Dietrich Schroff

Subscribe to Dietrich Schroff feed
Dietrich Schroff
Updated: 11 hours 10 min ago

ZigBee@Linux: Getting Data from ZigBee Devices via MQTT to InfluxDB and Grafana

Fri, 2020-11-20 15:56

Getting sensors with zigbee integrated with my linux raspberry pi, i did some monitoring tasks on my raspberry pi.

  1. Monitoring my raspberry pi:
    There is a very nice tutorial:
    Or even better: Just use this from grafana:
    1. add deb stable main to a file in /etc/apt/sources.list.d/
    2. apt install grafana telegraf influxdb
    3. configure telegraf for your influxdb
    4. import the json from the above

  2. Monitoring my Fritz.Box with Grafana: 
    and follow the given tutorial
After these steps i have the following infrastructures running:
  1. zigbee2mqtt --> MQTT -->FHEM

  2. --> collectd --> InfluxDB --> Grafana

  3. raspberry --> telegraf --> InfluxDB --> Grafana

For  2 and 3 it is very easy to create graphics and the presentation looks little bit prettier than 1 (imho). 

AND there is only one frontend to configure. So what about the following chain for my zigbee sensors:

  1. zigbee2mqtt --> MQTT -->telegraf --> InfluxDB --> Grafana 

Looks like some more steps, but the telegraf --> InfluxDB --> Grafana chain is already there for monitoring my raspberry pi.

So i only had to add the following on /etc/telegraf/telegraf.conf:

   servers = ["tcp://"]
   topics = [
   data_format = "json"

And after that i was able to use the data in Grafana:


ZigBee@Linux: Securing zigbee2mqtt & MQTT@FHEM & FHEM

Sun, 2020-11-15 09:58

After my setup is running, just some words about securing the whole setup.

The web gui of FHEM was already setup with SSL/HTTPS but the MQTT server is listening for all ips.

The easiest way to get this secure is change the listener to localhost, so that no connections from outside can be made. Just change in /opt/fhem/fhem.cfg:

define MQTT2_FHEM_Server MQTT2_SERVER 1883

Just a checklist, if we secured everything:
  • FHEM
  • zigbee2mqtt
    • add permit_join: false to configuration.yaml

ZigBee@Linux: Integration of zigbee2mqtt with FHEM (mqtt server) on ubuntu server

Sat, 2020-11-14 16:03

After the setup of FHEM and zigbee2mqtt the integration of both components has to be done.

What has to be done?

After reading the excellent documentation of FHEM it is very easy - FHEM can be configured, so that it is providing a mqtt server. 

First you have to add the following line in /opt/zigbee2mqtt/data/configuration.yaml inside the "mqtt:" section:

  client_id: 'zigbee_pi'

Then go to the command prompt of the FHEM webgui and enter the following:

define MQTT2_FHEM_Server MQTT2_SERVER 1883 global
defmod MQTT2_zigbee_pi MQTT2_DEVICE zigbee_pi
attr MQTT2_zigbee_pi IODev MQTT2_FHEM_Server
attr MQTT2_zigbee_pi bridgeRegexp zigbee2mqtt/([A-Za-z0-9]*)[/]?.*:.* "zigbee_$1"
After that you should see something like this:

(you can change the style of the page via "select style" on the left column)

Then you should save:

To create a graph just click on the file which is created for your zigbee device:

and then there should be something like:

Here you can click on "Create SVG plot" and on:

click on "write .gplot file" and your first graph is there... Repeat this and you can get:


Zigbee@Linux: Infrastructure - Setup

Sat, 2020-11-14 01:36

On my way to home automation with zigbee@linux my decision (as i wrote in this posting) was

  • Hardware
  • OS
    • Ubuntu server
  • Software
    • FHEM (which is the acronym for Freundliche Hausautomation und Energie-Messung = Friendly home automation and energy metering)
      This includes the server with MQTT infrastructure & webserver & gui based on perl
    • zigbee2mqtt
      The server which does the communication with the usb zigbee stick and talking to the MQTT infrastructure based on nodejs


The installation of FHEM was quite easy (see here) and the installation of zigbee2mqtt just worked like described here.

  1. Problem:
    FHEM is per default installed without SSL/HTTPS and without user authentication
  2. Problem:
    The communication between both components has to be setup

Here the solution for problem 1:

Login to your raspberry and type the following commands:

cd /opt/fhem
chown fhem:dialout certs
cd certs/
openssl req -new -x509 -nodes -out server-cert.pem -days 3650 -keyout server-key.pem
chown fhem:dialout *
apt  install libio-socket-ssl-perl
After that move the webgui (something like http://yourraspberry:8083) and submit the following commands on the prompt:

attr WEB sslVersion TLSv12:!SSLv3
attr WEB HTTPS 1

And then open your webfrontend with https://yourraspberry:8083.

To add a user:


echo -n fhem:MYPASSWD| base64


attr WEB basicAuth BASE64String

 The second problem will be solved on a future posting. Just wait...

Home automation with linux: How to use zigbee sensors on an ubuntu raspberry pi...

Sun, 2020-11-08 13:19

To the end of the year i wanted to start a new project: Home automation...

I decided to use a linux system (of course) on a raspberry pi (see the OS installation here) and the zigbee protocol.

The main problem: What packages are needed 

  • to get a communication with zigbee components?
  • to get a website or app to get the data / visualize the data?
  • to set up a daemon/server which controls the devices?

Let's start with the third point: I will try FHEM.

The installation is described here:

wget -qO - | apt-key add -
echo "deb /" >> /etc/apt/sources.list
apt update
apt upgrade
apt install fhem

After you follow the steps you can check, if FHEM is running with

root@zigbee:/home/ubuntu# netstat -ltnup | grep 8083
tcp 0 0* LISTEN 19446/perl

 or just connect to your raspberry via browser: http://zigbee:8083

and here a screenshot of the goal i want to achieve (maybe with some graphs added):

Here a list of the supported hardware:

and a list of all supported protocols:





Raspberry PI: Installing OS with a linux pc/laptop (ubuntu)

Fri, 2020-11-06 12:55

 If you want to run a raspberry pi and you are wondering how to install the os onto the sd card please try this:

What is the benefit of this way?

Ubuntu provides on page 2 a package for the rpi-imager:

and with this tool (will be started with rpi-imager on the cli), you will get this:

 As you can see: you can choose of many different OS and the imager will do the download and the installation for you including resizing the partition to the complete sd card...

And of course you can select your own image (e.g. in *xz format) from your disk...

After the installation it will be verified and you can start your raspberry pi...


Review: Terraform Up & Running

Sun, 2020-10-25 15:12

Because of doing many project in the cloud, terraform is the tool which i use regularly. And to get better, i decided to read this book:

If you are working with a cloud of one of the hyperscalers, the you should take a look at terraform and perhaps you should read this book ;-)

If you are interested, take a look at my review at (like all my reviews: written in german ;-).

Influxdb: colletcd database not created...

Wed, 2020-10-14 01:56

Yesterday i followed a tutorial for building a dashboard for my fritzbox with Grafana.

By follwoing the tutorial i had to setup collectd and influxdb.

My problem: i did not copy and paste the collectd config for influxdb.conf - i just uncommented the lines provided by the ubuntu package.

And there was /usr/local/share/collectd/types.db mentioned.

This caused the following problem:

zerberus influxd[16239]: run: open server: open service: Stat(): stat /usr/local/share/collectd/types.db: no such file or directory

So i justed touched this file, because i thought this is something where influxdb wants to store data.

But this was wrong and in /var/log/syslog i saw the following errors:

unable to find "current" in TypesDB
unable to find "if_octets" in TypesDB
unable to find "if_errors" in TypesDB
unable to find "if_dropped" in TypesDB
unable to find "if_packets" in TypesDB
unable to find "if_octets" in TypesDB
unable to find "if_errors" in TypesDB
unable to find "if_dropped" in TypesDB
unable to find "if_packets" in TypesDB
unable to find "if_octets" in TypesDB
unable to find "if_errors" in TypesDB
unable to find "disk_octets" in TypesDB
unable to find "disk_ops" in TypesDB
unable to find "disk_time" in TypesDB
unable to find "disk_io_time" in TypesDB
unable to find "disk_octets" in TypesDB
unable to find "disk_ops" in TypesDB
unable to find "disk_time" in TypesDB
unable to find "disk_io_time" in TypesDB
unable to find "disk_octets" in TypesDB
unable to find "disk_ops" in TypesDB


The solution: Search for types.db in /usr and use this as entry for

typesdb = "/usr/share/collectd/types.db"

inside the section [[collectd]] in influxdb.conf...



Mission accomplished: OpenHack: Migrating Microsoft Workloads to Azure

Thu, 2020-09-24 14:42

 After three days of hard work i got my first OPENHACK badge:

Authorized by Microsoft

Here the details from Microsoft:

Earners of the OpenHack: Migration badge understand how to execute an end-to-end migration through optimization. They have shown that they can utilize Azure Migrate to migrate virtual machines to Microsoft Azure and can modernize legacy applications by migrating to PaaS services such as Azure SQL Database and Azure App Service. They have also have a foundational understanding of Azure identity, including hybrid identity with Azure AD and how to leverage Azure RBAC to govern and secure workloads.

It was really a great challenge to discuss and implement all the goals. Thanks to the excellent coaches and for providing the infrastructure!

Cloning my dual boot ubuntu to a larger SSD

Sat, 2020-09-05 12:22

 After working a while with my laptop i reached the disk limit with my SSD (256GB). First impression: Oh no - how to migrate onto a new, larger SDD...

But the prices have dropped so i bought a 1TB SSD and an external SSD box:

Now i was thinking about copying the partitions with dd from the original disk to the other - or better doing a dd for the complete disk?

A friend offered me to use acronis, but the software refused to start on my laptop...

I googled a bit around and found the following solution (inspired by

And this worked excellent.
After cloning my old ssd to the new one i removed the CD with clonzilla and my laptop immediately bootet from the new SSD which was still inside the SSD box.

Really cool!

I checked windows without replacing the SSD inside my laptop and this worked as well as the Ubuntu.

Next step was to boot with an GPARTED iso (can be found here) and resize the linux partition up to the new limits.

So last step was to open up my laptop and insert the 1TB SSD...

(Totally amazing that i did not have to run grub or change the uefi settings.)

Review: Container Storage for Dummies

Fri, 2020-09-04 14:56

After reading Running Containers in Production for Dummies this book fell into my hands:


Container Storage for Dummies is promoted by RedHat and consists of 5 chapters with 35 pages. 

The first chapter gives a short summary about containers. I liked this statement very much: "For example, a VM is like a heavy hammer. It assumes you’re running a server and that the server can host multiple applications. [...] And the container can run just about anywhere, even on a bare metal machine or in a VM — the container doesn’t care." The chapter ends with a motivation why containers need persistent storage: ephemeral containers are transient....
Chapter 2 has the title "Looking at Storage for and in Containers". The key argument here is: "Software-defined storage (SDS) separates storage hardware from storage controller software, enabling seamless portability across multiple forms of storage hardware. You can’t slice and dice storage using appliances or typical SAN/NAS as easily, readily, or quickly as you can with SDS." Both terms (Storage for Containers + Storage in Containers) are given a defintion (just take a look inside the book ;-)).
In chapter 3 the authors want to convince the reader about the coolness of container-native storage with phrases like "Container-Native Storage Is the Next Sliced Bread". I think the main argument in this section is, that RedHat contributes a substantial parts to open source Kubernetes so that RedHats Openshift container storage fits easily in there. And this is done by introducing the Container Storage Interface which can be used by all storage providers.
Chapter 4 motivates why developers like Container-Native storage: because it can be easily managed without SAN administrators....
The last chapter closes with ten reasons to move to Cantainer-Native storage: simplified management, more automation, scalibility, ....

As summary i think, this book is a nice starting point about the problems and possible solutions with storage for containers. It is a little bit disappointing, that openshift is not really explained - but within only 35 pages this is really impossible.
If you are working or starting to work with containers i require you to read this booklet - it is a good start into the container world!

Review: Running Containers in Production for dummies

Tue, 2020-08-25 12:42

 Last evening i read the following booklet:

Here my review:

Chapter one gives within 7 pages an excellent introduction into "Containers & Orchestration Platforms". From Kubernetes over Openshift/Docker Swarm up to Amazon EKS - many services are described. In my opinion Azure AKS is missing, but it is clear, that every hyperscaler will provide you its managed Kubernetes environment. At the end even Apache Mesos is listed - which is out of scope for the most of us. Building & Deploying Containers is the headline of chapter 2 and a brief, solid description of these topics is given. If you want to know what all the buzzwords like CI/CD/CS, Pipelines, Container Registries are about: Read that chapter and you have a good starting point.

Nearly 33% of the book(let) is abount Monitoring Containers (chapter 3). This points in to the right directions. You have to know what your containers are doing and what you have to change with continuous delivery and continuous deployment. If you are running tens or hundreds of containers, the monitoring has to be  automatic as well - or you are lost. "A best practice for using containers is to isolate workloads by running only a single process per container.  Placing a monitoring agent — which amounts to a second process or service — in each container to get visibility risks destroying a key value of containers: simplicity." - So building up a monitoring is not such easy, as is was on full-stack servers...

Chapter 4 is about Security. This focuses on the following topics: Implementing container limits against resource abuse, how to avoid outdated container images, management of secrets and image authenticity.

The last chapter closes with "Ten Container Takeaways".

Within 43 pages a really nice starting point to learn about the world of docker and container orchestration.

openssl: strange error.... (on the first look)

Fri, 2020-08-07 14:13
Some days ago i wanted to do a check of a certificate of an ip address. No big deal - so i did:
schroff@zerberus:~$ openssl s_client -showcerts  -connect 

140011908769088:error:2008F002:BIO routines:BIO_lookup_ex:system
lib:../crypto/bio/b_addr.c:726:Name or service not known
So i opened google to find a solution.
But on google i found nothing really helpful.


The answer was very easy:
If i read the command line carfully, i would have detected my error:


I wrote an ipv4 with 5 numbers and not with 4...

After using a correct ipv4 number the command worked like expected:
schroff@zerberus:~$ openssl s_client -showcerts  -connect #
Can't use SSL_get_servername
depth=2 C = US, O = DigiCert Inc, OU =, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU =, CN = GeoTrust RSA CA 2018
verify return:1
depth=0 C = DE, ST = Rheinland-Pfalz, L = Montabaur, O = 1&1 Mail & Media GmbH, CN =
verify return:1

Google GSI: Generic System Images for Smartphones

Sat, 2020-06-13 16:03
After building my own ROM i got some problems with the devices drivers for the modem (the dual SIM was not recognized).
I discussed that with a few very skilled Android developers and the device drivers are the most important problem for building ROMs.

But there is something called GSI: Generic System Images.



The good point is that for my Samsung J530 there was a developer which built a project which allows to install GSIs:

With this plus Havoc 3.5

And here the steps to Android 10 (which where provided to me by Micro[ice]:
  1. install TWRP
  2. install create vendor 2.0
  3. reboot recovery
  4. install project spaget x
    (if u get symlink error 7 flash revert vendor 2.0 and repeat from step 1 without revert vendor 2.0)
  5. install GSI (Havoc)-OS
    (dont reboot after u flash project spaget x)
  6. if u need to flash gapps first u need to go
    Wipe -> Advanced Wipe -> Tick System -> Repair -> Resize
    (if u get error 1 resize again it will be successful) then u flash gapps
  7. flash areskernel rc2
  8. (optional) flash magisk
  9. reboot
  10. enjoy
And after that i have a running Android 10 on my Samsung J5... (without any Samsung Bloatware)

Lineage OS: Building my own system from scratch...

Fri, 2020-06-05 13:48
For my Samsung J5 is was only able to find a lineage 15.1 image but no lineage 16 or even 17.
So i decided to build the image on my own.

I followed this guide:

But on this page the roomservice.xml is wrong:


Just change it to

The rest was following the instructions:
mkdir -p android/lineage-16.0
cd android/lineage-16.0
repo init -u git:// -b lineage-16.0
repo sync

Create .repo/local_manifests/roomservice.xml with the content shown above.
Then run "repo sync" once again.

Most important point it to extract the binaries from your device. To get a background just read this:

I extracted /system from my Android device via TWRP (under advanced you can find a file explorer and this can copy the partition to your sd card).
After that point STOCK_ROM_DIR to your sd card and run:
cd device/samsung/j5y17lte
STOCK_ROM_DIR=/path/to/system ./
Now we are ready to rumble:
cd ../../
source build/
brunch lineage_j5y17lte-userdebug
But after some minutes:
LD      kernel/built-in.o
/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/kernel/samsung/exynos7870/drivers/net/wireless/Makefile:62: android version 1: 90000
/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/kernel/samsung/exynos7870/drivers/net/wireless/Makefile:63: MAJOR_VERSION version 1: 9
/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/kernel/samsung/exynos7870/drivers/net/wireless/Makefile:107: platform version 3 : 9.0.0
/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/kernel/samsung/exynos7870/drivers/net/wireless/Makefile:108: MAJOR_VERSION version 3: 9
  LD      drivers/built-in.o
make[1]: Leaving directory '/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/target/product/j5y17lte/obj/KERNEL_OBJ'
Makefile:145: recipe for target 'sub-make' failed
make: *** [sub-make] Error 2
make: Leaving directory '/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/kernel/samsung/exynos7870'
[  1% 555/35382] target StaticLib: libv8src_32 (/media/schroff/895337b7-c4eb-44a4-...arget/product/j5y17lte/obj_arm/STATIC_LIBRARIES/libv8src_intermediates/libv8src.a)
ninja: build stopped: subcommand failed.
19:21:20 ninja failed with: exit status 1

#### failed to build some targets (05:29 (mm:ss)) ####
But this error is easy to fix:
cd ~/android/lineage-16.0/out/target/product/j5y17lte/obj/KERNEL_OBJ/firmware/tsp_imagis
cp ~/android/lineage-16.0/kernel/samsung/exynos7870/firmware/tsp_imagis/ist3038h_a3x_cmcs.bin .
~/android/lineage-16.0/kernel/samsung/exynos7870/firmware/tsp_imagis/ist3038h_a3x.fw .

and try once again!

And after a while:
  Imgdiff Stats Report 

Compressing with brotli
  running:  brotli --quality=6 --output=/tmp/tmpAOkKFk/ /tmp/tmpAOkKFk/
using prebuilt boot.img from BOOTABLE_IMAGES...
  running:  java -Xmx2048m -Djava.library.path=/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/host/linux-x86/lib64 -jar /media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/host/linux-x86/framework/signapk.jar -w build/target/product/security/testkey.x509.pem build/target/product/security/testkey.pk8 /tmp/ /tmp/
  running:  zip -d /tmp/ META-INF/com/android/metadata
  running:  java -Xmx2048m -Djava.library.path=/media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/host/linux-x86/lib64 -jar /media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/host/linux-x86/framework/signapk.jar -w build/target/product/security/testkey.x509.pem build/target/product/security/testkey.pk8 /tmp/ /media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/target/product/j5y17lte/
[100% 453/453] build bacon
Package Complete: /media/schroff/895337b7-c4eb-44a4-9063-00f629e5149f/lineage-16.0/out/target/product/j5y17lte/

#### build completed successfully (27:31 (mm:ss)) ####

Custom ROMs: Installing via TWRP (e.g. Prometheus ROM)

Sun, 2020-05-31 02:15
After installing TWRP and installing some ROMs via adb sideload, (or this story with my old Nexus 7) i learned that there is another way for installing Custom ROMs:

  • Boot in to recovery (Samsung: Home Button + Power + Volume Up)
  • Copy the to the SD card of the smartphone
  • and then follow this screenshots
Click on "Install"

Click "Select Storage"

Select your SD card

Select the ROM you want to install:

Swipe to the right

Then some of the ROMs (like Prometheus) will guide you through an installation wizard, where you can chose some options.

If you want to try Prometheus you can download it here.

Building my own Recovery ROM for a Samsung J5 2017 (j5y17lte, TWRP)

Mon, 2020-05-18 05:50
After several hours of sideloading a custom ROM and flashing a TWRP recovery image i thought the next step is to build a TWRP recovery image on my own.

So how to do that?

My startpoint was
(just search github for your device with TWRP)

But this is not the way to begin.
First you have to follow this page:
and do
repo init -u git:// -b twrp-7.1
repo sync
Then add the j5y17lte.xml to .repo/local_manifests. After that the repo sync works but the
$ lunch omni_j5y17lte-eng
ends up with a warning:

WARNING: device/samsung/j5y17lte/omni.dependencies file not found

The good point: just ignore this warning and do the mka recoveryimage.

Here i got two errors:

/bin/bash -c "prebuilts/misc/linux-x86/flex/flex-2.5.39 -oout/target/product/generic/obj/STATIC_LIBRARIES/libedify_intermediates/lexer.cpp bootable/recovery/edify/lexer.ll"
flex-2.5.39: loadlocale.c:130: _nl_intern_locale_data: Assertion `cnt < (sizeof (_nl_value_type_LC_TIME) / sizeof (_nl_value_type_LC_TIME[0]))' failed.
Aborted (core dumped)
Here i followed this hint:!topic/android-building/0kzPnw3akxg
and copied the provided flex to "prebuilts/misc/linux-x86"
   cp ~/Downloads/build/flex flex-2.5.39
You have to change the name from flex to flex-2.5.39 and you have to rerun source build/ again.

Then i got the following errors:

bootable/recovery/gui/../twrp-functions.hpp:24:10: fatal error: 'ext4_utils/ext4_crypt.h' file not foundbootable/recovery/gui/../twrp-functions.hpp:24:10: error: 'ext4_utils/ext4_crypt.h' file not found with <angled> include; use "quotes" insteadbootable/recovery/twrp.cpp:49:10: fatal error: 'base/strings.h' file not foundThis i could resolve with:

cd bootable/recovery
ln -s ../../system/extras/ext4_utils
vi twrp-functions.hpp # add the quotes!
ln -s ../../system/core/base/include/android-base base

After that the build went through and i got a TWRP image:
-rw-rw-r--  1 schroff schroff 26937344 Mai 17 23:40 recovery.img
This ran without a problem on my J5 after a
heimdall flash --RECOVERY recovery.img

Samsung J5 2017 (aka j5y17lte) installing STOCK ROM

Sat, 2020-05-16 09:37
After installing a custom ROM (s. here) i wanted to flash the STOCK  ROM onto my smartphone again.
So what to do?

First: Download a ROM (e.g.

and you will get something like
this zip cannot be sideloaded. So you have to unzip and the you have:
Within this you have to do a:
 for a in *md5; do echo $a;  tar -xvf $a; done
and the result should be:
boot.img   cm.bin      modem.bin  recovery.img  system.img
cache.img  hidden.img  param.bin  sboot.bin     userdata.img
or just type:

~/bin/heimdall flash --BOOT boot.img --SYSTEM system.img --CACHE cache.img --HIDDEN hidden.img --PARAM param.bin --CM cm.bin --USERDATA userdata.img --RADIO modem.bin --BOOTLOADER sboot.bin --RECOVERY recovery.img
and after nearly 10 minutes of anxious waiting you J5 boots up with the STOCK ROM again.

Corona-Homeoffice: second monitor for my laptop - portable!

Sat, 2020-05-09 15:03
After several weeks working in homeoffice and my children in homeschooling i had to increase my efficieny. And the best thing is to get a second monitor running which meets the following requirements:
  • Single Plug (for signal and power)
  • Easy movable from living room to workspace and back
  • Touchscreen would be nice
 So i decided to buy a wimaxit 15.6" portable monitor and today it arrived:

The second screen is only connected (and charged) via USB-C.
Even connecting my smartphone just works out of the box - really cool! 

My Samsung Galaxy J5 (2017) aka j5y17lte with lineage os

Sat, 2020-05-02 15:21
In the last weeks i did some tests with installing custom ROMs to my old devices:
The next step was to try this with my Samsung J5:
root@zerberus:~/bin# ./heimdall print-pit
Heimdall v1.4.2

Copyright (c) 2010-2017 Benjamin Dobell, Glass Echidna

This software is provided free of charge. Copying and redistribution is

If you appreciate this software and you would like to support future
development please consider donating:

Initialising connection...
Detecting device...
Claiming interface...
Setting up interface...

Initialising protocol...
Protocol initialisation successful.

Beginning session...

Some devices may take up to 2 minutes to respond.
Please be patient!

Session begun.

Downloading device's PIT file...
PIT file download successful.

Entry Count: 29
Unknown 1: 1598902083
Unknown 2: 844251476
File Size (Obsolete): 0
Partition Name: USERDATA
Flash Filename: userdata.img
FOTA Filename: remained

Ending session...
Rebooting device...
Releasing device interface...
But for the next step (flashing the boatloader with TWRP) i got the follwoing error:
root@zerberus:~/bin# ./heimdall flash --RECOVERY ../Downloads/twrp-3.3.1-1-j5nlte.img --no-reboot
Heimdall v1.4.2

Copyright (c) 2010-2017 Benjamin Dobell, Glass Echidna

This software is provided free of charge. Copying and redistribution is

If you appreciate this software and you would like to support future
development please consider donating:

Initialising connection...
Detecting device...
Claiming interface...
Setting up interface...

Initialising protocol...
Protocol initialisation successful.

Beginning session...

Some devices may take up to 2 minutes to respond.
Please be patient!

Session begun.

Downloading device's PIT file...
PIT file download successful.

Uploading RECOVERY
RECOVERY upload successful

Ending session...
ERROR: Failed to receive session end confirmation!
Releasing device interface...
The smartphone showed this:
RMM STATE: Prenormal
KG STATE: Checking
Only official released binaries are allowed to be flashed(RECOVERY)
KG = Knox Guard
RMM = Remote Monitoring and Management

I found a solution for this problem ( It just says: wait 7 days...


And after 7 days:
And then:

 /bin# ./heimdall flash --RECOVERY ../AndroidDevices/TWRP-3.2.3-TwrpBuilder-j5y17lte-2018-09-13_15-34.img  --no-reboot

Heimdall v1.4.2
Copyright (c) 2010-2017 Benjamin Dobell, Glass Echidna

This software is provided free of charge. Copying and redistribution is

If you appreciate this software and you would like to support future
development please consider donating:

Initialising connection...
Detecting device...
Claiming interface...
Setting up interface...

Initialising protocol...
Protocol initialisation successful.

Beginning session...

Some devices may take up to 2 minutes to respond.
Please be patient!

Session begun.

Downloading device's PIT file...
PIT file download successful.

Uploading RECOVERY
RECOVERY upload successful

Ending session...
Releasing device interface...

And after that i was able to install the lineage os plus the Google playstore:

adb sideload ../Downloads/
adb sideload The only problem:
Only an unofficial lineage version 15.1 was available for the Samsung J5 2017 aka "j5y17lte". I found one build with version 16 but there the WLAN was broken...

So this was a step back from Android 9 to Android 8.1 - but system space moved from 800MB free to 7GB free ;-)