Android i9195 (S4 mini LTE) fix for /efs can’t mount issues

Ok, sometimes after some kind of flashing error/corruption, you end up with your Samsung S4 mini LTE (GT-i9195) returning error E:failed to mount /efs (Invalid argument) in various recovery tool (TWRP and others).

If you check your /efs with a root level explorer, you will find out the folder is empty. Technically this cause my phone to : loose bluetooth pairing after turning it off or turning off bluetooth stack. Also cannot install Lollipop, stuck on the loop boot :-( with Cyanogenmod or other updates.

Here is the fix for it :

– Flash TWRP recovery and root your device using recovery method by installing UPDATE-SuperSU-vX.XX.zip file.

Install ADB on your computer.

– Boot your device into recovery mode (Vol Up+Home+Power).

– Connect your device to PC via USB cable wait until windows update the driver.

– In the recovery mode choose  “Mount /System”

– Open ADB command window and type the following command (from windows command line, from the folder ADB is installed into):

adb shell
mke2fs /dev/block/mmcblk0p10
mount -w -t ext4 /dev/block/mmcblk0p10
reboot

These instructions are quite similar to what you find around on Internet with S3, however here please note that the block is the N°10, different from the instructions you find googlig around. At this stage the phone should reboot itself.

If you encounter some « can’t mount /fstab » error, this is because you have NOT applied correctly the root UPDATE-Super-SU patch on the device.

By following the above command, it will create a generic EFS files on your device. Your IMEI number will NOT be changed or reset, as this is stored in a different place on a Samsung GT-i9195 (on the p11 and p12 blocks apparently).

Reboot, and voilà you should not hit this /efs folder issue anymore, and if you browse the /efs folder, you should now see something with folders named « drm », « imei » « lost+found » and « wifi ».

HTTPs et StartCom

Alors voici quelques notes sur les certificats SSL de StartCom et Apache2

Genérer les fichiers .key et .crt sur le site web the StartSSL/StartCom

Stocker les fichiers dans /etc/ssl/localcerts sous les noms

apache.key
apache.pem

(Renommer le fichier .crt en .pem)

Télécharger sur http://www.startssl.com/certs/  les deux fichiers :

http://www.startssl.com/certs/ca.pem
et
http://www.startssl.com/certs/sub.class1.server.ca.pem

Et stocker le tout dans /etc/ssl/certs

Editer le fichier de config SSL de Apache2 (/etc/apache2/sites-enabled/default-ssl) et configurer le bloc SSL tel quel :

SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile    /etc/ssl/localcerts/apache.pem
SSLCertificateKeyFile /etc/ssl/localcerts/apache.key
SSLCertificateChainFile /etc/ssl/certs/sub.class1.server.ca.pem
SSLCACertificateFile /etc/ssl/certs/ca.pem

Le respect de cette config est importante, sinon le serveur n’est pas authentifié correctement.