sssd-client-2.9.4-3.el8 .>.  H0,,..f))V U]}%zd?eI2"a.sh-o5W2y+;XP-Lu 6uhJ4P"A!}'ףj\ a$8Πb ! - 2]GU&Jy)T$R2_[ eWEp=\,810o;tMNtBoD(QQc`2/2mgP'08/E+ x*Ii4>erqi6,]9Ĕu#'Om/CsA > MsUp!Xr[Jp5}*@/'sdb9| ALyw柱ɏpu1IrJ4~*Z=?/5$:dSױ:80؆PxC`^q%`Vt>.Řc2b42d0ed5dff9a2159dff7c18c5857d52808dbdf4ccc1b06bc333128ce166cce9745695273687213fdd9175f5909b92e213ac3d0302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb5006730650231008d9344235701c8e192b3d5d9a73e6c7f5936dcd19f9a657bae45b97763fe1436a31d52aa8a4a23f9f4a785dcfe8b7a5002305173ae902c38c675500ee70a64e3b3ebb37a225b2c74eec9acfbde1e96ecdab6ef0886a11846ccbdb3d99e4cb763f7640302047c435bb500683066023100f681beb4c37ac0d8162e6a041a011de196af7a44fdba09aa4f7d5fc85b65f461053d6ddabc619e0e0d7be62795327367023100fcf8373cf51ce591ac3949b5e907efa7eeb7e0a5282945b49d34f4e87c3fc8a61017959ddb4a5809d06b5ffd75bc8b700302047c435bb50067306502307483a22a5440ec305bda78e06a7119d7d20f23d8dd37f669d01c20d677e1d3846ff19ffde30eea58b79bcf7e15f1e262023100a169a0dbbf92efbfcbf3b30fe8d5eaf100b641030f6a3ef0f6e197b378b75b94818045c28a367e202e39e5cf7d4453de0302047c435bb500683066023100b2da77b76e3d9038e0beb4faebd66cbaa24c673d7392d5101c38ae881d0aadbb90db0fa61197848436a5b1f10e2ecba8023100917edca19c13a161c54a99bf909584b79e6f4a3dcd58f6cd4d65318e3c98d46a61c8fbf5c1767781a7b3d2bbaf4e97250302047c435bb500683066023100c2f948ecf0f85ec8bda3ffac17e49612ed84eee5501cbcf6cffa058948c658a01e3a69b32dd0d4c13d2e14e88cf171e3023100e5dc19337a169e5d93122cafeba18d699bedf2375e2763a95421745282bea484281781e10d6833a74c67f5c912ab03df0302047c435bb500683066023100998c7a21f341bfbfb91fa701b14d08baca0365a8c7b8e3c5655b91bd53e98545c77d90dc9eefd1bd43049fa2dbead5af0231009be5c8b61dcd7e0e013a04b5358fec29edc0bfba281ae1eeaaf693b0ccbe03297ba724e5453d8a00d0331ed45ab80e510302047c435bb500663064023078bfcadbe13bf17141e3871e928610e8dbb9e7c0465f05aa0105e58478d92fd7ec88be69201f71b65dcd3648d95ca02b023062aaee6e6eb0804de536b00130233b5285fce9d2747e4517891dfc31a2cc558e181d42cf36e3f43a55a6bd95ecb93d550302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb500683066023100a55c44a30a0451c2f6cdad997b9f6c904faf8c4c9bc7c2ec84b84be0c57b1dbdebeb9b71c865f696693f1097dec65cad023100cbf43d0eb36a15c86a88258b6a5603bd48eab691aac0266c68543b5f5c4207c3313bcbdfe32b0803cd888ef7075c29330302047c435bb500663064023026480e5a07430acda3f688f0f0a0544dfa63fe69eaff2fd62e751f4a47cc165cbb34398c72eb777a8de78230cc0c2a8102305c1f5e77cbc2bc2d54407f81db275fb4db8c5a41462d6a6e474de2e80907e20de7128f150dda62d56edb712a46dc9fc30302047c435bb5006730650230540b6d3ac4705639090ad57d4a4f2851f29592105714ee16793691c809bebd4097739630ff3dbac735ae842cd7cd657802310083b07517c14040073e609b923999e355a5f90b57309cad1966355bd5ebe3371ad6faaf2a39ae514c1471a208b03001b20302047c435bb500683066023100a5b2152ec2ad66aa4c7a3cd91be8f87d7c61d3d8acc65f72a0c52affc67f1dc72c7e03313085785453a6e5f792d95a1a023100ee85723137ae039d0a268e0f266a3413cd5b794dd77f3fec6c960c0da169543db7ea488d3ffdc17a2dbf640b012fd2ec0302047c435bb5006830660231008f659240a48b30a2df2e1cc7a9b56158bf8f108da8ef08e88a58befab5f60b82afd0c3e2a71c9e149a5def719a15a6590231008ec0212f278a2d085be321fb1283980f36c9a37bc542b4a9d722ccebd44b03f433bacfad3a3e764cd44f248dfe9ac49f0302047c435bb500683066023100ab048a0e497aa8f9f787a0b36897476e5c223b5d3917aeb281b36e3c40ab014038b756ce0794102fbdf1084a4b2879bf023100f4a54338040a89e8bac3f6f5c5e3e569119388e27c974539f711e1115538d9ea52df8381ba3af66a77392cd5b8952bba0302047c435bb500673065023100ffaa68c69279e3f0b5f352531b2d8c1477d18b9ee6992445b211d486cbc59ee04a9fcc1872415fce16b0256d4f54a396023020c5840c080408fccd696f1e330bf29a337008de7dee5814e9a5569cfb3196640c905ca6cf9dd07ff2f49dae8fc053820302047c435bb50067306502303412cc1b085f408d699c4b31964844449cef566278d040f36d8c39882a4d240280d03ba7242a2243f6efaecb4544e97b023100ddd8c80624e6312296f910168521b4177c59cc572795882dc6af98a9033a63a21ed677ffd2aecd005babead797e8c14b0302047c435bb500673065023100b620c77cd3268198b153d9aea0677c70fbcd2fc710812a2345a6f450cdef0829e25a8b3bd79781ceed96f9f131953be3023062399fe5d12b9d60ee456a483b7a80801979d47b6e980377164a8b17891ab04dc8764fb71ca56ffddd7a4a179f32bed90302047c435bb500673065023040c431e85426907d6aaab4a4aa93915169211ce68082d964239a9fab15947f77b3218fe6f908acc1d29d5dbf3452f48f023100f48e382729868e9d74b16734d5f3a103a35804f2a28537d7a2bf5818098fd754cc14b01dc0406eb3cedcac11fe2207410302047c435bb5006730650230662d3b52494aae2707689150dd2635382fa0545ad6f8a69cf5a21ec403b254f53069b769e570a39e334600d68af8d8f9023100c7c787a23db6a456245c92173cf8d56ae4e0811f2b7d9e84c0607227da2d731f54b4234037b19710fce58f63a52dd64c0302047c435bb500673065023100e9920379dcb244cd5382846594b4bcd40d2927b89050d526d680f4f40e0644bf3787edee8ea0817f603df1f543659d5c0230164b2c1e6d849b5527bcf4a1387960795e6ce1a721d743ae978d6602349224867640ba12c858d99fc73b7eacb16202fc0302047c435bb5006630640230630d60e9617f9ff375d6f065156b8f81cadaeed46a3ed3ac34bc7e84ccd50f9c275376b7a5e68031c804c78237898ae802307e520f5e74e6012aee848e6dd5c2c829691ed5b0a0893ed0ff3ebaf5049c759936115ec92fa0917fe6a37d36e775cbf50302047c435bb500673065023100aa7396c0805d2b2dcf4bd56f5d080e78201c3a0b3b37f12728e2eda87d335048c8fe28d2f6c458f1344c4cc145c55a2702306cfbaa1d82bbfe12bc47174c5cb0e4c9f07e8c831b9c0baefe59ab403082f467475b16146929e5b08db919b24c03126a0302047c435bb5006830660231008b903146d9970a488db5ff07ee0abecc8405ce9521599df4cd1a5a22fabfbcede790d8d81878d6a82fd9db5deb495640023100e6b9c37284812dcab5adfc25572dd9510bd1bb049daea75222e05be62b2f0d49504dd50f29992ef0ba7cd5d95423b2500302047c435bb5006730650231009e07fdc34c16b58e4ac811186b56d20eeef30910b5cd0821964433a904ddf0cb127d688240721b7b70362a05fae50a7202307c09e2c00ddf1e33a7e12d2a498ea620bdd53a489b964a707b6fa9f9c8409c90d69517e81c19f9a1297b65e8b33cf4640302047c435bb500673065023032f810b6fc515fe158369c1953642e32d08b38cf571cd18e1709bcde4f7f2843df055ea2ba6c13d450ab8e185e07304b023100ae9f5ad0f701b33d613a4e61058821d1fc420bdc172d96c59594e862f179d68b4aaf84acaadf7141903b6db881aef7ea0302047c435bb500673065023025b7c78485dd818694c259723c9c69d754b1fc5cd9d7761274d47dba8aa4c9903f97ccf7cceb58f673c2df007b97938b023100ad93d5ce4eaa62b12f5ac3f702a33fa1cadd1fff13563be4f0cf375bd3506484aab1f109e5b256fe9cd7b62bdb8925cd0302047c435bb500673065023012b0b0def09765c4ba35afd162967d7969791728adc88a1da109570f423da5475377ccfaeddb9ee1b97a51a2340655a2023100e62d319b11ad863c277be03f616580b026b78658df7e0cb56a8e1cc141882935f26f563ff5f0dc89bed9955125d2a8240302047c435bb5006630640230019d1db9cf61e62560799c8ba1ff4ff9b4d5a8c92175795cf60e4332ceb9a64afca1bcef195b342a343c68e29d7fa9ef023031d6ca230da634f2ef4f33923caaaa0161705055ab797247ae2406fc7755e6441640c46986a50fe46471bf80a663ef430302047c435bb50066306402307f7d55c581cd6fab79d28dd78c55de4f9cb1ac30cd8e77bc1bb46da4d2d151a272b222ccb483930dc70d39bd07024ba902302312f788e8cba5b8f40f2bb967595f08401147e2a66c0d728a76ddeacae11077395ecbf721995bbeef128a8032d27ee2 f))V U]` _N5I?h15tO>U$dO+x,txX9t 8ZizdsCE&Ü7Y!Wb6RЊ#;?w:he~}Ey]^DW0ļ6$ھ>\(<# e`_B^'.ʬk=8pSaf0],nD-ʠA^ PG%Aq;%ޮcJrr&|-ihg }ev!A黳cW'[◡K2SARt.6yK,ou1NnTxnZwel! l;Kǣn (mAS1|z-! ?&KQ,̤ `$|ag¥@ҩߵ&G>r)8UzϮf!*Y}_N~zۛ9D 510Gr{~P[v[8&FIYI#J-ؠ`37I.a b( \>pAP?@d  @ $,400 T0 0 t0  d0  ,0 000@##s#(89:p>>?@G0Hd0I$0XpY\0]d0^2bodeflt0u0v@wL0x 0yI<Csssd-client2.9.43.el8SSSD Client libraries for NSS and PAMProvides the libraries needed by the PAM and NSS stacks to connect to the SSSD service.f!aarch64-02.stream.rdu2.redhat.com CentOSCentOSLGPLv3+builder@centos.orgApplications/Systemhttps://github.com/SSSD/sssdlinuxaarch64/sbin/ldconfig /usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin /usr/lib64/cifs-utils/cifs_idmap_sss.so 20if [ $1 -eq 0 ] ; then /usr/sbin/alternatives --remove cifs-idmap-plugin /usr/lib64/cifs-utils/cifs_idmap_sss.so fiF2%%>-@) P(hp@K G 2  e } ;  AAAAAAAAAAAA큤f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!e+e+f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!f!32f0c38d0be4a3913a465c0154ddeae99c9c34cdbb9603cded45d16cf255bcee89e02018476876a92298f0a2e73899076120fc0855e14684e3598066d751d19e8c8538b473337097b11c47525bb926f7617ac98836b4d41af0b20a2d26d7541f162454d18e62dc097fe013c445dc75d2463e1c99a87559c28d66d87e873c45d95524fcfbdb843ab74c780a6b535aa804275a0172513dbe99dc66693663412a952aeaf2b6c0687192ffb55f1e93cdaf0245de40521b6472e63593175accdc6a412a296d184845865bf617186f9daac4817d3c992e3324989af63e546d0ad44a5f782fa9eb11b4e62d30e8e7de404bc346e6d989639e7b8e02a481fc746e4faabb8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b9036c57f43c939054fd4b831f271a14c97a488c38f98cdda5e887c5d396e3b3bc5807453e33bc01ac100eb85465b4cdd00d0f4fe2bd6c86f96dec4b851123cb3e558ef45d790506e777d3bfc68028a2707cf8f796583c30a569b60e0ee388b342adf2df68b9de7f0a4dc6a67245f7fa726636b2601c6e2fabc59ed8bc7cf2f9dba0c52223fb09339107a0351fea03bf45dec3aa084aca19886053023f570c81ece71b92baf4aaf093bc061c11267f72ed5afce38ad29b13be53385335a9918ed1ec20b06823cca53ffc0c59daf18c22a5dcc61e1897dc5969913394b7cb704ac0c8cac535da4dd84905a20f9e785afc25c6978e87a5af90c8598190b02476ba6219c951c1ac5bec3cde80294d65dd0b621c9db148b375fd4497307fa6349899b5781b863646f483b1c5cb76bb07567fec8a14ea4da691c7d8c54a02940abace82e89311743174cafbc58847dfa61459c6c58e1940d6c000801d8a5d3b1d13462b46257b61ee6dee3fd1ae6c11eecf5f98ee4057205c7e605470031eab2056c4aa41e0da2eb6086f84fbd41b2ff7139386abebe2c5b82dde2427bd6eb5ad42341e4f3c81a94743be0bef2b7a53121280b1f0b3723850eedb493687ea8cc604bc0dd55ed68e35df719b6c2a9e1a085821f3accc05946b11e0d5b74fdb5528109d8a38d83f5b95f8d0b44322d51010def68aaad1e2d2dbd1f272634d6d8873ef211069adf0db9d403e359c787d5f760860aef75fbf44bae39989ae3c5663890d4b3363ce588084e000804d6b828d2196a6dc242583eafe388915c1a09acd4d632de4f5../../../../usr/lib64/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so../../../../usr/lib64/cifs-utils/cifs_idmap_sss.so../../../../usr/lib64/libnss_sss.so.2../../../../usr/lib64/libsubid_sss.so../../../../usr/lib64/krb5/plugins/authdata/sssd_pac_plugin.so../../../../usr/lib64/security/pam_sss_gss.so../../../../usr/lib64/sssd/modules/sssd_krb5_localauth_plugin.so../../../../usr/lib64/security/pam_sss.so@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootsssd-2.9.4-3.el8.src.rpmlibnss_sss.so.2()(64bit)libnss_sss.so.2(EXPORTED)(64bit)libsubid_sss.so()(64bit)libsubid_sss.so(EXPORTED)(64bit)sssd-clientsssd-client(aarch-64) @@@@@@@@@@@@@@@@@@@@@    @/bin/sh/bin/sh/sbin/ldconfig/sbin/ldconfig/sbin/ldconfig/usr/sbin/alternatives/usr/sbin/alternativesld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.28)(64bit)libcom_err.so.2()(64bit)libgssapi_krb5.so.2()(64bit)libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)libk5crypto.so.3()(64bit)libkrb5.so.3()(64bit)libkrb5.so.3(krb5_3_MIT)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam.so.0(LIBPAM_EXTENSION_1.0)(64bit)libpam.so.0(LIBPAM_MODUTIL_1.0)(64bit)libpthread.so.0()(64bit)libsss_idmaplibsss_idmap.so.0()(64bit)libsss_idmap.so.0(SSS_IDMAP_0.4)(64bit)libsss_nss_idmaplibsss_nss_idmap.so.0()(64bit)libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.0.1)(64bit)libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.5.0)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.9.4-3.el82.9.4-3.el83.0.4-14.6.0-14.0-15.2-14.14.3f! @e@e{@eReRd@dd@du@doMdbc&@cR@c|c_cc@bbγba@baZ@a6aɪa@aKa@`.`@`[` @`&m`@`x@__@_@_#___[@_?@_-B@_@_@^@^@^^(@^oj@^ku^Y^S^J@^C^0"@^0"@^0"@^@^@^@]f@]f@] @] @]+]]Y]Y]|@]o@]k]k]Y=]Y=]Y=]Y=]Y=]M`@]M`@]M`@]D%]D%]D%]9]9]]]@]@\\`@\]o@\\\\\\\@\>@\>@\>@\\\\l@[Ѱ@[^[[ā@[ā@[ā@[;@[;@[;@[;@[;@[[@[@[@[@[@[t[#@[#@[@[@[qr[;e@["XZZ&Zw@Z Z$Zz@ZyZiZiZWQZWQZ%8Z@Z@YZ@Y@YYzYKYyYw2YRHYRHY@X-XX~@XO@X}@X@XX6@XWXOXXWW@WWW@WWv[@Wi,@W5W@W@V3VVVvV%@VqR@VO @V<@V/g@V$@V @V @UpU|@U4@UUUU@UzUzUzUL@UL@U.RU@TTT@T~T8TܕT@T@TTTq@T@T@Tp@TA@TuTto@TG@TD@TT @S0SS@S.SP@S @Sg@SrS!@SkqSkqSG@SFSCS!SSRRpRpR^R[RSRNREs@RD!R@R@RNQB@Q@QQQکQQQo@Q)@Q@QQ@Q@QbQbQV@Q'@QQQQnQZ@QU@Q0@QQQ@Q@QQ @QQh@PP@P@P@Pz@Pz@PqnPl(PaPaPS@PH@PDPM>M2@MMzMx@Mj - 2.9.4-3Alexey Tikhonov - 2.9.4-2Alexey Tikhonov - 2.9.4-1Alexey Tikhonov - 2.9.3-2Alexey Tikhonov - 2.9.3-1Alexey Tikhonov - 2.9.2-1Alexey Tikhonov - 2.9.1-2Alexey Tikhonov - 2.9.1-1Alexey Tikhonov - 2.9.0-4Alexey Tikhonov - 2.9.0-3Alexey Tikhonov - 2.9.0-1Alexey Tikhonov - 2.8.2-2Alexey Tikhonov - 2.8.2-1Alexey Tikhonov - 2.8.1-1Alexey Tikhonov - 2.7.3-5Alexey Tikhonov - 2.7.3-4Alexey Tikhonov - 2.7.3-3Alexey Tikhonov - 2.7.3-2Alexey Tikhonov - 2.7.3-1Alexey Tikhonov - 2.7.2-1Alexey Tikhonov - 2.7.0-2Alexey Tikhonov - 2.6.2-3Alexey Tikhonov - 2.6.2-2Alexey Tikhonov - 2.6.2-1Alexey Tikhonov - 2.6.1-2Alexey Tikhonov - 2.6.1-1Alexey Tikhonov - 2.5.2-2Alexey Tikhonov - 2.5.2-1Alexey Tikhonov - 2.5.1-2Alexey Tikhonov - 2.5.1-1Alexey Tikhonov - 2.5.0-1Alexey Tikhonov - 2.4.0-8Alexey Tikhonov - 2.4.0-7Alexey Tikhonov - 2.4.0-6Alexey Tikhonov - 2.4.0-5Alexey Tikhonov - 2.4.0-4Alexey Tikhonov - 2.4.0-3Alexey Tikhonov - 2.4.0-2Alexey Tikhonov - 2.4.0-1Alexey Tikhonov - 2.3.0-9Alexey Tikhonov - 2.3.0-8Alexey Tikhonov - 2.3.0-7Alexey Tikhonov - 2.3.0-6Alexey Tikhonov - 2.3.0-5Alexey Tikhonov - 2.3.0-4Alexey Tikhonov - 2.3.0-3Alexey Tikhonov - 2.3.0-2Alexey Tikhonov - 2.3.0-1Alexey Tikhonov - 2.2.3-19Alexey Tikhonov - 2.2.3-19Michal Židek - 2.2.3-18Alexey Tikhonov - 2.2.3-17Alexey Tikhonov - 2.2.3-16Michal Židek - 2.2.3-15Michal Židek - 2.2.3-14Michal Židek - 2.2.3-13Michal Židek - 2.2.3-12Michal Židek - 2.2.3-11Michal Židek - 2.2.3-10Michal Židek - 2.2.3-9Michal Židek - 2.2.3-8Michal Židek - 2.2.3-7Michal Židek - 2.2.3-6Michal Židek - 2.2.3-5Michal Židek - 2.2.3-4Michal Židek - 2.2.3-3Michal Židek - 2.2.3-2Michal Židek - 2.2.3-1Michal Židek - 2.2.2-1Michal Židek - 2.2.0-19Michal Židek - 2.2.0-18Michal Židek - 2.2.0-17Michal Židek - 2.2.0-16Michal Židek - 2.2.0-15Michal Židek - 2.2.0-14Michal Židek - 2.2.0-13Michal Židek - 2.2.0-12Michal Židek - 2.2.0-11Michal Židek - 2.2.0-10Michal Židek - 2.2.0-9Michal Židek - 2.2.0-8Michal Židek - 2.2.0-7Michal Židek - 2.2.0-6Jakub Hrozek - 2.2.0-5Jakub Hrozek - 2.2.0-4Jakub Hrozek - 2.2.0-3Jakub Hrozek - 2.2.0-2Michal Židek - 2.2.0-1Michal Židek - 2.1.0-1Michal Židek - 2.0.0-45Jakub Hrozek - 2.0.0-43Michal Židek - 2.0.0-42Michal Židek - 2.0.0-41Michal Židek - 2.0.0-40Michal Židek - 2.0.0-39Michal Židek - 2.0.0-38Michal Židek - 2.0.0-36Michal Židek - 2.0.0-35Michal Židek - 2.0.0-34Michal Židek - 2.0.0-33Michal Židek - 2.0.0-32Michal Židek - 2.0.0-31Michal Židek - 2.0.0-30Michal Židek - 2.0.0-29Michal Židek - 2.0.0-28Michal Židek - 2.0.0-27Michal Židek - 2.0.0-26Michal Židek - 2.0.0-25Michal Židek - 2.0.0-24Jakub Hrozek - 2.0.0-23Jakub Hrozek - 2.0.0-22Jakub Hrozek - 2.0.0-21Jakub Hrozek - 2.0.0-20Jakub Hrozek - 2.0.0-19Jakub Hrozek - 2.0.0-18Jakub Hrozek - 2.0.0-17Jakub Hrozek - 2.0.0-16Jakub Hrozek - 2.0.0-15Jakub Hrozek - 2.0.0-14Jakub Hrozek - 2.0.0-13Jakub Hrozek - 2.0.0-12Jakub Hrozek - 2.0.0-11Jakub Hrozek - 2.0.0-10Jakub Hrozek - 2.0.0-9Jakub Hrozek - 2.0.0-8Jakub Hrozek - 2.0.0-7Jakub Hrozek - 2.0.0-6Jakub Hrozek - 2.0.0-5Jakub Hrozek - 2.0.0-4Jakub Hrozek - 2.0.0-3Jakub Hrozek - 2.0.0-2Fabiano Fidêncio - 2.0.0-1Tomas Orsava - 1.16.2-2Fabiano Fidêncio - 1.16.2-1Fabiano Fidêncio - 1.16.1-3Fabiano Fidêncio - 1.16.1-2Fabiano Fidêncio - 1.16.1-1Lukas Slebodnik - 1.16.0-13Fabiano Fidêncio - 1.16.0-12Lukas Slebodnik - 1.16.0-11Lukas Slebodnik - 1.16.0-10Igor Gnatenko - 1.16.0-9Lukas Slebodnik - 1.16.0-8Lukas Slebodnik - 1.16.0-7Björn Esser - 1.16.0-6Lukas Slebodnik - 1.16.0-5Lukas Slebodnik - 1.16.0-4Jakub Hrozek - 1.16.0-3Lukas Slebodnik - 1.16.0-2Lukas Slebodnik - 1.16.0-1Lukas Slebodnik - 1.15.3-5Lukas Slebodnik - 1.15.3-4Lukas Slebodnik - 1.15.3-3Fedora Release Engineering - 1.15.3-2Lukas Slebodnik - 1.15.3-1Lukas Slebodnik - 1.15.3-0.beta.5Lukas Slebodnik - 1.15.3-0.beta.4Lukas Slebodnik - 1.15.3-0.beta.3Lukas Slebodnik - 1.15.3-0.beta.2Lukas Slebodnik - 1.15.3-0.beta.1Lukas Slebodnik - 1.15.2-1Lukas Slebodnik - 1.15.1-1Jakub Hrozek - 1.15.0-4Lukas Slebodnik - 1.15.0-3Fedora Release Engineering - 1.15.0-2Lukas Slebodnik - 1.15.0-1Miro Hrončok - 1.14.2-3Lukas Slebodnik - 1.14.2-2Lukas Slebodnik - 1.14.2-1Lukas Slebodnik - 1.14.1-4Lukas Slebodnik - 1.14.1-3Lukas Slebodnik - 1.14.1-2Lukas Slebodnik - 1.14.1-1Stephen Gallagher - 1.14.0-5Fedora Release Engineering - 1.14.0-4Lukas Slebodnik - 1.14.0-3Lukas Slebodnik - 1.14.0-2.betaLukas Slebodnik - 1.14.0-1.alphaLukas Slebodnik - 1.13.4-3Lukas Slebodnik - 1.13.4-2Lukas Slebodnik - 1.13.4-1Lukas Slebodnik - 1.13.3-6Lukas Slebodnik - 1.13.3-5Fedora Release Engineering - 1.13.3-4Lukas Slebodnik - 1.13.3-3Lukas Slebodnik - 1.13.3-2Lukas Slebodnik - 1.13.3-1Lukas Slebodnik - 1.13.2-1Robert Kuska - 1.13.1-5Lukas Slebodnik - 1.13.1-4Lukas Slebodnik - 1.13.1-3Lukas Slebodnik - 1.13.1-2Lukas Slebodnik - 1.13.1-1Lukas Slebodnik - 1.13.0-6Lukas Slebodnik - 1.13.0-5Lukas Slebodnik - 1.13.0-4Lukas Slebodnik - 1.13.0-3Lukas Slebodnik - 1.13.0-2.alphaLukas Slebodnik - 1.13.0-1.alphaFedora Release Engineering - 1.12.5-4Lukas Slebodnik - 1.12.5-3Lukas Slebodnik - 1.12.5-2Lukas Slebodnik - 1.12.5-1Lukas Slebodnik - 1.12.4-8Lukas Slebodnik - 1.12.4-7Lukas Slebodnik - 1.12.4-6Lukas Slebodnik - 1.12.4-5Jakub Hrozek - 1.12.4-4Jakub Hrozek - 1.12.4-3Lukas Slebodnik - 1.12.4-2Lukas Slebodnik - 1.12.4-1Lukas Slebodnik - 1.12.3-7Lukas Slebodnik - 1.12.3-6Jakub Hrozek - 1.12.3-5Lukas Slebodnik - 1.12.3-4Lukas Slebodnik - 1.12.3-3Lukas Slebodnik - 1.12.3-2Lukas Slebodnik - 1.12.3-1Lukas Slebodnik - 1.12.2-8Sumit Bose - 1.12.2-7Lukas Slebodnik - 1.12.2-6Jakub Hrozek - 1.12.2-5Jakub Hrozek - 1.12.2-4Jakub Hrozek - 1.12.2-3Jakub Hrozek - 1.12.2-2Jakub Hrozek - 1.12.2-1Jakub Hrozek - 1.12.1-2Jakub Hrozek - 1.12.1-1Jakub Hrozek - 1.12.0-7Fedora Release Engineering - 1.12.0-6Stephen Gallagher 1.12.0-5Jakub Hrozek - 1.12.0-1Fedora Release Engineering - 1.12.0-4.beta2Jakub Hrozek - 1.12.0-1.beta2Jakub Hrozek - 1.12.0-2.beta1Jakub Hrozek - 1.12.0-1.beta1Jakub Hrozek - 1.11.5.1-4Stephen Gallagher - 1.11.5.1-3Stephen Gallagher - 1.11.5.1-2Jakub Hrozek - 1.11.5.1-1Stephen Gallagher 1.11.5-2Jakub Hrozek - 1.11.5-1Sumit Bose - 1.11.4-3Jakub Hrozek - 1.11.4-2Jakub Hrozek - 1.11.4-1Jakub Hrozek - 1.11.3-2Jakub Hrozek - 1.11.3-1Jakub Hrozek - 1.11.2-1Sumit Bose - 1.11.1-5Sumit Bose - 1.11.1-4Jakub Hrozek - 1.11.1-3Jakub Hrozek - 1.11.1-2Jakub Hrozek - 1.11.1-1Jakub Hrozek - 1.11.0-3Jakub Hrozek - 1.11.0-2Jakub Hrozek - 1.11.0-1Jakub Hrozek - 1.11.0-0.4.beta2Fedora Release Engineering - 1.11.0-0.3.beta2Jakub Hrozek - 1.11.0.2beta2Jakub Hrozek - 1.11.0.1beta2Jakub Hrozek - 1.10.1-1Jakub Hrozek - 1.10.0-17Stephen Gallagher - 1.10.0-16Stephen Gallagher - 1.10.0-15Stephen Gallagher - 1.10.0-14Jakub Hrozek - 1.10.0-13Dan Horák - 1.10.0-12.beta2Jakub Hrozek - 1.10.0-11.beta2Jakub Hrozek - 1.10.0-10.beta2Jakub Hrozek - 1.10.0-9.beta2Jakub Hrozek - 1.10.0-8.beta1Jakub Hrozek - 1.10.0-8.beta2Jakub Hrozek - 1.10.0-7.beta1Jakub Hrozek - 1.10.0-6.beta1Jakub Hrozek - 1.10.0-5.beta1Jakub Hrozek - 1.10.0-4.beta1Jakub Hrozek - 1.10.0-3.beta1Jakub Hrozek - 1.10.0-2.alpha1Jakub Hrozek - 1.10.0-1.alpha1Jakub Hrozek - 1.9.5-10Stephen Gallagher - 1.9.4-9Jakub Hrozek - 1.9.4-8Jakub Hrozek - 1.9.4-7Jakub Hrozek - 1.9.4-6Jakub Hrozek - 1.9.4-5Jakub Hrozek - 1.9.4-4Jakub Hrozek - 1.9.4-3Jakub Hrozek - 1.9.4-2Jakub Hrozek - 1.9.4-1Jakub Hrozek - 1.9.3-1Jakub Hrozek - 1.9.2-5Jakub Hrozek - 1.9.2-4Jakub Hrozek - 1.9.2-3Jakub Hrozek - 1.9.2-2Jakub Hrozek - 1.9.2-1Jakub Hrozek - 1.9.1-1Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-23Jakub Hrozek - 1.9.0-22.rc1Jakub Hrozek - 1.9.0-21.beta7Jakub Hrozek - 1.9.0-20.beta6Jakub Hrozek - 1.9.0-19.beta6Jakub Hrozek - 1.9.0-18.beta6Jakub Hrozek - 1.9.0-17.beta6Jakub Hrozek - 1.9.0-16.beta6Jakub Hrozek - 1.9.0-14.beta6Jakub Hrozek - 1.9.0-13.beta6Fedora Release Engineering - 1.9.0-13.beta5Jakub Hrozek - 1.9.0-12.beta5Stephen Gallagher - 1.9.0-11.beta4Jakub Hrozek - 1.9.0-10.beta4Jakub Hrozek - 1.9.0-9.beta4Stephen Gallagher - 1.9.0-8.beta3Stephen Gallagher - 1.9.0-7.beta2Stephen Gallagher - 1.9.0-6.beta2Stephen Gallagher - 1.9.0-5.beta2Stephen Gallagher - 1.9.0-4.beta1Stephen Gallagher - 1.9.0-3.beta1Stephen Gallagher - 1.9.0-2.beta1Stephen Gallagher - 1.9.0-1.beta1Stephen Gallagher - 1.8.3-11Stephen Gallagher - 1.8.2-10Stephen Gallagher - 1.8.1-9Stephen Gallagher - 1.8.1-8Stephen Gallagher - 1.8.1-7Stephen Gallagher - 1.8.0-6Stephen Gallagher - 1.8.0-5.beta3Stephen Gallagher - 1.8.0-4.beta3Petr Pisar - 1.8.0-3.beta2Stephen Gallagher - 1.8.0-1.beta2Stephen Gallagher - 1.8.0-1.beta1Stephen Gallagher - 1.7.0-5Stephen Gallagher - 1.7.0-4Stephen Gallagher - 1.7.0-3Fedora Release Engineering - 1.7.0-2Stephen Gallagher - 1.7.0-1Stephen Gallagher - 1.6.4-1Stephen Gallagher - 1.6.3-5Stephen Gallagher - 1.6.3-4Jakub Hrozek - 1.6.3-3Stephen Gallagher - 1.6.3-2Stephen Gallagher - 1.6.3-1Fedora Release Engineering - 1.6.2-5Stephen Gallagher - 1.6.2-4Stephen Gallagher - 1.6.2-3Stephen Gallagher - 1.6.2-2Stephen Gallagher - 1.6.2-1Stephen Gallagher - 1.6.1-1Stephen Gallagher - 1.6.0-2Stephen Gallagher - 1.6.0-1Stephen Gallagher - 1.5.11-2Stephen Gallagher - 1.5.10-1Stephen Gallagher - 1.5.9-1Stephen Gallagher - 1.5.8-1Stephen Gallagher - 1.5.7-3Stephen Gallagher - 1.5.7-2Stephen Gallagher - 1.5.7-1Stephen Gallagher - 1.5.6.1-1Stephen Gallagher - 1.5.6-1Stephen Gallagher - 1.5.5-5Stephen Gallagher - 1.5.5-4Stephen Gallagher - 1.5.5-3Stephen Gallagher - 1.5.5-2Stephen Gallagher - 1.5.5-1Stephen Gallagher - 1.5.4-1Stephen Gallagher - 1.5.3-2Stephen Gallagher - 1.5.3-1Stephen Gallagher - 1.5.2-1Simo Sorce - 1.5.1-9Stephen Gallagher - 1.5.1-8Stephen Gallagher - 1.5.1-7Stephen Gallagher - 1.5.1-6Stephen Gallagher - 1.5.1-5Fedora Release Engineering - 1.5.1-4Stephen Gallagher - 1.5.1-3Stephen Gallagher - 1.5.1-2Stephen Gallagher - 1.5.1-1Stephen Gallagher - 1.5.0-2Stephen Gallagher - 1.5.0-1Stephen Gallagher - 1.4.1-3Stephen Gallagher - 1.4.1-2Stephen Gallagher - 1.4.1-1Stephen Gallagher - 1.4.0-2Stephen Gallagher - 1.4.0-1Stephen Gallagher - 1.3.0-35Stephen Gallagher - 1.3.0-34Stephen Gallagher - 1.3.0-33Stephen Gallagher - 1.3.0-32Stephen Gallagher - 1.3.0-31Stephen Gallagher - 1.3.0-30David Malcolm - 1.2.91-21Stephen Gallagher - 1.2.91-20Stephen Gallagher - 1.2.1-15Stephen Gallagher - 1.2.0-12Stephen Gallagher - 1.1.92-11Stephen Gallagher - 1.1.91-10Simo Sorce - 1.1.1-3Stephen Gallagher - 1.1.1-1Stephen Gallagher - 1.1.0-2Stephen Gallagher - 1.1.0-1.pre20100317git0ea7f19Stephen Gallagehr - 1.0.5-2Stephen Gallagher - 1.0.5-1Stephen Gallagher - 1.0.4-1Stephen Gallagher - 1.0.3-1Stephen Gallagher - 1.0.2-1Stephen Gallagher - 1.0.1-1Stephen Gallagher - 1.0.0-2Stephen Gallagher - 1.0.0-1Stephen Gallagher - 0.99.1-1Stephen Gallagher - 0.99.0-1Stephen Gallagher - 0.7.1-1Stephen Gallagher - 0.7.0-2Stephen Gallagher - 0.7.0-1Stephen Gallagher - 0.6.1-2Stephen Gallagher - 0.6.1-1Stephen Gallagher - 0.6.0-1Sumit Bose - 0.6.0-0Simo Sorce - 0.5.0-0Jakub Hrozek - 0.4.1-4Fedora Release Engineering - 0.4.1-3Simo Sorce - 0.4.1-2Simo Sorce - 0.4.1-1Simo Sorce - 0.4.1-0Simo Sorce - 0.3.2-2Jakub Hrozek - 0.3.2-1Simo Sorce - 0.3.1-2Simo Sorce - 0.3.1-1Simo Sorce - 0.3.0-2Simo Sorce - 0.3.0-1Simo Sorce - 0.2.1-1Simo Sorce - 0.2.0-1Jakub Hrozek - 0.1.0-5.20090309git691c9b3Jakub Hrozek - 0.1.0-4Sumit Bose - 0.1.0-3Jakub Hrozek - 0.1.0-2Stephen Gallagher - 0.1.0-1- Resolves: RHEL-27205 - Race condition during authorization leads to GPO policies functioning inconsistently- Resolves: RHEL-25064 - AD users are unable to log in due to case sensitivity of user because the domain is found as an alias to the email address. [rhel-8] - Resolves: RHEL-25066 - gdm smartcard login fails with sssd-2.9.3 in case of multiple identities [rhel-8] - Resolves: RHEL-25065 - ssh pubkey stored in ldap/AD no longer works to authenticate via sssd [rhel-8]- Resolves: RHEL-2630 - Rebase SSSD for RHEL 8.10 - Resolves: RHEL-1680 - auto_private_groups does not create cache in IPA server SSSD cache - Resolves: RHEL-10092 - logfile rotation for sssd_kcm not working properly, sssd_kcm never receives a 'kill -HUP' - Resolves: RHEL-17495 - New sssd.conf seems not to be backwards compatible (wrt SmartCard auth of local users using 'files provider') - Resolves: RHEL-18431 - Excessive logging to sssd_nss and sssd_be in multi-domain AD forest - Resolves: RHEL-5033 - Incorrect IdM product name in man sssd.conf - Resolves: RHEL-15368 - SSSD GPO lacks group resolution on hosts [rhel-8] - Resolves: RHEL-10721 - very bad performance when requesting service tickets - Resolves: RHEL-19011 - Invalid handling groups from child domain - Resolves: RHEL-19949 - latest sssd breaks logging in via XDMCP for LDAP/Kerberos users [rhel-8]- Resolves: RHEL-2630 - Rebase SSSD for RHEL 8.10- Resolves: RHEL-2630 - Rebase SSSD for RHEL 8.10 - Resolves: RHEL-14070 - sssd-2.9.2-1.el8 breaks smart card authentication - Resolves: RHEL-3665 - Unexplainable error "Unable to find primary gid [2]: No such file or directory" when SSSD performs lookup for an AD user- Resolves: RHEL-2630 - Rebase SSSD for RHEL 8.10 - Resolves: rhbz#2226021 - dbus and crond getting terminated with SIGBUS in sss_client code - Resolves: rhbz#2237253 - SSSD runs multiples lookup search for each NFS request (SBUS req chaining stopped working in sssd-2.7)- Resolves: rhbz#2149241 - [sssd] SSSD enters failed state after heavy load in the system- Resolves: rhbz#2167836 - Rebase SSSD for RHEL 8.9 - Resolves: rhbz#2196521 - [RHEL8] sssd : AD user login problem when modify ldap_user_name= name and restricted by GPO Policy - Resolves: rhbz#2195919 - sssd-be tends to run out of system resources, hitting the maximum number of open files - Resolves: rhbz#2192708 - [RHEL8] [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed' - Resolves: rhbz#2139467 - [RHEL8] sssd attempts LDAP password modify extended op after BIND failure - Resolves: rhbz#2054825 - sssd_be segfault at 0 ip 00007f16b5fcab7e sp 00007fffc1cc0988 error 4 in libc-2.28.so[7f16b5e72000+1bc000] - Resolves: rhbz#2189583 - [sssd] RHEL 8.9 Tier 0 Localization - Resolves: rhbz#2170720 - [RHEL8] When adding attributes in sssd.conf that we have already, the cross-forest query just stop working - Resolves: rhbz#2096183 - BE_REQ_USER_AND_GROUP LDAP search filter can inadvertently catch multiple overrides - Resolves: rhbz#2151450 - [RHEL8] SSSD missing group membership when evaluating GPO policy with 'auto_private_groups = true'- Related: rhbz#2190417 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs- Resolves: rhbz#2167836 - Rebase SSSD for RHEL 8.9- Resolves: rhbz#2167836 - Rebase SSSD for RHEL 8.9 - Resolves: rhbz#2101489 - [sssd] Auth fails if client cannot speak to forest root domain (ldap_sasl_interactive_bind_s failed) - Resolves: rhbz#2143925 - kinit switches KCM away from the newly issued ticket - Resolves: rhbz#2151403 - AD user is not found on IPA client after upgrading to RHEL8.7 - Resolves: rhbz#2164805 - man page entry should make clear that a nested group needs a name - Resolves: rhbz#2170484 - Unable to lookup AD user from child domain (or "make filtering of the domains more configurable") - Resolves: rhbz#2180981 - sss allows extraneous @ characters prefixed to username #- Resolves: rhbz#2149091 - Update to sssd-2.7.3-4.el8_7.1.x86_64 resulted in "Request to sssd failed. Device or resource busy"- Resolves: rhbz#2127511 - Rebase SSSD for RHEL 8.8 - Resolves: rhbz#2136701 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139760 - [sssd] RHEL 8.8 Tier 0 Localization - Resolves: rhbz#2139865 - Analyzer: Optimize and remove duplicate messages in verbose list - Resolves: rhbz#2142795 - SSSD: `sssctl analyze` command shouldn't require 'root' privileged - Resolves: rhbz#2144491 - UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around - Resolves: rhbz#2150357 - Smart Card auth does not work with p11_uri (with-smartcard-required)- Resolves: rhbz#2127511 - Rebase SSSD for RHEL 8.8 - Resolves: rhbz#2144581 - [RFE] provide dbus method to find users by attr - Resolves: rhbz#2144579 - sssd timezone issues sudonotafter - Resolves: rhbz#2144519 - [RFE] SSSD does not support to change the user’s password when option ldap_pwd_policy equals to shadow in sssd.conf file - Resolves: rhbz#2127822 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) - Resolves: rhbz#2111393 - authenticating against external IdP services okta (native app) with OAuth client secret failed- Related: rhbz#2132051 - Rebase Samba to the the latest 4.17.x release Rebuild against Samba rebase.- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8 - Resolves: rhbz#2119726 - sssctl analyze --logdir option requires sssd to be configured - Resolves: rhbz#2120669 - Incorrect request ID tracking from responder to backend- Resolves: rhbz#2116488 - virsh command will hang after the host run several auto test cases - Resolves: rhbz#2116486 - [regression] sssctl analyze fails to parse PAM related sssd logs - Resolves: rhbz#2116487 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2063016 - [sssd] RHEL 8.7 Tier 0 Localization- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2098620 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets - Resolves: rhbz#2098619 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file - Resolves: rhbz#2088817 - pam_sss_gss ceased to work after upgrade to 8.6 - Resolves: rhbz#2098616 - Add idp authentication indicator in man page of sssd.conf - Resolves: rhbz#2056035 - 'getent hosts' not return hosts if they have more than one CN in LDAP - Resolves: rhbz#2098615 - Regression "Missing internal domain data." when setting ad_domain to incorrect - Resolves: rhbz#2098617 - Harden kerberos ticket validation - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2026799 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options) - Resolves: rhbz#2033347 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file. - Resolves: rhbz#2056483 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2 - Resolves: rhbz#2062689 - [Improvement] Add user and group version of sss_nss_getorigbyname() - Resolves: rhbz#2065692 - [RHEL8] Ship new sub-package called sssd-idp into sssd - Resolves: rhbz#2072050 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop - Resolves: rhbz#2072931 - Use right sdap_domain in ad_domain_info_send - Resolves: rhbz#2087088 - sssd does not enforce smartcard auth for kde screen locker - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol - Resolves: rhbz#2087745 - 2FA prompting setting ineffective - Resolves: rhbz#2087746 - sssd fails GPO-based access if AD have setup with Japanese language- Resolves: rhbz#2039892 - 2.6.2 regression: Daemon crashes when resolving AD user names - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#2035245 - AD Domain in the AD Forest Missing after sssd latest update - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files (additional patch)- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#1961182 - Passwordless (GSSAPI) SSH not working due to missing "includedir /var/lib/sss/pubconf/krb5.include.d" directive in /etc/krb5.conf - Resolves: rhbz#2008829 - sssd_be segfault due to empty forest root name - Resolves: rhbz#2012263 - pam responder does not call initgroups to refresh the user entry - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012327 - Groups are missing while performing id lookup as SSSD switching to offline mode due to the wrong domain name in the ldap-pings(netlogon). - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013259 - [RHEL8] Add tevent chain ID logic into responders - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Rebuild due to rhbz#2013596 - Rebase Samba to the the latest 4.15.x release- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#1968340 - 'exclude_groups' option provided in SSSD for session recording (tlog) doesn't work as expected - Resolves: rhbz#1952569 - SSSD should use "hidden" temporary file in its krb locator - Resolves: rhbz#1917970 - proxy provider: secondary group is showing in sssd cache after group is removed - Resolves: rhbz#1636002 - socket-activated services start as the sssd user and then are unable to read the confdb - Resolves: rhbz#2021196 - Make backtrace less "chatty" (avoid duplicate backtraces) - Resolves: rhbz#2018432 - 2.5.x based SSSD adds more AD domains than it should based on the configuration file (not trusted and from a different forest) - Resolves: rhbz#2015070 - Consistency in defaults between OpenSSH and SSSD - Resolves: rhbz#2013297 - disabled root ad domain causes subdomains to be marked offline - Resolves: rhbz#2013294 - Lookup with fully-qualified name does not work with 'cache_first = True' - Resolves: rhbz#2013218 - autofs lookups for unknown mounts are delayed for 50s - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013024 - Add support for CKM_RSA_PKCS in smart card authentication. - Resolves: rhbz#2013006 - [RFE] support subid ranges managed by FreeIPA - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012122 - tps tests fail with cross dependency on sssd debuginfo package: removal of 'sssd-libwbclient-debuginfo' is missing- Resolves: rhbz#1975169 - EMBARGOED CVE-2021-3621 sssd: shell command injection in sssctl [rhel-8] - Resolves: rhbz#1962042 - [sssd] RHEL 8.5 Tier 0 Localization- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1693379 - sssd_be and sss_cache too heavy on CPU - Resolves: rhbz#1909373 - Missing search index for `originalADgidNumber` - Resolves: rhbz#1954630 - [RFE] Improve debug messages by adding a unique tag for each request the backend is handling - Resolves: rhbz#1936891 - SSSD Error Msg Improvement: Bad address - Resolves: rhbz#1364596 - sssd still showing ipa user after removed from last group - Resolves: rhbz#1979404 - Changes made to /etc/pam.d/sssd-shadowutils are overwritten back to default on sssd-common package upgrade- Resolves: rhbz#1974257 - 'debug_microseconds' config option is broken - Resolves: rhbz#1936902 - SSSD Error Msg Improvement: Invalid argument - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm (additional patches and rebuild)- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1917444 - SSSD Error Msg Improvement: Server resolution failed: [2]: No such file or directory - Resolves: rhbz#1917511 - SSSD Error Msg Improvement: Failed to resolve server 'server.example.com': Error reading file - Resolves: rhbz#1917535 - sssd.conf man page: parameter dns_resolver_server_timeout and dns_resolver_op_timeout - Resolves: rhbz#1940509 - [RFE] Health and Support Analyzer: Link frontend to backend requests - Resolves: rhbz#1649464 - auto_private_groups not working as expected with posix ipa/ad trust - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1961215 - Invalid sssd-kcm return code if requested operation is not found - Resolves: rhbz#1837090 - SSSD fails nss_getby_name for IPA user with SID if the user has user private group - Resolves: rhbz#1879869 - sudo commands incorrectly exports the KRB5CCNAME environment variable - Resolves: rhbz#1962550 - sss_pac_make_request fails on systems joined to Active Directory. - Resolves: rhbz#1737489 - [RFE] SSSD should honor default Kerberos settings (keytab name) in /etc/krb5.conf- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1930535 - [abrt] [faf] sssd: monitor_service_shutdown(): /usr/sbin/sssd killed by 11 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1945888 - Inconsistant debug level for connection logging - Resolves: rhbz#1948657 - pam_sss_gss.so doesn't work with large kerberos tickets - Resolves: rhbz#1949149 - [RFE] Poor man's backtrace - Resolves: rhbz#1920500 - Authentication handshake (ldap_install_tls()) fails due to underlying openssl operation failing with EINTR - Resolves: rhbz#1923964 - [RFE] SSSD Error Msg Improvement: write_krb5info_file failed, authentication might fail. - Resolves: rhbz#1928648 - SSSD logs improvements: clarify which config option applies to each timeout in the logs - Resolves: rhbz#1632159 - sssd-kcm starts successfully for non existent socket_path - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm - Resolves: rhbz#1925505 - [RFE] improve the sssd refresh timers for SUDO queries - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1925561 - sssd-ldap(5) does not report how to disable the SUDO smart queries - Resolves: rhbz#1925621 - document impact of indices and of scope on performance of LDAP queries - Resolves: rhbz#1855320 - [RFE] RHEL8 sssd: inheritance of the case_sensitive parameter for subdomains. - Resolves: rhbz#1925608 - [RFE] make 'random_offset' addon to 'offline_timeout' option configurable - Resolves: rhbz#1447945 - man page / docs update required: if two certificate matching rules with the same priority match only one is used - Resolves: rhbz#1703436 - sssd not thread-safe in innetgr() - Resolves: rhbz#1713143 - SSSD does not translate the 2FA text labels("first factor" / "second factor") on GDM login and screensaver unlock screen - Resolves: rhbz#1888977 - sss_override: Usage limitations clarification in man page - Resolves: rhbz#1890177 - Clarify "single_prompt" option in "PROMPTING CONFIGURATION SECTION" section of sssd.conf man page - Resolves: rhbz#1902280 - fix sss_cache to also reset cached timestamp - Resolves: rhbz#1935683 - SSSD not detecting subdomain from AD forest (RHEL 8.3) - Resolves: rhbz#1937919 - IPA missing secondary IPA Posix groups in latest sssd 1.16.5-10.el7_9.7 - Resolves: rhbz#1944665 - No gpo found and ad_gpo_implicit_deny set to True still permits user login - Resolves: rhbz#1919942 - sss_override does not take precedence over override_homedir directive- Resolves: rhbz#1926622 - Add support to verify authentication indicators in pam_sss_gss - Resolves: rhbz#1926454 - First smart refresh query contains modifyTimestamp even if the modifyTimestamp is 0. - Resolves: rhbz#1893159 - Default debug level should report all errors / failures (additional patch)- Resolves: rhbz#1920001 - Do not add '%' to group names already prefixed with '%' in IPA sudo rules - Resolves: rhbz#1918433 - sssd unable to lookup certmap rules - Resolves: rhbz#1917382 - [abrt] [faf] sssd: dp_client_handshake_timeout(): /usr/libexec/sssd/sssd_be killed by 11- Resolves: rhbz#1113639 - autofs: return a connection failure until maps have been fetched - Resolves: rhbz#1915395 - Memory leak in the simple access provider - Resolves: rhbz#1915319 - SSSD: SBUS: failures during servers startup - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication (additional patches)- Resolves: rhbz#1631410 - Can't login with smartcard with multiple certs having same ID value - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff (additional patches) - Resolves: rhbz#1893159 - Default debug level should report all errors / failures - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication- Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1876658 - filter_groups option partially filters the group from 'id' output of the user because gidNumber still appears in 'id' output [RHEL 8] - Resolves: rhbz#1895001 - User lookups over the InfoPipe responder fail intermittently- Resolves: rhbz#1900733 - sssd_be segfaults at be_refresh_get_values_ex() due to NULL ptrs in results of sysdb_search_with_ts_attr() - Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1894540 - sssd component logging is now too generic in syslog/journal - Resolves: rhbz#1828483 - filtered ID is appearing due to strange negative cache behavior- This is to bump version to allow rebuild against rebased libldb.- Resolves: rhbz#1881992 - Rebase SSSD for RHEL 8.4 - Resolves: rhbz#1722842 - sssd-kcm does not store TGT with ssh login using GSSAPI - Resolves: rhbz#1734040 - sssd crash in ad_get_account_domain_search() - Resolves: rhbz#1784459 - [RFE] tlog does not allow to exclude some users from session recording - Resolves: rhbz#1791300 - sporadic sssd_be crash on s390x - Resolves: rhbz#1817122 - 'getent group ldapgroupname' doesn't show any LDAP users or some LDAP users when 'rfc2307bis' schema is used with SSSD. - Resolves: rhbz#1819012 - [RFE] Improve AD site discovery process - Resolves: rhbz#1846778 - [RfE] `/usr/libexec/sssd/p11_child` cmdline argument '--nssdb' might be confusing when SSSD was built against OpenSSL - Resolves: rhbz#1873715 - automount sssd issue when 2 automount maps have the same key (one un uppercase, one in lowercase) - Resolves: rhbz#1879860 - correction in sssd.conf:pam_response_filter man page - Resolves: rhbz#1881336 - [RFE] sssd-ldap man page modification for parameter "ldap_referrals" - Resolves: rhbz#1883488 - [RfE] Implement a new sssd.conf option to disable the filter for AD domain local groups from trusted domains - Resolves: rhbz#1884196 - [RFE] Add "enabled" option to domain section in config file - Resolves: rhbz#1884205 - KCM: Increase client idle timeout to 5 minutes - Resolves: rhbz#1884207 - [RFE] ldap: add new option ldap_library_debug_level - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff - Resolves: rhbz#1884281 - Secondary LDAP group go missing from 'id' command - Resolves: rhbz#1884301 - [RFE] dyndns: suport asymmetric auth for nsupdate- Resolves: rhbz#1855323 - When ad_gpo_implicit_deny is True, it is permitting users to login when no gpo is applied- Resolves: rhbz#1868387 - system not enforcing GPO rule restriction. ad_gpo_implicit_deny = True is not working - Resolves: rhbz#1854951 - sss-certmap man page change to add clarification for userPrincipalName attribute from AD schema - Resolves: rhbz#1856861 - False errors/warnings are logged in sssd.log file after enabling 2FA prompting settings in sssd.conf - Resolves: rhbz#1869683 - p11_child: default value of ocsp_dgst == sha256 doesn't conform RFC5019 and has to be changed to sha1- Resolves: rhbz#1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command. - Resolves: rhbz#1780404 - smartcards: special characters must be escaped when building search filter- Resolves: rhbz#1820574 - [sssd] RHEL 8.3 Tier 0 Localization- Resolves: rhbz#1821719 - sssd (sssd_be) is consuming 100% CPU, partially due to failing mem-cache - Fixed "requires/provides" rpmdiff warning- Resolves: rhbz#1815584 - id_provider = proxy proxy_lib_name = files returns * in password field, breaking PAM authentication - Resolves: rhbz#1794607 - SSSD must be able to resolve membership involving root with files provider - Resolves: rhbz#1803134 - Improve "unlock" time when user session already active- Resolves: rhbz#1829470 - `sssd.api.conf` and `sssd.api.d` should belong to `python-sssdconfig` package - Resolves: rhbz#1544457 - sssd fails to release file descriptor on child logs after receiving HUP - Resolves: rhbz#1824323 - SSSD user filtering is failing on RHEL 8 after "files" provider rebuilds cache - Resolves: rhbz#1827432 - When the passwd or group files are replaced, sssd stops monitoring the file for inotify events, and no updates are triggered - Resolves: rhbz#1835710 - Change the message "Please enter smart card" to "Please insert smart card" on GDM login with smart-card - Resolves: rhbz#1838037 - Oddjob-mkhomedir fails when using NSS compat - Resolves: rhbz#1845904 - gdm smart card authentication does not work shortly after disconnecting from network. - Resolves: rhbz#1845975 - sssd doesn't follow the link order of AD Group Policy Management - Resolves: rhbz#1845980 - sssd is failing to discover other subdomains in the forest if LDAP entries do not contain AD forest root information - Resolves: rhbz#1845987 - Document how to prevent invalid selinux context for default home directories in SSSD-AD direct integration. - Resolves: rhbz#1845994 - GDM failure loop when no user mapped for smart card - Resolves: rhbz#1846003 - GDM password prompt when cert mapped to multiple users and promptusername is False - Resolves: rhbz#1850961 - /usr/share/systemtap/tapset/sssd_functions.stp missing a comma- Resolves: rhbz#Bug 1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command.- Resolves: rhbz#1839037 - Rebase SSSD for RHEL 8.3 - Resolves: rhbz#1843872 - sssd 2.3.0 breaks AD auth due to GPO parsing failure - Resolves: rhbz#1834156 - sssd or sssd-ad not updating their dependencies on "yum update" which breaks working- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate (additional patch)- Resolves: rhbz#1810634 - id command taking 1+ minute for returning user information- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate- Resolves: rhbz#1718193 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly- Resolves: rhbz#1792331 - sssd_be crashes when krb5_realm and krb5_server is omitted and auth_provider is krb5- Resolves: rhbz#1754996 - [sssd] Tier 0 Localization- Resolves: rhbz#1767514 - sssd requires timed sudoers ldap entries to be specified up to the seconds- Resolves: rhbz#1713368 - Add sssd-dbus package as a dependency of sssd-tools* Resolves: rhbz#1794016 - sssd_be frequent crash* Resolves: rhbz#1762415 - Force LDAPS over 636 with AD Access Provider* Resolves: rhbz#1583592 - [RFE] Add configurable randomness to SSSD ldap connection timeout* Resolves: rhbz#1783190 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/sssd_autofs killed by 6* Resolves: rhbz#1785214 - server/be: SIGTERM handling is incorrect* Resolves: rhbz#1785193 - Watchdog implementation or usage is incorrect* Resolves: rhbz#1704199 - pcscd rejecting sssd ldap_child as unauthorized* Resolves: rhbz#1744500 - [Doc]Provide explanation on escape character for match rules sss-certmap* Resolves: rhbz#1781728 - sssctl config-check command does not give proper error messages with line numbers* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release Increasing version number to pick latest libldb* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release PART2: Fix gating issue.* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release- Resolves: rhbz#1712875 - Old kerberos credentials active instead of valid new ones (kcm)- Resolves: rhbz#1744134 - New defect found in sssd-2.2.0-16.el8 - Also sync. kcm multihost tests with master- Resolves: rhbz#1676385 - pam_sss with smartcard auth does not create gnome keyring - Also apply a patch to fix gating tests issue- Resolves: rhbz#1736861 - dyndns_update = True is no longer enough to get the IP address of the machine updated in IPA upon sssd.service startup- Resolves: rhbz#1736265 - Smart Card auth of local user: endless loop if wrong PIN was provided- Resolves: rhbz#1736796 - sssd config option "default_domain_suffix" should not cause files domain entries to be qualified, this can break sudo access- Resolves: rhbz#1669407 - MAN: Document that PAM stack contains the systemd-user service in the account phase in RHEL-8- Resolves: rhbz#1448094 - sssd-kcm cannot handle big tickets- Resolves: rhbz#1733372 - permission denied on logs when running sssd as non-root user- Resolves: rhbz#1736483 - Sudo prompt for smart card authentication is missing the trailing colon- Resolves: rhbz#1382750 - Conflicting default timeout values- Resolves: rhbz#1699480 - Include libsss_nss_idmap-devel in the Builder repository - This just required a raise in release number and changelog for the record.- Resolves: rhbz#1711318 - p11_child::sign_data() function implementation is not FIPS140 compliant- Resolves: rhbz#1726945 - negative cache does not use values from 'filter_users' config option for known domains- Resolves: rhbz#1729055 - sssd does not pass correct rules to sudo- Resolves: rhbz#1283798 - sssd failover does not work on connecting to non-responsive ldaps:// server- Resolves: rhbz#1725168 - sssd-proxy crashes resolving groups with no members- Resolves: rhbz#1673443 - sssd man pages: The default value of "ldap_user_home_directory" is not mentioned with AD server configuration- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Replace ARRAY_SIZE with N_ELEMENTS to reflect samba changes. This is done here in order to unblock gating changes before rebase. - Related: rhbz#1682305- Resolves: rhbz#1672780 - gdm login not prompting for username when smart card maps to multiple users- Resolves: rhbz#1645291 - Perform some basic ccache initialization as part of gen_new to avoid a subsequent switch call failure-Resolves: rhbz#1659498 - Re-setting the trusted AD domain fails due to wrong subdomain service name being used-Resolves: rhbz#1660083 - extraAttributes is org.freedesktop.DBus.Error. UnknownProperty: Unknown property- Resolves: rhbz#1661183 - SSSD 2.0 has drastically lower sbus timeout than 1.x, this can result in time outs- Resolves: rhbz#1578014 - sssd does not work under non-root user - Note: Actually the patches were in the 2.0.0-37, this one just adds this changelog because it was missing.- Resolves: rhbz#1652563 - incorrect example in the man page of idmap_sss suggests using * for backend sss- Resolves: rhbz#1466503 - Snippets are not used when sssd.conf does not exist- Resolves: rhbz#1622008 - Error message when IPA server uninstall calls kdestroy caused by KCM returning a wrong error code during the delete operation- Resolves: rhbz#1646113 - Missing concise documentation about valid options for sssd-files-provider- Resolves: rhbz#1625670 - sssd needs to require a newer version of libtalloc and libtevent to avoid an issue in GPO processing- Resolves: 1658813 - PKINIT with KCM does not work- Resolves: 1657898 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust- Resolves: rhbz#1655459 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/proxy_child killed by 6- Resolves: rhbz#1652719 - [SECURITY] sssd returns '/' for emtpy home directories- Resolves: rhbz#1657979 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI- Resolves: rhbz#1657980 - sssd_nss memory leak- Resolves: rhbz#1645566 - SSSD 2.x does not sanitize domain name properly for D-bus, resulting in a crash- Resolves: rhbz#1646168 - sssctl access-report always prints an error message - Resolves: rhbz#1643053 - Restarting the sssd-kcm service should reload the configuration without having to restart the whole sssd - Resolves: rhbz#1640576 - sssctl reports incorrect information about local user's cache entry expiration time - Resolves: rhbz#1645238 - Unable to su to root when logged in as a local user - Resolves: rhbz#1639411 - sssd support for for smartcards using ECC keys- Resolves: rhbz#1642508 - sssd ifp crash when trying to access ipa webui with smart card- Resolves: rhbz#1642372 - SSSD Python getgrouplist API was removed but required for IPA- Related: rhbz#1638150 - session not recording for local user when groups defined - Also add silence a Coverity warning, which is related to rhbz#1637131- Related: rhbz#1637513 - sssd crashes when refreshing expired sudo rules- Add OSCP checks for p11_child - Related: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Related: rhbz#1638006 - Files: The files provider always enumerates which causes duplicate when running getent passwd- Related: rhbz#1637131 - pam_unix unable to match fully qualified username provided by sssd during smartcard auth using gdm- Related: rhbz#1620123 - [RFE] Add option to specify a Smartcard with a PKCS#11 URI- Related: rhbz#1611011 - Support for "require smartcard for login option"- Related: rhbz#1635595 - Cant login with smartcard with multiple certs- Backport more sbus2 fixes - Related: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1636397 - SSSD not fetching all sudo rules from AD- Resolves: rhbz#1628122 - Printing incorrect information about domain with sssctl utility- Resolves: rhbz#1626001 - SSSD should log to syslog if a domain is not started due to a misconfiguration- Resolves: rhbz#1624785 - Remove references of sss_user/group/add/del commands in man pages since local provider is deprecated- Resolves: rhbz#1628126 - [abrt] [faf] sssd: unknown function(): /usr/libexec/sssd/sssd_be killed by 11 crash func _dbus_list_unlink- Resolves: rhbz#1628503 - sssd only sets the SELinux login context if it differs from the default- Resolves: rhbz#1625842 id_provider= local causes SSSD to abort startup- Resolves: rhbz#1615590 - Do not rely on "python" for el8- Resolves: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Resolves: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1622026 - sssd 2.0 regression: Kerberos authentication fails with the KCM ccache- Resolves: rhbz#1615460 - Rebase SSSD to the latest released version- Switch hardcoded python3 shebangs into the %{__python3} macro- Update to 1.16.2 release - Cleanup unused global definitions - Remove python2 references from the spec file - Resolves: rhbz#1585313 - Kerberos with sssd-kcm is not working on s390x- Resolves: upstream#3684 - A group is not updated if its member is removed with the cleanup task, but the group does not change - Resolves: upstream#3558 - sudo: report error when two rules share cn - Tone down shutdown messages for socket activated responders - IPA: Qualify the externalUser sudo attribute - Resolves: upstream#3550 - refresh_expired_interval does not work with netgrous in 1.15 - Resolves: upstream#3402 - Support alternative sources for the files provider - Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option - Resolves: upstream#3679 - Make nss netgroup requests more robust - Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not configured - Resolves: upstream#3469 - extend sss-certmap man page regarding priority processing - Improve docs/debug message about GC detection - Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound? - Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. - Document which principal does the AD provider use - Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs - Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM - Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Fatal]- Resolves: upstream#3573 - sssd won't show netgroups with blank domain - Resolves: upstream#3660 - confdb_expand_app_domains() always fails - Resolves: upstream#3658 - Application domain is not interpreted correctly - Resolves: upstream#3687 - KCM: Don't pass a non null terminated string to json_loads() - Resolves: upstream#3386 - KCM: Payload buffer is too small - Resolves: upstream#3666 - Fix usage of str.decode() in our tests - A few KCM misc fixes- New upstream release 1.16.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_1.html- Resolves: upstream#3621 - backport bug found by static analyzers- Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no specific host/hostgroup set - Resolves: upstream#3621 - FleetCommander integration must not require capability DAC_OVERRIDE- Resolves: upstream#3618 - selinux_child segfaults in a docker container- Resolves: rhbz#1431153 - sssd: libsss_proxy.so needs to be linked with -ldl- Fix systemd executions/requirements- Fix building on rawhide. Remove -Wl,-z,defs from LDFLAGS- Fix building of sssd-nfs-idmap with libnfsidmap.so.1- Rebuilt for libnfsidmap.so.1- Resolves: upstream#3523 - ABRT crash - /usr/libexec/sssd/sssd_nss in setnetgrent_result_timeout - Resolves: upstream#3588 - sssd_nss consumes more memory until restarted or machine swaps - Resolves: failure in glibc tests https://sourceware.org/bugzilla/show_bug.cgi?id=22530 - Resolves: upstream#3451 - When sssd is configured with id_provider proxy and auth_provider ldap, login fails if the LDAP server is not allowing anonymous binds - Resolves: upstream#3285 - SSSD needs restart after incorrect clock is corrected with AD - Resolves: upstream#3586 - Give a more detailed debug and system-log message if krb5_init_context() failed - Resolves: rhbz#1431153 - SSSD ships a drop-in configuration snippet in /etc/systemd/system - Backport few upstream features from 1.16.1- Resolves: rhbz#1494002 - sssd_nss crashed in cache_req_search_domains_next- Backport extended NSS API from upstream master branch- Resolves: upstream#3529 - sssd-kcm Fix restart during/after upgrade- New upstream release 1.16.0 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_0.html- Resolves: rhbz#1499354 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database access on the sock_file system_bus_socket- Resolves: rhbz#1488327 - SELinux is preventing selinux_child from write access on the sock_file system_bus_socket - Resolves: rhbz#1490402 - SSSD does not create /var/lib/sss/deskprofile and fails to download desktop profile data - Resolves: upstream#3485 - getsidbyid does not work with 1.15.3 - Resolves: upstream#3488 - SUDO doesn't work for IPA users on IPA clients after applying ID Views for them in IPA server - Resolves: upstream#3501 - Accessing IdM kerberos ticket fails while id mapping is applied- Backport few upstream patches/fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- New upstream release 1.15.3 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_3.html- Rebuild with libldb-1.2.0- Fix build issues: Update expided certificate in unit tests- Resolves: rhbz#1445680 - Properly fall back to local Smartcard authentication - Resolves: rhbz#1437199 - sssd-nfs-idmap-1.15.2-1.fc25.x86_64 conflicts with file from package sssd-common-1.15.1-1.fc25.x86_64 - Resolves: rhbz#1063278 - sss_ssh_knownhostsproxy doesn't fall back to ipv4- Fix issue with IPA + SELinux in containers - Resolves: upstream https://fedorahosted.org/sssd/ticket/3297- Backport upstream patches for 1.15.3 pre-release - required for building freeipa-4.5.x in rawhide- New upstream release 1.15.2 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_2.html- New upstream release 1.15.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_1.html- Cherry-pick patches from upstream that enable the files provider - Enable the files domain - Retire patch 0501-Partially-revert-CONFIG-Use-default-config-when-none.patch which is superseded by the files domain autoconfiguration - Related: rhbz#1357418 - SSSD fast cache for local users- Add missing %license macro- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- New upstream release 1.15.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.15.0- Rebuild for Python 3.6- Resolves: rhbz#1369130 - nss_sss should not link against libpthread - Resolves: rhbz#1392916 - sssd failes to start after update - Resolves: rhbz#1398789 - SELinux is preventing sssd from 'write' accesses on the directory /etc/sssd- New upstream release 1.14.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.2- libwbclient-sssd: update interface to version 0.13- Fix regression with krb5_map_user - Resolves: rhbz#1375552 - krb5_map_user doesn't seem effective anymore - Resolves: rhbz#1349286 - authconfig fails with SSSDConfig.NoDomainError: default if nonexistent domain is mentioned- Backport important patches from upstream 1.14.2 prerelease - Resolves: upstream #3154 - sssd exits if clock is adjusted backwards after boot - Resolves: upstream #3163 - resolving IPA nested user group is broken in 1.14- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.1- Add workaround patch for RHBZ #1366403- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0- New upstream release 1.14 beta - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0beta- New upstream release 1.14 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0alpha- Resolves: rhbz#1335639 - [abrt] sssd-dbus: ldb_msg_find_element(): sssd_ifp killed by SIGSEGV- Resolves: rhbz#1328108 - Protocol error with FreeIPA on CentOS 6- New upstream release 1.13.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.4- Resolves: rhbz#1276868 - Sudo PAM Login should support multiple password prompts (e.g. Password + Token) - Resolves: rhbz#1313041 - ssh with sssd proxy fails with "Connection closed by remote host" if locale not available- Resolves: rhbz#1310664 - [RFE] IPA: resolve external group memberships of IPA groups during getgrnam and getgrgid - Resolves: rhbz#1301303 - sss_obfuscate: SyntaxError: Missing parentheses in call to 'print'- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Additional upstream fixes- Resolves: rhbz#1256849 - SUDO: Support the IPA schema- New upstream release 1.13.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.3- New upstream release 1.13.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.2- Rebuilt for Python3.5 rebuild- Fix building pac responder with the krb5-1.14- python-sssdconfig: Fix parssing sssd.conf without config_file_version - Resolves: upstream #2837 - REGRESSION: ipa-client-automout failed- Fix few segfaults - Resolves: upstream #2811 - PAM responder crashed if user was not set - Resolves: upstream #2810 - sssd_be crashed in ipa_srv_ad_acct_lookup_step- New upstream release 1.13.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1- Fix OTP bug - Resolves: upstream #2729 - Do not send SSS_OTP if both factors were entered separately- Backport upstream patches required by FreeIPA 4.2.1- Fix ipa-migration bug - Resolves: upstream #2719 - IPA: returned unknown dp error code with disabled migration mode- New upstream release 1.13.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0- Unify return type of list_active_domains for python{2,3}- New upstream release 1.13 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0alpha- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- Fix libwbclient alternatives- Backport important patches from upstream 1.13 prerelease- New upstream release 1.12.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.5- Backport important patches from upstream 1.13 prerelease - Resolves: rhbz#1060325 - Does sssd-ad use the most suitable attribute for group name - Resolves: upstream #2335 - Investigate using the krb5 responder for driving the PAM conversation with OTPs - Enable cmocka tests for secondary architectures- Backport patches from upstream 1.12.5 prerelease - contains many fixes- Fix slow login with ipa and SELinux - Resolves: upstream #2624 - Only set the selinux context if the context differs from the local one- Fix regressions with ipa and SELinux - Resolves: upstream #2587 - With empty ipaselinuxusermapdefault security context on client is staff_u- Also relax libldb Requires - Remove --enable-ldb-version-check- Relax libldb BuildRequires to be greater-or-equal- Add support for python3 bindings - Add requirement to python3 or python3 bindings - Resolves: rhbz#1014594 - sssd: Support Python 3- New upstream release 1.12.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.4- Backport patches with Python3 support from upstream- Fix double free in monitor - Resolves: rhbz#1186887 [abrt] sssd-common: talloc_abort(): sssd killed by SIGABRT- Rebuild for new libldb- Decrease priority of sssd-libwbclient 20 -> 5 - It should be lower than priority of samba veriosn of libwbclient. - https://bugzilla.redhat.com/show_bug.cgi?id=1175511#c18- Apply a number of patches from upstream to fix issues found 1.12.3 - Resolves: rhbz#1176373 - dyndns_iface does not accept multiple interfaces, or isn't documented to be able to - Resolves: rhbz#988068 - getpwnam_r fails for non-existing users when sssd is not running - Resolves: upstream #2557 authentication failure with user from AD- Resolves: rhbz#1164156 - libsss_simpleifp should pull sssd-dbus - Resolves: rhbz#1179379 - gzip: stdin: file size changed while zipping when rotating logfile- New upstream release 1.12.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.3 - Fix spelling errors in description (fedpkg lint)- Rebuild for libldb 1.1.19- Resolves: rhbz#1175511 - sssd-libwbclient conflicts with Samba's and causes crash in wbinfo - in addition to the patch libwbclient.so is filtered out of the Provides list of the package- Fix regressions and bugs in sssd upstream 1.12.2 - https://fedorahosted.org/sssd/ticket/{id} - Regressions: #2471, #2475, #2483, #2487, #2529, #2535 - Bugs: #2287, #2445- Rebuild for libldb 1.1.18- Fix typo in libwbclient-devel %preun- Use alternatives for libwbclient- Backport several patches from upstream. - Fix a potential crash against old (pre-4.0) IPA servers- New upstream release 1.12.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.2- Resolves: rhbz#1139962 - Fedora 21, FreeIPA 4.0.2: sssd does not find user private group from server- New upstream release 1.12.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.1- Do not crash on resolving a group SID in IPA server mode- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Fix release version for upgrades- New upstream release 1.12.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- New upstream release 1.12 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta2- Fix tests on big-endian - Fix previous changelog entry- New upstream release 1.12 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta1- Rebuild against new ding-libs- Make LDB dependency a strict equivalency- Rebuild against new libldb- New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1- Fix bug in generation of systemd unit file- New upstream release 1.11.5 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5- Handle new error code for IPA password migration- Include couple of patches from upstream 1.11 branch- New upstream release 1.11.4 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.4- Handle OTP response from FreeIPA server gracefully- New upstream release 1.11.3 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.3- New upstream release 1.11.2 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.2- Fix potential crash with external groups in trusted IPA-AD setup- Add plugin for cifs-utils - Resolves: rhbz#998544- Fix failover from Global Catalog to LDAP in case GC is not available- Remove the ability to create public ccachedir (#1015089)- New upstream release 1.11.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1- Fix multicast checks in the SSSD - Resolves: rhbz#1007475 - The multicast check is wrong in the sudo source code getting the host info- Backport simplification of ccache management from 1.11.1 - Resolves: rhbz#1010553 - sssd setting KRB5CCNAME=(null) on login- New upstream release 1.11.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0- Resolves: #967012 - [abrt] sssd-1.9.5-1.fc18: sss_mmap_cache_gr_invalidate_gid: Process /usr/libexec/sssd/sssd_nss was killed by signal 11 (SIGSEGV) - Resolves: #996214 - sssd proxy_child segfault- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Resolves: #906427 - Do not use %{_lib} in specfile for the nss and pam libraries- New upstream release 1.11 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0beta2- New upstream release 1.10.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.1- sssd-tools should require sssd-common, not sssd- Move sssd_pac to the sssd-ipa and sssd-ad subpackages - Trim out RHEL5-specific macros since we don't build on RHEL 5 - Trim out macros for Fedora older than F18 - Update libldb requirement to 1.1.16 - Trim RPM changelog down to the last year- Move sssd_pac to the sssd-krb5 subpackage- Fix Obsoletes: to account for dist tag - Convert post and pre scripts to run on the sssd-common subpackage - Remove old conversion from SYSV- New upstream release 1.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0- the cmocka toolkit exists only on selected arches- Apply a number of patches from upstream to fix issues found post-beta, in particular: -- segfault with a high DEBUG level -- Fix IPA password migration (upstream #1873) -- Fix fail over when retrying SRV resolution (upstream #1886)- Only BuildRequire libcmocka on Fedora- Fix typo in Requires that prevented an upgrade (#973916) - Use a hardcoded version in Conflicts, not less-than-current- Enable hardened build for RHEL7- New upstream release 1.10 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2 - BuildRequire libcmocka-devel in order to run all upstream tests during build - BuildRequire libnl3 instead of libnl1 - No longer BuildRequire initscripts, we no longer use /sbin/service - Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any older krb5-libs version- Apply a couple of patches from upstream git that resolve crashes when ID mapping object was not initialized properly but needed later- Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during realm join - Resolves: rhbz#961278 - Login failure: Enterprise Principal enabled by default for AD Provider - Resolves: rhbz#961251 - sssd does not create user's krb5 ccache dir/file parent directory when logging in- BuildRequire recent libini_config to ensure consistent behaviour- Explicitly Require libini_config >= 1.0.0.1 to work around a SONAME bug in ding-libs - Fix SSH integration with fully-qualified domains - Add the ability to dynamically discover the NetBIOS name- New upstream release 1.10 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta1- Add a patch to fix krb5 ccache creation issue with krb5 1.11- New upstream release 1.10 alpha1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0alpha1- Add a patch to fix krb5 unit tests- Split internal helper libraries into a shared object - Significantly reduce disk-space usage- Fix the Kerberos password expiration warning (#912223)- Do not write out dots in the domain-realm mapping file (#905650)- Include upstream patch to build with krb5-1.11- Rebuild against new libldb- Fix build with new automake versions- Recreate Kerberos ccache directory if it's missing - Resolves: rhbz#853558 - [sssd[krb5_child[PID]]]: Credential cache directory /run/user/UID/ccdir does not exist- Fix changelog dates to make F19 rpmbuild happy- New upstream release 1.9.4- New upstream release 1.9.3- Resolve groups from AD correctly- Check the validity of naming context- Move the sss_cache tool to the main package- Include the 1.9.2 tarball- New upstream release 1.9.2- New upstream release 1.9.1- require the latest libldb- Use mcpath insted of mcachepath macro to be consistent with upsteam spec file- New upstream release 1.9.0- New upstream release 1.9.0 rc1- New upstream release 1.9.0 beta7 - obsoletes patches #1-#3- Rebuild against libldb 1.12- Rebuild against libldb 1.11- Change the default ccache location to DIR:/run/user/${UID}/krb5cc and patch man page accordingly - Resolves: rhbz#851304- Rebuild against libldb 1.10- Only create the SELinux login file if there are SELinux mappings on the IPA server- Don't discard HBAC rule processing result if SELinux is on Resolves: rhbz#846792 (CVE-2012-3462)- New upstream release 1.9.0 beta 6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta6 - A new option, override_shell was added. If this option is set, all users managed by SSSD will have their shell set to its value. - Fixes for the support for setting default SELinux user context from FreeIPA. - Fixed a regression introduced in beta 5 that broke LDAP SASL binds - The SSSD supports the concept of a Primary Server and a Back Up Server in failover - A new command-line tool sss_seed is available to help prime the cache with a user record when deploying a new machine - SSSD is now able to discover and save the domain-realm mappings between an IPA server and a trusted Active Directory server. - Packaging changes to fix ldconfig usage in subpackages (#843995) - Rebuild against libldb 1.1.9- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- New upstream release 1.9.0 beta 5 - Obsoletes the patch for missing DP_OPTION_TERMINATOR in AD provider options - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta5 - Many fixes for the support for setting default SELinux user context from FreeIPA, most notably fixed the specificity evaluation - Fixed an incorrect default in the krb5_canonicalize option of the AD provider which was preventing password change operation - The shadowLastChange attribute value is now correctly updated with the number of days since the Epoch, not seconds- Fix broken ARM build - Add missing DP_OPTION_TERMINATOR in AD provider options- Own several directories create during make install (#839782)- New upstream release 1.9.0 beta 4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta4 - Add a new AD provider to improve integration with Active Directory 2008 R2 or later servers - SUDO integration was completely rewritten. The new implementation works with multiple domains and uses an improved refresh mechanism to download only the necessary rules - The IPA authentication provider now supports subdomains - Fixed regression for setups that were setting default_tkt_enctypes manually by reverting a previous workaround.- New upstream release 1.9.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta3 - Add a new PAC responder for dealing with cross-realm Kerberos trusts - Terminate idle connections to the NSS and PAM responders- Switch unicode library from libunistring to Glib - Drop unnecessary explicit Requires on keyutils - Guarantee that versioned Requires include the correct architecture- Fix accidental disabling of the DIR cache support- New upstream release 1.9.0 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta2 - Add support for the Kerberos DIR cache for storing multiple TGTs automatically - Major performance enhancement when storing large groups in the cache - Major performance enhancement when performing initgroups() against Active Directory - SSSDConfig data file default locations can now be set during configure for easier packaging- Fix regression in endianness patch- Rebuild SSSD against ding-libs 0.3.0beta1 - Fix endianness bug in service map protocol- Fix several regressions since 1.5.x - Ensure that the RPM creates the /var/lib/sss/mc directory - Add support for Netscape password warning expiration control - Rebuild against libldb 1.1.6- New upstream release 1.9.0 beta 1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1 - Add native support for autofs to the IPA provider - Support for ID-mapping when connecting to Active Directory - Support for handling very large (> 1500 users) groups in Active Directory - Support for sub-domains (will be used for dealing with trust relationships) - Add a new fast in-memory cache to speed up lookups of cached data on repeated requests- New upstream release 1.8.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3 - Numerous manpage and translation updates - LDAP: Handle situations where the RootDSE isn't available anonymously - LDAP: Fix regression for users using non-standard LDAP attributes for user information- New upstream release 1.8.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.2 - Several fixes to case-insensitive domain functions - Fix for GSSAPI binds when the keytab contains unrelated principals - Fixed several segfaults - Workarounds added for LDAP servers with unreadable RootDSE - SSH knownhostproxy will no longer enter an infinite loop preventing login - The provided SYSV init script now starts SSSD earlier at startup and stops it later during shutdown - Assorted minor fixes for issues discovered by static analysis tools- Don't duplicate libsss_autofs.so in two packages - Set explicit package contents instead of globbing- Fix uninitialized value bug causing crashes throughout the code - Resolves: rhbz#804783 - [abrt] Segfault during LDAP 'services' lookup- New upstream release 1.8.1 - Resolve issue where we could enter an infinite loop trying to connect to an auth server - Fix serious issue with complex (3+ levels) nested groups - Fix netgroup support for case-insensitivity and aliases - Fix serious issue with lookup bundling resulting in requests never completing - IPA provider will now check the value of nsAccountLock during pam_acct_mgmt in addition to pam_authenticate - Fix several regressions in the proxy provider - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work- New upstream release 1.8.0 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental) - Include the IPA AutoFS provider - Fixed several memory-corruption bugs - Fixed a regression in group enumeration since 1.7.0 - Fixed a regression in the proxy provider - Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD - Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is logged at each login - Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process /usr/sbin/sssd was killed by signal 11 (SIGSEGV) - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - Resolves: rhbz#786957 - sssd and kerberos should change the default location for create the Credential Cashes to /run/usr/USERNAME/krb5cc- Change default kerberos credential cache location to /run/user/- New upstream release 1.8.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3 - Fixed a regression in group enumeration since 1.7.0 - Fixed several memory-corruption bugs - Finalized the ABI for the autofs support - Fixed a regression in the proxy provider- Rebuild against PCRE 8.30- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2 - Fix two minor manpage bugs - Include the IPA AutoFS provider- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental)- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - fix netgroups and sudo as well- Fixes a serious memory hierarchy bug causing unpredictable behavior in the LDAP provider.- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- New upstream release 1.7.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0 - Support for case-insensitive domains - Support for multiple search bases in the LDAP provider - Support for the native FreeIPA netgroup implementation - Reliability improvements to the process monitor - New DEBUG facility with more consistent log levels - New tool to change debug log levels without restarting SSSD - SSSD will now disconnect from LDAP server when idle - FreeIPA HBAC rules can choose to ignore srchost options for significant performance gains - Assorted performance improvements in the LDAP provider- New upstream release 1.6.4 - Rolls up previous patches applied to the 1.6.3 tarball - Fixes a rare issue causing crashes in the failover logic - Fixes an issue where SSSD would return the wrong PAM error code for users that it does not recognize.- Rebuild against libldb 1.1.4- Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the username in getpwnam() - Resolves: rhbz#758425 - LDAP failover not working if server refuses connections- Rebuild for libldb 1.1.3- Resolves: rhbz#752495 - Crash when apply settings- New upstream release 1.6.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3 - Fixes a major cache performance issue introduced in 1.6.2 - Fixes a potential infinite-loop with certain LDAP layouts- Rebuilt for glibc bug#747377- Change selinux policy requirement to Conflicts: with the old version, rather than Requires: the supported version.- Add explicit requirement on selinux-policy version to address new SBUS symlinks.- Remove %files reference to sss_debuglevel copied from wrong upstreeam spec file.- Improved handling of users and groups with multi-valued name attributes (aliases) - Performance enhancements Initgroups on RFC2307bis/FreeIPA HBAC rule processing - Improved process-hang detection and restarting - Enabled the midpoint cache refresh by default (fewer cache misses on commonly-used entries) - Cleaned up the example configuration - New tool to change debug level on the fly- New upstream release 1.6.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.1 - Fixes a serious issue with LDAP connections when the communication is dropped (e.g. VPN disconnection, waking from sleep) - SSSD is now less strict when dealing with users/groups with multiple names when a definitive primary name cannot be determined - The LDAP provider will no longer attempt to canonicalize by default when using SASL. An option to re-enable this has been provided. - Fixes for non-standard LDAP attribute names (e.g. those used by Active Directory) - Three HBAC regressions have been fixed. - Fix for an infinite loop in the deref code- Build with _hardened_build macro- New upstream release 1.6.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.0 - Add host access control support for LDAP (similar to pam_host_attr) - Finer-grained control on principals used with Kerberos (such as for FAST or - validation) - Added a new tool sss_cache to allow selective expiring of cached entries - Added support for LDAP DEREF and ASQ controls - Added access control features for Novell Directory Server - FreeIPA dynamic DNS update now checks first to see if an update is needed - Complete rewrite of the HBAC library - New libraries: libipa_hbac and libipa_hbac-python- New upstream release 1.5.11 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.11 - Fix a serious regression that prevented SSSD from working with ldaps:// URIs - IPA Provider: Fix a bug with dynamic DNS that resulted in the wrong IPv6 - address being saved to the AAAA record- New upstream release 1.5.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.10 - Fixed a regression introduced in 1.5.9 that could result in blocking calls - to LDAP- New upstream release 1.5.9 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.9 - Support for overriding home directory, shell and primary GID locally - Properly honor TTL values from SRV record lookups - Support non-POSIX groups in nested group chains (for RFC2307bis LDAP - servers) - Properly escape IPv6 addresses in the failover code - Do not crash if inotify fails (e.g. resource exhaustion) - Don't add multiple TGT renewal callbacks (too many log messages)- New upstream release 1.5.8 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.8 - Support for the LDAP paging control - Support for multiple DNS servers for name resolution - Fixes for several group membership bugs - Fixes for rare crash bugs- Resolves: rhbz#706740 - Orphaned links on rc0.d-rc6.d - Make sure to properly convert to systemd if upgrading from newer - updates for Fedora 14- Fix segfault in TGT renewal- Resolves: rhbz#700891 - CVE-2011-1758 sssd: automatic TGT renewal overwrites - cached password with predicatable filename- Re-add manpage translations- New upstream release 1.5.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.6 - Fixed a serious memory leak in the memberOf plugin - Fixed a regression with the negative cache that caused it to be essentially - nonfunctional - Fixed an issue where the user's full name would sometimes be removed from - the cache - Fixed an issue with password changes in the kerberos provider not working - with kpasswd- Resolves: rhbz#697057 - kpasswd fails when using sssd and - kadmin server != kdc server - Upgrades from SysV should now maintain enabled/disabled status- Fix %postun- Fix systemd conversion. Upgrades from SysV to systemd weren't properly - enabling the systemd service. - Fix a serious memory leak in the memberOf plugin - Fix an issue where the user's full name would sometimes be removed - from the cache- Install systemd unit file instead of sysv init script- New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist- New upstream release 1.5.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.4 - Fixes for Active Directory when not all users and groups have POSIX attributes - Fixes for handling users and groups that have name aliases (aliases are ignored) - Fix group memberships after initgroups in the IPA provider- Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication- New upstream release 1.5.3 - Support for libldb >= 1.0.0- New upstream release 1.5.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2 - Fixes for support of FreeIPA v2 - Fixes for failover if DNS entries change - Improved sss_obfuscate tool with better interactive mode - Fix several crash bugs - Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this - Delete users from the local cache if initgroups calls return 'no such user' - (previously only worked for getpwnam/getpwuid) - Use new Transifex.net translations - Better support for automatic TGT renewal (now survives restart) - Netgroup fixes- Rebuild sssd against libldb 1.0.2 so the memberof module loads again. - Related: rhbz#677425- Resolves: rhbz#677768 - name service caches names, so id command shows - recently deleted users- Ensure that SSSD builds against libldb-1.0.0 on F15 and later - Remove .la for memberOf- Fix memberOf install path- Add support for libldb 1.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix nested group member filter sanitization for RFC2307bis - Put translated tool manpages into the sssd-tools subpackage- Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during - rpmbuild- New upstream release 1.5.1 - Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins - Vast performance improvements when enumerate = true - All PAM actions will now perform a forced initgroups lookup instead of just - a user information lookup - This guarantees that all group information is available to other - providers, such as the simple provider. - For backwards-compatibility, DNS lookups will also fall back to trying the - SSSD domain name as a DNS discovery domain. - Support for more password expiration policies in LDAP - 389 Directory Server - FreeIPA - ActiveDirectory - Support for ldap_tls_{cert,key,cipher_suite} config options -Assorted bugfixes- CVE-2010-4341 - DoS in sssd PAM responder can prevent logins- New upstream release 1.5.0 - Fixed issues with LDAP search filters that needed to be escaped - Add Kerberos FAST support on platforms that support it - Reduced verbosity of PAM_TEXT_INFO messages for cached credentials - Added a Kerberos access provider to honor .k5login - Addressed several thread-safety issues in the sss_client code - Improved support for delayed online Kerberos auth - Significantly reduced time between connecting to the network/VPN and - acquiring a TGT - Added feature for automatic Kerberos ticket renewal - Provides the kerberos ticket for long-lived processes or cron jobs - even when the user logs out - Added several new features to the LDAP access provider - Support for 'shadow' access control - Support for authorizedService access control - Ability to mix-and-match LDAP access control features - Added an option for a separate password-change LDAP server for those - platforms where LDAP referrals are not supported - Added support for manpage translations- Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade- Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf- New upstream release 1.4.1 - Add support for netgroups to the proxy provider - Fixes a minor bug with UIDs/GIDs >= 2^31 - Fixes a segfault in the kerberos provider - Fixes a segfault in the NSS responder if a data provider crashes - Correctly use sdap_netgroup_search_base- Fix incorrect tarball URL- New upstream release 1.4.0 - Added support for netgroups to the LDAP provider - Performance improvements made to group processing of RFC2307 LDAP servers - Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin - Build-system improvements to support Gentoo - Split out several libraries into the ding-libs tarball - Manpage reviewed and updated- Fix pre and post script requirements- Resolves: rhbz#606887 - sssd stops on upgrade- Resolves: rhbz#626205 - Unable to unlock screen- Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but - doesn't require it- Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib- Resolves: CVE-2010-2940 - sssd allows null password entry to authenticate - against LDAP- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- New upstream version 1.2.91 (1.3.0rc1) - Improved LDAP failover - Synchronous sysdb API (provides performance enhancements) - Better online reconnection detection- New stable upstream version 1.2.1 - Resolves: rhbz#595529 - spec file should eschew %define in favor of - %global - Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd service - to fail while restart. - Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel - keyring - Resolves: rhbz#599724 - sssd is broken on Rawhide- New stable upstream version 1.2.0 - Support ServiceGroups for FreeIPA v2 HBAC rules - Fix long-standing issue with auth_provider = proxy - Better logging for TLS issues in LDAP- New LDAP access provider allows for filtering user access by LDAP attribute - Reduced default timeout for detecting offline status with LDAP - GSSAPI ticket lifetime made configurable - Better offline->online transition support in Kerberos- Release new upstream version 1.1.91 - Enhancements when using SSSD with FreeIPA v2 - Support for deferred kinit - Support for DNS SRV records for failover- Bump up release number to avoid library sub-packages version issues with previous releases.- New upstream release 1.1.1 - Fixed the IPA provider (which was segfaulting at start) - Fixed a bug in the SSSDConfig API causing some options to revert to - their defaults - This impacted the Authconfig UI - Ensure that SASL binds to LDAP auto-retry when interrupted by a signal- Release SSSD 1.1.0 final - Fix two potential segfaults - Fix memory leak in monitor - Better error message for unusable confdb- Release candidate for SSSD 1.1 - Add simple access provider - Create subpackages for libcollection, libini_config, libdhash and librefarray - Support IPv6 - Support LDAP referrals - Fix cache issues - Better feedback from PAM when offline- Rebuild against new libtevent- Fix licenses in sources and on RPMs- Fix regression on 64-bit platforms- Fixes link error on platforms that do not do implicit linking - Fixes double-free segfault in PAM - Fixes double-free error in async resolver - Fixes support for TCP-based DNS lookups in async resolver - Fixes memory alignment issues on ARM processors - Manpage fixes- Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online - Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests - Several segfault bugfixes- Fix CVE-2010-0014- Patch SSSDConfig API to address - https://bugzilla.redhat.com/show_bug.cgi?id=549482- New upstream stable release 1.0.0- New upstream bugfix release 0.99.1- New upstream release 0.99.0- Fix segfault in sssd_pam when cache_credentials was enabled - Update the sample configuration - Fix upgrade issues caused by data provider service removal- Fix upgrade issues from old (pre-0.5.0) releases of SSSD- New upstream release 0.7.0- Fix missing file permissions for sssd-clients- Add SSSDConfig API - Update polish translation for 0.6.0 - Fix long timeout on ldap operation - Make dp requests more robust- Ensure that the configuration upgrade script always writes the config file with 0600 permissions - Eliminate an infinite loop in group enumerations- New upstream release 0.6.0- New upstream release 0.5.0- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in without a password. (Patch by Stephen Gallagher)- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Fix a couple of segfaults that may happen on reload- add missing configure check that broke stopping the daemon - also fix default config to add a missing required option- latest upstream release. - also add a patch that fixes debugging output (potential segfault)- release out of the official 0.3.2 tarball- bugfix release 0.3.2 - includes previous release patches - change permissions of the /etc/sssd/sssd.conf to 0600- Add last minute bug fixes, found in testing the package- Version 0.3.1 - includes previous release patches- Try to fix build adding automake as an explicit BuildRequire - Add also a couple of last minute patches from upstream- Version 0.3.0 - Provides file based configuration and lots of improvements- Version 0.2.1- Version 0.2.0- package git snapshot- fixed items found during review - added initscript- added sss_client- Small cleanup and fixes in the spec file- Initial release (based on version 0.1.0 upstream code)/bin/sh/bin/sh/sbin/ldconfig  !"#$%&'()*+,-./0esrurururusvsvsvsvukukukuk2.9.4-3.el82.9.4-3.el8     cifs-utilsidmap-plugin.build-id115b9edb2503b15002e07e4df4fabe48cf254e5755e606d314e05c9b34a4d54ca9fa4d42c5d88675c4a75c0db6f5f17157e2640f23d25275ea0a23769f571457629f64e54fac1ac424e0ee1a8e9d809e2ecc0e5c58a47da458a85580138d0c788fe181bfb36e5cfba933f8fd17a04c90318c732000a7bbb3d2cced805dd9d3bfabad66b256bdeec5c465fb6c05b4be593ea82b686f784ca8bf8227be48b0cifs-utilscifs_idmap_sss.sosssd_pac_plugin.sosssd_krb5_locator_plugin.solibnss_sss.so.2libsubid_sss.sopam_sss.sopam_sss_gss.sosssdmodulessssd_krb5_localauth_plugin.sosssd-clientCOPYINGCOPYING.LESSERsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gz/etc//etc/cifs-utils//usr/lib//usr/lib/.build-id//usr/lib/.build-id/11//usr/lib/.build-id/57//usr/lib/.build-id/75//usr/lib/.build-id/76//usr/lib/.build-id/9e//usr/lib/.build-id/a3//usr/lib/.build-id/bb//usr/lib/.build-id/fb//usr/lib64//usr/lib64/cifs-utils//usr/lib64/krb5/plugins/authdata//usr/lib64/krb5/plugins/libkrb5//usr/lib64/security//usr/lib64/sssd//usr/lib64/sssd/modules//usr/share/licenses//usr/share/licenses/sssd-client//usr/share/man/es/man8//usr/share/man/man8//usr/share/man/ru/man8//usr/share/man/sv/man8//usr/share/man/uk/man8/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnu directorycannot open `/builddir/build/BUILDROOT/sssd-2.9.4-3.el8.aarch64/etc/cifs-utils/idmap-plugin' (No such file or directory)ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5755e606d314e05c9b34a4d54ca9fa4d42c5d886, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9e2ecc0e5c58a47da458a85580138d0c788fe181, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=115b9edb2503b15002e07e4df4fabe48cf254e57, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=75c4a75c0db6f5f17157e2640f23d25275ea0a23, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=769f571457629f64e54fac1ac424e0ee1a8e9d80, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fb6c05b4be593ea82b686f784ca8bf8227be48b0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a3bfb36e5cfba933f8fd17a04c90318c732000a7, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=bbb3d2cced805dd9d3bfabad66b256bdeec5c465, strippedASCII texttroff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix) "*4?  RRRRR RRRR RR!RRR R RRR R RR!RR R RR!PPRR R R RR!PPRR R R RR!RRRRR R RR RR!RRRRR R RR R RR!RRR R RRR R RR!utf-8528f44d6ae9dd84026cd2bcd379d97c0da68284bdd62d7e400a23a20bba51ade?7zXZ !#,縋] b2u jӫ`(y0w١S"U'LOw>}=~9شnɇzvPdBSaJ D`7 (E  QMs#Zۦ#v(P1?v~UUhȰ>棶H q%v χH>cR >[U.S͒^}v}O ߿X0:6RJFN=Eހ"j)3-\vל=t l0]Niuq6u {8Rșo~U- ~J [kwAС3ƹVv]A~QMMvW:<9|YU=ݟuk֛FF.{SkEXownxbZ}j S/lG(D.ৡ?AC>4l-cᡫ`[``&9"~x#YÛ^_scdM9g^E/tymxf ӦHͻ5;?*؟L.\ukS oAXpGu6=+%ٷ /9 0m9I^y}FFWf6z8lUof+pa@EE@P2My.f# TbVq+1;m^v7>ڷ.,Йk ׾e G|yc4y.SF%}f2EQa\aed?5~@f,@h۵&T#'j Cyj*TAKzҚ+--!t3+ b^5Вc= wE|@јUVFW>o7M[YtBЗsS9BTȽ\@-Ѱ8c++Hƛ>x?7Q@[ ƽ`Z!Q0yaOӵ?k(= j0YBDS2sNlznd@], -1+ICAe͑Zzg24" _J”@<&ic %B-yfcl% У}ZyC\%9:v:ςٷJPҫ~-:Ruzǯ [+70 )ہ,?d4lʈ[X€QǫI6Ec0?Xٻ^Y LO*PGfƒq后lOV2x^AU6 g?֌!Rf5S1")\{=45onUuST^OickҵX9j\Z͛qАjuk)Q@d=2a~AfU3ƽOVt]}O2")H(?ndS$ O8"T'u /V ]>QFi}Svp6<e.DTٺ= |6,Rp@{}=(kQ `?k#t%-ǿԄSʭ>Xm3B;N "@Ή/2H6"_mjHVųѠ!O;\Y٤5$k 0mB(Kڔ%'jܪ!=3O6K85nLJPDW2pƀ,dLnOzᆨZ"ob'D$5I!*G-@LԝUg",s8Je{R9鄯$%*e'lⶪ}cn:.Ƨcg˽H95:uHвlzHL2ku]rUWrp7 ճ%&&7Aij:[!# 2=3.xqK}2Q0/Ԋ"=*gU~atA u@"×w%[fD*^t#"E], gCʹQP7@p5G$9t(B?Q1٫9'|̗zWgsMm%aV1iuy1Zukט*/wlV3;;gUj!.֑hu#kVgqi)˝>Erg.N=ĐJޣrgxu(V?? bj).SGncRrL1:Pu+h}r7u]$TeַVa'ĀCe]\yEG?D=0cP9uZ%F t&1k ?z:ߟl}[X6UT ,/Lkȅx+=.=m)[w51F`u~D2=CYAr->,Ǥ tYn^DG Þ\Ih6 pI N,#:Sq͠tdnՎMG.|RΜ:*Lxty|׾^CPkGwլM dd PsHJxЃ&@sy5 '"2Δ.7[Vv #BsCYN d+zlRj/>:vfZiQĠ9t6 Ar;OBsLh1\V^l?׽\<1OЄ+ѠFcXyPFk 9-F 1Hv\ӊ" m^ VLoh?4lMWX,d!ZI}5'tDj`J~{qgJ6=gPp K#\p:/[TWs3ei &{F;8+"^E%CrN/5Jft=FSZ |aUp9Nǵq{[D*=fAz )Á0~\fi x#XJͰ0`c_Źŏb]`-'Em#+~Y?ֳDY8ԾMempd~XFWTN8޹[4sFgFAؑ2i1L)RKwV,2A2r"~4w:ÑF}O#89ĦvGqaB8L,O4 Xi9v JbթAm GeAOq\2ܪJxj{?4Gp& ƹyFڟ.0$V P:}tVNƊ,()7IC&X}8N+fboEq8yJ[7[+ch q@PB&Vy\D vQSY%j> }ss"j6mYJ9aӲ^;5^ 2]%#WޚPLcU{T0^ݶ⤸u!Ċp1&7]Z1jMw3 ך#Jln!67#v\8gKQb'&IhS3c:Za Dc\J}F+~;Nz.] uƯm=ٽ"&烳x۫ws* ͡iNuYdE1Z8SKF`^80I] g &cOwf$%d|r )/H(Ÿ6%l} j,}!}Qzj<%e oLPRkiRǼ3GctI<N{cG#O\عbܗΤIs, zvptly?Mw?~>eɒk`͹M2;nz5(Z%3dcŮԕ~< 9t8Oؤg]jG&) Ƕ^m0Bކ0 ڑhe;0O|N# ~%fHV ~j $ao~558+?j yG"sRH,Cf|SIK;m`20ĦjY$K;ʎVv|6qv h~f-\SJ+qQ[ l`V '."M!)'C\5b?=n3P ^Y@,<˅t8dn礮>&ZyUi2w$i`]p`JcP_%gS; g9M;1Bn/<?" fv~rm!O}WNTM7 %a/=kTnDBBǔ6]mZ60m,XB TTg7<%e/" SpP־wV@ĞgIu`]5 sv8rVƨzQŏv Q=3l2BZYֶDפm2Hhr&$pK@.OU"\k 8 5MϴA r/4Q{@kTd.yr&Yq P6%UTވ 8aZ~CrE۲e7p~zQADžD0KNF])3eS|o;U.R?yմB@#߱s#꤈A/C9*MnQ/Ѐrz4's8Iqh꒞oڗ](LOQm+d_a {  qOY N̲@7y'j$;f5;8#lEC  }Sk t*3 Jp &3@qudkOWJ =sͧ=]y%G]Y4ڋ+8$Qj]9:()29)ܷc`F;\HNJ+?4ɪ(+8sg~wlsΗ?e)u:cws))YYSx[}%z{ͽ-4q@oRH*z,MWu z#\e8(2(Öp{zJ^Jb<3&ʣe쵍$:ҏJ#aLl!a~@{_]*1Y:Nj_}L޹*{1Y6< f7R>1(UH%s<fR?tjhszE c䪴v*ƞs2xg d%}4_Z(4IMA*hϼ|d>v{#"k*2&l7 ewKqYL.{\g >b#+\ b_uVxgW,H]9ZIũfebSz'١$UnD]`*s {CV1IzAڰZm=umtc?]PwfaG%G! ="`,C8iGO.d%B+!ߖ,m2HPl4ʕ1!sj:LY5Y ~p؎5uYc-nt1w@qASE&9ҖЈZ&T7.p˔[U@d N={ٴO!^iX:VZ ט7# _FMSp 8Z-WA)\?n{uVpzZоWZ6 - %%8: LK^lYiv<&Ky;QrwzW<ʫMln@Y&VyE6Ş0/qa=-'#puQ/d~5j];r'k3noE /n5ؤ.*bz-Y!(ḹmhZ({Ldnm1!E*@jMml!.ۙ095eur')-Poĩ~Qdg`Gw0gN˹˂P򢛺@5QzWR =+Cf ᥈,|3{*w$JEtlDQ! ?Ê-%hrd;R >B}?E%Aps:O199!ܭ;#ȴF,D<_kvZ$SVz*|#$;6u("nvaZɉ`}k L 6>&migϽ+j6O,QG^_u43R4t5lYKs-jW7xwxǺ Gx{á&]>uk:f< jvT$K׻2N"F2@3/ gO1_|8]u4g3^6~\gJu)g!] ?e#2;uȝe=3nJ4Y}q[.75!w!`9hZVkG`697Y4EN"g@E{͢['0}†Z%y:@/u4n) +i (^PQUL_V %}6+B9Jl%ԓM-?x^SR?Daf+S8 Sn;NXko x$ٻ7&̓]!G9`mb5k zVpCz!;M߾4/e%hns4A8қ}h"y iYx㥣~^غxp#xU9,zR#lJMҴ򸱼N-0Su7W$N3V+|e0 _rflsX5蛀wf5԰5љT6EtNٱ@c91 b[oK=E7 h=+\.irayl]eŬC=(%YWYJJ+@t 5?٘7eΜ7?Dȗ %6X!vp \kKѝsR; ?sΝ%}`5^x/U ,T1H$gGl|HփL!|+7nP,X5yy:݂qkؽP1-mg ܟʓM9(nl\,7E+64dY˛黊A"HBp|!8U.ԯ;)>x˲5`'s(T9UP?mtCe#1hվva;AIA:|Bnγ~GU.̲D^05~=`B'*noʅ43,hFn(nsp)0Vbl0i,CƳb2s?cM,0ݝ[.UA$D 0άHWSř#5$ dMRв|LmT@ڲTg|nNd+yMfN%"kvh0TsMQMTؽ ;d **5K:YҾb5(0Uf4TGtV-*RӃ&ƙݱ~8PaX9ؙٱe~9TS^s8VrNIHm/V/8?/$9{L: rVnxm=mQ<|Կ)]5綠O+quEMŹ%2z(?F8ClDRBGWXK\e(zFV6lD:ylBSPK)Y1i^Hm39d2cp`k*md?[H^@}E oA(DwHWuv (%aCJ)gN?4] )[$#$}pu=Rq 2V,GEޗѰ7Yq/yAuuБxKskD&ߞwGa1.㒫>kH]o(`#)F@.`/|_h<1E-'o9}M|Y6Yw t*j?U+ˀERaOUYr=S"@:T>u"8;Zذ0 uQE:3[:n^),qcfJ}9&x g;#GÒFVyaÄ́˃8MR5[dR'f|!QSM30!B'KS%jx{YօӊC[\pBk%JR17a7sL|7?ĵד_ [̓qF$zXfA*ɸQ)v;̿Ya-g!'q[[n:;]Fq,Ն?sſ]:R[ceXGxj$jrWYǛPC-po&L#Y^}{&mcfrt=Yn>YcYmXmaFjVES  |J =t 'ۚ M+bb) \gf~plS߆~T(ZrvW gHϼmhq.Ne(Yp cゕrf9E] A !%14A3K8?z+>H4e.Mѷ8+h/dߍӹl'XI7e#!Iq-@ Œ3^yγ{&KTPG 0 ̗2l %ȯF@4LUF4H:k ɧcpXõ#,?٦VkgdĖh !.[4a>~M|2Qxo9 >2e`qvw]Dm% csn>%5mq4AKɩ'4X{5Mq,:|i:#j䆥G2Z:jžTqHM6bYc>tdԛ>gpN!,.$cQCQW|2>o: u)t\Eq$.*JA5ѓWsdA 06(ߔ548nA: u- X K ]M8&qȎOe娻7/ W|cM`g&燎)L/T,½o{1Fg| R1yj&V/uz`Ds*?cUgPݝv,T`G>8\ܶ8T¾oh ] ?yt9=T2du h%U2!lz;zcܮwk:q Sk74\^WWHș}+j*H)U~ \( R X!*)L+,Yƈ^43vbf^]&sjgapgn6}x( ޢ+Y92:U|F0]ʓ(m&iv\X$^PƉD1iTU aH)m /c>f^+`EȑiW3ܙ_bOc~ x3Uy0n6{4zGy2z'k.d eΆmdxr͟[|bC?m"R57Ab5υxOBl92䮄r&aAR6u[FG=Te{|~Th-[dUkg+ */ !:uM2w`ZՂ&Sfzɥk,2<B-@b lT:>xCR<]enA.k*t>.Ue}gГ,D췲:"DkUiHOqkZygtM9R`# `(u8:>v8gܛW FG%+;t`1arK:drYeXK#[nՆ%/|,T( AڏyQu"FX$<φلYc&(ȼF^bFuUzQY;ِ CVF&;,3}%lSi 2t; *F'w= I- >sO'EkqǑLC#4>W7,`*ND E{qX*q#WBULI6d ݠL谇 `xsև=M}x`~1OXod 0X˨ҺkeȺ%۷ߊ=`]nh',C /L_W|+QhU9Hy EmdpUn**oSŰ壒qWxbtJs/_ψPl"@:LKMC'rXͧ؜u[8{u `Zp!X"kŽGNn؊ 3zؘKz }U꼴i{J%ܪcwAEQ}p?@q7I=PXe~0xVjx"?g+E_@ ()ͮh$b(ƞe@un/]}Faa <*yؼ_hrQͨ?l4FP{.%5Y&JyK$ʭi| }YIP+ "DU23U,}e'gӐuF6kjYL(Wcح,onY.igv1jm?+Ћ5f%k׼l ُg6ΫѰg -#+\?Vd@ 4M  iܰ~i{zh5ϛ@0f;4>€CTvA%2m['"NnJ=TJyߴBSZWE"0x@vEz{\G@QFɗT{jN &A(0/80_ml㱶R3UBZ"Vq%8U gI#0o%>x.Qr70`;:";m-iOmSd{<|sH,](j ߺqp"?|0j i7QeRZy˔xIJeS^6 E~i&RΕ`E:Fl %w^Ws1>Dme=4ŢQ<w$o~_԰!z..P1@;s_z^fuy2P3&F=퍓N'258 Iz_NŮ"Wo ='3O.y +-56u:}Fw,18eC-/i;Wm%+=:9]s1#NB']>X%QJ DxCߛu9[~&GClגt)a㟧Vܪ/ŦoK+۝&o$c1G3p1\RoL+A-nf߿lGZPeA}F1j\L҆ڡg?5wP&`[n ^8\|5QDx^fFWe9sa먎$q[t/Tu= 1 #b~5Eh30+=@Pz V &fߧG $]N%-DU e{ܕ2Gu\^/A>^@GJfӔ5Z[ލ b+'3ns7|MgS@/c:(ΎFyĚq^z"6)S=~vSB0K 6h/+jb7}<^}DvLjsMh^!sLstM fx롁 sO܂`CAm/=i0 kS$Q y\󵫠 MHGd-f.;s)$\/YV]-"J[qr??e [GkbH_}:|o/HW2bJEBs$vX1OG[nj {Zϵr͜6# pS4xpߵ7twYf"o 83.B$ҋ:37+s[" (Kiی0N FɆf;ջeOy$5 [\o: Hgv׷鈿7;4 s+IJJk)נ!u~TTrQɡ4Y.bmܥ9f ͈H5yf &>ahseH'^=R^rpɈ \%\pචP &dmL#!mGAP+o=czp1T ) ^{tC74|[z3.,P Ir(eWSQCAwu}+n J^L<1x@wv+ Zh,Z|5PFFj\H,t[YKc®Fh*"HA.温}=.>DKk8OšÎ-vZ<*I-2=B, \~v|@#nl6z;VU"(˩;ꥻwS# " Ex/)Yl؊4Ӊ*:>ST\)y3.0W[Ў_JX* FM!8dڎ5Y" nTH8`*Adx !xn/h}^ɉgW8H^@FP##l`с@rc-y(LWX,I/On;>K^ڐu9]D+vz8Ԭ}c6>kq?. |(UDS*pj/L;iC6X'1ʗy#^DgJ$#Ϯdo/^^=XLdCT]t틸H@!GvIšʱkX;!*&6obRHlAj]FEP-""4c6}/c A@EJ<,' 'ĺH+/gƾK)ҸG5twKi,wOw~E,r@4o9H18#Oy<=E_ҽ./3 頌0zgW|!Ojnmh?L1fr&~X;PjԀ,PhS0՛7qb?|$h& q mm|Ryŧ]<{-Sqߢ|#z_l yW 肾fs#b9t>@&ɤ]b{/kh_ix9oaFe4"F;I5 ,K_*Yehq[ropURB8=& +v.5'BB߆kߎNG @sddJݏ] Ve\P3x@ 0"4>fQ.dbSzz-~yPC"Fi@2b& !˺ŽS#r]}X``gEZG+2(65" 3'as6lT|s'v}me m*ǪlQ+|;LKxR+0H{\~Jq/GXs2xxJ`T0ʩ+dԿ * @ޢq:r~g“W1㈠yȆL&3jvNdWB[nVr0?Ϋ}Lin4koVH ʊ*jXSgWY$o,"n g肊>,VʆpzLwVdVt7}D{v> >z?RutO]epa$<( ˂:&fVg׏߿Y 3كw!hTs;.y;9nG%uq#c|ͩ&w6y mȐGoW A}K8'xAA}*oRAF?!2y]FtKH⺻[ wA]@Aar ::GۀԆx:vLo6a!pƄ-x_`@nއDJ{gcΌ5A0cfu=T(Z\6ME%o7u6`g<ۼm4sG}- WЇjC{mЛU/7i#yqV3CgɋTm>/kTK, 8-1Do>޻5K"kͿ̑ev #y|,5n΅l7^G!hCu>{>[SZ?\j<4|D=DIJk'3ւoE>*^czPpFCC!.qT}iqk(` ï1"c ?Js=+Z6iﻆZ^Pլe6rN̝k$jBA׾KvqLeiyiUN?KpUas4ckw]:$/asK'$Cr'8*. Y EF?Svpw_gm==cfHF1w' SDrˁ\XN)5R; 0j]c iO5ȇ6ES;*f䋹de]phѠ$pEuXwP,ň'>wp j?EIS. =J%A'= ƙ`j ;gpFQR돢 Y~&b\D >DԠhXnZq B-cRVS"sS5' j@3-83Y'.=in1xVWx/le D\ԡ%\VR3}0LUү~< fl@wխ@1JN\)}v7ؿ92_` Q*cܓ:yb {Qe9F=PA&M*S8L)x83:ٶlRBLE1WtBMi)QPv0VB(&_ "R0 RaŰu Ŕ6Щ٫ /HNy*B"Khr?TFVV08A@'/2Ixt,hTȜaz `;wGiL%4T7WCxIe [˽RX,*oyg2'Ǎ`wIr|*ҋpm\J ~scmA;')DE0Q WEisiPh-',E"Yis^KFw B45|:=E7'ڹ:d*W@`X!5bv}U ٲ,٦F8ҙH Wq"9SjތCM17ϟŜDy (^lF:v#q5pܩ iaDJg q̶R,Ȝ: /T_q㲦xoUH%^c5JC$2V4áij&1(=}H+3;>Z mGVt[frR< E-lx9]LCsVԺ!&P;T6g*ed ~q:ad :"Dؒ6P(v^tnJaQxL]_D'}{# 4x:<*/?Z=| \ˀC{| }G ]ذj'%jrG}dj㭽* e+jlo+CGGh8?w\7Yx{`}MB, 7xI8N܉"r)^5WlĭԃO:J<+֖ctl~ aIBY"O+ki>^%LOk7cUqu-ΛK8Կ!p*d9~^S,Vo7fhJ˼f<2l + )_#rV 4c*Yt>D7m6SB u3Aur<"脸: 0L;e BMO^@E8dvF)$ 0#^2,+o$WճN V#մ1p}[|Z+j5T7ǀd߈u&ТM sgR>X7KnJ]o>1v=u-}ZoͲv7R(F$笄0{~``ܳCx`/#lD^FDMSp5_[c4,NT_jڄ:ǜ=UFc"nZX"'ah{-7v h.QD(0QNnc>! U*I%UG㖅V4tIz|EViϡ T8aԺޣd!٘O}ꄏ[{{iݹ/07ENVȁ@^4j!;+JJi !12$۸$ ǫScꭱ+ZŇ7R8:$:jzq 4|ϯoi\W1o?1|g~QvU *j Uύ)d19X<;{05pEQ/iի5c\d9PeUeH"YHNBtH!( {N+ 2M9qqV!>.T㇀ H7mp[q ^ثX`Вq\z nwR_,ߺ}^y5:_ɝV/¨7rzn8yZ J[`>Ƅ::;~!/.M_FȻ,O#vPt: (]3>Qenz^%AYl>;@{TQnݮtՑ@N H~C>E&;(RvʪFRbhTgt˰Hs_aLźPIX=o޳eb "Ln:(B:'C0GB@]:^n]7zf8W^CjV>פF3,H# LACnkS!ccPwڌ@_旽)aXe+Vha-e0=ׄYŮd0ټ_]@Ul*=ja\<.b}I;.4L324}od"&Oku4Y&q2D$^N-R*y7Lysh'9*t(ef=X eC[-v$igp@ukfh > f!f3NWe T3C[я B.\ hƍ? )סcIԂT9[i)1K*6/PKjO6l Y0 Fxhcp?nn(8ˑkG1H=w6)p7~֧oMlw~84ٓXgU!2xA`^4|IQ;'wU$Ǽ"yn_UH>J!Q3sI5O\_;G%.vPTؖ=qvVX*¨9Ϊ #`uţ/=Y}%)dO5E! b&JOG!uS85d7!%<6؛+ܐ#95L:M[ _(I>{sg1,M[UE:5-BT,+ []3jxj)yk.xXt+37*)Z"'M{]+2H6{,%\dk\.{v_#l"3H227UNzoݭLipI f?PL>>Qyl8(}A8 GN匔﬎4Vn2k>}d Edmc( I V[y{O\7 jML2aF''ԍ6n&۴ S[IEG#oFXe)iqXTl_TO·/sԙ|";t: i`fdضw  ˓-:zD* sXuPn۞eǪ5{j><+J[Q`6_}6 f]pf~>@8ZN"om*vNn`()R((-{Ch[`($M1;/G縉Y6KZÞ0¶/'D|u>^,2Y˺F6]" o+ʼvD}^9,W/eo9,̥"_;=u\3WR2CNZ1+Xkӛo^cgtl6&L%b~`"´`7:+X#3DR 4ה\NuMʬH7m[g?vnk81}4}&4`UjO`STNSaQ6Wf-m>='aV%p]Ec2?q23V7U;,ŷ\RrG$3?=mxuwm<0RS>n !n(<{4PĎ@¼ TU#/I>vVb~!@J"I$^iɽmT:gG6cYKR?3(ƍ)2h-,̗.=TPkvmփܮ% R]StEs,8}.X;1tG>Lk!WQw 6fE]D,@&1 ,kG\[.E$-DEB߇SxxfcT/5؃442rHc ~=W}S1dv^ks_y8QAM*!;ѡF{SQ=aH: ~tP7^~3 S.V\zFK'Q _ Sݬf7>5~"k:!n ׻or&*f`n+M|r涟!cߡ0֩0aamerEUT?c~Q:k8|C}蚐"viqr.KaeQ20W86&2)Ek5\.a&;I4>$e *oA mIDIC"^E9+IĭQʒ^jj_tOYhLrv&n[#ݓ;٧ʣXV 2?ajgEa>; p'Vn<`tH?(uߦ|ϙ\V:g? !ƥܸ0FpDLc?mX,ViOdbAvA48b\dx߲%wa_g*tptI̎i[iͱ#g['`Jñ*Iٵ&'gwQ${F!4>35VѶM&YBxG,z ؜ |V ͝Ọ5o Ú^Be},+}2(fYe"p{pMu쐤Pܦ %JnN,ԍexϏң$'H(;N1u9"u.kךm2ۄjOb͒_%"p/ d{G}e5RM ?d픹ro`F+Ɏj:.jҢkCwP<(4Clm @Շ$y+5EmpZdJ;EʒYA ޱ6Ql6i9.Me? ,[_Zdxʝ&X#%YL1+KE4#;rAd"hdy9 3XCZb0Ru`ܣ;l{T{f?֊7É5gí*` Ćymi~ϨPDeSUC ){9nce $hwm">3=2$n#JSFW y.a$"npCT1=6yH]=z|*D4&Zh- )e 䯻b(1SA0¯U68|*ʠu{1qHߕ#E"zG߹ vD ak0d9,S*A|xnSF28ނך3QAsCqԅ?(&F5UQٱ:dA_0\XH0Ed]k VuPsnϮ#)}GS9+gM5.|qi5"t6 @EfOAQмiݨ ='M8wBY [ uw0ޚ֞*R%JqE[L ɃZ [BUO .@?NAjr@E|Q/(1-mYs7;Iƒ,ӐæC{%UC{=ki U .XMlaTn&p+9f~|vch}Fmp ƮUHFcMo gNϯ0oNC:/ApqeՓdN3NZ屘""{DgCC_f3trgDX$Q*= lO&=X-ZJU{ܠ:Us0$)3%_wgz s߽O%WVlh5ͻ~_$]NxRWۤM25‹++hUПdJFeZ5bQ}ٵ|Bpz=^dZN ij2j>?)1]p6 g_:a#=%.&'}EEQJ}q'>=vECC3"8hjĩ}OIBz#h\;c3,S[D{-H,򥍽{>BJ1fB.pwl#BQ g% .=t<Qbo]dSBB7 W' T"ԋ`W >0{EbX,6¼*OjDIJ"ΨD`8f9&=|cI,湕WUhaw2/AM( ǮFX?4g)y3z [Ƴ3JXIG+蚇Q-U#0TnyFv7Y :Ny ,h)k66g ¡^ |GZ1%§_>?W0$z,W20o XE+*,PM4 :,Vu ߃u5; 8Y٥7oEOKKU 3 ,a8~uIw8Vl䲎jo ̥O7p U}PPxGP45;m_(YaDb ww([G9DVY.8zۡ.3s?b72&kDzF?*>1J>g8Sj]g?ۂLa~?eb fB =rs"뵞66o8sGe=k^"b9)$t^׻m3g,%uuqQ[Ó1|HwLV ^B*$3ip+)?ѻfŲxG7F))]ص.¿4ً ln&(J1D_-@mA pDrd&z<_BIo-??,aZ'BNU 8B-QKr-^Z̞ S)/3dd2r5+nTh`f V϶cO13Wv^h |6c I%Mnn2?qt1Lm+[EnäS26̭ݝk26ʡZP$+`*J^ ?ZWsN@Ъ4??k9Ӻd&\ 0Z( {X=) Ef>0*i.t.}Y݃3n C?7oJVJ38`R !gR7~.2mR̞[5<90:~@1˳B*kD\<9_kR} 2g!J,0`&;ǭ/5ɍKഔ$lt`bѼ~C^,O Y_@f0Lt>?"[p&r>Gb,D$)ex36-DCEf#*N U[ ;" ıIC"xʵďg\,Żdfq1ըa(9䍄;nMvEU&1di3Z R j$g68D ._U37cXR^.WQR5ҍN u Z}Tyu¯K*m+UmVSzAVQǺ3ܣƪ>IbaS#FXMv>IIk}B8ߚ|o*Ue)hzR mi\֠7< s!x>(g [^ ؟cLI?_DAYe7Jp:,3lWr+nBRD`v}&6?'^I<ڻJL,kJ2 \I/RF (IRl$xO'lg}YJ^!E!~c;FSѰa@N7:Ych+:=g3pq]HY5?nGl].xE[y xPߢ 9PռXgvzrNycm cVX&Wk/GOW2 4hU٤n݌6t "x˻ /}Je~"n1QwR0j)> &/* ,)梠n k+j\nJĔ#lfie|}됴Tۃ WtWOSJkTQX\lB م7R U=}!Iė!n;K[gQ쾻!(\=X6㷔 n)kXCBB&ӈ(ڰF*=T3Pʟtj.9̺i0VC,-"uH8/hN \:̌qeTݢ$~W=l LMªRӫo+3 V7CSƁแ Tc*i:+~z菶9VC_9:YYB4CTxpCtQ\yԺ$D3Z6]Xg4(.%\2ÓZkY o+țI 7zKp{^%j+DRMCIn#/>G@@(,d< 5TȴG=kǭ)W}frgK)6 #g3yw Zj@Locwh܆-*&j3Iy$IL9U,-Y4i|^m@yC*j{i۹< *;,Q3)T`K`4J^ Jɰ\c4yV+a{i2L" /BA0'nrȈ$圍X` EN6\RY9\ZX*jR%_Ph: I#\]kz'p&Q A2NL~I\3u ٟJ X,oSE0"G唡h@o-{e/H=oHmW5UJ0IBUK@ 1ݹ^absw4XW+kbFi^-U yAu-~/0 \_M>< F!\9܆^Cu`.b!<f-[L#jϢ8,ŠΦ =%y$&2<=Ueka$y]e9Ƀܩ L?BrlCoTIІUQ^-Do99d-x 픻4bujNmxo׏{rcݵdk|z--nT;?|EX\+5CLBLu}h?(utj+r*rglNH2xzR|g5bs&5{p @K?J C'}ӵ5`>0In ay JnvIHLYX)9۷u39 B{N>d[i#qCKLGZ^'\ֳhJְS`4w6t, BDsGG҉J.^mA&#M1IG L|/!xԔzCzd4j =nF{V WGLED2gch-dR|n҂3MY.,W7ـXu׷21if_&5)sNuݝ+Bq3)3ؐjos3"Kr0n $K - Bs A#.!UU{Dj=Y$աGV9]1C *'wX÷Y)^P&>c$]2.5t;SCՈP.O- |kwUL}#KH36%F3k`Cn^H\ܸ7d"ά?&ࠥ]&J7r1D\HlыpڇFCqы! "7n⒃Vާ"Tg_~=f~c<;d'B~Mv~ko băG;E _){-/;N]hvEDwLt{k60#ON N>)i]B =ExKK KRzA-2695$pp{X?ә6xZQ&^MCj y {V۠J)WO%=u2ibi5% JAsVһcRlk#^O1}xuu'y|J[Ǡ<".2uTcȯG6Cź3۪$G-x׾HS(^LiJ[Ѝ#Hc$)y3hᒽKL!P F ~{4܃4톇/S 8ŇĬ9!+*R[wIhnȪayz@7j) zjaWFB̸5 %L3)#|}>St ZsY ({SMP p闷+/̣y;t TsLL%9.e,8lYjw>?:' &  G>1Y$rpxGU.`$]+RqF>2.MxqGXOؐx-~+%a^@Q_e]0xP8!$#fI(lfwx%.2f;Y8Y ~TFrx[# 8i.vsD*u1"w m>9FZ,gA{{+xqQ+LE};yBoG8[e^Bu̕uN,D֠@n-9Hb(iLP0k#2mh;y;U<;0u@投s+vs]-.:@BO\@qM-ݭ);/%|iRr:GUBh-Sŭ#~0wK.~E/b2e6 S/DrNKgJ6NDSTFu=sX_bom`@e'a$Ȋ4r`> JdVN&ϩ7^ϩp dގ|1ק}=8eJA̞,\i-\&urJ W)SٗLm˔nTq.EK4B=1!WR[9P@ѫA)Ƴ'ǛNl)XRgc f UHB7`$:|svQ k^*Ajz}#H]KDɔWo6̋ο5Ԡ 䥌)_ =~?9x" 2m ]}4!7ΒNhΙcyΚ5^U>(4^zA.@$C;'?PoXDۄneMJnppU\B0LbrQۧE9CoI8`ױ[-j\?. 00[K4H87inNC1 |A̧Md8ʖ\u+8K>B=1W0v̏խi](@/pF6 O@ez17§B_A[۴Xk% p|c°t4cf¼aD1̙Pjavl2ڌ8 tCwdZ՟O~S9,K sa8{~+-Sz۽&;bp az-P]C|#_ 8HzQIlJ3mXmuL Hôd]jU k3c =R(Vv.-A?魯,=%.G 8CUNɧsVGNX#c˜b "Y iuBhtZ;JH%YOSs U}2!fb#Q2(Pn /טuWg} }11,OiEi9x<71~?y0c!{lɏEuIh~Yoq4evR0#oa[w´q^<'uSZWRZ"i`'2Q"})M|}z:)~v᧔=UV[< g %'T[)£;.v|05Hh>v _)C>`@\WBˡR'g y\|C/c U9#A>x=B)7.)5,}. .# ƍJ\g@*yG4, @RJuYy -M1^;2fn sm{-soSQh\q|*~} yrL_7q :6atvaXuHQ/@:Vц} kOIvmЫ*KmY'8_̐?rJTO)tj ~(zPkౖHdwo# [Z04=S*g9\,)@.NO&ˈ~a>PûJECXH%J^e< |2c8c@ΰpP!tEtv*7Pm^ّ=@$'7TesHa6B4.xvr>W'gk_`iyi;s<_mȗV:Q7ZDa '犸UgjIj>GP^@EBmwf* RVHei3ou #L%$,!mx̫m Y20v ;M"X*˻zՇUfADįt~PV0'AzE T~!0e+aÐ1wԓwP`|Jv.q i0]9 ۱UB  aEW*|4O0ڍYC-kvStٌⅶ! -;Y9GC["1p3pq p r r.8|vU}մ~=z^XV%W*zT{Sab+1+XW{uA>"#mX=Ku{@uq%kd$Ȟ+gh[E)H{)λyӈCYBk9VܜǴl{|&H"2h#EQ>,H4#% onPr/ζ:Y oy冢GTXfrpN80#96FLDlYyZG G[LÖ>C btBd & ocq3'Hxܞ'ۍeˢ<Sۼdqe [M\ބ\$K+{A̺0u e=`05e}|ڈ쩊z/!wma#1">q|鑌n\ǖA^={^&aTCNj:8F 9Bo_>)v2kusRPo*6|7 J:17-EƓז: T2ıheI=GKq9Bxй*9iO *y,zK|'(v HS"Bؗ~hzV, cc64sͫaڎֳ4ߝ)'.fxI  @/r Rcɧ4; FC0ڃrTT&Bu` *'H;P?Jqiʆ.99j#rb¡fq/(f(O (b|"鬉3s74I^1MB԰kx\iGzɼ/AnT|^łjBgˬWHT2Gw *{{a48'( Hc? n鋼 ~Eۜ;7-jmݻutÉaq͢±l`k  knɜcLj<>lPVL |nRu5b:\iK uqkW尩,ZVD+ggV%U-d4ַɴnîNo#\?C?e>ӭb>ۢ W/ߍRߺɁ& <m7;Ja..1Uyɶu%KJФ+.b L7 0ga:%m"o4X]PCvDM4"Y:Ѿ0^pFFÙjQ!maeQp<Q%*QBWjS 6U#޻@oĜ;CʁMfJ%ӈGOra,r%> d$" jH\ _B1ЄA 3\5`TbryX |#}m0 kߺ%p^wy·~]NwCKw5rͣ)+D G'B(~ I1J#ɱmDkJS2F!9"9p,:kD$n|/1uF5:"Q;G'l*ymH_ OiG#xSn?FYAƨ+C!,AZWB3- RF6=7ݑcHUQ` -dcKWtB\Df`ƞ;9Ds cd[L |X<_V2ux%XA!o<+HmɁ?ya+@4 z:F>}$ZІ BfaMdxCjO=Ŷ YYiS>]M,S{qe*^IvݾB0 0 wHϰoYB,S WAM}^CdJ&'qIUxϲKB4#SN5 &d]٢VO2pJg'점ݎ-vR?4uf~b!{;7)stYl?8u ( gSCKw11_@nRy4vGg@3S=҇DHHiצ+|N[>f[2Tc֫{Mᗲ_ÒI})QׅMS\`70m-=8Y\8s[l™D~ (S #,$8(P!9=N_0L&MnsgeFAg%j*hR?r\*NNIʋZ͕|7.!MJ?pW ^rUK bx:KBset|é unFU+"e;BO ܭT[ @*|k͊H)ε7US׿%筰tFc6:Jzؕ.9~9VF1If4|Aqenmˬ']aF)y] %oVO_a)mΝFUnSֹ̕6oߠ)eXQj_?DbeS8ʴ?ad+'K<<[4XsNghq7cu%Mۭ5]V1B`0!An)uv_3Ty[E0G::8 k9P mi :t-Ch3Y}EL`fNI) ZKG,D*Bqs9gLA }|5fN^Fs 峃 `Wpub;=+bܫӱXJ%pNeIfքї1n>wE~` r Sn#r8CX+_5=^f49Ml-Ql Xs6 JZ6d /l; |umq:uYUέ[d74Q{AjԗCb?։ifgHY<}*raoq[_V3i*nw14 %KWp=hR9Я.{J:tЙ*cmFZ.Że ^35:݃NpnRce$n;-Gy%i; VSŕ\pAQ\ʵʷ3÷Bx0K4li+/D'Q/G/(y ԦQc?S4YSvDxV{G A9GR0\2 -y d9/Q8Ia&P,F 6 $V>%܁wwBqavjYcg%{R7[T0<(d2#s{aEC Eꮵ~Fr'"Jvg dKLZ>$[<#^Wϼ#سR1 zfj"ׄץ[_Ɉɑ3cCE|N Z*VSQso|)̷k,qS'@H[#ǫX0Cx*MBz& .@-"#+؋=M(j"KͽfШ1òw7GTi\.G-K곸$2]eZ=[FUn[Ρ/BGJ'U=ṁJ_k૳D %Oe CU$ i:rT .(fľFΒI0na+M O_gGhd,̵*X`q;{#b|iߪj,bL\qMgTUzD3vcŽGh{@OZki%,Ȓ !0MNn|߬;[[b{rd9Sęg SJՆ}^m䘸~B|PʼnP#>dfhWo ͷMuy d n"ߩ%J-2'N=fN sB,?7{]Uf6k>_,o:rQmD⼌j=꽓4)o@w2FD5pɿ<8&BLW :L-2ϋze{4“%&4Y(VE ar?6 `@!𤣽Gl^ kr!.6YCΌ2'"W?.1W`OwYسb.L peUw\lmWBSր(UXD+Kpi V1Ő{Lj!}ҽ]8bb"Z$ÖT5-BF{{ҮCEN N CvKsOAEU_W$M2ΦďE3${֠O182\nlԍMʇ.A-6Cd Y^i)a踗]u#p I |5\Hɕ0@NM9q$,֓l.d(PE><3j2=WE6iy"^$Ow*Uп ?d @hc,/Љ8|d]5YߒzUԄ@;dIgpqs4b&dF3ᠦzP Z4^!Tŝ5tJ$*1t2m |0}GRewq}JG+K>|ځ_NH,)߮vyW?Ԕ`PLwiqf!2K။K{ WTiT1kEyIe( ISieDN2aG q\SjHJe%/S0YC޼-- 6+u`d [d?] Nw;rͬ*Tku§pIƘU6 WrKGUqdYdMUL;%%5\63xEBZ4<!jEyt;#rp+5ԅOG"7{Y}͈#t ^`F+U1Ə3/>.98fx#6 ֠`m |)-t#3ӵoҮFcq$27;Zd֟ 7J,듵Ɔ4fɕ [EQ.qu*#] "+Kŗ8ft鑧+IGDŽwSf".o:ϒ\dԚP읶@/3U1,xE*GXqV*Q%uB-t[W G{X)YFIH4ѴHjpTe;(g+:YÑ6Yl.+uZV|uNBWJ~Z"P-=P{cRO&#؂h%t-ݦςcrËO,`Z9D4Nnw](5y$^)anLha~Aq'd'11ۓ,R%VP]{б;OS.<,⸝[*u(L3djUnM>Uu}Qʄq9!n44(FN5(ꍁOr^H(<#zJF=^]ڀx^WȰdU67Otfps YAET ŁG+HEY5}M5~Qx{pM赎sِ7HKm ج4 !+'L!uboRH`%]YdI"3\tnn_l jѫ ]i'w_8#- XFx블MoLs"Թ-!+1sgz2o?|A:/|{Y•< mЙ?CT{O-!0祖vڥ${Um^Qo{f&IߦWNwb{,Iʶi;qj$„:;[Ͼi盄1>W%Ha}=Vm ?D>|)}8i8T*Lѻg]@&T+)k$,#zs} /L c--c7omj\qLe ]{ v&v _2 4w0^\!%8˦ .-ZkULO 4U.1TQҁGi#*SwFP~)t$i{ޟki]q2z )jFZqg'\,̾W`eTlZ`y#}`y>E*g#S0ڀ&>_}%-pW>UZWiFڢ+toü@kE0fN]Ʊb1'"p|A:3uoK2cM@?r7xHvU,]@煨VrqגܑuǒD($<39CWGy| @\^Qo͹ J",~ڵ.b):;BYJ>!f(93+QF">_@٢tɿ_ i @M̚zcYCvK|),j֔\Mc2il<%6e :`9pXakgW3:a^l DRiC kc &zP`G &a1a͜?yev߶,KWU'oo,w6en(}mP;`һW?z{%ocoXJ]s8Ա2K%o$ms%xujQ~Jf!w_C/|>ڦV| XZhL XuPg,CdTI^ua;`p^2HB0Ѫ0m 8ClhW&pbw;;u9SR>nKM{+쿯F"\0zxce0\򁮌On7u)U ]ܸ5Zp &ܙiPuY~q=5m8F:Q a"yӳ:G9 5ns7[Y`YIajI=@?2Zqz!tXErV 6.ݚ$YU\{ۖlPD4oA#6eH6WIeIP0 *4zDf:`MV٣u}xw/|"PkrPJ1:ϵn*7-nX|zVw7rPFk`OXo "BV|(a׬Bsbt1o4[7IȈ $aIN~rZ^kRv/զ3M_^7pxe!Zu2P8|`SIDر̲3UƚHLIro36Wgܷ @Ǖ1r lNm;Y `PӐ.L,Agm܂ ne?-I,'c4.!7j,oͨUvnJw~<iW}yP:wkSg  7 j WG{< Xmbw a3%*P097oe7# Vwe7ˀvIZ Svd}`=ġ5bIŠv,EO;3W0%\5yo!Q^ʁ*ҟsUl[`JP=?w a( f7qYS|_^:2)'DU߫q5`~6艛s얀SHqm}6羒vQql6rs{O-INWQ_\^: V/ &?(a$T^4n ݡuTV竚aip$ò#mRm3\1:?ɧ':PvoQun,TuGKoA4j\f87JF(+9*x߸Aa&ĥ?qRrdaZq=q18y7GevΔdsw_4\ΧG]Y HS^@bhp7h҃ݚXP*7*x8#-Mzd0CyTc#*u??݀D 6uo֜q)"-5;7mxa;-}\cxS_^B2"z}a֭P dYʁ:F3ncnjf{̩hGs?Z4JS `ҧN3B6Ht5Txr${cUoN6}@KqCQԎN#!F)2-/* 4ԽF<>(h:ϩ]D.FmŸeِ_m #f5PO%H/kud_kaґg9>SjE7.5X;q^QFhg4=rI3i{nFѹ\cL{P*l0(Wk JAK2Ѓ:3-A$FWH E݄JuѽАSk3}p=2u 1A0Z*6}$5gwznѶ,jpi~LPWxE`D WeZ|zYV [5YP_?kߔyddMK Ķh_},|lڽ:ki>!0Z$5qZ[8)޷I c9rۅAr3 Wi<Ѡ`%Ղd>mkh=wy7e#\QPi$2IQ_ym aGႴg(y. źU5-Ie|ralEɉQIw7#(RДc[2P]9e31W5ecXs(óope<<lj =!ʱȍ͊bcX-/`9'ZgQ״G/qŃ5S_Sؠbs1z>W" 6`E#]Oב [S+Dxd~@ÞaU!6IZфƟ#j9o쵦I0b5- _'D{|h/U,A3 F%}G|]ߨO-=*zȯ7_] ОpNa4OKA),,K,6-"߳ы O[to5jgZ@-ЧC`E0ӋΨX_㧗╒q1eZTrx^JpEy$!3>MH' vygLB$OMHVH߅4QMn>@nJCU=%^\D56SٿsrԮ7D/k gM3Md7i9 Z2†ۅX# V"J2i?EYc! vkuE}iߒAJ&d3UPͩxC(LU-OZ<RCXbdx̂˪w{Sή4U-lIXډ8k%QUπScp Lg%skCtw, >\K+C)ݳUi‘_#E kSvR>&V{yDQ(ҍ4XM19'bwcKe˹qg1x 0Gd @=nXR>B94^!Sq;!Ь@176v!1#Du& p}1?r!-Mg(|T1>3u]]Z=7΃!dx`niRs},)Qʴ:]/VvBl<+'uP[ͽsy(Ġe+$<]r +ʗK;x|?b 2R,wA%!XClաndQc$bBv͖?Y!7RS0.,pGZdRDg{"Jt?t,Y)I)Gmm5אr#N-';vfW@6Ĥ?Zn L_|V}WlHJM?7N.v4ܹdlǕ}[v3?GsN``!H|;YDCtZ7(mkdAI/[`a@J8l=w 5nDx1G";Z"?i´C pJ (V<`یDH|% DKXJRޣkL? [uAkޫTL 9~-pumd1dlf/jkuudH?^o_+:xmChAxa&=ؤ<4J0-.QYiYtz&e:u>~_@ntkMQ9oʂ_jMi|9 Qj WZlƈKT\epI٫gA'ۜo>4;CcSHu$v6{ ="7 4Z mkdeB|<=#i>cUI84.&uo{%cOz'1Yya_py׺;N]- FVSАdӨђPYevοWC gq#9mӥBK:M]3ڨ d:2`,)yb,[(AKIwe [D?V4*\c.=D'̹K[RJrU*PS¤ʏTyR泹F)R';Vs3i[B9M@gg)wZwdO9@˽A#M3VhJrv<,jBcpExbR /X_Q2!kX F߂:A.IQȎ6sfg@D7v?mQXt6HJ(gH|r@^r1]bt/g̓мjI5XzMx u ?7o>/y XUpi <;89fᬧ,_,A)|e}L}0`YAL!MO{gT9Ieg+N$6ɯ뿕xqk1:l{a}H";3}t2, $Nb(< `|F`1m{VʕHt5Ϊ./G%zyK\QE1Ij'=w Q;c[0eWQּL ՙLV9@]v1(| ?_0Z}S{-i[A3q؋ڗ [*w9p+iUsF?M \׹ C^/Pg1̛r`[X\j 7Wk8QޟJu[|c Bıml7أMdDI(vM:Yn{NÁ-mܸM:! 뭏5r~ w KT'y:8f\z d1Ixpsrt2:Z l7vdS 7%Pdr1rB6U`c[{lbh78B9%{wэn{Q⥕$1v<wra?_r͘ɲ')vb9|eoYb}}J 騳A05(M{,۱wDL%WwRu ^gPWyQ끣Vo<2҂qQIr]gbEjYV~ye' `%I`j+8  l؆2U:l ATXt L_𑾞Ιa0m&[I.=@Zܕ"A"Thjk@Ɋ՟03giK̀-@K nH): X[^q Đ^5|cEΪoX'pbzA?1 XzcڔE64~؛-qeW"$1*9j'&T;kceSOڇϸItMqqvW8_K閰4j2V6!fFtMMK݇}>l-lk؜JGL*|FڥSN(;_Ea!^TŢ({[מC)dl]i4w^k9beȊ(@ |wV$I*UR]392FV ]"!]Z]"ϘnyW]OzHwלHx@^lj}`Ə@$S/nKvU/HL`' s5Iۻ(08k}}[ᓺ}o@gl\ j[ Ps 7GB^g/ki{ӔPF7Ё4V{N6@ F]Ayױ?$2ݵmDacP5ӱ=R~%Y2Ocnys :FܳDB@T o~Ax֐Hഔs Qmg]r@ym:Uti'y I׬_{ok wT'BNI} q{YH\\Q7뭈 Jn+> lX//N`?5mO-EjzɊTHsjǯiaݍ2F 4xSw?B.nygpvzn籵oGyS.Teo@PByOl0c g'/E7;$σEN{B To^~&y$q'`KcH߯d(h9V+Qڰ2UQEox|'%NKx$QTu./Ij퐈־U`e^GRЃ3|̸BO]J^ɒE'h˴e 2 Ӥc~!nD? Uָ-/[t&@ʂ;:PWKR<r^2YeW-A1E kj 5TǸâ [g{ ݎR,Vq.VBЕ};%ʟp2Lp@}?;,u[Bfl}HY LWA4T|gZHRef#`Hyu>w_?91\-`'j(YkS"uJǗE: ʞwc(>z ৵ (? rZ1Hޏ& ٖ)Uz (XUMNe|&+?gzXRh6$oեhݍME~/} B@t[J.剘S8sjMɅta]_%&N8췉xoj3̇,G5:=n4V$8;o!`o LȚuf])fh{զH8lo4T+"8X#QvJVHѻ/G=ϽsƝCt$l~yT"6z$\.2ˌ64nH&#{r\|mw|ev9IOti JQob]\LH{UACmt"3y:5cbMVOnl{.@ n |?|'..5yt+V=W+ća?]Vƚ>B&̕+vʭO|bΠ+D>06 e;q7v58x<c$ciL'@512Ggca(&r?| zhU*ZrLM9Iu_˷a'd>%^uEf4 VwDt;CH}r Q1+ d2R ɇMpfam" Bk?+Z֨ۧOt63chqO/ʺ2[Ѽ]!4 :3bJo?jRW"ay;1Ή9 J."p1X?Tު-7hʒ\ ͻ޾W̟;)pf@$<xq]WW֏V-Cx"(ygT~Z{hCvuViMԤZ,`uD95 aSbˁwxXu<ኹR[`D].tKL`o7 cjg78_{ Wk<2Ydae 6J]1 T_bqR{_!C.'Rt[Ȫ,-Z@!8Ш^6wuy77TXWL>%^ZDYH?e :.4"Ȱr:&0T(ᡷַ~;2dP?Ƙ]ɪ[@$.#{̑/u(&/Xޯ׍y7#.GJ3tQ-}` ưvM_@hn& f'%*b TD* &Mnw-܅&ȩ:?ɓz%+4S$;']:g U>w̪R~mNMe?YKeG.0?]qΔyۙKO4uIͪ1H,ǂLvqcx;nD4lڅ0bvr wP]Y[YIH藐7G6KbһӟOrqЋvfQWY?=8Jٙc\6C |PÅ{K'ltHIp5b߽@8[:H k8/\7ƻ@#MZ`$b`m&(+%U~%+snvc` .q{q쒻tN[rƖC9!C%Mǭ@UZėժUz$t<FYC {Q*3-O!HŭI:CK02-z]jX/5,:ӛCϣO J]s5zrV}L_.'m7CWL4"ҎYW'#-RšrO՘T b!lT/j9qE8󯆵1TX>`f/ qB+ !6 I{I+y#S&zEcU'ЖZe4Ր KoV)oP m%]Pu(qKet 蝚6=!{ ?$ RX= p&ŌgԪ@^>3Ph$*n4=iJ0rnVs@7ŇT6z3Pı ]o48yXl١(s&14cM^^3 \p $Ĝk[ȩo^B#\>b{'&!@p)8r.&nEhޡ}4.&}; 4AN]JUCY~.M|=8sVFHgi'jph7AVk[Mt0fTl7)ܑ[+v#+3rĀ0ZD%WXQ![#+x_Q7X'^M4T^J-ٕZ p˪cVϦ~ rjΤv1{r?Z`+cYC沞 |wb1{DhGv cuF6TP M> ]|r~-pru =O3p̘S% *ͅxr֒*d|ؐQR-yW`6ϰMOvz{u~J;~Dl|(r86uXk]T7FD~&Dc]H*9]ZQ4 tm~(jRv3|0b6 CPw#W9ai@JL׈%06Qzb pb?JRմh1iTVx@Ԗ㐵X( s3W\'(–S!CSDA&&lkbVKrZⶂQ[8Fa>;Ůw2g=СC֕xީfv-ŷ]OҶDmUDվ rEh8nT.9HiJNF uYI[tTfF~i}v;3%)YSGZ 0⬄dt[6xR*tƱ I:-`3VQe^>RvgT2lHıI\c*:!6heffR? j4~A (c75 diOBU+r]жXcɤ`YRWF2,ԟϙbsEvnjd߷O Cr.a' |LnG1/~\0<ĿAr}j.Ʊ3땻Y M?l쉖{A1D|cdsd7dbgۂ Cgy'>I͢`z6kFndFSOD qGh/")<WOrB ˲^RQpNe1Vkg;ď[%jY~Bj*$2&9ޙ֐.:n_sȚo~9vyy\yXU H6 _nehᒖwl &mf6}/IJ/L('s.p [5n1 sf:]s5j[Mb lPŝP9b-JAC&NLoJJ+pȌn"ڷ,u߳?% E@[C#<%W[W!p M2o;Mi!o0c7's.w)3f.?y >yN[1Pn%MB@UtЃBM3^_:OmR* hbB/DMOóx}7sRI#axY*lݼ&QgdU{z`KN+xFM~#n@wQN/;HSZq/\B"苾1)F~׈=k1$W Wڞn%ĮI6$հ򲖭u%2'{BlFVXkj buA 7 gHhnZ?~(_ vɖQq[\%Oa"!~E"0hTn5옡ޟ5$*b+<=hD8 ǘC.;|-ʮg!jB)eXxH&u 3:#Tв.Xpwd,M㭘L9oS^oVܹw"Lj5g58*5i:yN9 TloǓ %7erۑXW>NTEc\XEaB+5 rm509A?KR)B3nQYH(^kOYp *=;-G!X{њ1?n0r{gC,t}vvS ؚ,fBЦ|ȏS6e}gK,?rhz2H6\w .Bt\n#/?as2<}ݖz|`;'Lkyuxeqǩ"hS`i 0jae,ޏ+`W)$d8K x@H7ߓ&$:_ ^N0mhoX~irhhzQ]P 8,Z½D LϜǬD V5ӹAd땦y, gunH[PVJtMҸ@.n&0ASaFACF X짽+r^Źj'Dӕ6}fȼ1jiςt5w6r $WOF5{}yN<&-OQD`w yRJ(/yHƜuKH/OaRڈbH0fA̮·mΗ?ݻ$xOڽC0.ДB-zw]h?("_W$!:q0z5c_:U&z$q/.'?- (CʈƚdVEŻjy|jRnxEw*X.-pm(*hA`'^Kմ-Tat#l/:xZ[ƏA@ ȿik6H_%~Q>@xe2.b^ ܹKM^XIxw^98 '1ɦ Լg y@CH8Kbo+Rs0ڛT 1¼'\a|Y!A7-d]Zs슉_ZLn9ӽN_y)_E|ڱ|ԜN:d`}Tf1يБSj/rL".f w4bgS,EnݪD\u!@MLo7AjbDy}f.,UVM*YjmZ|o2ta] ͗P8Mqx5H9~:Oaև 48v]_> q VmѲpSRYxOja붸ֈ>>b:֥QVm1\<;Ks?3 [ܢ/n^fA(':ǻ(/3x~$u; j/~V$bLrG+Tl0JFpZ=KSO 1p_75Eکrq휶G{[#~>ZKf5˵$Ndʂ*ps-{=$%!HOVly kYO)\l! Wu^yMOei$8i1=Ϩ~m% 5=YG J `aBߏ* P~5y0:iu.tBfFQcH}'[2-9EjAFg4Wud" V^ i6uA#F)KE3B (wS٪_>P]op\b{BG {޿y|4kr&/ v7EY S#6p/@4& d_suiEH_U*hK08=/h3oWxE&.@HXn2%Q\).0R$Z:df,M識ZO8, &#E}U$] RJ] @_-h|AF 0omv|'s362oܖV3Sq@ˤ= 1E)-^:jw:LcWyW1iҖf *51TD^끖iىk&7lCC͘'f]O.eOe"l/D0[z/fQ4a 1R fv).3U74 lD>U" { <*zjq?u(&'L-#Xc9L%D43+X9o~ya`]tyd~((z= HoCq`:uD>Z~zcl0 ]e;?HIY7ڨx,8d+YIk_āU}?[?h޾g$k!xBeH7U( A1ף`)oZI2q#:ݣ$ {[\I8o2ջ|6{/%pp :ǍeheP4 DXV2x0YaPjdY_mtB"apHӴL]Ŭէ˱(g"sKZoD'\悆>F=/ enxpXrp4}aJai6 $ ni2N,A +^)Bu4vVƩAgW2Nރx{9^u@pKЊCSŸOc+BTD EbW!qㆳc$锏J篭xEyla ~?&:pA`Z6l( '%h?@!dVZbruq,*7[bD8iXQ*6nil:N)#z_oIQpbc4O8C̥Q4˾;ؘ4Z -זxm&8|s27L>BFԫd=6T3LC[.ԤԘ <}=T5G',Ir9Psȥ _~V:U)zrwQPP>2rri Ĝu#ESJmÈgM"` c'#U4xFIՖKkq㙪h:J8-t@ID{$m!2#j?Jjݱ\B&\Uor}@l GW4IG(w|uN N?KUj1Ry{[Squ{u[z5 lۍܠ|4L1SkSpE$|LDZtwthr תN<D[ԜGSI&|vYS`~6>" gY=oYbs%3W!SlOdc5|P뛾`fFofuJe:%)oRo*E#fIgp')jG4~C&l tyf4hY{;*PhWTZd.HL#>\MKG,TT|E)"M HՆ;3dέޒ]L&:nеx2u[R HO\p>\40 ۸gߙW`Wf[6@l'Rve<*`' ./}#z{%s,e>DriGl}\XPC$a1 {jZxrC]hPJLtNl-: Ih)^vvSxֱOpis (ﳯ(i4d1jE۲4NegZYׇ<PhhElf0+lK_yRZ7NLm'rmh0-/wgqjFljau\ֺI M{< `x[HPߘ. !t Qƛ!p+ł/}FBaW{p>8CϷ F^7.a2å~u jlq(;dJ=31응c-\2RGs@sQL4R$ TER^?/szk,- M`{7(xOZ@oҔο˹Z78s Y@1]1/(^H܀e]ۦ:%R^Դ U+vU`.7q ĈZM8dN. |ky근3k+vn9G;ӔX`V1pui da27ۮZ;75lL)Qdm C?$H|s4uQ6dͲɍ'ĬYճF'.#c: gC9VcJw<妢\`Io#u)D9z5%܅ZDкJfu-ۺ 9)d{bNzIqݢګ1\v[t2xT: 9rl(sx^jKО﹇^bg?qB֪y:RY[ 6=F2ݯ qvT!!qH0?$FP H(NT~ӚfUu{;q]l~CMl N¹뒐kZj0)pdMWwN)68[=F+آ:mҤ<]AپNl4):ڤbTI$7X)!zyO8R,GYJ2h?&mB&)FgΔT[`ۧ%h]+~,9hw>YqdHp:$$+ފ3Du.gUR1$xx7sC@ g7a:]~⫸qM 4Ω Ko] Y:C^'G}͜j\j[YL}͜|;Պ8x YQQy@E :xYO56퐶IUqqbcڨ-mmqݗ\[I+EhQ֮0RYJ@ /lGR־j%# xwB T[ڟ)~^'T$u_2wqhsA_6+^|ưT%Py'|D4TiJxz$iBy條k x+.3.csz,X}qX+L L Vԅ|&6X#զ,W$)ë-z~}W8mn!2C R+L#N/˕x978e7̦oZ"jgQߖHNjQ~O/ 8M?@&wFʘ!\3 S{lK}g(Y#*d^wc0dregcwL1wc-mՃ@ucJ\z?iols6p&r 'or)WbJ14 rX"VEbߝ! Ύ@vd.DDɗ!;#\U)ɴu+Y1Րِ}[ՌޞldYe9w6#=˫ Q)-|.G O*\qIJb7wS8I O"<>c0(jY%C`_]6oΚ ~g/H d6Bp&\ϐ7Ґgif)ŹנN/*dĹP%2ձܳLpk<=X/:xaY(7}L*"n?hzJqQP_^~KQE BT*5; i_ m:Xnt6̸j_0(FOKUliwcaa#͹ٟn qWFb']4fhב#WF,;ʭ2In;jxhO1: Jë.C7 ې{(Akqg_Znp/,_d r%|Ydցi`;e$K5QcÈh[otJOT1vL0_N5[PkL@NJ";d⬄Sog{CYn<9*qMq2Ӎa,&eb?1Vu§vI^Xp(gRNɻꡕۗnY^\ }:vUF褓x62@7>,'6EShB\f|О X؞vul%&g ޺r s ~X,u>)A'YWX]Ad&eZ1.&HP_|~U]w-#C +"}.KB4 Xw6ڏˬzDR8pu6ڼ s83kmeDDX~)N9춎ְn5hu GIw/YRo+4843 Tgdmkc~&~FYe 𮒾IY$-DЕ8 Wz2.}B|lNX'´ZvҶ]8lrs) eW^a #صNY::, o s5{Ly(K|@J+CFԵu*Pvc#rݤ8ߺ϶SkQ Rez<?I|-m0ƼCoum=ņu} 9>H;ę1)5G~U@HQʑ\]qbue\xoՐ*dX 什efec*-݁bq O %Uڀ J!`NU[pDCwK0 HNUNn;M?w[W>8ܽOt]=r{b[w;bdѽf-vfcƍm"TpHITV4p#MZ;w A: (B̲-}![k,Sj'H  ob=8X"xP88tF`Vƞ'aldSKR8'r?̺d4V$)S ?>9YcTZ9Q QEs/_7_d)J'l.Oռ@8C#hUt36m٢F|G~V-%TMړ9{V 6+jz|8 ċImԄԡ{#{ W NJ:p5&6(W_$9Y/끎DZ`(kwu^E#s_2=vQ ۫iu63V#A/[+{+xdJڑ|/uLiF[už{ \@w?Ud9\X :Fwiۘ∨Guw-$,S]0E5"ʁ`Z/- JG^ ͵$Su0PP)ǡQ«jJxdrbod+~ʌ B9x%%ħtN_zMC-`"K]ۿwU3Sk:!Tt*[t$nMjrk -P`&}* ܜZZjh F?Tb ( k{_}+O~ZLd^*)673)<#BQ~Z`i_cwV#`\9JP}f=o67)ԗ$A ks`Ъ=RGސ=0#yPn׎}vN<upQ揷y;t918 gJAtQ+O.$=@tXfT=:_jM[x$2Bp\q5҂"}Vm$=ըKzhޞ[-w 5j{ɥ)TUzH{do +U~Rt֑2|xj96P&!:ԚWilE?ADw.vZz /{Ackq>.k5~ dY>Z%Pv\$ znVc* EM8EGv:_D^cUuH-k`ʰՏ0ZÄi5%J4ԘD>F\s ?&^ 1>ջ3.Pż8[Zď8H:X\`SfTZ2$RZ"OZ,n"R^A Sw?| F\X5(ĕQi" xlBVGTcƁ/iTk,p+3v%i.uyl$j2HI9Ք"/J;4͌)HJZ!ō8 J:D@eD7bjds,0 [bDhATmԀdhyuQE )aVe+Sm 7y9fX5dz%{CͥA2^c0.jfB3 4l4~jG P ] Pdn >G:D Pmoy vh//#ol(?F0R@{c:ሳoA*մNS|Y2"F *y]ASzj24K~@@*180z`V갓1RИԃgT2{[09Sfh96F"KF:^k] :q򲬟` pwKW y|ȕh9s\3?b& vXwT|P;b5uho.n) C׿Xv Il/)y@GŸjR0`Ez(ynN lMU1C`v\{U(d7e҆U#kVz-PByDF(}cGF)g qHXW~8,Dž׫u,{ljr?u( uWrV-QOZNjA#laT"elbu"P\?1vP걟leԊkV%ITzӕ_?,'pb21!^8G+a53L^+ŒAkԫW<Yho 4VR$LOoDamF; my*s]MO5< )h<4oYXp Yf0#sn#%?X[Jx1WXUxk+.E G'M#լ,}~Ήx}60\EBͅGb@5Nfn0]LrUޢ%>5=zsMUW0oKRVS\/QӟۦG&`fJOz>JȰQryEtҰ?dX4ѹKV u;=Jr"QE ;/t-\%@feVz ҋNv@z|;NLuil8_ Mm VUۄY /) 6A˾:/NjpGpWێK Bבugz&Ρ׬?z)SUpo|-M_G:t8O-ɩx4GBﮕEf!q c}$ }CQTMHs_ e'txhKN E< BҰNd029Y)+eYmhNH4`IF!,5C Xܐ!O q$x>'o\ޛ_u >R,ѓI2`m%/k͢N,o#hAw P&T{Hbq?7CC*y j%Iչ&>GV@C˄԰ͬi y_8AP0RLOWctF&J6cXji;EB,s\9O"m"kд2(5U-z?ZL̚)}tTpv-Pرd9X"<:Qv6,wƐ 3q>FbLkQ}&:PR;@__">z-rxT hi6]!\& ר,"1ƧnǒVr 8A5PozOCWZPͳy8J˵o~Fh8_Z*-hc]![!1$-ޯ߭l>'"8pX."bNiEE"vVj ߿;l[NM-)I튪.|͞o̗wN(&"I0s u7y^E>QO^$dA2}/j;psW,􀤻yt̆wL{״@CzN15Hdj8lo c>~4rv ju7'PQ3j31( \Ho$ fGy@Adb*W+1)Ps[ %z-SirKy2aD9;Ѷd fkc%D s bKQ}'RMlGrywO9J,z.qNSf.]&-SYڄGTۻm/]̀Vi@{GX02h9@U2pD^)-/2G&,jp#PoH喈WG/l6Fe ̈/WAsAng̷Ht{CEk؈o+m~ߟ䭱[= 9.C娎~Ni3V*֍Vn.ER]0RҬxV}KㅅTR g2r@I*mC'] %{\,%WIDF $[b#0Cv;`vĦ"xԱtSJ+p8N۠hqk@g~Ol*As/6@18*`}v"ckb =!y۵"Of/5ˡɪ&;^17駶ҷ͕ձ-ϿX% Cm+ ;䌐 Ph0Ma6Cmc]CA:8} ϐ}@? &\7$#,F10fG54UQusay3Cmo0; QtZ3xCM&C-mki*}rL> vytE]: ]-cL[隮R` Utæ_|`O,rX ᠒ j%Z/t Iض)46kxi \wBX+\H }18}&NCC terdtFT#[**g}4|A'\Hi/~ ߺ5>S۶mV;#igưWj 89_1HTi.iv6 d_7ڃώKl9~$qV<n e_ei:KR}t<=Fp?M#&,T  5m@cw#nx/G ,Ox28XQ'Z?*p#wB涸17[+)0zOvQ:[.JV{$V]}򵗷LVoE|O=S̺rB* 7` z7 o?SCHb ILYgc=0Iɺvsm.3-  9cV~)!&[X?ˈciPRgmND0Q-͗DidXlQ;{B7m>,\f Kk,} `",tv4b{H%w]Y5NƝC}+{, p- Btsv{eSZa&Y9anonO]R>Qa隹_l">Q\aΰAE G޿G\+udwb8#w ~hOYeo]Z* }Wkp3Y(8٘eMWV+ /j9p\u鏲 3?3gH CO:s1-?LV~:EhN|S߹!v{2ՖEs{RܤF0^FBQ@/R l. ÑpM7mȲ-!0\CL0dDGvn-(DEܫz@`G "]LgtVFI uǃHm5Hw_HZ B8L_fr‚wthG!~=1į |V^m5@4fUS_'Ao0i~M!9AOzco iγB椖dqy6HwIUm H'|x_wh;,)ȧ)JrxJm('CCUT LF2s^*;tG-6͹~PonFnBR˯cwK`^: GKН;W1nS+=f[an/ opV@e/.65nKNX(Q-\-> z$ċfDF@3 ZK@Khyud/fRhckV8wS7'C=k:M!_f h]Z$"~& ;֨ ɬ%Զa8q䜹Q̟FSdo@Sc":0İKYZ87t BqY(% P̎=--Ɲ~leU݄Pe6\1#eUȟJn_б5a`f/;ڎİ" AXU(dNw((%$ % |7Ldq]PV+S-7(%, ,qbi[2pWǠźM:TFV{ y;HǾl +R7_+2wў[,!quH֪q X,jtU IQ3"G^n{Tv+)S"=V(M /᡹/PV-PytH$u-Rar'>y4Hh:v>[Hg$늊r@-'\crL<` GZ\ƌ$9)uDX(YV5h꩑dbjpe,sަ<4LB9Wde/ zKAxm&-:<ӅAxHfL{{/L O!{4žL6 :$Y4QGSK~>]AʤGe L6 ʕOL9c%|c_g[ѹ<#Mfʫ`D:- TNacGIWǽ\qK.c*x &fab2"7̝M]{a 6x$w/3w'k,}YG RNKz_1ľb; _PW4:ˌQ]4U .u^ez0GFkI8A q2Z.~ȫ{4<~u!Ԟ+MOWf\J2޺'-1# ~Q;7kG1 OkqI`/ws:]EUlQq#YLFfڴUP\W+6p.gW|:D*7=G {grٲ!Nyؓ]!E_pjqC v;)c=rY f'ID  I()a)DUE徹y}#߁;A炛n !L24v}tL(1$ ipI1d^9..8u+mL熓7sL"n!-` = X"AKFxkp(~I iި\VCba3"ێ_ \H.Vxk.V|T ,[{ LE*qWY]G5,H|o8&Y\P ζ|O>bWd*.oiT ," 54v,f @xB$JǸ?tO7ZS`.D rN-@?t(X_ѵ@hXDcp&GuCU `[v{!1ogQŔFr `tMt&n.+sBduÆ7 ,G\El)~` '4d,( \jJd1ؿ5O.Ķ_m"ggkK]ኊ:09v},0}6hKi0XZ`O!tvA`o j1_kE#r1'<Èz3F}7?%BD D$7.>&g>@=\qb~#_[5cfgmzk75ڌ*BjGڽU&8"X`ŎT׃Πk{֐4(1bp% 4xk̍Mz :"&MFT"ofc>Pp;-J+YLRH䒸=W!obF3;&?1bJr/#/l:p5aT: om#dњ6dx#Ӧ)x'_tŸ{X4Cp@B CW,>D24)Vґax!@2EZФa 1}5FҢBs_*kx\x8+G6~^54j/4A|VNan|-[_\G( rp! KR}沈.EzD(*,ۛۨA13^׶4j&I0ve z)F=ۻ3ROn?v wiO e4pwg8mv3!)uumU"eh~?MGreQz9np`怭:b qv`/F#Z]o?"Nq ki5'1SxYk wTPB=ڪ)ΠoWƖ\\_S $tr.SxbB.hvNgN/\[%s mLߧEDAV M9Fq_{` ,qu!u4oA]΁D0c5$C$IDFJ0g- aʈ|Xl=*t z0{sRƏBF*]sPWFfqDJU'paZhH.k>!px,{ػIjIfNGi">2U񌥀.ڍb?C4fyx |A_;Y %0 /LqªaKPx y3U 1ױ ʱPSE (0Nv!|cb"^FVI\ ~{xYeҖ<qDҳ\Q?۱:aIj[]W9HU)$.M91uLFᗭ!Y7n>M $;<*-uN}=#nჴuw^b=LlBtc7Niҁ$W$o6ү23l|~42 zb{#e)K!­BZIR^TvfEvM¢lxNv=ۉLWt>Fp*OXKklŖROEZoqקu uX3ɉCŦ], *nNUzxoO fqLHbpڠaQWG, 0^՚ J.#G@Z}_ݬ5p;Z.XVvש H3Ɓ͔Or5M|Y)1\t??Ba\*n`%0a@(]  ݳq dZQ[> s˭eZ'@hQ\w LH9nz?lƱ v|04=*@Y7$O1䬼v?q}߶`Ĥ+"ӻs[Jb17ʚTwotL8!m%j'\O4") =ر2a|_I/ǒ2Kفz@]݃$=8T#09^ c,Jɯim vM`P$QC?DܚjJ2o۷Q[&tw~AcL"gyEQ8{f2:Ĉ31m^[4}å:nJs:m%Iês˕OIMsC`a[oXݍ 0MļqPˑi #eC&,93=yӄSc/-?]rsY2pݤCCbı@aɔg!wKRaVPh]blRΓ٪?> i g[$ gpms-"KKJP݌u".QVC6_Ւ (Jlɚ?dۏĺ4?}o߸D?#KDRgTdbd~-€re?e&*+nŕk*Kpۿ[0nwgȤslaDifi. u|QR\ݠ1P~iY}N"($⋔Ucp<92g`L:I=LF`$Crf]䗄*a-Mvߠ9Uj(;ZrEԘ `6@9I9<| n:WF!:nˌ1`cKYupKqL!#ʹTUʘJcD`Ni}۶CYgE\r3p&K`:ze;Q_vm4#"j; K(񦶖%2ʆNagy"NRS4K)I}dђ?,.xy 3dzxҼH{ F6oi>*O԰s!{R̮ 欄V8=Au:@BYWNzeQ|Md5@A9]WI||0/o3C^jXod,UѸj#uK= J4pؑr!h㲕) >m4t6mDl]TٻS;);y[X 3HBVU*3O"®G2V!8yj :N$Zǰ')o64 oyBWx?ϓ brz%D3!H B@mbŹNXJK6).ӏuTm'֍*3*]'a@yI*ִanӃn9B}Z3lz O+=qx! =@WBי#.Ԝ@UG2"L/h,͵yfU/zX$^Z)EsӂrG]Ŝ8tVRu.( ``*"ClB3J(zhN _d :єÂckRgkAJ%GvHm os>W 1 *m]7 <]cs:n~AR`&5ߕm Gt#|O"fry_&3`:T9%&Jy5rE{@NirBnY~uP & 6hSr x7К$ z`$M_ LVStkJe݇sdp'[w~+|bg;bʾ0*DF{⭎aK>7FZg(@XT˜rnMk\ikNS+OgtJiiU*+U ۊUHtB^g](ˈn.} KC܋Mlj tF*d*&@I{6S# M)g!3 !Lr-{Ƒ;bLJͶLh5j<9)M0xZ 9M!bG eڀ,ޛ%NUY~J%,Qeݜ~rXCE-\V):3=Zx߆&1u WU݂9Рs7] Kы#_d_#Jêʰ8I«`ܴ&Sαsp|,̾&N|A#ǭ4vlG)'/ `մTZ{.[fA->Az:𷞚 O←;gQ?HDk}++R0p?X7T 3__g}Ҁ?6UDl?TTz2фr+{iL>?}4 ^2tRmn7# 8*@zoc;6Ӵ%BNdB_zSSJAVR ,Ds/>{}cdP0N\hiY;%, CŰ xnw@yNfevxj`Tەؘ"{@nM" ܑ4 `}9)hj?f3/1KwS!xR%4赿RUP /?9sfѲi7F BR,)f3*j\U+ _8դOMߩ!|=|p1';div;ceT1e 3H=(k&gCgJ=n5ד~ڢ VHT :AC)WQ]4%*'F?ߛz[%:_ ȶU˨XV5S C챫 !06@cߛ9Fe ،aHW}`aQjd0 9J /O\, gR\s`E||4p MIP[q%J ,,t(kT4.,%J]>2y~Oc!q@L䣶9DrCfGhV 2+SB+ Oޚ}`]_BV3 ?|)(^GtkZUͶfwrjKc&ށX2ZJ`&H|QALx zrO5Xȗtf kHMIplPWg2/Gc `_2 sҠ&U)ƃAT@,6ӽ3y_Yrc$v?1/=AV:bD>.,7?GʪH :&VQmmz}Fyl!!P&2V7.!y^|Mz:1 ?Й[WJJl{q+Mq{9h}?ƈLnq;ah&#[R ys:+ Ȩٛ+Mw_EotSt\ Rb [{nCݴti'A_j{SUo_$((bBOؽOv[c l&G;BCVw1qҹ%j ~%X(wV b?=Qbd: c0ƴzfCtzBr1G^U*KA%*s ID}ai ץҪX|b뼛Wh#*ruP1Mg8𼴥 z+{H*V("Տ'7`o1m~ 1Hbyj2(a7vx^Q.!g!bmp4%!HmekL\fUs>W{Ď+}\Xusiq5sr/R[W f4.J*0CZׅw6ㄛL *\C!y,~>p 濈 xbk8pjƊaɣTFMWWmO4cdWc=>>A?"_-x@1.ʢѕOny|xBC;opl]0s}p)B+Vn{[3GֱL>d]_3q3-C=DXzQ$SO~mO0wK1۠>-a/hh"ܘѱݢb0 ֔۬>h*hsFHKo) ֻ%;+tNm33@@FC20ړstN*#Ю<Ȼ*m1%t&J;`W.kUTtGVx^L|t`eK}q,gkWɱZ]HG~o\leau&uHfbp:Sd nXj蓇*`о}:Mgf'pm\o*); [ EAyJS s!N#@ߓ4Òslj5'`bOBbgeC3"դnr71^/s)fIS{2{w>ֵs۾Dljv DUdb]23r"KsU芭|# %KMUhz<ȿePsb#;!4DYPADnA UPwՒ) [ _> z4W Dfvn dj/KqO#%I$y>=_T|29<ɖ.R}Xf ?6-v=ƼEҙ^A#jot{$PkŪ'մW۶쪜vŐ,W& #!UʞIP!❵d%ɓ;#v0R(hF*5VH3<=g-Kђ{llUZ?:ЬfCŹ_t]l>_'D0tuVbq\JT #{) |Etanm0ۨCϑPԺ!mLs b\kAMp*/d(iII@/R(RnXfD`"Gt_ݴޥy'}M 9T7D[PPM`OM[ӴK\-,/e_tb =D.ܑa]fY&1+w-ºa}A2SbL l~Jݨ|4Ա H ^鑵Z Kѐ-N搅ʎQ(8~0LZMAt335;hb *6dET;-҂ M}mٲ}^`"FB"o_M=i=Q;P#KjxѰH`;7 {h6Xf+ȐUI)&3X}zeR"bm@]LqB\d;y ˖˘:Ş8ϖirn/2 >3, $#_PӈD5L^> &A1j9 l;R|!NΤ~!V6PRxԂV6[Ih|riZf? aWa*vT_G,nslGFIevuʷ٠ 1AF*S ]Ɉ\^u%R6J˃M[j*Y-ϔS-l\L`^s{ھGֻ1 4]+[UZsb+5Bʮ#7V @EiZ>+iVz"#RϞA/2"cgye" k yT&>ޙ`CA2`B.~#jxtЧCΥ/?d%1'7WQ!e?fתvKן)ۇnۮC|$Kbۡ%G]K >zN0ouz7u#G cd. I) Nb>5@MԀ8C}mGrh_MG 1c.6*BZCK5GhAiHᐡQPUՎIO\i-(EskW0?!;?pcrE- #gfۈx0X ]Á[Np'-iv%ڶPDsTLsVDԖAFí²5qUmI, *ɺ x|o]F<w޲!t7G@uȧ挺O}4؂>pe+iU "Gܓxdo>3HyfKñP6XRT%7gGAƢEȱ?q]G l:pF1cvW3-x86IΑCBW4a-}w> Yf3DU'$v# t E0F-w^W4eĭd_Ev aTll̕QM[4OxEW$]qse*>?CօNo#_8zbR"AyŴQIߪt%"AoͪȺ =Ϳ]5FSQB?X4xC C:@p5W 6j_9j(IZQVn?W2\ٱ**8Ӹs#^*ˊ9S :&k>HvgJ_45R+TZPGФkw7v5PwA7yZDxVTцJ }ܾx6ZU9'FG4"ar{|I??ZX#r:㡚qKa HXPÖvd˥AuR8A"Ś>KIqMp9k$Yځ neIsm ,}*"kx⯞La#¢ E/N99<檨DڬN9nP3*{mOhq.%)SD.l4=r-6.ӕU湫۰@yrcgo$ h%IGM,R.4(G ~E}7<1HW*/Y|Iք (TOܖ¬'!wx)+E:XVHF ,\.G$m>;Am6XS~X'mj`0^PNJզt &"aV,a#؂'^tu)Ҽ -$ǨVVwXISgs+RJJ)[ ŃI+;a6vc&*Dl&WOLT-< JLw];SSbw5gxŦ,}nNN`G98Q{b8g JizngyJ8Aia 4%ErΧ%7 3{mc_jKG#P=[!or34(RDzܧ5_|GEҼ ;CMɘt@} ^~C#@x m\yb4xHtԕN8BJ_'s#y5Mv <&12!TiS okt̎E)j%t O7<%5EMVVUǺDwρ_6 vny3YYLR[c.z!u8\)"j1ZQVI'cIp4QvSSAvvbQ91Z>(P{|k0`'|wke.@8i؇#9,u| -܄FDo>GCE"gg6b)Q&:%anʼxp;+_ Z-A;BW8'DSIaq<:[jŃP#ne*`RN;oa7H۱k5A?uh W23ͺc/R8$;ȔWF26Cޜ߶DJI J?cLG~#NFFde,S.6U,B =-1vX"^)铓gE!6 Үa"xN@'L(K5]i*|B'D-*o;EwU3/>zt'0 HS+jCϝ7yf;%ɯe@mY E ^ VkBϪ& XͱH6C 0r^@"μBE*!4oM) 0VhLOZ.:݃bfCjhrO2Qtq8s ќ)Eĥe 0n@į_7RT"=0hG1T|q6hbN.X{u[DF -W<wd7Ꞔɕk4)z o#A T?_5Jm{6W*n Ir*-Rj]mpZ3odTbFK|OmMFo,uk(?QU DW\~t.D'0[[; u-r~#e-b B.ۜODv1 $.̼=GPP'~ _ 8(!S yVl5^.N907,~6h3ۏZO׻X>y^'FiY!:6#,TzђlڙxZE0ĤD;-;žQ]9¢ry_ʑq8YiA^ѱEi'7I?{ɕ;+UrCrxI"rv`Ds]&i<=}T3Ut=٥ʜdƍHɼxNcv/3#ő. 챻Q T^b"CƖ* oG75f ,-Aa_{/ !)|m/e]j4 $-:Wح'Ť-m:Tj3Ә/ԘJb___Z@f> dnPV1ۤ%kS& 73],ঠBH +*~;Ou_Z@t^(t4; =y&OEa:o?=`s-u!X{۟XimĆkC$Jb횃2rGMg\ ;g S>)2{ _Vxqp=}~ WԃD\ w8ǯ{@BJUNCzF )le1dHb1NE[|3㪫rLD!(.R I8 f[EA/{~}PEp`"z-/5)(~ա~JAVj؟*d*7\xQLQO̗UOC+` wQ#5*8M/AùҁZFB\ @r6GIwY_ I/ex{ꧼ[K'}\NIQDLYP$f ~ $hGqYi>Zz4rQyL9MWT{9j }eYN16jkSJ ]3=PKw.ڲ+Aq 0U*nGЂ*>&u{y_"QOI3x_9{$FBEd7L4p,ah3c]|p@np~‹!GpFa ݧE+k9zcXE3jܘ*ٶ $RX_hν?f ZKW-m k1wK|>Mqdd.4*eljմk %wo%@8ov䖭bYm۷~g $3NeKFzb}k3%v}J-'?#k7@>9sZ 5`:޵xT2}ӌ:iWQr-[O6֏k\t9=S[SY+ EҸ͡l}襲&ZԐiywfqp7 U(PH0Xsz,+:vjbÚV#%'tqQJZII@=\VS O*05#j]بFqHi cѺWڛV'轸S]-f#&*6۝Hņ$~KeQom, ܀ez`}E2`7hd% N-mcx=UnE *#AUV[[f\"6f_G뗷yD! Ն"MW&Tg(|3Ұ+Bүd,N Pl Tn4>d@E@e*ƓC{ÙH8"yM2jkG#zrZ"?`f13eE7Ȧ7w6?hewr^g|²ї8+k?}'A Xymy\Q2'"$<}/SR}|~%&{a6+9>3Y!$SAQFNBkeo#!K13rL.lx8'z$j>MqPb:-Ɨ-P"EӃ __ O 3E!(&C~\:eHe fT&uVd=v9Y~z4LI9xLbROx+R-Uڡ{'&鍨e. -Ϸa4MhZh_"}62qbAeoS\ r]<7L+ǎB ʚ X[k2VߏoZPL1u6tRq-݅䱗h4zZMu=_*Bɀ!'u_\ԾQ%c_ꠔ$hs;a;f{mAS>RH/IJj ]PX~h7%U)Qeִ̔dؽ먕 ^.:v`g?&rȧޠgo7I2JeRj7k}j eymEe^p 2\7ֲSa2Rېow.I'&Ԁ+",ao38=Rґ!-dɛNƗ Lot`+kpd*h!GMVXM;ί(x-)^UmOy&31>4񮠬ߗȽŤۙD$Ux,_/;^tZR|9gY؈oGBFw]3TB =&}6!Gy !.BIz~Wmn E2؍6E)uѻK|2QIZim~Z{-H҄^Kx:08aD[^oVhKl)N-Z"S!-ǚ88Pӆ֘`~\@K;!5w t㰅 0R~`2?Ry#2Ll 4CZH˝!%ճX (RdO>N=Q#5iDŽ*xYP@͛y[=S鏢eﵗMg*ѧ _dȃuq~ko$gB]zş91jK<4}l?.NjmH0?Qȉb9q6?vH=]G "#Q\mNm"꾂ts"RwSX3aʞ%nSUD焤,7ǿm4م7QsړeS\ qX"ͷ {1s&[Ž[24Ny\h8|).\ 薨Q"p>&&ުlψ; Gdf0Zӯg9f__2Զ䎈BfO[#HDI@?'ZS<81XQR8 B&b3AbF_Ĥ4>[&JKY 8, Ժ_9Om p* dS+m:Xf2a߬^|*Zʅ9q_)ֆ|s#('TbO×:hU~c$4@7@mBR`J+N/x?[fuP9F¡[%B0.W$4(Aoŋ&wR1oڱg~Ow(/v_~ 4x&a^ Dd`P3I]Ɯg\[k:! ki#.OШq45$-Hhy{o١9=w4622Î9h;@.*a,]؇6^Z!)yuf󋡾3T6_߰ oA^uU3 !-`"Pδ֛t#')hJ(03i>1 uk x| 3览>⧚YպYVw(Շ%˼P {**͊49րbT8䱅RGs_ 8i*K.q1NPY5GU}c/cqh0j- UIJs01)8SiRBAQ[SFDiȸP3SHK"݋Dɤe3F&\ger97/q佇'8>y(h2/I ϓ޳&qYx9mw;x>V4j:CSLcj p@Ƙw9a9 /o-("( Pԡ@d}C`;Pyq'K1p'Lg APAōBڎ#} :(T |Ujݔ sv_!D3` 'gqLG&JJ IgG-yfltw"f3UU1x*غj!}T|bcjŅ z҅8upG/R<^UvsD3!j# +B,Qa] TvP^qj$V$ׇZ{ a6%:zj!C #nWS6`{;lW#qm yR+90ب ,1\)J( O0\PcyniIx_Ұ#l&'d d$as 8 LpMˢs|_c8?_W!*ͤ0x}ģͰ-X E!ŒoCp^GS4]1Ρ/0кH܁+9Z߮ls[*am"Kjn@|hƊ+1(2X) +!L|TlhMhO?||l-mk~X2ؕ=m7Q0L_h@Ee>e6TypY8~- VIBxNqZAAHV8Ĭ1wrm[58?W`-싮l#hYVҗV _~1[ݾEFGG! `+&-7M?GjѨ䇫yorlp Ȕ֊{%_ӋPD0U CX\k0¦a2+ ^JA?S`ɓvR/KǥY,ǫv"DVQ`3= " v@f1)ѱD)Q=*Se;)2H@_H|lY9ٛ]U ul!p7M3,Oj@mn+q3+#\Ŧs,mE_?wqfvёxp[+57LT'4ʹk{A^0 =6a (V!hwj,?QLPMtc=DG䮭@ ό#PNS7_:gx+oiLi豷D/Tˑ9- 8kUL4eF)HB/(͛:L.~M+WI7[3\TIVїY:(-C.&ma/ܼD. M<> @63wS;+ gΚ" GI/ djխXEP._a~`Yl{h|Ԫҟq^ AA ҡb';!:CQyi$,1i#Bv0 \qu@H 1Z1,@v鲑KAwc'EΠYt)}㩔X|_pрxYT;$a Fl*!Cy/ HYB7ֆԢ 3 ᩓE@Of]:h[ŀ$eN0-%jOszr6$n.vo#,y|n01Y/E_qyptרc+c}Q]oTV UήM5k{?EÖXf2p] 9@ 9L*dԮ}0En: rm9A%q~# 7W(5KwX w5MAdE\( Ǣщ.$,Eg})EџWю# Q{NiHFʝal3Q6d򷽘q**&52BpfKdlEnjN_7 4P =vS/8*AD! 1o:X"Sb&M/)VwcR ;vaO ] kLq'm8,;"^"~V+'+ %AJzdc'pA1@Aoҳ S/snd87NTvWIb[[{GW4HDJmmFhKF H]ĸ9K,'2<'Q͝tφYk5a'K2sAx4{ڭU?0^.U 5Dߑ$Q0fLHzMU=3NsSjcy~ǹ9|sMKQIi݁|C(6`i(f2*>IU,s!&ʶdz!ly߽UwxehjBT-A;wЃ#1C(y$a _bBSeU}e\Si3iڬX%~F6^NlP/y7ވK0IxKXr'bF;C_V~ifxd1;t?yGM/HI:v(iFkDhs-nm,h.HXˬ_"y?to3uǴI d1N?xD4ׅ :l'Z 17>cpܴ'xbw C(@¤2,f-ȣعioH3fh. 6a^67C7uwˀ&ŜT¥4:κ\AcV_4Z2͹#4faSĆ tDtj, QI[ENrwoe&)dDjID\Ӎ0HFrwGmy9:Íɉʝ&61y'EnJc!^d jk˟ϼ;ˋi>!%.j>vg* \M f hVSۥs.ⓕfTU>/`C'"拉 M"CJ֪d5F gNž!X]<}%NfngEV*誫6vn'0,PWy؝_ҦW jZHO ˲UQ0zGɼVVj=S6]HE!ɏMƘ0G1M ueC{寮5Q,D^ڣ& O 4_p{:z=mp6q!:!U3 n-i`8Tt9\9CpCWQh}fqw^t>ixX! 5ͪ%'d]O?_N tc+:=mߊ mb*T;HZas4.TOZ.r"Z91* )aЮ v {4+v Hfl[8\_؝["FMq)˪ά2P #w CFث 2w_xU ] tn6Lkc2^CymӘNAPlb¯7{-˄)?|eva0FW nġڎFmjs/- j{GN4#לn4^i0z2s;jմ&]61ģX?# [w&ƃAi*-w< );gfĊ`|cX]sSЯT++pcEr~cXϞnpGg{ѳ|hX56ˋq@Vy⸼Ã#m$pmM0@'(gsOt; %C9 񙬐,!R/ sٛg^ E'5Yc{eѹۚ&qV_< RӜ]bf-u %͢#I"y"QӈX TQJ{@Tbv%UL_|s2RMSpXZD% +f CSII+y{";4}m(O|#s窨GDp_Mz]Uj2YY0Ng[~rɉFy&l?u9Ox~28"5|6L;sp""48MTiѐ˦rX?_Ru@8q$lHfh1PӎX[tgVƁzÃc>ZkkzOȖ&1ABjMkw /?kL9oiLGC { ]I x_n2wƶ/גGN+L2)Hm{]>GG,t{@lEÖM&`!OT +% CK@%92 $(ihMv4bN;D0$'8 pt h9Ct*W{R,\`9K0\b\tx,]FωD sD|PC!c[Wͼ[AIEpZ<d!ml9E$ tfSɑźѪE\J3xɛ5AkrȲzpH`>?N[[B6fir •aLt= 2t[S?_4o_=t]:qCѹzV¥T=^6j W~Ht"6>.dy?[Hm,l^h̙W]5-^(xXL59{Q7d}(H,%dK 7ٚ8!Vk1~hܒ[G,A{JY޵J@HC-v6!*~87bQ|$h/iX I0 Q?2My4W j S{y-W(JS`{AjE?„@LEaoL|˔7ܚ\}+$bg}@H)5Y lue l 9RjJˏٵ$GQqDs:P+gb|[k*~&\ʼncB.M϶JMD ז+׿նMipu"])ۯ(N+۳ʋ\ wcZY|Y%!`*i7(r٤,Bk &<6yyyM6 A(E7vy"ձŞtg6MQ'F]{1ߑO\TPAG w6höus } } 95{'kc+2cUb{V=Rج=oNQ;+`8 [$#$vsffѧ#\XQB!P[Fig/!*8]O9=撷8>"/TC`)^[t^Df(PlTdu@=]|,Sn')wg&zwrO?sAST1Byz{$ #|8ү> _*:=ԇٔJ8b>h8F,ǔV:T^۲Aĩ;1WͿYfX3\QsQ\=6v]}|Mt9(^rE5 ^ĎQp.NHT792bk}r^y )>k-ϱ7 A%ԇrFM,ӷfM{o"V x$FBWG#Q'DVPgs[qܾJċoU#@ cKkގƗY^gzWgF(b2WH =-25p:PV@_9-JF'jتZ% %op¯FA7Unx5%.GKsя MY[9]&֓8 II&6 8ց)F}=}2Cd׌VOT9 :G8FVbX| %wʉ_TKDbgVPT6{Ə5 =!da/Ydj+ [:OLU3<#HVjគBAɷّ+^8(L42X Έe5[?5Ot=Y{I׸hncU{+t%8OjQ9Δo5@>Mrk&- 5]dwNI\APT,yNievH, IٮyҪ4E%`Sr%m"VEwnђr?{QzCPP|\_6JQ+ .W_(dX0N7*qp?BIfȸRq7|6m{^k;~ m2A'Rtbgsy7v!~_Եn1 "`4QG!w \^%OP4WsLVW pAu'R=ّINM[b8sSXT ! ?oBrd<0TR-i1Is0AN]4YwY4Aܧ~> +.(87FzδZK.-C4MBC;|J7:XkIFw‰U}2$YgπQgږ_UDoQJ?Ay(X:ΤHRA(b+!W{܉RVDһ;Oc5%2ÖF[?t]SMGB ;5]N؀ܖOt@÷+0EJ,v"c{;D0^=e4JL#J΀13h!$uI噷X(*6ЭgFP8e!Ғl"+qTӕ¹"ǯ7OU8m0|nOݷvZMk1(g۞e7դ"gѿSO͆A06uP^ICn27j߼M08PCYpoi3La"3[Hτ#h7\Rw` 48  =Hˮ~g:fJΖw4pE{O[d`[b6 C lQ܍wT3j'@IcpR^1Z"ߟ/ wŏIyVzKXpz6,7-+W"z=/_ʝ0y߂E:pޣryLi8xj,/e}u٦a70YMbP$彲9BQ+[ E2pFپ> !=S ςCjFؐURJD>g".y;Q_q z*VSݐ0hc[\ Q1Op_ a>aB (ݺo ;uu#\Pa-UAmS ~Zh磃oiD\[y|E+V 6sv{L*&VzMlI&ʏ]އ;o0HZn@FefRpz;wSIx`ԍA1d Mw; TM)Q&ia)2a!9#䇝 ,wtp<]5Td_<:3{&N傤?EY2.~w5)4U5r?COcs3pdz'Z.C0 0h.2G(%dhǎJcǠw pɟ;5xa,Vnz~i~^͌0 xĘe5=<BP3biQb=4 #JayS(%0[s4#&ΛFBhA. V]]uЊ$K*-a|q2b[*oӅ}0Q"`(lҔ0Bd4ɮ^v hՋV^ Rbwdߍ0n 25쿭o4;=}i6zWKC gDt4뫳m&FսeՊבcIPy28鷉4 kfMPU}`DvHM0&0RJNf%ZVa8uDl- _s_ĪT)DصsgT^|Vk#V\26W72QL<g P=YH~x8HC!5<Wr66uq40OB0 7w|U/NPD|\@X5l`~ڏ9빰F. %zQh &+0my[Ϥq2$Yɶ QЃz#oefX4\eH!jًGz%W&(l1MV\5Jѝ"/ 6DDi"ky&4{OK MbÕm03V) ȐUmFYd&Cq$_7Od+gIPGT1f&T[@Iy3%}[9[udSX)7q0>/w=ʃƓ[6MzwMڡ|Tu׵of Rs w@2&fyĬ7M8pRgTTC\V`sg\uAUx@f`E:ompp8 ބ`H~83Y- (dɹbH*%mNp(+WYzuZ³7hb; "ǣP~Y.e&7XSʢY6,bؠY,}^Ε֐6pFi7ZLf7 ̨rCCǩ >{/k_:)a:@o{w7]`E&z9Y A ))sA؉'؝HqpGИT9t$QVU2-͡ F9GdVvpOAĝip2<: =LxP[$fk7S6M^kD]cRac.kr܌qڂCεz1XEW [^ qGLxVcVw"ȌG_Qz?3ӝvySH3K?n%>M8]@BǼF5Hn=d Gh*YdߛUX3Y[8袷Ag%Ao5 zK6a\ɞlAeg7.%-̃_^3 K$rS C VF&@ӪX U#yhF7PuR a?y.lFe*  XS99%bhXPEY8$ 7UAPrx`MdЬx}غ3fcw56 GXǃZP?a?jkDEȇZr(ׂuD&[Oq)58aYCa@[dQl䦝Fd>|ǼQ$̐eĜ+R :' rPדPj xN*Qz\ڐ[0Q;1 g T38֦rm3Z4MqPAbx@B2&^gQc珃. |*#UWI8<eIaZ55VB D<̰f\Ydd0%I&R2 &Wt9q\²]>T҆0C7i?g5gSE8ÔP/5f$P"܌(!6~ YZ