packets transmitted, 1 received, 0% packet loss, time 0ms
   rtt min/avg/max/mdev = 0.072/0.072/0.072/0.000 ms

The name abcd0001 above must be your machine’s name, not abcd0001.

5.7 Enable Internet Time using NTP and ntpdIndex

The system time is not being synchronized with the Internet. We need to use the yum install command to fetch and install the Network Time Protocol (NTP) package named ntp with its time daemon named ntpd:

1. Run: yum info ntp
   • The NTP package is named ntp.
   • The first time you do this, yum will download some package lists before it answers the info query.
   • If yum cannot connect to the Internet, see Network Diagnostics.
   • If yum seems to hang for a long time, see Appendix I.

2. Confirm that yum shows Name : ntp under Available Packages.
   • If you see ntp under Installed Packages, you have already installed it.

3. Run: yum install ntp and when it asks Is this ok [y/N]: answer with y (yes).
   • The first time you do this, yum will also ask you to import a GPG CentOS 6 Official Signing Key. Answer with y (yes).
4. Back up the file /etc/ntp.conf then edit the original file to add the line tinker panic 0 on its own line just above the driftfile line.
   • This line tells the ntpd program that it can always change the clock value, no matter how far off it is. Normally the ntpd daemon refuses to change a clock value that is more than 1,000 seconds wrong.

5. Run: chkconfig --list ntpd (and note the spelling of the service name ntpd). You will see one line indicating that the ntpd time daemon is turned off in every Run Level.

6. Run: chkconfig ntpd on (again note the spelling of ntpd).

7. Run: chkconfig --list ntpd (again note the spelling of ntpd). You will see one line indicating that the ntpd time daemon is now turned on in Run Levels 2 through 5:

   [root@abcd0001 ~]# chkconfig --list ntpd
   ntpd      0:off   1:off   2:on    3:on    4:on    5:on    6:off

8. Run: service ntpd start and you should see one line saying Starting ntpd: [OK]. (If you already started ntpd, you won’t see the [OK].)

9. Run: tail /var/log/messages or fgrep 'ntpd' /var/log/messages and confirm that there are several log entries for ntpd saying Listening and one saying kernel time sync status. If you see errors, fix them and run service ntpd restart to restart ntpd.

10. After about 5-10 minutes, ntpd will have reset your system clock and you will see log lines saying synchronized to and time reset in the system log. You can perform the other edits below while you wait for this to happen.

Even with ntpd running, the system may take 5-10 minutes to re-synchronize its time after a VM Pause, Suspend, or reboot. (Earlier versions of CentOS were faster at time synchronization.) Servers in the real world are not paused, suspended, or rebooted as often as at school.

Installing VMware Tools will often help with getting the time right after a VM pause or suspend. VMware Tools will be installed in a separate document, later.

5.8 Configure Time ZoneIndex

The system time zone file is not correct for our time zone.

1. Run: tzselect and answer the questions to find the full name of the Eastern Time – Ontario time zone. (Hint: It is two words separated by a slash, and has the name Toronto in it.) Ignore the advice about your .profile file – you are the sysadmin of this machine and you are setting the system time zone, not an individual user’s time zone.

2. Back up the file /etc/sysconfig/clock then edit the original file to change the ZONE variable to ZONE="XXX/YYY" where XXX/YYY is the name of the time zone printed by tzselect (including the double quotes). The word Toronto is in this name.

3. Run: tzdata-update to copy the correct time zone information from under directory /usr/share/zoneinfo/ to /etc/localtime.

4. Run a checksum (any kind) on the file /etc/localtime and on the file under directory /usr/share/zoneinfo/ corresponding to the Toronto time zone and verify that both files have the same checksum. (Hint: You will need to search for the correct Toronto file under that directory. What command finds file names by basename? What command can calculate a checksum?)

5.9 Disable SELinuxIndex

Security Enabled Linux is turned on, which can cause many problems for novice Linux users. On a real server, we would leave it enabled. You will learn SELinux configuration in later Linux courses.

1. Back up the file /etc/sysconfig/selinux then edit the original file and change the SELINUX variable setting from SELINUX=enforcing to SELINUX=disabled.

5.10 Disable Pretty BootIndex

The system boot messages are being hidden by a pretty but unhelpful Fedora graphics screen. The screen covers up many useful system messages at boot time. As a sysadmin, you want to see all the boot messages.

1. Take a snapshot of your VM now, in case you make a mistake in the following edit. If you damage lines in this GRUB configuration file, your machine may not boot at all. You’ll have to restore from the snapshot and reconfigure.

2. Back up the file /boot/grub/grub.conf then edit the original file:
   1. Change the value of the timeout from 5 to 30.
   2. Comment out the hiddenmenu line to make the GRUB menu visible on boot. (Insert a single # comment character in front of hiddenmenu so that it looks like #hiddenmenu and will be ignored.)
   3. Remove the two words rhgb quiet from the far right end of the very long kernel line to get rid of the silly Fedora animated graphics screen. (Make sure you don’t accidentally break this line into pieces. Keep it one long line.)

   4. The resulting file should be two words smaller than the back-up file:

      [root@abcd0001 ~]# wc -lw /boot/grub/grub.conf*
        17   81 /boot/grub/grub.conf
        17   83 /boot/grub/grub.conf.bak

3. You will know if your edits are accurate at the next reboot, coming up in the next section. If the reboot fails, restore back to your snapshot and try the edit again.

5.11 Verify Correct CentOS ConfigurationIndex

Having made all the above configuration changes, your CentOS configuration must pass all of the following verification steps after you reboot it:

1. Reboot your CentOS machine by typing: shutdown -r now or simply reboot

2. Verify the new GNU GRUB boot menu:
   1. The GNU GRUB menu should now be visible (not hidden) – see the image below.
   2. In 30 seconds the menu will time out and boot the highlighted menu entry (usually the first one), or you can push the Enter key to boot it immediately. If you don’t see the GRUB menu, you forgot to edit the GRUB configuration file above (or your edits were wrong).

CentOS 6 GRUB Menu

When the machine is running, log in on the console again as the user root and run some verification commands:

3. Run alias and make sure the root account has no dangerous aliases.

4. Check that the commands you just typed, above, are appearing at the bottom (end) of the root BASH history file .bash_history.

5. Run: free and verify that you have a total Memory of about 256MB (e.g. approximately 2489??KB). (If you have more than about 256MB, you forgot to change the Memory settings for this VM. Shut it down safely and fix the Memory and reboot.)

6. Run this exactly as given (using two adjacent pipe symbols): selinuxenabled || echo NO and verify that the word NO appears on your screen. If not, you forgot to disable SELINUX above.

   [root@abcd0001 ~]# selinuxenabled || echo NO
   NO

7. In file /etc/sysconfig/clock verify that the ZONE variable is set to a local Ontario city time zone (not New York).

8. Run: pgrep -l ntpd and verify that the output is one line (a process number and the word ntpd).
   • The system can take 5-10 minutes to re-establish the correct time when started or resumed.

9. Search for the word tinker in file /etc/ntp.conf and verify that you find the tinker panic 0 line you added.

10. Search for the word ONBOOT in file /etc/sysconfig/network-scripts/ifcfg-eth0 and verify that its value is set to yes.

11. Run: ifconfig eth0 and verify that its inet addr: has an IP address listed.

12. Run: ip route and verify that you have a default via route listed for dev eth0.

13. Examine file /etc/resolv.conf and verify that there is at least onenameserver line in the file.

14. Confirm that you can ping your own machine name with zero packet loss and that your host name resolves to the IP address 127.0.0.2:

    [root@abcd0001 ~]# ping -c 1 "$HOSTNAME"
    PING abcd0001 (127.0.0.2) 56(84) bytes of data.
    64 bytes from abcd0001 (127.0.0.2): icmp_seq=1 ttl=64 time=0.072 ms
    --- abcd0001 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.072/0.072/0.072/0.000 ms

Consult with your instructor if any of the above verification steps fail.

5.12 Snapshot your Configured InstallationIndex

Make sure your CentOS virtual machine passes the all above verification steps before saving it!

1. To avoid all the problems mentioned earlier, you may want to shut down your machine before taking a snapshot.

2. Use VMware (or your virtualization software) to create a power-off Snapshot of your new Configured Installation VM. Label the Snapshot Configured Installation and enter a dated comment explaining how you created it and what configuration changes you made (above) from the previous snapshot.

3. Use VM | Snapshot | Snapshot Manager to confirm your snapshot.
   • You will have this snapshot to come back to if you ever need it.

This ends the initial Installation and Configuration of a minimal server-style CentOS system. The next sections explain some important things to know about your new virtual server.

6.1 SuspendingIndex

This is the fastest way to save your machine state. Most times you will want to suspend your Virtual Machine so that you can resume it quickly where you left off:

1. Go to VM and Power and choose Suspend
2. Wait until VMware fully saves the state of the machine.
3. You may now safely close VMware.

6.2 ResumingIndex

When you resume your Virtual Machine, you may need to refresh the network settings for your new network location by running (as root): service network restart

6.3 Shutting Down (Power Off)Index

If you need to reconfigure most parts of the VMware Virtual Machine that is running your Linux server, you need to shut down Linux before VMware will let you change the settings. Here’s how:

1. Log in as root (or login in as a user and then become root, if you have disabled root logins)
2. As root run: shutdown -h now or simply halt (if available)
   • You can also schedule a shutdown at a later time; see the man page.
3. Wait until the Virtual Machine fully shuts down and stops.
4. You may now change VMware settings or safely close VMware.