Installing GRUB bootloader fails with cryptic error message “Could not prepare Boot variable: Function not implemented” and “grub-install: error: efibootmgr failed to register the boot entry: Input/output error.”

When trying to install a new Linux distribution (Debian or Mageia or Arch Linux) on my new machine, the installation failed with the following error messages:


The installation of grub-install dummy has failed
Unable to install grub-install dummy : Fatal Error

Mageia/Arch Linux:

Installing for x86_64-efi platform.
Could not prepare Boot variable: Function not implemented
grub-install: error: efibootmgr failed to register the boot entry: Input/output error.


I’m using an Arch Linux image to boot into a shell environment.

fdisk /dev/sda

This displays information about the partition table. It displays “Disklabel type: dos” which means that the partition is of type DOS/MBR which could cause trouble (according to the documentation in the ArchWiki).

Furthermore, in the UEFI/BIOS of my machine under “Advanced | OS selection” there is the option “UEFI CSM” set to “always”. CSM means Compatibility Support Module and it enables the legacy (BIOS) boot mode. This could be a problem.


Set the “UEFI CSM” (Compatibility Support Module) to “never” in the UEFI BIOS and reinstall the Linux distribution (or just the GRUB bootloader). The system now boots using UEFI. The partition type is still “dos”.

Using the eID function of the german identity card on Linux

Here is a short step-by-step guide for setting up your RPM-based distribution for using the eID function of the german identity card:

Hardware requirements: I’m going to use the “REINERSCT cyberJack RFID basis” device for reading my identity card.


  1. Install the package ccid (which contains the “Generic USB CCID smart card reader driver”): dnf install ccid
  2. As eID client I’m going to use the Open eCard client (an alternative to AusweisApp): Download it and install it using rpm -i open-ecard-app-...rpm
  3. Connect your RFID device to your computer
  4. Put your ID card on the device
  5. Open the Open eCard client
  6. At first, if you haven’t used eID before, you’ll have to replace the transport PIN (5 digits) with a custom PIN (6 digits). Just select the “PIN management” option in the Open eCard client and follow the instructions. The custom PIN is now your PIN for unlocking your data on the identity card. Make sure to remember it!

eID process (example)

If the setup is done and the Open eCard client is running you can start an eID process from your browser. This is pretty straightforward. In my example I had to identify myself for activating my prepaid SIM card from ja!mobil/congstar which I bought at a local supermarket. In that particular case, the eID process is integrated in the so called “POSTIDENT” method (provided by Deutsche Post AG):

  1. Select “eID function” as identification method
  2. On the second page, ignore the Smartphone app instructions and click on the link “start the AusweisApp2 here” instead (you’ll find it at the bottom of the page)
  3. Now, the Open eCard App will guide you the the procedure and ask for your PIN in order to unlock your data.
  4. A success message will be displayed in your browser.

Screenshots of the eID process with POSTIDENT

Step1: Select eID function
Step 2: Click at the link at the bottom.
Step 3: Follow the instructions of the Open eCard App
Step 4: Done =)

Replicate a foreign Subversion repository

If you want to replicate/mirror an existing repository which you do not own (i. e. svnadmin dump cannot be used), you can use the svnsync command.

At first: Create a new and empty destination repository on your server:

svnadmin create mirror

Next, create a so called “pre-revprop-change hook script”. This is needed for the subsequent steps.

nano /srv/subversion/mirror/hooks/pre-revprop-change
if [ "$USER" = "yolo" ]; then exit 0; fi
echo "Only the syncuser user may change revision properties" >&2
exit 1

This limits the synchronizing mechanism to the specified user and is executed by Subversion automatically.

Now, initialize and perform the synchronization of the repositories:

svnsync init svn://YOUR_HOST/mirror/ SOURCE_REPOSITORY
svnsync sync svn://YOUR_HOST/mirror/

If the process comes to a halt, you can abort it using Ctrl+C and restart it without breaking anything. The process will continue were it was aborted (as everything is versioned this is not a problem).

For details: Chapter “Replication with svnsync” in the Subversion book.

Installing a Subversion server on CentOS 8

We are going to use the server “svnserve” which is contained in the subversion package of CentOS. This package contains also the svnadmin tool for creating a subversion repositories.


dnf install subversion

Service configuration

The default location for Subversion (SVN) repositories is /var/svn. We are going to change it to /srv/subversion like this (as root):

mkdir /srv/subversion
nano /etc/sysconfig/svnserve
OPTIONS="-r /srv/subversion"

By default, svnserve is executed as root – holy cow! For security reasons, we’re going to change it to a different user. We edit the systemd unit file and add the following lines under the section “[Service]”:

nano /usr/lib/systemd/system/svnserve.service

You can create the user e. g. with useradd -m yolo.

Make sure that our “yolo” user can access /srv/subversion properly:

chown -R yolo:yolo /srv/subversion

Furthermore, another change is necessary due to the new user which executes the service: The directory /run/svnserve/ contains a file where the service stores its process ID. But the directory is only accessible by the root owner. Changing the file permissions with chown is NOT sufficient because this folder will be recreated after reboot and thus the old permissions will be restored. We have to change the entry in the appropriate configuration file which is responsible for the recreation of this folder (see man tmpfiles.d for details):

nano /usr/lib/tmpfiles.d/svnserve.conf
D /run/svnserve 0700 yolo yolo -

Now, we can start the service (and enable it if you want to start it automatically):

systemctl start svnserve
systemctl status svnserve
systemctl enable svnserve

Create a test repository

Use our “yolo” user which also runs the svnserve process for the following commands:

cd /srv/subversion
svnadmin create repo1

Configure user authentication:

cd repo1
nano conf/svnserve.conf
anon-access = none # disallow anonymous access completely
password-db = passwd # file with credetials

Add some credetials:

nano conf/passwd
user = pw

Check it out

The repository set-up is complete. Now, we should be able to check it out with a Subversion client on a remote computer:

svn co svn://HOST/repo1 --username USER

Surveillance cam HWI-B140H-M (HIKVISION HiWatch Series)

I recently bought the HWI-B140H-M from HIKVISION in order to test it on Linux. But the results were quite disappointing:

  • You can access the cam via browser but for some features (e. g. configuring areas for motion detection) you need either their windows client software (iVMS) or you need an old browser (Chrome 44.x, Firefox 51.x or lower) with browser plugins. Fun fact: They don’t tell you which plugins are meant. So without windows, you have a hard time.
  • Interestingly enough, the manual says that when the WebSocket function is activated, you could use all features in your current browser without plugins (which contradicts the information at the beginning). But there is no such function (in the windows client not either) although the most recent firmware is installed.
  • I updated the firmware to the most recent version (V5.5.80 build 180911) using the windows client in a VirtualBox Windows VM. After the update, I could not access the web interface anymore. It turned out, that they are blocking my browser’s user-agent ID. How dare you! With the Firefox addon user-agent switcher and manager and an IE 11 user-agent the web interface is accessible again.
  • My FritzBox router has a NAS function. So i set up a Samba (SMB) share and finally configured it in the web interface of the cam. It worked but the cam showed the Samba device as “uninitialized”. The cam’s manual instructs you to click on “Format” to solve this but it did not work. I tried several configurations, tested the Samba share on nautilus but I always got an error (permission blabla). Some folks had the same trouble in 2014 ( No working solution, so I gave it up.
  • The user manual of the cam is the worst manual I’ve ever seen. It contains contradicting informations (see above) and many sections only apply to a certain device but they don’t mention the device. Furthermore, it’s more a listing of features than explaining hands-on how to configure the device properly. “Here are the information, deal with it”.

My advice: Don’t buy it.

Setting up dnf on Mageia 7

As you can see with dnf repolist, only the core repository and the update repository are activated on Mageia 7 by default.

The repositories nonfree and tainted are pre-configured in configuration files within /etc/yum.repos.d/ but disabled by default. You can easily activate them by executing the following command:

# dnf config-manager --set-enabled mageia-x86_64-nonfree updates-x86_64-nonfree mageia-x86_64-tainted updates-x86_64-tainted

That’s it. Now, when you try to install a package or upgrade the system, the nonfree and the tainted repository are considered as well.

Watching maxdome video streams on Linux

Edit: Currently (about two month later), it does not seem to work anymore =(

It worked on my machine with a Firefox 60.9.0esr. But at first, there were two things that hindered the playback:

  • The Ad-Blocker – I had to disable it.
  • The user agent setting of Firefox has to be something like “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3835.0 Safari/537.36”. This can easily be achieved with the Firefox addon User-Agent Switcher and Manager.

You also have to make sure, that the Firefox Addon “Widevine Content Decryption Module provided by Google Inc.” is installed and activated (see Watch DRM content on Firefox).

In my opinion, it is pretty silly that you have to fake your user agent in order to watch the movies. But according to the customer support this is done on purpose:

Da wir Linux nicht unterstützen ist ein funktionierender Abruf über die entsprechenden Systeme nicht vorgesehen.

Reply from the “maxdome Kundenservice” on my inquiry (December 8th, 2019)


DVD playback issues in Totem and VLC solved with mplayer

The default video player on my Gnome desktop (Mageia 6) is totem. It did not play the DVD yesterday that I wanted to watch. Fortunately, VLC did start the playback when I checked the option “No disc menus” under “Media | Open Disc”. Though I had to manually select the correct video under “Playback | title” (it was the last element on the list). It worked for the first 30-40 minutes but then the playback stopped and the error message indicated that the next blocks/sectors of the DVD could not be read. Surprisingly, the issue was reproducible yesterday but not today.

The workaround was to use mplayer which has only a commandline interface:

mplayer dvd://12

12 is the number of the corresponding title which I chose in VLC. It worked flawlessly. Important hotkeys to control the playback (consider the man page for mplayer for all hotkeys):

f: Fullscreen toggle
space: Start/Stop playback
o: Onscreen information toggle
arrows: Jump forward/backward (small steps)
page up/down: Jump 10 minutes forward/backward
v: Enable/Disable subtitles
Esc: Quit mplayer

Removing Wolfram stuff from RaspberryPi’s NOOBS system

Identify the packages:

$ dpkg -l | grep "wolfram"
ii  wolfram-engine                        11.3.0+2018052403                    armhf        Mathematica® and the Wolfram Language
ii  wolframscript                         1.2.0-18                             armhf        WolframScript (for the Command Line)

Remove the packages:

# apt remove wolfram-engine wolframscript
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  coinor-libipopt1v5 libexiv2-14 libgmime-2.6-0 libmumps-seq-4.10.0 libraw15 lxkeymap python-cairo
  python-gobject python-gobject-2 python-gtk2 python-xklavier realpath
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
  wolfram-engine wolframscript
0 upgraded, 0 newly installed, 2 to remove and 16 not upgraded.
After this operation, 833 MB disk space will be freed.
Do you want to continue? [Y/n] Y

Remove anything unneeded:

# apt auto-remove

Download partial content

You want to download a video stream but in your browser you only see several GET requests which point to resources of type “mp2t” (and maybe have a “.ts” ending) and the status code is “206 Partial Content”?

Try this:

  1. Copy one of the URLs which are pointing to the partial content.
  2. Copy the URL to the address bar of your browser and hit return and download the file.

P. S. I’m experiencing slightly crackling audio tracks when the clips are short (length of approx. one minute). I don’t know what to do about it.