sssd-client-2.7.3-4.el8 >  A cU]vC̤- ՐlqZf [B3"q! 2\&6S454igP&gCheAN-\X/>GO^xEI71Uzx"s͝v4QC`CzGI*{IʝQ*Q] 0J ĭT7Q6/SNJDޏѲ4"w-_:*ofQbnC+֠'{#;ԛ,UxUu =.JZo5,8NFZLrlqKxnQLR "16SWï֯/!elt̒3!CsH:,1̣ʼu^Ju U$e.R uH$}DNj2Y28L0kEyĘ3TU͏h3gn(ϡp}1to;L' B@`]e53482ab60ec505edd4286e3cbf58ec69d82e08c918ff4fda447c46b1da3870db02997445045ca7f3c92e0758ad739f7bc39cabfbcU]8eg}>$ݲ <2I?ؗ*Sf>/xSf!"VUynΔL4|]7 xo93+Цs ge;v]? ::}e!+  a"H>.x̏;\F^bӮ$s<#F&/:LXs)hKo\e:?I̵$Wk`*l[R#;}7~Oĥ$0hme׶/8GBg J4wWʷ@DU3)AiOG{e3 &@36q^n8_b^94ֽnI,?_NӅ!+5p>pA? d  @ !',0.. D. . X.  .  <. . ..**:*(894:l>U?]@eGt.H,.I.X(Y@\\.].^bd$e)f,l.tD.u.vw.xt.y,dCsssd-client2.7.34.el8SSSD Client libraries for NSS and PAMProvides the libraries needed by the PAM and NSS stacks to connect to the SSSD service.cApplications/Systemhttps://github.com/SSSD/sssdlinuxi686/sbin/ldconfig /usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin /usr/lib/cifs-utils/cifs_idmap_sss.so 20if [ $1 -eq 0 ] ; then /usr/sbin/alternatives --remove cifs-idmap-plugin /usr/lib/cifs-utils/cifs_idmap_sss.so fi'+0>##<D-_=O~|K < '{ Z 0 AAAAAAAAAAAAA큤cc)c)c)c)c)c)c)c)c)c)c)c)c)c)c)c)c)cccccccccccc)bºbºcccccccccccccce0665aaabfd923e4dc47fd1c75ee50b643b1605b9b4b54134f395bc4d3ddc3df90fe79918f74d8cb2b99eda92bb421227d21258ddfad25706676f5f533f6ee1694aefe2ac0be5236666f0241beb2b0d024ee885dcee9650a61cc7b6f1bef8633407246963a090932f760aae7b4bd4bb6d8c0bc030084754769c442b999e6860d91ec467e8548b9481c42a733be81dd709e29924c70eaa8d92ca7ba5e52dd2e83433cee44ac28e8b4c21ce45286735407f63bdb7018f9f787dc08007c91ee091a6e21d19c9831c48b8e014a5eaf2415b47789e828d3ccdd23ee94a088be98aa9dd304b625cfb24f6d4ca7fd46bf8f9f13243f984b8304ad085c1315a38ca103038ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b9036c57f43c939054fd4b831f271a14c97a488c38f98cdda5e887c5d396e3b3bc58c866a8928375ee83507f00f5d134895628a3d5b5f8ba1fb7cbd116591b26d5057058a44741067b6307ef7c88eb4a372dc8769be7f9dd446c0cd15d0fb540f4e339b3ae96b03ccc83bf9aaa9d88d5cc0beebd3ea8d3b6ddce47a74c299a99113abefa0e308423dea84c636bd01a806c7f0cb66888ad5cb12d8890007992dc77c050d06ac93ec435e796643a2b73073de16e357355f565713e85f88a4874c11ee7785bc0a5bcfb85f12ed851f4ebdd9a1aa70dfdd8cfd6fdfa6c6097eacc98df212093c303a79cbb638f4931d49f8353f533893323ad096ef6c5e9196119a3e2a7794c90438313f4c5f2380af25fa21622f3853291953cd2ea516e91612befc2eaf7f86bff9c822ed009c623b0df611e1b984fc78d8ede6eb1f5e6c2b4d2fdf38450bba3774bb12e7ce8515afafd7d088f0066c7813f68cea73846bb62b8cd091af9f3252344d3f6a874e7768ba6a1c8620616dc319c2b929d0303dce6df596ba2a8f3907738ff233ed62044dce3784613d75bb9463517f6fdfb05af57f120a7cb2b4df75d1fe9fb3e07e2e8da2beff6bdf1c248b9f5cd2044b25826193a5fa790796ece3183c9e11e6551b2af7739045851bdda009a6b6f7c363614563213a095../../../../usr/lib/security/pam_sss.so../../../../usr/lib/security/pam_sss_gss.so../../../../usr/lib/cifs-utils/cifs_idmap_sss.so../../../../usr/lib/sssd/modules/sssd_krb5_localauth_plugin.so../../../../usr/lib/libnss_sss.so.2../../../../usr/lib/libsubid_sss.so../../../../usr/lib/krb5/plugins/authdata/sssd_pac_plugin.so../../../../usr/lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootsssd-2.7.3-4.el8.src.rpmlibnss_sss.so.2libnss_sss.so.2(EXPORTED)libsubid_sss.solibsubid_sss.so(EXPORTED)sssd-clientsssd-client(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@@@    @/bin/sh/bin/sh/sbin/ldconfig/sbin/ldconfig/sbin/ldconfig/usr/sbin/alternatives/usr/sbin/alternativeslibc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.28)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libcom_err.so.2libgssapi_krb5.so.2libgssapi_krb5.so.2(gssapi_krb5_2_MIT)libk5crypto.so.3libkrb5.so.3libkrb5.so.3(krb5_3_MIT)libpam.so.0libpam.so.0(LIBPAM_1.0)libpam.so.0(LIBPAM_EXTENSION_1.0)libpam.so.0(LIBPAM_MODUTIL_1.0)libpthread.so.0libsss_idmaplibsss_idmap.so.0libsss_idmap.so.0(SSS_IDMAP_0.4)libsss_nss_idmaplibsss_nss_idmap.so.0libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.0.1)libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.5.0)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.7.3-4.el82.7.3-4.el83.0.4-14.6.0-14.0-15.2-14.14.3cc@bbγba@baZ@a6aɪa@aKa@`.`@`[` @`&m`@`x@__@_@_#___[@_?@_-B@_@_@^@^@^^(@^oj@^ku^Y^S^J@^C^0"@^0"@^0"@^@^@^@]f@]f@] @] @]+]]Y]Y]|@]o@]k]k]Y=]Y=]Y=]Y=]Y=]M`@]M`@]M`@]D%]D%]D%]9]9]]]@]@\\`@\]o@\\\\\\\@\>@\>@\>@\\\\l@[Ѱ@[^[[ā@[ā@[ā@[;@[;@[;@[;@[;@[[@[@[@[@[@[t[#@[#@[@[@[qr[;e@["XZZ&Zw@Z Z$Zz@ZyZiZiZWQZWQZ%8Z@Z@YZ@Y@YYzYKYyYw2YRHYRHY@X-XX~@XO@X}@X@XX6@XWXOXXWW@WWW@WWv[@Wi,@W5W@W@V3VVVvV%@VqR@VO @V<@V/g@V$@V @V @UpU|@U4@UUUU@UzUzUzUL@UL@U.RU@TTT@T~T8TܕT@T@TTTq@T@T@Tp@TA@TuTto@TG@TD@TT @S0SS@S.SP@S @Sg@SrS!@SkqSkqSG@SFSCS!SSRRpRpR^R[RSRNREs@RD!R@R@RNQB@Q@QQQکQQQo@Q)@Q@QQ@Q@QbQbQV@Q'@QQQQnQZ@QU@Q0@QQQ@Q@QQ @QQh@PP@P@P@Pz@Pz@PqnPl(PaPaPS@PH@PDPM>M2@MMzMx@Mj - 2.7.3-4Alexey Tikhonov - 2.7.3-3Alexey Tikhonov - 2.7.3-2Alexey Tikhonov - 2.7.3-1Alexey Tikhonov - 2.7.2-1Alexey Tikhonov - 2.7.0-2Alexey Tikhonov - 2.6.2-3Alexey Tikhonov - 2.6.2-2Alexey Tikhonov - 2.6.2-1Alexey Tikhonov - 2.6.1-2Alexey Tikhonov - 2.6.1-1Alexey Tikhonov - 2.5.2-2Alexey Tikhonov - 2.5.2-1Alexey Tikhonov - 2.5.1-2Alexey Tikhonov - 2.5.1-1Alexey Tikhonov - 2.5.0-1Alexey Tikhonov - 2.4.0-8Alexey Tikhonov - 2.4.0-7Alexey Tikhonov - 2.4.0-6Alexey Tikhonov - 2.4.0-5Alexey Tikhonov - 2.4.0-4Alexey Tikhonov - 2.4.0-3Alexey Tikhonov - 2.4.0-2Alexey Tikhonov - 2.4.0-1Alexey Tikhonov - 2.3.0-9Alexey Tikhonov - 2.3.0-8Alexey Tikhonov - 2.3.0-7Alexey Tikhonov - 2.3.0-6Alexey Tikhonov - 2.3.0-5Alexey Tikhonov - 2.3.0-4Alexey Tikhonov - 2.3.0-3Alexey Tikhonov - 2.3.0-2Alexey Tikhonov - 2.3.0-1Alexey Tikhonov - 2.2.3-19Alexey Tikhonov - 2.2.3-19Michal Židek - 2.2.3-18Alexey Tikhonov - 2.2.3-17Alexey Tikhonov - 2.2.3-16Michal Židek - 2.2.3-15Michal Židek - 2.2.3-14Michal Židek - 2.2.3-13Michal Židek - 2.2.3-12Michal Židek - 2.2.3-11Michal Židek - 2.2.3-10Michal Židek - 2.2.3-9Michal Židek - 2.2.3-8Michal Židek - 2.2.3-7Michal Židek - 2.2.3-6Michal Židek - 2.2.3-5Michal Židek - 2.2.3-4Michal Židek - 2.2.3-3Michal Židek - 2.2.3-2Michal Židek - 2.2.3-1Michal Židek - 2.2.2-1Michal Židek - 2.2.0-19Michal Židek - 2.2.0-18Michal Židek - 2.2.0-17Michal Židek - 2.2.0-16Michal Židek - 2.2.0-15Michal Židek - 2.2.0-14Michal Židek - 2.2.0-13Michal Židek - 2.2.0-12Michal Židek - 2.2.0-11Michal Židek - 2.2.0-10Michal Židek - 2.2.0-9Michal Židek - 2.2.0-8Michal Židek - 2.2.0-7Michal Židek - 2.2.0-6Jakub Hrozek - 2.2.0-5Jakub Hrozek - 2.2.0-4Jakub Hrozek - 2.2.0-3Jakub Hrozek - 2.2.0-2Michal Židek - 2.2.0-1Michal Židek - 2.1.0-1Michal Židek - 2.0.0-45Jakub Hrozek - 2.0.0-43Michal Židek - 2.0.0-42Michal Židek - 2.0.0-41Michal Židek - 2.0.0-40Michal Židek - 2.0.0-39Michal Židek - 2.0.0-38Michal Židek - 2.0.0-36Michal Židek - 2.0.0-35Michal Židek - 2.0.0-34Michal Židek - 2.0.0-33Michal Židek - 2.0.0-32Michal Židek - 2.0.0-31Michal Židek - 2.0.0-30Michal Židek - 2.0.0-29Michal Židek - 2.0.0-28Michal Židek - 2.0.0-27Michal Židek - 2.0.0-26Michal Židek - 2.0.0-25Michal Židek - 2.0.0-24Jakub Hrozek - 2.0.0-23Jakub Hrozek - 2.0.0-22Jakub Hrozek - 2.0.0-21Jakub Hrozek - 2.0.0-20Jakub Hrozek - 2.0.0-19Jakub Hrozek - 2.0.0-18Jakub Hrozek - 2.0.0-17Jakub Hrozek - 2.0.0-16Jakub Hrozek - 2.0.0-15Jakub Hrozek - 2.0.0-14Jakub Hrozek - 2.0.0-13Jakub Hrozek - 2.0.0-12Jakub Hrozek - 2.0.0-11Jakub Hrozek - 2.0.0-10Jakub Hrozek - 2.0.0-9Jakub Hrozek - 2.0.0-8Jakub Hrozek - 2.0.0-7Jakub Hrozek - 2.0.0-6Jakub Hrozek - 2.0.0-5Jakub Hrozek - 2.0.0-4Jakub Hrozek - 2.0.0-3Jakub Hrozek - 2.0.0-2Fabiano Fidêncio - 2.0.0-1Tomas Orsava - 1.16.2-2Fabiano Fidêncio - 1.16.2-1Fabiano Fidêncio - 1.16.1-3Fabiano Fidêncio - 1.16.1-2Fabiano Fidêncio - 1.16.1-1Lukas Slebodnik - 1.16.0-13Fabiano Fidêncio - 1.16.0-12Lukas Slebodnik - 1.16.0-11Lukas Slebodnik - 1.16.0-10Igor Gnatenko - 1.16.0-9Lukas Slebodnik - 1.16.0-8Lukas Slebodnik - 1.16.0-7Björn Esser - 1.16.0-6Lukas Slebodnik - 1.16.0-5Lukas Slebodnik - 1.16.0-4Jakub Hrozek - 1.16.0-3Lukas Slebodnik - 1.16.0-2Lukas Slebodnik - 1.16.0-1Lukas Slebodnik - 1.15.3-5Lukas Slebodnik - 1.15.3-4Lukas Slebodnik - 1.15.3-3Fedora Release Engineering - 1.15.3-2Lukas Slebodnik - 1.15.3-1Lukas Slebodnik - 1.15.3-0.beta.5Lukas Slebodnik - 1.15.3-0.beta.4Lukas Slebodnik - 1.15.3-0.beta.3Lukas Slebodnik - 1.15.3-0.beta.2Lukas Slebodnik - 1.15.3-0.beta.1Lukas Slebodnik - 1.15.2-1Lukas Slebodnik - 1.15.1-1Jakub Hrozek - 1.15.0-4Lukas Slebodnik - 1.15.0-3Fedora Release Engineering - 1.15.0-2Lukas Slebodnik - 1.15.0-1Miro Hrončok - 1.14.2-3Lukas Slebodnik - 1.14.2-2Lukas Slebodnik - 1.14.2-1Lukas Slebodnik - 1.14.1-4Lukas Slebodnik - 1.14.1-3Lukas Slebodnik - 1.14.1-2Lukas Slebodnik - 1.14.1-1Stephen Gallagher - 1.14.0-5Fedora Release Engineering - 1.14.0-4Lukas Slebodnik - 1.14.0-3Lukas Slebodnik - 1.14.0-2.betaLukas Slebodnik - 1.14.0-1.alphaLukas Slebodnik - 1.13.4-3Lukas Slebodnik - 1.13.4-2Lukas Slebodnik - 1.13.4-1Lukas Slebodnik - 1.13.3-6Lukas Slebodnik - 1.13.3-5Fedora Release Engineering - 1.13.3-4Lukas Slebodnik - 1.13.3-3Lukas Slebodnik - 1.13.3-2Lukas Slebodnik - 1.13.3-1Lukas Slebodnik - 1.13.2-1Robert Kuska - 1.13.1-5Lukas Slebodnik - 1.13.1-4Lukas Slebodnik - 1.13.1-3Lukas Slebodnik - 1.13.1-2Lukas Slebodnik - 1.13.1-1Lukas Slebodnik - 1.13.0-6Lukas Slebodnik - 1.13.0-5Lukas Slebodnik - 1.13.0-4Lukas Slebodnik - 1.13.0-3Lukas Slebodnik - 1.13.0-2.alphaLukas Slebodnik - 1.13.0-1.alphaFedora Release Engineering - 1.12.5-4Lukas Slebodnik - 1.12.5-3Lukas Slebodnik - 1.12.5-2Lukas Slebodnik - 1.12.5-1Lukas Slebodnik - 1.12.4-8Lukas Slebodnik - 1.12.4-7Lukas Slebodnik - 1.12.4-6Lukas Slebodnik - 1.12.4-5Jakub Hrozek - 1.12.4-4Jakub Hrozek - 1.12.4-3Lukas Slebodnik - 1.12.4-2Lukas Slebodnik - 1.12.4-1Lukas Slebodnik - 1.12.3-7Lukas Slebodnik - 1.12.3-6Jakub Hrozek - 1.12.3-5Lukas Slebodnik - 1.12.3-4Lukas Slebodnik - 1.12.3-3Lukas Slebodnik - 1.12.3-2Lukas Slebodnik - 1.12.3-1Lukas Slebodnik - 1.12.2-8Sumit Bose - 1.12.2-7Lukas Slebodnik - 1.12.2-6Jakub Hrozek - 1.12.2-5Jakub Hrozek - 1.12.2-4Jakub Hrozek - 1.12.2-3Jakub Hrozek - 1.12.2-2Jakub Hrozek - 1.12.2-1Jakub Hrozek - 1.12.1-2Jakub Hrozek - 1.12.1-1Jakub Hrozek - 1.12.0-7Fedora Release Engineering - 1.12.0-6Stephen Gallagher 1.12.0-5Jakub Hrozek - 1.12.0-1Fedora Release Engineering - 1.12.0-4.beta2Jakub Hrozek - 1.12.0-1.beta2Jakub Hrozek - 1.12.0-2.beta1Jakub Hrozek - 1.12.0-1.beta1Jakub Hrozek - 1.11.5.1-4Stephen Gallagher - 1.11.5.1-3Stephen Gallagher - 1.11.5.1-2Jakub Hrozek - 1.11.5.1-1Stephen Gallagher 1.11.5-2Jakub Hrozek - 1.11.5-1Sumit Bose - 1.11.4-3Jakub Hrozek - 1.11.4-2Jakub Hrozek - 1.11.4-1Jakub Hrozek - 1.11.3-2Jakub Hrozek - 1.11.3-1Jakub Hrozek - 1.11.2-1Sumit Bose - 1.11.1-5Sumit Bose - 1.11.1-4Jakub Hrozek - 1.11.1-3Jakub Hrozek - 1.11.1-2Jakub Hrozek - 1.11.1-1Jakub Hrozek - 1.11.0-3Jakub Hrozek - 1.11.0-2Jakub Hrozek - 1.11.0-1Jakub Hrozek - 1.11.0-0.4.beta2Fedora Release Engineering - 1.11.0-0.3.beta2Jakub Hrozek - 1.11.0.2beta2Jakub Hrozek - 1.11.0.1beta2Jakub Hrozek - 1.10.1-1Jakub Hrozek - 1.10.0-17Stephen Gallagher - 1.10.0-16Stephen Gallagher - 1.10.0-15Stephen Gallagher - 1.10.0-14Jakub Hrozek - 1.10.0-13Dan Horák - 1.10.0-12.beta2Jakub Hrozek - 1.10.0-11.beta2Jakub Hrozek - 1.10.0-10.beta2Jakub Hrozek - 1.10.0-9.beta2Jakub Hrozek - 1.10.0-8.beta1Jakub Hrozek - 1.10.0-8.beta2Jakub Hrozek - 1.10.0-7.beta1Jakub Hrozek - 1.10.0-6.beta1Jakub Hrozek - 1.10.0-5.beta1Jakub Hrozek - 1.10.0-4.beta1Jakub Hrozek - 1.10.0-3.beta1Jakub Hrozek - 1.10.0-2.alpha1Jakub Hrozek - 1.10.0-1.alpha1Jakub Hrozek - 1.9.5-10Stephen Gallagher - 1.9.4-9Jakub Hrozek - 1.9.4-8Jakub Hrozek - 1.9.4-7Jakub Hrozek - 1.9.4-6Jakub Hrozek - 1.9.4-5Jakub Hrozek - 1.9.4-4Jakub Hrozek - 1.9.4-3Jakub Hrozek - 1.9.4-2Jakub Hrozek - 1.9.4-1Jakub Hrozek - 1.9.3-1Jakub Hrozek - 1.9.2-5Jakub Hrozek - 1.9.2-4Jakub Hrozek - 1.9.2-3Jakub Hrozek - 1.9.2-2Jakub Hrozek - 1.9.2-1Jakub Hrozek - 1.9.1-1Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-23Jakub Hrozek - 1.9.0-22.rc1Jakub Hrozek - 1.9.0-21.beta7Jakub Hrozek - 1.9.0-20.beta6Jakub Hrozek - 1.9.0-19.beta6Jakub Hrozek - 1.9.0-18.beta6Jakub Hrozek - 1.9.0-17.beta6Jakub Hrozek - 1.9.0-16.beta6Jakub Hrozek - 1.9.0-14.beta6Jakub Hrozek - 1.9.0-13.beta6Fedora Release Engineering - 1.9.0-13.beta5Jakub Hrozek - 1.9.0-12.beta5Stephen Gallagher - 1.9.0-11.beta4Jakub Hrozek - 1.9.0-10.beta4Jakub Hrozek - 1.9.0-9.beta4Stephen Gallagher - 1.9.0-8.beta3Stephen Gallagher - 1.9.0-7.beta2Stephen Gallagher - 1.9.0-6.beta2Stephen Gallagher - 1.9.0-5.beta2Stephen Gallagher - 1.9.0-4.beta1Stephen Gallagher - 1.9.0-3.beta1Stephen Gallagher - 1.9.0-2.beta1Stephen Gallagher - 1.9.0-1.beta1Stephen Gallagher - 1.8.3-11Stephen Gallagher - 1.8.2-10Stephen Gallagher - 1.8.1-9Stephen Gallagher - 1.8.1-8Stephen Gallagher - 1.8.1-7Stephen Gallagher - 1.8.0-6Stephen Gallagher - 1.8.0-5.beta3Stephen Gallagher - 1.8.0-4.beta3Petr Pisar - 1.8.0-3.beta2Stephen Gallagher - 1.8.0-1.beta2Stephen Gallagher - 1.8.0-1.beta1Stephen Gallagher - 1.7.0-5Stephen Gallagher - 1.7.0-4Stephen Gallagher - 1.7.0-3Fedora Release Engineering - 1.7.0-2Stephen Gallagher - 1.7.0-1Stephen Gallagher - 1.6.4-1Stephen Gallagher - 1.6.3-5Stephen Gallagher - 1.6.3-4Jakub Hrozek - 1.6.3-3Stephen Gallagher - 1.6.3-2Stephen Gallagher - 1.6.3-1Fedora Release Engineering - 1.6.2-5Stephen Gallagher - 1.6.2-4Stephen Gallagher - 1.6.2-3Stephen Gallagher - 1.6.2-2Stephen Gallagher - 1.6.2-1Stephen Gallagher - 1.6.1-1Stephen Gallagher - 1.6.0-2Stephen Gallagher - 1.6.0-1Stephen Gallagher - 1.5.11-2Stephen Gallagher - 1.5.10-1Stephen Gallagher - 1.5.9-1Stephen Gallagher - 1.5.8-1Stephen Gallagher - 1.5.7-3Stephen Gallagher - 1.5.7-2Stephen Gallagher - 1.5.7-1Stephen Gallagher - 1.5.6.1-1Stephen Gallagher - 1.5.6-1Stephen Gallagher - 1.5.5-5Stephen Gallagher - 1.5.5-4Stephen Gallagher - 1.5.5-3Stephen Gallagher - 1.5.5-2Stephen Gallagher - 1.5.5-1Stephen Gallagher - 1.5.4-1Stephen Gallagher - 1.5.3-2Stephen Gallagher - 1.5.3-1Stephen Gallagher - 1.5.2-1Simo Sorce - 1.5.1-9Stephen Gallagher - 1.5.1-8Stephen Gallagher - 1.5.1-7Stephen Gallagher - 1.5.1-6Stephen Gallagher - 1.5.1-5Fedora Release Engineering - 1.5.1-4Stephen Gallagher - 1.5.1-3Stephen Gallagher - 1.5.1-2Stephen Gallagher - 1.5.1-1Stephen Gallagher - 1.5.0-2Stephen Gallagher - 1.5.0-1Stephen Gallagher - 1.4.1-3Stephen Gallagher - 1.4.1-2Stephen Gallagher - 1.4.1-1Stephen Gallagher - 1.4.0-2Stephen Gallagher - 1.4.0-1Stephen Gallagher - 1.3.0-35Stephen Gallagher - 1.3.0-34Stephen Gallagher - 1.3.0-33Stephen Gallagher - 1.3.0-32Stephen Gallagher - 1.3.0-31Stephen Gallagher - 1.3.0-30David Malcolm - 1.2.91-21Stephen Gallagher - 1.2.91-20Stephen Gallagher - 1.2.1-15Stephen Gallagher - 1.2.0-12Stephen Gallagher - 1.1.92-11Stephen Gallagher - 1.1.91-10Simo Sorce - 1.1.1-3Stephen Gallagher - 1.1.1-1Stephen Gallagher - 1.1.0-2Stephen Gallagher - 1.1.0-1.pre20100317git0ea7f19Stephen Gallagehr - 1.0.5-2Stephen Gallagher - 1.0.5-1Stephen Gallagher - 1.0.4-1Stephen Gallagher - 1.0.3-1Stephen Gallagher - 1.0.2-1Stephen Gallagher - 1.0.1-1Stephen Gallagher - 1.0.0-2Stephen Gallagher - 1.0.0-1Stephen Gallagher - 0.99.1-1Stephen Gallagher - 0.99.0-1Stephen Gallagher - 0.7.1-1Stephen Gallagher - 0.7.0-2Stephen Gallagher - 0.7.0-1Stephen Gallagher - 0.6.1-2Stephen Gallagher - 0.6.1-1Stephen Gallagher - 0.6.0-1Sumit Bose - 0.6.0-0Simo Sorce - 0.5.0-0Jakub Hrozek - 0.4.1-4Fedora Release Engineering - 0.4.1-3Simo Sorce - 0.4.1-2Simo Sorce - 0.4.1-1Simo Sorce - 0.4.1-0Simo Sorce - 0.3.2-2Jakub Hrozek - 0.3.2-1Simo Sorce - 0.3.1-2Simo Sorce - 0.3.1-1Simo Sorce - 0.3.0-2Simo Sorce - 0.3.0-1Simo Sorce - 0.2.1-1Simo Sorce - 0.2.0-1Jakub Hrozek - 0.1.0-5.20090309git691c9b3Jakub Hrozek - 0.1.0-4Sumit Bose - 0.1.0-3Jakub Hrozek - 0.1.0-2Stephen Gallagher - 0.1.0-1- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8 - Resolves: rhbz#2119726 - sssctl analyze --logdir option requires sssd to be configured - Resolves: rhbz#2120669 - Incorrect request ID tracking from responder to backend- Resolves: rhbz#2116488 - virsh command will hang after the host run several auto test cases - Resolves: rhbz#2116486 - [regression] sssctl analyze fails to parse PAM related sssd logs - Resolves: rhbz#2116487 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2063016 - [sssd] RHEL 8.7 Tier 0 Localization- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2098620 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets - Resolves: rhbz#2098619 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file - Resolves: rhbz#2088817 - pam_sss_gss ceased to work after upgrade to 8.6 - Resolves: rhbz#2098616 - Add idp authentication indicator in man page of sssd.conf - Resolves: rhbz#2056035 - 'getent hosts' not return hosts if they have more than one CN in LDAP - Resolves: rhbz#2098615 - Regression "Missing internal domain data." when setting ad_domain to incorrect - Resolves: rhbz#2098617 - Harden kerberos ticket validation - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2026799 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options) - Resolves: rhbz#2033347 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file. - Resolves: rhbz#2056483 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2 - Resolves: rhbz#2062689 - [Improvement] Add user and group version of sss_nss_getorigbyname() - Resolves: rhbz#2065692 - [RHEL8] Ship new sub-package called sssd-idp into sssd - Resolves: rhbz#2072050 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop - Resolves: rhbz#2072931 - Use right sdap_domain in ad_domain_info_send - Resolves: rhbz#2087088 - sssd does not enforce smartcard auth for kde screen locker - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol - Resolves: rhbz#2087745 - 2FA prompting setting ineffective - Resolves: rhbz#2087746 - sssd fails GPO-based access if AD have setup with Japanese language- Resolves: rhbz#2039892 - 2.6.2 regression: Daemon crashes when resolving AD user names - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#2035245 - AD Domain in the AD Forest Missing after sssd latest update - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files (additional patch)- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#1961182 - Passwordless (GSSAPI) SSH not working due to missing "includedir /var/lib/sss/pubconf/krb5.include.d" directive in /etc/krb5.conf - Resolves: rhbz#2008829 - sssd_be segfault due to empty forest root name - Resolves: rhbz#2012263 - pam responder does not call initgroups to refresh the user entry - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012327 - Groups are missing while performing id lookup as SSSD switching to offline mode due to the wrong domain name in the ldap-pings(netlogon). - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013259 - [RHEL8] Add tevent chain ID logic into responders - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Rebuild due to rhbz#2013596 - Rebase Samba to the the latest 4.15.x release- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#1968340 - 'exclude_groups' option provided in SSSD for session recording (tlog) doesn't work as expected - Resolves: rhbz#1952569 - SSSD should use "hidden" temporary file in its krb locator - Resolves: rhbz#1917970 - proxy provider: secondary group is showing in sssd cache after group is removed - Resolves: rhbz#1636002 - socket-activated services start as the sssd user and then are unable to read the confdb - Resolves: rhbz#2021196 - Make backtrace less "chatty" (avoid duplicate backtraces) - Resolves: rhbz#2018432 - 2.5.x based SSSD adds more AD domains than it should based on the configuration file (not trusted and from a different forest) - Resolves: rhbz#2015070 - Consistency in defaults between OpenSSH and SSSD - Resolves: rhbz#2013297 - disabled root ad domain causes subdomains to be marked offline - Resolves: rhbz#2013294 - Lookup with fully-qualified name does not work with 'cache_first = True' - Resolves: rhbz#2013218 - autofs lookups for unknown mounts are delayed for 50s - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013024 - Add support for CKM_RSA_PKCS in smart card authentication. - Resolves: rhbz#2013006 - [RFE] support subid ranges managed by FreeIPA - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012122 - tps tests fail with cross dependency on sssd debuginfo package: removal of 'sssd-libwbclient-debuginfo' is missing- Resolves: rhbz#1975169 - EMBARGOED CVE-2021-3621 sssd: shell command injection in sssctl [rhel-8] - Resolves: rhbz#1962042 - [sssd] RHEL 8.5 Tier 0 Localization- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1693379 - sssd_be and sss_cache too heavy on CPU - Resolves: rhbz#1909373 - Missing search index for `originalADgidNumber` - Resolves: rhbz#1954630 - [RFE] Improve debug messages by adding a unique tag for each request the backend is handling - Resolves: rhbz#1936891 - SSSD Error Msg Improvement: Bad address - Resolves: rhbz#1364596 - sssd still showing ipa user after removed from last group - Resolves: rhbz#1979404 - Changes made to /etc/pam.d/sssd-shadowutils are overwritten back to default on sssd-common package upgrade- Resolves: rhbz#1974257 - 'debug_microseconds' config option is broken - Resolves: rhbz#1936902 - SSSD Error Msg Improvement: Invalid argument - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm (additional patches and rebuild)- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1917444 - SSSD Error Msg Improvement: Server resolution failed: [2]: No such file or directory - Resolves: rhbz#1917511 - SSSD Error Msg Improvement: Failed to resolve server 'server.example.com': Error reading file - Resolves: rhbz#1917535 - sssd.conf man page: parameter dns_resolver_server_timeout and dns_resolver_op_timeout - Resolves: rhbz#1940509 - [RFE] Health and Support Analyzer: Link frontend to backend requests - Resolves: rhbz#1649464 - auto_private_groups not working as expected with posix ipa/ad trust - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1961215 - Invalid sssd-kcm return code if requested operation is not found - Resolves: rhbz#1837090 - SSSD fails nss_getby_name for IPA user with SID if the user has user private group - Resolves: rhbz#1879869 - sudo commands incorrectly exports the KRB5CCNAME environment variable - Resolves: rhbz#1962550 - sss_pac_make_request fails on systems joined to Active Directory. - Resolves: rhbz#1737489 - [RFE] SSSD should honor default Kerberos settings (keytab name) in /etc/krb5.conf- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1930535 - [abrt] [faf] sssd: monitor_service_shutdown(): /usr/sbin/sssd killed by 11 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1945888 - Inconsistant debug level for connection logging - Resolves: rhbz#1948657 - pam_sss_gss.so doesn't work with large kerberos tickets - Resolves: rhbz#1949149 - [RFE] Poor man's backtrace - Resolves: rhbz#1920500 - Authentication handshake (ldap_install_tls()) fails due to underlying openssl operation failing with EINTR - Resolves: rhbz#1923964 - [RFE] SSSD Error Msg Improvement: write_krb5info_file failed, authentication might fail. - Resolves: rhbz#1928648 - SSSD logs improvements: clarify which config option applies to each timeout in the logs - Resolves: rhbz#1632159 - sssd-kcm starts successfully for non existent socket_path - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm - Resolves: rhbz#1925505 - [RFE] improve the sssd refresh timers for SUDO queries - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1925561 - sssd-ldap(5) does not report how to disable the SUDO smart queries - Resolves: rhbz#1925621 - document impact of indices and of scope on performance of LDAP queries - Resolves: rhbz#1855320 - [RFE] RHEL8 sssd: inheritance of the case_sensitive parameter for subdomains. - Resolves: rhbz#1925608 - [RFE] make 'random_offset' addon to 'offline_timeout' option configurable - Resolves: rhbz#1447945 - man page / docs update required: if two certificate matching rules with the same priority match only one is used - Resolves: rhbz#1703436 - sssd not thread-safe in innetgr() - Resolves: rhbz#1713143 - SSSD does not translate the 2FA text labels("first factor" / "second factor") on GDM login and screensaver unlock screen - Resolves: rhbz#1888977 - sss_override: Usage limitations clarification in man page - Resolves: rhbz#1890177 - Clarify "single_prompt" option in "PROMPTING CONFIGURATION SECTION" section of sssd.conf man page - Resolves: rhbz#1902280 - fix sss_cache to also reset cached timestamp - Resolves: rhbz#1935683 - SSSD not detecting subdomain from AD forest (RHEL 8.3) - Resolves: rhbz#1937919 - IPA missing secondary IPA Posix groups in latest sssd 1.16.5-10.el7_9.7 - Resolves: rhbz#1944665 - No gpo found and ad_gpo_implicit_deny set to True still permits user login - Resolves: rhbz#1919942 - sss_override does not take precedence over override_homedir directive- Resolves: rhbz#1926622 - Add support to verify authentication indicators in pam_sss_gss - Resolves: rhbz#1926454 - First smart refresh query contains modifyTimestamp even if the modifyTimestamp is 0. - Resolves: rhbz#1893159 - Default debug level should report all errors / failures (additional patch)- Resolves: rhbz#1920001 - Do not add '%' to group names already prefixed with '%' in IPA sudo rules - Resolves: rhbz#1918433 - sssd unable to lookup certmap rules - Resolves: rhbz#1917382 - [abrt] [faf] sssd: dp_client_handshake_timeout(): /usr/libexec/sssd/sssd_be killed by 11- Resolves: rhbz#1113639 - autofs: return a connection failure until maps have been fetched - Resolves: rhbz#1915395 - Memory leak in the simple access provider - Resolves: rhbz#1915319 - SSSD: SBUS: failures during servers startup - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication (additional patches)- Resolves: rhbz#1631410 - Can't login with smartcard with multiple certs having same ID value - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff (additional patches) - Resolves: rhbz#1893159 - Default debug level should report all errors / failures - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication- Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1876658 - filter_groups option partially filters the group from 'id' output of the user because gidNumber still appears in 'id' output [RHEL 8] - Resolves: rhbz#1895001 - User lookups over the InfoPipe responder fail intermittently- Resolves: rhbz#1900733 - sssd_be segfaults at be_refresh_get_values_ex() due to NULL ptrs in results of sysdb_search_with_ts_attr() - Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1894540 - sssd component logging is now too generic in syslog/journal - Resolves: rhbz#1828483 - filtered ID is appearing due to strange negative cache behavior- This is to bump version to allow rebuild against rebased libldb.- Resolves: rhbz#1881992 - Rebase SSSD for RHEL 8.4 - Resolves: rhbz#1722842 - sssd-kcm does not store TGT with ssh login using GSSAPI - Resolves: rhbz#1734040 - sssd crash in ad_get_account_domain_search() - Resolves: rhbz#1784459 - [RFE] tlog does not allow to exclude some users from session recording - Resolves: rhbz#1791300 - sporadic sssd_be crash on s390x - Resolves: rhbz#1817122 - 'getent group ldapgroupname' doesn't show any LDAP users or some LDAP users when 'rfc2307bis' schema is used with SSSD. - Resolves: rhbz#1819012 - [RFE] Improve AD site discovery process - Resolves: rhbz#1846778 - [RfE] `/usr/libexec/sssd/p11_child` cmdline argument '--nssdb' might be confusing when SSSD was built against OpenSSL - Resolves: rhbz#1873715 - automount sssd issue when 2 automount maps have the same key (one un uppercase, one in lowercase) - Resolves: rhbz#1879860 - correction in sssd.conf:pam_response_filter man page - Resolves: rhbz#1881336 - [RFE] sssd-ldap man page modification for parameter "ldap_referrals" - Resolves: rhbz#1883488 - [RfE] Implement a new sssd.conf option to disable the filter for AD domain local groups from trusted domains - Resolves: rhbz#1884196 - [RFE] Add "enabled" option to domain section in config file - Resolves: rhbz#1884205 - KCM: Increase client idle timeout to 5 minutes - Resolves: rhbz#1884207 - [RFE] ldap: add new option ldap_library_debug_level - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff - Resolves: rhbz#1884281 - Secondary LDAP group go missing from 'id' command - Resolves: rhbz#1884301 - [RFE] dyndns: suport asymmetric auth for nsupdate- Resolves: rhbz#1855323 - When ad_gpo_implicit_deny is True, it is permitting users to login when no gpo is applied- Resolves: rhbz#1868387 - system not enforcing GPO rule restriction. ad_gpo_implicit_deny = True is not working - Resolves: rhbz#1854951 - sss-certmap man page change to add clarification for userPrincipalName attribute from AD schema - Resolves: rhbz#1856861 - False errors/warnings are logged in sssd.log file after enabling 2FA prompting settings in sssd.conf - Resolves: rhbz#1869683 - p11_child: default value of ocsp_dgst == sha256 doesn't conform RFC5019 and has to be changed to sha1- Resolves: rhbz#1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command. - Resolves: rhbz#1780404 - smartcards: special characters must be escaped when building search filter- Resolves: rhbz#1820574 - [sssd] RHEL 8.3 Tier 0 Localization- Resolves: rhbz#1821719 - sssd (sssd_be) is consuming 100% CPU, partially due to failing mem-cache - Fixed "requires/provides" rpmdiff warning- Resolves: rhbz#1815584 - id_provider = proxy proxy_lib_name = files returns * in password field, breaking PAM authentication - Resolves: rhbz#1794607 - SSSD must be able to resolve membership involving root with files provider - Resolves: rhbz#1803134 - Improve "unlock" time when user session already active- Resolves: rhbz#1829470 - `sssd.api.conf` and `sssd.api.d` should belong to `python-sssdconfig` package - Resolves: rhbz#1544457 - sssd fails to release file descriptor on child logs after receiving HUP - Resolves: rhbz#1824323 - SSSD user filtering is failing on RHEL 8 after "files" provider rebuilds cache - Resolves: rhbz#1827432 - When the passwd or group files are replaced, sssd stops monitoring the file for inotify events, and no updates are triggered - Resolves: rhbz#1835710 - Change the message "Please enter smart card" to "Please insert smart card" on GDM login with smart-card - Resolves: rhbz#1838037 - Oddjob-mkhomedir fails when using NSS compat - Resolves: rhbz#1845904 - gdm smart card authentication does not work shortly after disconnecting from network. - Resolves: rhbz#1845975 - sssd doesn't follow the link order of AD Group Policy Management - Resolves: rhbz#1845980 - sssd is failing to discover other subdomains in the forest if LDAP entries do not contain AD forest root information - Resolves: rhbz#1845987 - Document how to prevent invalid selinux context for default home directories in SSSD-AD direct integration. - Resolves: rhbz#1845994 - GDM failure loop when no user mapped for smart card - Resolves: rhbz#1846003 - GDM password prompt when cert mapped to multiple users and promptusername is False - Resolves: rhbz#1850961 - /usr/share/systemtap/tapset/sssd_functions.stp missing a comma- Resolves: rhbz#Bug 1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command.- Resolves: rhbz#1839037 - Rebase SSSD for RHEL 8.3 - Resolves: rhbz#1843872 - sssd 2.3.0 breaks AD auth due to GPO parsing failure - Resolves: rhbz#1834156 - sssd or sssd-ad not updating their dependencies on "yum update" which breaks working- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate (additional patch)- Resolves: rhbz#1810634 - id command taking 1+ minute for returning user information- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate- Resolves: rhbz#1718193 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly- Resolves: rhbz#1792331 - sssd_be crashes when krb5_realm and krb5_server is omitted and auth_provider is krb5- Resolves: rhbz#1754996 - [sssd] Tier 0 Localization- Resolves: rhbz#1767514 - sssd requires timed sudoers ldap entries to be specified up to the seconds- Resolves: rhbz#1713368 - Add sssd-dbus package as a dependency of sssd-tools* Resolves: rhbz#1794016 - sssd_be frequent crash* Resolves: rhbz#1762415 - Force LDAPS over 636 with AD Access Provider* Resolves: rhbz#1583592 - [RFE] Add configurable randomness to SSSD ldap connection timeout* Resolves: rhbz#1783190 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/sssd_autofs killed by 6* Resolves: rhbz#1785214 - server/be: SIGTERM handling is incorrect* Resolves: rhbz#1785193 - Watchdog implementation or usage is incorrect* Resolves: rhbz#1704199 - pcscd rejecting sssd ldap_child as unauthorized* Resolves: rhbz#1744500 - [Doc]Provide explanation on escape character for match rules sss-certmap* Resolves: rhbz#1781728 - sssctl config-check command does not give proper error messages with line numbers* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release Increasing version number to pick latest libldb* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release PART2: Fix gating issue.* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release- Resolves: rhbz#1712875 - Old kerberos credentials active instead of valid new ones (kcm)- Resolves: rhbz#1744134 - New defect found in sssd-2.2.0-16.el8 - Also sync. kcm multihost tests with master- Resolves: rhbz#1676385 - pam_sss with smartcard auth does not create gnome keyring - Also apply a patch to fix gating tests issue- Resolves: rhbz#1736861 - dyndns_update = True is no longer enough to get the IP address of the machine updated in IPA upon sssd.service startup- Resolves: rhbz#1736265 - Smart Card auth of local user: endless loop if wrong PIN was provided- Resolves: rhbz#1736796 - sssd config option "default_domain_suffix" should not cause files domain entries to be qualified, this can break sudo access- Resolves: rhbz#1669407 - MAN: Document that PAM stack contains the systemd-user service in the account phase in RHEL-8- Resolves: rhbz#1448094 - sssd-kcm cannot handle big tickets- Resolves: rhbz#1733372 - permission denied on logs when running sssd as non-root user- Resolves: rhbz#1736483 - Sudo prompt for smart card authentication is missing the trailing colon- Resolves: rhbz#1382750 - Conflicting default timeout values- Resolves: rhbz#1699480 - Include libsss_nss_idmap-devel in the Builder repository - This just required a raise in release number and changelog for the record.- Resolves: rhbz#1711318 - p11_child::sign_data() function implementation is not FIPS140 compliant- Resolves: rhbz#1726945 - negative cache does not use values from 'filter_users' config option for known domains- Resolves: rhbz#1729055 - sssd does not pass correct rules to sudo- Resolves: rhbz#1283798 - sssd failover does not work on connecting to non-responsive ldaps:// server- Resolves: rhbz#1725168 - sssd-proxy crashes resolving groups with no members- Resolves: rhbz#1673443 - sssd man pages: The default value of "ldap_user_home_directory" is not mentioned with AD server configuration- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Replace ARRAY_SIZE with N_ELEMENTS to reflect samba changes. This is done here in order to unblock gating changes before rebase. - Related: rhbz#1682305- Resolves: rhbz#1672780 - gdm login not prompting for username when smart card maps to multiple users- Resolves: rhbz#1645291 - Perform some basic ccache initialization as part of gen_new to avoid a subsequent switch call failure-Resolves: rhbz#1659498 - Re-setting the trusted AD domain fails due to wrong subdomain service name being used-Resolves: rhbz#1660083 - extraAttributes is org.freedesktop.DBus.Error. UnknownProperty: Unknown property- Resolves: rhbz#1661183 - SSSD 2.0 has drastically lower sbus timeout than 1.x, this can result in time outs- Resolves: rhbz#1578014 - sssd does not work under non-root user - Note: Actually the patches were in the 2.0.0-37, this one just adds this changelog because it was missing.- Resolves: rhbz#1652563 - incorrect example in the man page of idmap_sss suggests using * for backend sss- Resolves: rhbz#1466503 - Snippets are not used when sssd.conf does not exist- Resolves: rhbz#1622008 - Error message when IPA server uninstall calls kdestroy caused by KCM returning a wrong error code during the delete operation- Resolves: rhbz#1646113 - Missing concise documentation about valid options for sssd-files-provider- Resolves: rhbz#1625670 - sssd needs to require a newer version of libtalloc and libtevent to avoid an issue in GPO processing- Resolves: 1658813 - PKINIT with KCM does not work- Resolves: 1657898 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust- Resolves: rhbz#1655459 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/proxy_child killed by 6- Resolves: rhbz#1652719 - [SECURITY] sssd returns '/' for emtpy home directories- Resolves: rhbz#1657979 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI- Resolves: rhbz#1657980 - sssd_nss memory leak- Resolves: rhbz#1645566 - SSSD 2.x does not sanitize domain name properly for D-bus, resulting in a crash- Resolves: rhbz#1646168 - sssctl access-report always prints an error message - Resolves: rhbz#1643053 - Restarting the sssd-kcm service should reload the configuration without having to restart the whole sssd - Resolves: rhbz#1640576 - sssctl reports incorrect information about local user's cache entry expiration time - Resolves: rhbz#1645238 - Unable to su to root when logged in as a local user - Resolves: rhbz#1639411 - sssd support for for smartcards using ECC keys- Resolves: rhbz#1642508 - sssd ifp crash when trying to access ipa webui with smart card- Resolves: rhbz#1642372 - SSSD Python getgrouplist API was removed but required for IPA- Related: rhbz#1638150 - session not recording for local user when groups defined - Also add silence a Coverity warning, which is related to rhbz#1637131- Related: rhbz#1637513 - sssd crashes when refreshing expired sudo rules- Add OSCP checks for p11_child - Related: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Related: rhbz#1638006 - Files: The files provider always enumerates which causes duplicate when running getent passwd- Related: rhbz#1637131 - pam_unix unable to match fully qualified username provided by sssd during smartcard auth using gdm- Related: rhbz#1620123 - [RFE] Add option to specify a Smartcard with a PKCS#11 URI- Related: rhbz#1611011 - Support for "require smartcard for login option"- Related: rhbz#1635595 - Cant login with smartcard with multiple certs- Backport more sbus2 fixes - Related: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1636397 - SSSD not fetching all sudo rules from AD- Resolves: rhbz#1628122 - Printing incorrect information about domain with sssctl utility- Resolves: rhbz#1626001 - SSSD should log to syslog if a domain is not started due to a misconfiguration- Resolves: rhbz#1624785 - Remove references of sss_user/group/add/del commands in man pages since local provider is deprecated- Resolves: rhbz#1628126 - [abrt] [faf] sssd: unknown function(): /usr/libexec/sssd/sssd_be killed by 11 crash func _dbus_list_unlink- Resolves: rhbz#1628503 - sssd only sets the SELinux login context if it differs from the default- Resolves: rhbz#1625842 id_provider= local causes SSSD to abort startup- Resolves: rhbz#1615590 - Do not rely on "python" for el8- Resolves: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Resolves: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1622026 - sssd 2.0 regression: Kerberos authentication fails with the KCM ccache- Resolves: rhbz#1615460 - Rebase SSSD to the latest released version- Switch hardcoded python3 shebangs into the %{__python3} macro- Update to 1.16.2 release - Cleanup unused global definitions - Remove python2 references from the spec file - Resolves: rhbz#1585313 - Kerberos with sssd-kcm is not working on s390x- Resolves: upstream#3684 - A group is not updated if its member is removed with the cleanup task, but the group does not change - Resolves: upstream#3558 - sudo: report error when two rules share cn - Tone down shutdown messages for socket activated responders - IPA: Qualify the externalUser sudo attribute - Resolves: upstream#3550 - refresh_expired_interval does not work with netgrous in 1.15 - Resolves: upstream#3402 - Support alternative sources for the files provider - Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option - Resolves: upstream#3679 - Make nss netgroup requests more robust - Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not configured - Resolves: upstream#3469 - extend sss-certmap man page regarding priority processing - Improve docs/debug message about GC detection - Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound? - Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. - Document which principal does the AD provider use - Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs - Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM - Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Fatal]- Resolves: upstream#3573 - sssd won't show netgroups with blank domain - Resolves: upstream#3660 - confdb_expand_app_domains() always fails - Resolves: upstream#3658 - Application domain is not interpreted correctly - Resolves: upstream#3687 - KCM: Don't pass a non null terminated string to json_loads() - Resolves: upstream#3386 - KCM: Payload buffer is too small - Resolves: upstream#3666 - Fix usage of str.decode() in our tests - A few KCM misc fixes- New upstream release 1.16.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_1.html- Resolves: upstream#3621 - backport bug found by static analyzers- Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no specific host/hostgroup set - Resolves: upstream#3621 - FleetCommander integration must not require capability DAC_OVERRIDE- Resolves: upstream#3618 - selinux_child segfaults in a docker container- Resolves: rhbz#1431153 - sssd: libsss_proxy.so needs to be linked with -ldl- Fix systemd executions/requirements- Fix building on rawhide. Remove -Wl,-z,defs from LDFLAGS- Fix building of sssd-nfs-idmap with libnfsidmap.so.1- Rebuilt for libnfsidmap.so.1- Resolves: upstream#3523 - ABRT crash - /usr/libexec/sssd/sssd_nss in setnetgrent_result_timeout - Resolves: upstream#3588 - sssd_nss consumes more memory until restarted or machine swaps - Resolves: failure in glibc tests https://sourceware.org/bugzilla/show_bug.cgi?id=22530 - Resolves: upstream#3451 - When sssd is configured with id_provider proxy and auth_provider ldap, login fails if the LDAP server is not allowing anonymous binds - Resolves: upstream#3285 - SSSD needs restart after incorrect clock is corrected with AD - Resolves: upstream#3586 - Give a more detailed debug and system-log message if krb5_init_context() failed - Resolves: rhbz#1431153 - SSSD ships a drop-in configuration snippet in /etc/systemd/system - Backport few upstream features from 1.16.1- Resolves: rhbz#1494002 - sssd_nss crashed in cache_req_search_domains_next- Backport extended NSS API from upstream master branch- Resolves: upstream#3529 - sssd-kcm Fix restart during/after upgrade- New upstream release 1.16.0 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_0.html- Resolves: rhbz#1499354 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database access on the sock_file system_bus_socket- Resolves: rhbz#1488327 - SELinux is preventing selinux_child from write access on the sock_file system_bus_socket - Resolves: rhbz#1490402 - SSSD does not create /var/lib/sss/deskprofile and fails to download desktop profile data - Resolves: upstream#3485 - getsidbyid does not work with 1.15.3 - Resolves: upstream#3488 - SUDO doesn't work for IPA users on IPA clients after applying ID Views for them in IPA server - Resolves: upstream#3501 - Accessing IdM kerberos ticket fails while id mapping is applied- Backport few upstream patches/fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- New upstream release 1.15.3 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_3.html- Rebuild with libldb-1.2.0- Fix build issues: Update expided certificate in unit tests- Resolves: rhbz#1445680 - Properly fall back to local Smartcard authentication - Resolves: rhbz#1437199 - sssd-nfs-idmap-1.15.2-1.fc25.x86_64 conflicts with file from package sssd-common-1.15.1-1.fc25.x86_64 - Resolves: rhbz#1063278 - sss_ssh_knownhostsproxy doesn't fall back to ipv4- Fix issue with IPA + SELinux in containers - Resolves: upstream https://fedorahosted.org/sssd/ticket/3297- Backport upstream patches for 1.15.3 pre-release - required for building freeipa-4.5.x in rawhide- New upstream release 1.15.2 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_2.html- New upstream release 1.15.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_1.html- Cherry-pick patches from upstream that enable the files provider - Enable the files domain - Retire patch 0501-Partially-revert-CONFIG-Use-default-config-when-none.patch which is superseded by the files domain autoconfiguration - Related: rhbz#1357418 - SSSD fast cache for local users- Add missing %license macro- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- New upstream release 1.15.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.15.0- Rebuild for Python 3.6- Resolves: rhbz#1369130 - nss_sss should not link against libpthread - Resolves: rhbz#1392916 - sssd failes to start after update - Resolves: rhbz#1398789 - SELinux is preventing sssd from 'write' accesses on the directory /etc/sssd- New upstream release 1.14.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.2- libwbclient-sssd: update interface to version 0.13- Fix regression with krb5_map_user - Resolves: rhbz#1375552 - krb5_map_user doesn't seem effective anymore - Resolves: rhbz#1349286 - authconfig fails with SSSDConfig.NoDomainError: default if nonexistent domain is mentioned- Backport important patches from upstream 1.14.2 prerelease - Resolves: upstream #3154 - sssd exits if clock is adjusted backwards after boot - Resolves: upstream #3163 - resolving IPA nested user group is broken in 1.14- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.1- Add workaround patch for RHBZ #1366403- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0- New upstream release 1.14 beta - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0beta- New upstream release 1.14 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0alpha- Resolves: rhbz#1335639 - [abrt] sssd-dbus: ldb_msg_find_element(): sssd_ifp killed by SIGSEGV- Resolves: rhbz#1328108 - Protocol error with FreeIPA on CentOS 6- New upstream release 1.13.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.4- Resolves: rhbz#1276868 - Sudo PAM Login should support multiple password prompts (e.g. Password + Token) - Resolves: rhbz#1313041 - ssh with sssd proxy fails with "Connection closed by remote host" if locale not available- Resolves: rhbz#1310664 - [RFE] IPA: resolve external group memberships of IPA groups during getgrnam and getgrgid - Resolves: rhbz#1301303 - sss_obfuscate: SyntaxError: Missing parentheses in call to 'print'- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Additional upstream fixes- Resolves: rhbz#1256849 - SUDO: Support the IPA schema- New upstream release 1.13.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.3- New upstream release 1.13.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.2- Rebuilt for Python3.5 rebuild- Fix building pac responder with the krb5-1.14- python-sssdconfig: Fix parssing sssd.conf without config_file_version - Resolves: upstream #2837 - REGRESSION: ipa-client-automout failed- Fix few segfaults - Resolves: upstream #2811 - PAM responder crashed if user was not set - Resolves: upstream #2810 - sssd_be crashed in ipa_srv_ad_acct_lookup_step- New upstream release 1.13.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1- Fix OTP bug - Resolves: upstream #2729 - Do not send SSS_OTP if both factors were entered separately- Backport upstream patches required by FreeIPA 4.2.1- Fix ipa-migration bug - Resolves: upstream #2719 - IPA: returned unknown dp error code with disabled migration mode- New upstream release 1.13.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0- Unify return type of list_active_domains for python{2,3}- New upstream release 1.13 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0alpha- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- Fix libwbclient alternatives- Backport important patches from upstream 1.13 prerelease- New upstream release 1.12.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.5- Backport important patches from upstream 1.13 prerelease - Resolves: rhbz#1060325 - Does sssd-ad use the most suitable attribute for group name - Resolves: upstream #2335 - Investigate using the krb5 responder for driving the PAM conversation with OTPs - Enable cmocka tests for secondary architectures- Backport patches from upstream 1.12.5 prerelease - contains many fixes- Fix slow login with ipa and SELinux - Resolves: upstream #2624 - Only set the selinux context if the context differs from the local one- Fix regressions with ipa and SELinux - Resolves: upstream #2587 - With empty ipaselinuxusermapdefault security context on client is staff_u- Also relax libldb Requires - Remove --enable-ldb-version-check- Relax libldb BuildRequires to be greater-or-equal- Add support for python3 bindings - Add requirement to python3 or python3 bindings - Resolves: rhbz#1014594 - sssd: Support Python 3- New upstream release 1.12.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.4- Backport patches with Python3 support from upstream- Fix double free in monitor - Resolves: rhbz#1186887 [abrt] sssd-common: talloc_abort(): sssd killed by SIGABRT- Rebuild for new libldb- Decrease priority of sssd-libwbclient 20 -> 5 - It should be lower than priority of samba veriosn of libwbclient. - https://bugzilla.redhat.com/show_bug.cgi?id=1175511#c18- Apply a number of patches from upstream to fix issues found 1.12.3 - Resolves: rhbz#1176373 - dyndns_iface does not accept multiple interfaces, or isn't documented to be able to - Resolves: rhbz#988068 - getpwnam_r fails for non-existing users when sssd is not running - Resolves: upstream #2557 authentication failure with user from AD- Resolves: rhbz#1164156 - libsss_simpleifp should pull sssd-dbus - Resolves: rhbz#1179379 - gzip: stdin: file size changed while zipping when rotating logfile- New upstream release 1.12.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.3 - Fix spelling errors in description (fedpkg lint)- Rebuild for libldb 1.1.19- Resolves: rhbz#1175511 - sssd-libwbclient conflicts with Samba's and causes crash in wbinfo - in addition to the patch libwbclient.so is filtered out of the Provides list of the package- Fix regressions and bugs in sssd upstream 1.12.2 - https://fedorahosted.org/sssd/ticket/{id} - Regressions: #2471, #2475, #2483, #2487, #2529, #2535 - Bugs: #2287, #2445- Rebuild for libldb 1.1.18- Fix typo in libwbclient-devel %preun- Use alternatives for libwbclient- Backport several patches from upstream. - Fix a potential crash against old (pre-4.0) IPA servers- New upstream release 1.12.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.2- Resolves: rhbz#1139962 - Fedora 21, FreeIPA 4.0.2: sssd does not find user private group from server- New upstream release 1.12.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.1- Do not crash on resolving a group SID in IPA server mode- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Fix release version for upgrades- New upstream release 1.12.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- New upstream release 1.12 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta2- Fix tests on big-endian - Fix previous changelog entry- New upstream release 1.12 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta1- Rebuild against new ding-libs- Make LDB dependency a strict equivalency- Rebuild against new libldb- New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1- Fix bug in generation of systemd unit file- New upstream release 1.11.5 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5- Handle new error code for IPA password migration- Include couple of patches from upstream 1.11 branch- New upstream release 1.11.4 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.4- Handle OTP response from FreeIPA server gracefully- New upstream release 1.11.3 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.3- New upstream release 1.11.2 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.2- Fix potential crash with external groups in trusted IPA-AD setup- Add plugin for cifs-utils - Resolves: rhbz#998544- Fix failover from Global Catalog to LDAP in case GC is not available- Remove the ability to create public ccachedir (#1015089)- New upstream release 1.11.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1- Fix multicast checks in the SSSD - Resolves: rhbz#1007475 - The multicast check is wrong in the sudo source code getting the host info- Backport simplification of ccache management from 1.11.1 - Resolves: rhbz#1010553 - sssd setting KRB5CCNAME=(null) on login- New upstream release 1.11.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0- Resolves: #967012 - [abrt] sssd-1.9.5-1.fc18: sss_mmap_cache_gr_invalidate_gid: Process /usr/libexec/sssd/sssd_nss was killed by signal 11 (SIGSEGV) - Resolves: #996214 - sssd proxy_child segfault- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Resolves: #906427 - Do not use %{_lib} in specfile for the nss and pam libraries- New upstream release 1.11 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0beta2- New upstream release 1.10.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.1- sssd-tools should require sssd-common, not sssd- Move sssd_pac to the sssd-ipa and sssd-ad subpackages - Trim out RHEL5-specific macros since we don't build on RHEL 5 - Trim out macros for Fedora older than F18 - Update libldb requirement to 1.1.16 - Trim RPM changelog down to the last year- Move sssd_pac to the sssd-krb5 subpackage- Fix Obsoletes: to account for dist tag - Convert post and pre scripts to run on the sssd-common subpackage - Remove old conversion from SYSV- New upstream release 1.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0- the cmocka toolkit exists only on selected arches- Apply a number of patches from upstream to fix issues found post-beta, in particular: -- segfault with a high DEBUG level -- Fix IPA password migration (upstream #1873) -- Fix fail over when retrying SRV resolution (upstream #1886)- Only BuildRequire libcmocka on Fedora- Fix typo in Requires that prevented an upgrade (#973916) - Use a hardcoded version in Conflicts, not less-than-current- Enable hardened build for RHEL7- New upstream release 1.10 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2 - BuildRequire libcmocka-devel in order to run all upstream tests during build - BuildRequire libnl3 instead of libnl1 - No longer BuildRequire initscripts, we no longer use /sbin/service - Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any older krb5-libs version- Apply a couple of patches from upstream git that resolve crashes when ID mapping object was not initialized properly but needed later- Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during realm join - Resolves: rhbz#961278 - Login failure: Enterprise Principal enabled by default for AD Provider - Resolves: rhbz#961251 - sssd does not create user's krb5 ccache dir/file parent directory when logging in- BuildRequire recent libini_config to ensure consistent behaviour- Explicitly Require libini_config >= 1.0.0.1 to work around a SONAME bug in ding-libs - Fix SSH integration with fully-qualified domains - Add the ability to dynamically discover the NetBIOS name- New upstream release 1.10 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta1- Add a patch to fix krb5 ccache creation issue with krb5 1.11- New upstream release 1.10 alpha1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0alpha1- Add a patch to fix krb5 unit tests- Split internal helper libraries into a shared object - Significantly reduce disk-space usage- Fix the Kerberos password expiration warning (#912223)- Do not write out dots in the domain-realm mapping file (#905650)- Include upstream patch to build with krb5-1.11- Rebuild against new libldb- Fix build with new automake versions- Recreate Kerberos ccache directory if it's missing - Resolves: rhbz#853558 - [sssd[krb5_child[PID]]]: Credential cache directory /run/user/UID/ccdir does not exist- Fix changelog dates to make F19 rpmbuild happy- New upstream release 1.9.4- New upstream release 1.9.3- Resolve groups from AD correctly- Check the validity of naming context- Move the sss_cache tool to the main package- Include the 1.9.2 tarball- New upstream release 1.9.2- New upstream release 1.9.1- require the latest libldb- Use mcpath insted of mcachepath macro to be consistent with upsteam spec file- New upstream release 1.9.0- New upstream release 1.9.0 rc1- New upstream release 1.9.0 beta7 - obsoletes patches #1-#3- Rebuild against libldb 1.12- Rebuild against libldb 1.11- Change the default ccache location to DIR:/run/user/${UID}/krb5cc and patch man page accordingly - Resolves: rhbz#851304- Rebuild against libldb 1.10- Only create the SELinux login file if there are SELinux mappings on the IPA server- Don't discard HBAC rule processing result if SELinux is on Resolves: rhbz#846792 (CVE-2012-3462)- New upstream release 1.9.0 beta 6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta6 - A new option, override_shell was added. If this option is set, all users managed by SSSD will have their shell set to its value. - Fixes for the support for setting default SELinux user context from FreeIPA. - Fixed a regression introduced in beta 5 that broke LDAP SASL binds - The SSSD supports the concept of a Primary Server and a Back Up Server in failover - A new command-line tool sss_seed is available to help prime the cache with a user record when deploying a new machine - SSSD is now able to discover and save the domain-realm mappings between an IPA server and a trusted Active Directory server. - Packaging changes to fix ldconfig usage in subpackages (#843995) - Rebuild against libldb 1.1.9- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- New upstream release 1.9.0 beta 5 - Obsoletes the patch for missing DP_OPTION_TERMINATOR in AD provider options - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta5 - Many fixes for the support for setting default SELinux user context from FreeIPA, most notably fixed the specificity evaluation - Fixed an incorrect default in the krb5_canonicalize option of the AD provider which was preventing password change operation - The shadowLastChange attribute value is now correctly updated with the number of days since the Epoch, not seconds- Fix broken ARM build - Add missing DP_OPTION_TERMINATOR in AD provider options- Own several directories create during make install (#839782)- New upstream release 1.9.0 beta 4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta4 - Add a new AD provider to improve integration with Active Directory 2008 R2 or later servers - SUDO integration was completely rewritten. The new implementation works with multiple domains and uses an improved refresh mechanism to download only the necessary rules - The IPA authentication provider now supports subdomains - Fixed regression for setups that were setting default_tkt_enctypes manually by reverting a previous workaround.- New upstream release 1.9.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta3 - Add a new PAC responder for dealing with cross-realm Kerberos trusts - Terminate idle connections to the NSS and PAM responders- Switch unicode library from libunistring to Glib - Drop unnecessary explicit Requires on keyutils - Guarantee that versioned Requires include the correct architecture- Fix accidental disabling of the DIR cache support- New upstream release 1.9.0 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta2 - Add support for the Kerberos DIR cache for storing multiple TGTs automatically - Major performance enhancement when storing large groups in the cache - Major performance enhancement when performing initgroups() against Active Directory - SSSDConfig data file default locations can now be set during configure for easier packaging- Fix regression in endianness patch- Rebuild SSSD against ding-libs 0.3.0beta1 - Fix endianness bug in service map protocol- Fix several regressions since 1.5.x - Ensure that the RPM creates the /var/lib/sss/mc directory - Add support for Netscape password warning expiration control - Rebuild against libldb 1.1.6- New upstream release 1.9.0 beta 1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1 - Add native support for autofs to the IPA provider - Support for ID-mapping when connecting to Active Directory - Support for handling very large (> 1500 users) groups in Active Directory - Support for sub-domains (will be used for dealing with trust relationships) - Add a new fast in-memory cache to speed up lookups of cached data on repeated requests- New upstream release 1.8.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3 - Numerous manpage and translation updates - LDAP: Handle situations where the RootDSE isn't available anonymously - LDAP: Fix regression for users using non-standard LDAP attributes for user information- New upstream release 1.8.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.2 - Several fixes to case-insensitive domain functions - Fix for GSSAPI binds when the keytab contains unrelated principals - Fixed several segfaults - Workarounds added for LDAP servers with unreadable RootDSE - SSH knownhostproxy will no longer enter an infinite loop preventing login - The provided SYSV init script now starts SSSD earlier at startup and stops it later during shutdown - Assorted minor fixes for issues discovered by static analysis tools- Don't duplicate libsss_autofs.so in two packages - Set explicit package contents instead of globbing- Fix uninitialized value bug causing crashes throughout the code - Resolves: rhbz#804783 - [abrt] Segfault during LDAP 'services' lookup- New upstream release 1.8.1 - Resolve issue where we could enter an infinite loop trying to connect to an auth server - Fix serious issue with complex (3+ levels) nested groups - Fix netgroup support for case-insensitivity and aliases - Fix serious issue with lookup bundling resulting in requests never completing - IPA provider will now check the value of nsAccountLock during pam_acct_mgmt in addition to pam_authenticate - Fix several regressions in the proxy provider - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work- New upstream release 1.8.0 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental) - Include the IPA AutoFS provider - Fixed several memory-corruption bugs - Fixed a regression in group enumeration since 1.7.0 - Fixed a regression in the proxy provider - Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD - Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is logged at each login - Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process /usr/sbin/sssd was killed by signal 11 (SIGSEGV) - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - Resolves: rhbz#786957 - sssd and kerberos should change the default location for create the Credential Cashes to /run/usr/USERNAME/krb5cc- Change default kerberos credential cache location to /run/user/- New upstream release 1.8.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3 - Fixed a regression in group enumeration since 1.7.0 - Fixed several memory-corruption bugs - Finalized the ABI for the autofs support - Fixed a regression in the proxy provider- Rebuild against PCRE 8.30- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2 - Fix two minor manpage bugs - Include the IPA AutoFS provider- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental)- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - fix netgroups and sudo as well- Fixes a serious memory hierarchy bug causing unpredictable behavior in the LDAP provider.- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- New upstream release 1.7.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0 - Support for case-insensitive domains - Support for multiple search bases in the LDAP provider - Support for the native FreeIPA netgroup implementation - Reliability improvements to the process monitor - New DEBUG facility with more consistent log levels - New tool to change debug log levels without restarting SSSD - SSSD will now disconnect from LDAP server when idle - FreeIPA HBAC rules can choose to ignore srchost options for significant performance gains - Assorted performance improvements in the LDAP provider- New upstream release 1.6.4 - Rolls up previous patches applied to the 1.6.3 tarball - Fixes a rare issue causing crashes in the failover logic - Fixes an issue where SSSD would return the wrong PAM error code for users that it does not recognize.- Rebuild against libldb 1.1.4- Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the username in getpwnam() - Resolves: rhbz#758425 - LDAP failover not working if server refuses connections- Rebuild for libldb 1.1.3- Resolves: rhbz#752495 - Crash when apply settings- New upstream release 1.6.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3 - Fixes a major cache performance issue introduced in 1.6.2 - Fixes a potential infinite-loop with certain LDAP layouts- Rebuilt for glibc bug#747377- Change selinux policy requirement to Conflicts: with the old version, rather than Requires: the supported version.- Add explicit requirement on selinux-policy version to address new SBUS symlinks.- Remove %files reference to sss_debuglevel copied from wrong upstreeam spec file.- Improved handling of users and groups with multi-valued name attributes (aliases) - Performance enhancements Initgroups on RFC2307bis/FreeIPA HBAC rule processing - Improved process-hang detection and restarting - Enabled the midpoint cache refresh by default (fewer cache misses on commonly-used entries) - Cleaned up the example configuration - New tool to change debug level on the fly- New upstream release 1.6.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.1 - Fixes a serious issue with LDAP connections when the communication is dropped (e.g. VPN disconnection, waking from sleep) - SSSD is now less strict when dealing with users/groups with multiple names when a definitive primary name cannot be determined - The LDAP provider will no longer attempt to canonicalize by default when using SASL. An option to re-enable this has been provided. - Fixes for non-standard LDAP attribute names (e.g. those used by Active Directory) - Three HBAC regressions have been fixed. - Fix for an infinite loop in the deref code- Build with _hardened_build macro- New upstream release 1.6.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.0 - Add host access control support for LDAP (similar to pam_host_attr) - Finer-grained control on principals used with Kerberos (such as for FAST or - validation) - Added a new tool sss_cache to allow selective expiring of cached entries - Added support for LDAP DEREF and ASQ controls - Added access control features for Novell Directory Server - FreeIPA dynamic DNS update now checks first to see if an update is needed - Complete rewrite of the HBAC library - New libraries: libipa_hbac and libipa_hbac-python- New upstream release 1.5.11 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.11 - Fix a serious regression that prevented SSSD from working with ldaps:// URIs - IPA Provider: Fix a bug with dynamic DNS that resulted in the wrong IPv6 - address being saved to the AAAA record- New upstream release 1.5.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.10 - Fixed a regression introduced in 1.5.9 that could result in blocking calls - to LDAP- New upstream release 1.5.9 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.9 - Support for overriding home directory, shell and primary GID locally - Properly honor TTL values from SRV record lookups - Support non-POSIX groups in nested group chains (for RFC2307bis LDAP - servers) - Properly escape IPv6 addresses in the failover code - Do not crash if inotify fails (e.g. resource exhaustion) - Don't add multiple TGT renewal callbacks (too many log messages)- New upstream release 1.5.8 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.8 - Support for the LDAP paging control - Support for multiple DNS servers for name resolution - Fixes for several group membership bugs - Fixes for rare crash bugs- Resolves: rhbz#706740 - Orphaned links on rc0.d-rc6.d - Make sure to properly convert to systemd if upgrading from newer - updates for Fedora 14- Fix segfault in TGT renewal- Resolves: rhbz#700891 - CVE-2011-1758 sssd: automatic TGT renewal overwrites - cached password with predicatable filename- Re-add manpage translations- New upstream release 1.5.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.6 - Fixed a serious memory leak in the memberOf plugin - Fixed a regression with the negative cache that caused it to be essentially - nonfunctional - Fixed an issue where the user's full name would sometimes be removed from - the cache - Fixed an issue with password changes in the kerberos provider not working - with kpasswd- Resolves: rhbz#697057 - kpasswd fails when using sssd and - kadmin server != kdc server - Upgrades from SysV should now maintain enabled/disabled status- Fix %postun- Fix systemd conversion. Upgrades from SysV to systemd weren't properly - enabling the systemd service. - Fix a serious memory leak in the memberOf plugin - Fix an issue where the user's full name would sometimes be removed - from the cache- Install systemd unit file instead of sysv init script- New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist- New upstream release 1.5.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.4 - Fixes for Active Directory when not all users and groups have POSIX attributes - Fixes for handling users and groups that have name aliases (aliases are ignored) - Fix group memberships after initgroups in the IPA provider- Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication- New upstream release 1.5.3 - Support for libldb >= 1.0.0- New upstream release 1.5.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2 - Fixes for support of FreeIPA v2 - Fixes for failover if DNS entries change - Improved sss_obfuscate tool with better interactive mode - Fix several crash bugs - Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this - Delete users from the local cache if initgroups calls return 'no such user' - (previously only worked for getpwnam/getpwuid) - Use new Transifex.net translations - Better support for automatic TGT renewal (now survives restart) - Netgroup fixes- Rebuild sssd against libldb 1.0.2 so the memberof module loads again. - Related: rhbz#677425- Resolves: rhbz#677768 - name service caches names, so id command shows - recently deleted users- Ensure that SSSD builds against libldb-1.0.0 on F15 and later - Remove .la for memberOf- Fix memberOf install path- Add support for libldb 1.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix nested group member filter sanitization for RFC2307bis - Put translated tool manpages into the sssd-tools subpackage- Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during - rpmbuild- New upstream release 1.5.1 - Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins - Vast performance improvements when enumerate = true - All PAM actions will now perform a forced initgroups lookup instead of just - a user information lookup - This guarantees that all group information is available to other - providers, such as the simple provider. - For backwards-compatibility, DNS lookups will also fall back to trying the - SSSD domain name as a DNS discovery domain. - Support for more password expiration policies in LDAP - 389 Directory Server - FreeIPA - ActiveDirectory - Support for ldap_tls_{cert,key,cipher_suite} config options -Assorted bugfixes- CVE-2010-4341 - DoS in sssd PAM responder can prevent logins- New upstream release 1.5.0 - Fixed issues with LDAP search filters that needed to be escaped - Add Kerberos FAST support on platforms that support it - Reduced verbosity of PAM_TEXT_INFO messages for cached credentials - Added a Kerberos access provider to honor .k5login - Addressed several thread-safety issues in the sss_client code - Improved support for delayed online Kerberos auth - Significantly reduced time between connecting to the network/VPN and - acquiring a TGT - Added feature for automatic Kerberos ticket renewal - Provides the kerberos ticket for long-lived processes or cron jobs - even when the user logs out - Added several new features to the LDAP access provider - Support for 'shadow' access control - Support for authorizedService access control - Ability to mix-and-match LDAP access control features - Added an option for a separate password-change LDAP server for those - platforms where LDAP referrals are not supported - Added support for manpage translations- Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade- Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf- New upstream release 1.4.1 - Add support for netgroups to the proxy provider - Fixes a minor bug with UIDs/GIDs >= 2^31 - Fixes a segfault in the kerberos provider - Fixes a segfault in the NSS responder if a data provider crashes - Correctly use sdap_netgroup_search_base- Fix incorrect tarball URL- New upstream release 1.4.0 - Added support for netgroups to the LDAP provider - Performance improvements made to group processing of RFC2307 LDAP servers - Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin - Build-system improvements to support Gentoo - Split out several libraries into the ding-libs tarball - Manpage reviewed and updated- Fix pre and post script requirements- Resolves: rhbz#606887 - sssd stops on upgrade- Resolves: rhbz#626205 - Unable to unlock screen- Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but - doesn't require it- Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib- Resolves: CVE-2010-2940 - sssd allows null password entry to authenticate - against LDAP- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- New upstream version 1.2.91 (1.3.0rc1) - Improved LDAP failover - Synchronous sysdb API (provides performance enhancements) - Better online reconnection detection- New stable upstream version 1.2.1 - Resolves: rhbz#595529 - spec file should eschew %define in favor of - %global - Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd service - to fail while restart. - Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel - keyring - Resolves: rhbz#599724 - sssd is broken on Rawhide- New stable upstream version 1.2.0 - Support ServiceGroups for FreeIPA v2 HBAC rules - Fix long-standing issue with auth_provider = proxy - Better logging for TLS issues in LDAP- New LDAP access provider allows for filtering user access by LDAP attribute - Reduced default timeout for detecting offline status with LDAP - GSSAPI ticket lifetime made configurable - Better offline->online transition support in Kerberos- Release new upstream version 1.1.91 - Enhancements when using SSSD with FreeIPA v2 - Support for deferred kinit - Support for DNS SRV records for failover- Bump up release number to avoid library sub-packages version issues with previous releases.- New upstream release 1.1.1 - Fixed the IPA provider (which was segfaulting at start) - Fixed a bug in the SSSDConfig API causing some options to revert to - their defaults - This impacted the Authconfig UI - Ensure that SASL binds to LDAP auto-retry when interrupted by a signal- Release SSSD 1.1.0 final - Fix two potential segfaults - Fix memory leak in monitor - Better error message for unusable confdb- Release candidate for SSSD 1.1 - Add simple access provider - Create subpackages for libcollection, libini_config, libdhash and librefarray - Support IPv6 - Support LDAP referrals - Fix cache issues - Better feedback from PAM when offline- Rebuild against new libtevent- Fix licenses in sources and on RPMs- Fix regression on 64-bit platforms- Fixes link error on platforms that do not do implicit linking - Fixes double-free segfault in PAM - Fixes double-free error in async resolver - Fixes support for TCP-based DNS lookups in async resolver - Fixes memory alignment issues on ARM processors - Manpage fixes- Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online - Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests - Several segfault bugfixes- Fix CVE-2010-0014- Patch SSSDConfig API to address - https://bugzilla.redhat.com/show_bug.cgi?id=549482- New upstream stable release 1.0.0- New upstream bugfix release 0.99.1- New upstream release 0.99.0- Fix segfault in sssd_pam when cache_credentials was enabled - Update the sample configuration - Fix upgrade issues caused by data provider service removal- Fix upgrade issues from old (pre-0.5.0) releases of SSSD- New upstream release 0.7.0- Fix missing file permissions for sssd-clients- Add SSSDConfig API - Update polish translation for 0.6.0 - Fix long timeout on ldap operation - Make dp requests more robust- Ensure that the configuration upgrade script always writes the config file with 0600 permissions - Eliminate an infinite loop in group enumerations- New upstream release 0.6.0- New upstream release 0.5.0- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in without a password. (Patch by Stephen Gallagher)- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Fix a couple of segfaults that may happen on reload- add missing configure check that broke stopping the daemon - also fix default config to add a missing required option- latest upstream release. - also add a patch that fixes debugging output (potential segfault)- release out of the official 0.3.2 tarball- bugfix release 0.3.2 - includes previous release patches - change permissions of the /etc/sssd/sssd.conf to 0600- Add last minute bug fixes, found in testing the package- Version 0.3.1 - includes previous release patches- Try to fix build adding automake as an explicit BuildRequire - Add also a couple of last minute patches from upstream- Version 0.3.0 - Provides file based configuration and lots of improvements- Version 0.2.1- Version 0.2.0- package git snapshot- fixed items found during review - added initscript- added sss_client- Small cleanup and fixes in the spec file- Initial release (based on version 0.1.0 upstream code)/bin/sh/bin/sh/sbin/ldconfig  !"#$%&'()*+,-.esrururusvsvsvukukuk2.7.3-4.el82.7.3-4.el8    cifs-utilsidmap-plugin.build-id105245472a5b5459a4d54de76dbe1f79dca2b5e1411c5c36222a50f06c631043019fa795b43b387942bfcb8a848f9a517cccdb2670b4c1a159fb1aac0351147023643b853c8c1bf9f5372b2e64348b61b937c431ee12055b786af2af99bca9193fda0ead6e2ad9483e8576df1f19e9580d20a7a2b7a70acf115654c0d0b557df907d0b05fc76aa14ca643cfbe52e1f2812e2c2c1ce2526d4bcd63b86f15ce8cifs-utilscifs_idmap_sss.sosssd_pac_plugin.sosssd_krb5_locator_plugin.solibnss_sss.so.2libsubid_sss.sopam_sss.sopam_sss_gss.sosssdmodulessssd_krb5_localauth_plugin.sosssd-clientCOPYINGCOPYING.LESSERsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gz/etc//etc/cifs-utils//usr/lib//usr/lib/.build-id//usr/lib/.build-id/10//usr/lib/.build-id/41//usr/lib/.build-id/42//usr/lib/.build-id/52//usr/lib/.build-id/61//usr/lib/.build-id/ad//usr/lib/.build-id/cf//usr/lib/.build-id/fb//usr/lib/cifs-utils//usr/lib/krb5/plugins/authdata//usr/lib/krb5/plugins/libkrb5//usr/lib/security//usr/lib/sssd//usr/lib/sssd/modules//usr/share/licenses//usr/share/licenses/sssd-client//usr/share/man/es/man8//usr/share/man/man8//usr/share/man/ru/man8//usr/share/man/sv/man8//usr/share/man/uk/man8/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnu  directorycannot open `/builddir/build/BUILDROOT/sssd-2.7.3-4.el8.i386/etc/cifs-utils/idmap-plugin' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=42bfcb8a848f9a517cccdb2670b4c1a159fb1aac, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=cf115654c0d0b557df907d0b05fc76aa14ca643c, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fbe52e1f2812e2c2c1ce2526d4bcd63b86f15ce8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=61b937c431ee12055b786af2af99bca9193fda0e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ad6e2ad9483e8576df1f19e9580d20a7a2b7a70a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=105245472a5b5459a4d54de76dbe1f79dca2b5e1, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=411c5c36222a50f06c631043019fa795b43b3879, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=520351147023643b853c8c1bf9f5372b2e64348b, strippedASCII texttroff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix) !.8GT  R RR RRR$R#RR"RRR(RR RR R RRRRRRR(RRR RR RRRR(PPR R RR R RRRRRR(PPR RR R RRRR(RRRRR RR R RR RRRRR(RRRR RR R RRRRRR(RR R RR R RRR RRRRRRR(utf-81dba4ab730ab46717659a50ded57de171b14ee26104f55b3e9951060b7fa4b5d?7zXZ !#,] b2u jӫ`(y.c d?yr|ATBd/ܦk?%G,@3PkL;]_by!^+GF1g2D GyK5)QeT%To!̃"L^A%jyP"-S\p'Yj쉰\FZD*brƉ9]!mϖQYuDSmۊ=kZFy4nڕA(*"!ah \zN0]ܪϟ=>)x=|T޵ = uhm(\ҒHfʂ$Zqbyo&P 4}ET=8Nboy’-;.J#~"Ps<@J).'B$I2.p BvLCf UKT0S-d~ l[uFJP]*l ݡWߞ/>:?, 13J',?S/ss0;.ix [yEϢ -*:YEp.[c7q5-A{O}흟k!!(2Y*)a0'~SxFPHC>x9K~4_%vk-  9<坵Ur΂YDTc7)8ZJ&Lr=&S ҮD׃uWʥt9!ۺZLsmg!t˔fOyќ"fZbe 啊y7. VoJOy}sHwvW=ie]k:+! |1+!iI2W'KSR {޶⌑x,3wu*~ _I+@FiV]\) \ΐcٜr_ZEPp~{?M\MǃcR1(4؝ Ąp Kѵ4QY]Y;+`1F,אHSx_8}YX!9ɣ$u`̉7OGdE4CvG`#'kFZE7fq_3EiqVa2{o򗽐&h Ƚ$ ztu1d>pj9}xHP*lK4a*N[9 ^<'2-JO]V@2cL8ީQK4ڃ+E Z,46]\Dwp TUTl1~_K#%+͚gK^ώƛ<}5p)-$ S] cG7ShT28YvS'-]w)SP0'(RXTir߳%}@M⚪@%5K!0  c&\K텝]`K/r+Á2>IFGgqn:F/ibgс;uJԞWoeJrI"WD"ϩN q>icЅƆ\猺T7=rq6n`u&g754fUة-vv*>o{WndMٵ?6M 8 u]:Թ#ڤ&!u۪\s洽خX1GՅK9vƽ㽒^l, @ٴ|rKE1=39 /rΆL,31̎{ß5,,qq$Ϯe*NgůT`0ꔣ3\zv`+kzvDa0d շ\H5]H(gJ,ݗk/۫:;v>z.)0rIݧgJl`R eIO"Y\A?' vAXPg7fKƅԮ>/ L5 !! gٱP:GƯ09h\/'.- ')$;:45DGyE8Hq/*xXٯ*axÌ#BJx.$M?1Xfѧ1A=啗8KS_Z'ls8emRJjt%:!Fm 97nEb e@)rf? ]43ȩzJy?B n/fCM y`@eQS?I0 $-d\2ߔ*s(f&Fgy<"raз^p]'YX>lN .q,+Nhj@/'k=܃ V21MﳦNB⥰ Ò-퀀ij`+u2@7Ț/7ah N mt>1lgH%^8M̶"n0Ё5QAC@7LթqRpH I$9ЃyˑqήǧWA9oÅT-CVo3ʬkkzqvȺtXzqbD$13BEE>SXgdϵYڈ^a Xߍt&LS!Y&xC}񀌲.A}Zג+~nB04wƖddBrisP?<>6_P20s66.scD`2 `QN f]DU`$`D(/0v0VJ5H$‹ݚ:t u YZ&O$fSu% œnEuvLaFWs/\ŦʵImL%b0n#h1VO-v=Y#2pEq)H2Tޑ{ݘ1di 'FLM7>h:ݘ+IOۣ7Q69fI'&S?3+M[/|)v]tEW/x 11`4,VGipuc`d7(,u@B |+\Wh,oZLS|vWC@47EqE e_<s28_?vDhEZ/-'#Ԙӕ)C˭uX G)k5H}  OrԱʍ{Oc #$r2?ur!IyZ'φngcqmS$Mzvv=ʫdHCjR^/s%OQ+5RIp_ZQ'DJNOMF@m7KMڛڔl6&Pb ʈl&OB;D6M4ZIO.s"@m|}+2T#{V~D+ع'2V)>qv,,@-TT57?hz3 $"5LȦe+9@eI}RSpwB NjrttS xg<R>3 WFb. |*{SC9Tǻd¨uGy(.D/Dq(Fcǽ:?VŽdG{i.kTF7jfC@2ctCr.#/=H YV3wc:dR*ZZ*;nuBG&7 u2Ͷj룱?c9Jq` z~,K֪:*bw{.N=|bnZĽqOW̎V/Ĉ zw"f^:tepYNz_ՠa&7lIʫu?ҵ' Ym1q.î HO9%BY;s U?rHeY5pB[o~8%)Mw49C2sI5栖nvg_qL˷XV #Ǎ0 uS^=??O6?}WOy q"H J4qWH'o ^=0ke&{j%oBK_Û94sfNb@=ɦ,'r'Y\ಋk;[;V^RcFr*eΤ1@o `[W,M f`bMdJ;:O_xdz?7%$}& T .WTt*ҀgS ql3Ilc"- ]Imq`RtL(Co)6[7OKTU,G2$adL:/G>ZRqF✒MtxEEP}9ePnf1 fV YL_qmCpo4@wWz1\Fx0)1N!EHM-:x?gB ( :pRyglHX@ ,B;P}Dbiv]?JtG h^&y!:̜~EDCx$*p̂ھZJ\p<de0)K` \܅U gÞ`\3;UOe"ChRHgX@+1t6]@mr.iȔV민'IPaܐ h#K%(^]{2خ(Po]6w0p(eOQqGYuB1}W?W?)&0,ϠkFuh02;ol3Beok"1~,I>qs0 YivUpSz1z-Fri.Q(2PmKE !qPzD}Kdfief;EL$(2 TRgK,#t09ꉅK IS?z-Jo ?MxT gcy5,<}Q6,XXfL{W[Ҍx#} u.> 1.7*a|_;2o4+BMF8P5.֠RD _;{V@_rG6oih ĈCQeob> Kc DvTy;R`Gz]ۋeK-dapj/[2v}-F" C5U5ӤI"?z8pINv#dŚ]W67]ZE^0$Iۿ]^y*=8TybwnݜqPi+Ze^`Ssat11{GD&2^L^0M-uw4d9$-^q\&xbqNU_,SzO Yl4M< ta?0, mKes43cJ[8UH#\}4Xy/1_w;ɿa'J{th0+&HP$_fĉ^H$[d& zI]ul$ג?A }&{E/_luo%7,o̦TiAU` %*k3Z z|5KgM!eBqׅ:tyGa4 McUjIaǘf-A~{bP*9`6)QcP?ԗ(uZ|9vMuÚ'94B,q" (7Xr,F܊5:R\eQj%#`l ,)tF"&NY=Ip0e1b`#9u&0ʏ+O#z){5Ps7A )R c |-~+Tv?GQ&Ч {i[ %Hr.i{UHTM"8!g2zSq_rJ93U,302?H* y_=Tu~Xv -Ywf|~g;Li+ ӽэZGZra  ^gܸ\['${v(|X z6^$By>yYrOmoRg0)|JP's5>3IS}v 3A%2D.&nNe%d?~^~Ѝ|t>g9݆P¦+mťp:T}4QyQAJ/6@T5#-bkYD zzInbX>#jrqeFi{bSi\ۨMk>{_|qMQ=1 !<Ҝ~\B;HZE.Q xӔ\l wZ$gPS*C㐳vY6 k@Fz "yh.Mxp57xEU9(@աBrZ#kÆ"ekU1"]{`Ʉ>PuVՊ,"Dčz0<:'*8< X!XL\j1V 2^]?]U빷2y\O>Y0 }"VbQ?WMf6Y![(g^X;$WG{ ' ̋ 8higk9%HCb}O.aiL=CC AH\vCf8`A̫v;؝Xؐƕ'En7@sgؒG`l2i"3@8[QshALU;~d.QoE9AW۱kzZΧZDuYVuHۘqeB$׋CºH^+|ce¶%'06>|W12щ '%Q$fF-' +7;p*W6tUfx֢J٬mM7"s] ,Z_ ;3V_}Ey@VD\XjS{ėPZ!#2lqwR .jH.࿳Ta1/I)f.[Ͱ[{9dӎ.#_A^Ȏ>Z]A߭-I^T v{E)PBFaxgd!D|a>. CKT쏉{ zMyx]&$*ȧ"~G:sD{(eHNlbZR,E/72$][#I78(u'7#׷n/ԉj&,: wq70ClS ,UVJk&TF@>*0`+"OM.^Ht&Ѕ% ug *m8`fZ,,) <@R5)uJS߻4Vu2Ux: 7Th8TSLrH(E:X ezFZ@h{?iDDi27\­ܧ@ VtfzDL!gljQ\+\Ix io|kG Ӿv7h[άKLχUu0Pe;q#5Ix?|YW_PC=] K2I[39\Xj'G`:`ܿ㽘[HM劚N_m)VZ~l-,6aZᛴb?&clk,g#w,eoQ.TmĖ:T\eG 4[,qFj9M)҄:%pڤw gJ("XD:@_7o";-T䙌.4PMyo*r{~ʏ3u;62# bld3xKZ/muY1I7kt=y| A-\lj|TzK=I 6 ɴ\B{{Y1e|5Wg.L^xܖ=N.ܑf X\f\(Eliv!\oX;.>^#5 F6~uQ2=G@W_TBOlN -󼼲Y` ;Dod ۀEޘ ,b~ɧ҇WPxR5 k-(ڭlcD ,7kBk 砳H@9c|s/c%wKﵸǾK،ˮ{bF,hM{-fP"^߇raN<`~\k[ÀW<`dfn+ve6R,F;UĬL8Bsk J99/rZ$!KV[ɩOC8p"iUopiS.ړw;ys_˫lO_A'%d0E|aMSԐSyh (ԝ+lw'ȧtjH8׷U߷P~^<$=~eP{)9Sl-p$7I!%ebl&SEQC=w Id# Ẓt?BMX%mOĘD~r+1|{Y쮲ùX+6>sK,q 8:PDǞڪmsϝCas̚NsԪm&Q$[=}GyuxLIxU nC*k ߸D-{hU:V=(”lŏ@p=`;`MOjxe/`hu[&PMqC%?HKrcE bN  }mD3ڊPawq?cҔ5l`by:RE1]:rG0ԮhU;"aԈ8ceaW.0m30.^Ͽ ~%)/EܤHw(Ԇ'{e/ﳔrW;.pٛ唿p ь=z\9k&17+Rf}lru܀uRȁijr| :N9|ss:/sw B;/VmʠkBڏ,,ccirbH!P_{NZo'5*z<* m)?8SORwa8wS7YOUL, ZCt|AXޱuM$6(8o8M}8 Rw}@~hvqB`ղmv[EA:B.SJ*_Lm);n"tOxׁ3g4eqUy]{ξ Nwt5|7eI37L+E0Q.?YH0 G8g6a.'˽|Uͨt1RW5ڮpCH|ВtB2Й|KQTXpBUiqenb57ۊ36t}+ĀϛW%x8`x)vWq9Ě!C2o[`(֘.S AK ')O9DՇ.Ξ"7K_b5#3wSmU:N^^#a5 yE_){yZ:cݪ1$퉍+%ɬo 0*?DލeĠ*^!\SmirrjƎpkX|VJ.1Lk9Q"xȹ1_byJ\"KAYcB8,8ldcf[l<0  \[ ߛYpЩFedfy@4$}$Ik`lJ ʤ) @8aTt xvI>3(D)ToSO'4nF[!޺5vĪ^G=oN>M z[7Nu;񝵕ѥƈ,.lxoph}mބcnVf<+'dN[Mm+zl :ߴ%%DױbI@NP%859F1}L%j{x#ɹGϣwc]M3U(5w QPS~hGCQ^fiS]p1ejD ǪQwA{"ڣ~d5f/mmNv0"/ vdA9b_ Tzg9o^xTbey?kU:0N7Ҋލ[\J%@&RMOq`2]Q.]+[ڛ&Ű/Ԅr S|LD)^m:l]ρCV9tPe"aX>>scb!vFtWHtw|5@ʉ?!brЮDDG_kxj2BC]S7Ն0m8:񑪠uS@9uF}eLVWR1Qޑ1]X@Z.4ڟk_D npL 6| 9&gUg*1}1l9J1OPxjZ@dѿm*եmKP n O4 ?qv.d_X᧿Y_u:oC=9 M<^+XKb:ᴉ")$z.P87#6k3uOi%fM39Q|_xZr:| xhC ZG3NšEl";/3vʟ+f%t˦,17hUE.^E-}7t*vNggl6O}`U HAI6+ ]$&/):phqVIu0IP-@ATx;}m[n0Oj:`" .2*Sy ^j }dh}`c)[%QC*Ic.ww\{EYs##1eس`/އנXtt;˜O;񑞯?9)k#Gjn{C𞟈i K96vv {ECxH&$JCZƵk=,u`U8/9rkV,W]o]6 iPIO$i9(3Xҩ{Ֆ6 :7HoBv ,3wY ZpWƽX,G-P2=?N+W/Ur_edoƞ_ ږcJOZa # S,>װͫ]"vX Z<UC/c`C!VՐOfZ$9%OH+BџTɕ`M8ßϥ5Ϲ[ D_^:['@z:g'{Ԙ^zJB܏3fpP6au*m2WPřKC/XxU2Z7ħ46`24$9{eW48w/EU|Wߠp%2~Ìd3_.M+(Lw.ݐ%&'q!e?aI7W-&곝v3W Eє{J'WB22uF:C&'S[_踕2tf&|c9\Ⱦ=M~G0 #ӳ@SѣX`什Z>nMit+TIJEpB*4}FNj\\Fj8 W=id">7aSrZ%\dW3E}[hyr\kii1au60Wz*aXcț@Ȓ}6㖄/(G![-k\_~GӣK73WoC$QSN[I;P RIqg:P:(#e 0yaNyUK=]  B Ӊ;dE~dej ̂c*;F2@㚑YC۷'yV!lF5"gjsHs|XUzj'['>xO$ee W[YU|9]B-<zL'g;lmܮG 0yIkcR<QixC,-R2{}_ag)1wb9bRm몙ZYj +d73'0oeAzzݡvieaqw7ů؍.T;Y5BXdjVz+6 OM 6ךaѡ/ ,Ng >n\n̯7vds\YYpxF #v\0üt5Bn E[qe}md63Vtݻ' ]OaJmy-Y4۽R` m9[z7Y !" e-nd2|& '4w(}=;'×Ѐb-z&ym9ˍ(PLrC:<^WzE`Ge@Qw6g E-%g샺j4N{^iI؃l-;YduWmKÙv SmN7F*EQd>pXn9!lToh.v7T"%^,҈ [,} 6"PXL)oE`VXV?J'B e N#P]*eR.!ZJK) bEʦ:%igaC6l|D$ ^&vV…/ntԚ E|l,dQ]^6mg:p[̥Qkw9 L49{4kA5}m&Å=fjafʄB,D4^Q;E{n}03bD.?yֆ4 JsHP;i?|jm"Ƭ5̱)R,Pd^Jyo7CE4A R tZ =+mܓ]M@ Aڂ9ź߰tS| WTb2dPTALeCk"1把I$|,|s:DiN TTD}8w\vos*IpO)bQkZʥ8&,4.k}˳@g7-$DXǣ`LыyB1u?M'4):D>06S+_3ejfZ B3@f#f¯b@ӳ!Ԏو.:9݇0̥ u컂}PBzn9P~mv9_|tD8Q"o,1񠷵 {ƬkV򘏑V1h > $F&bt=ӎ7?'3ƒK#6ށߵ&-nQqȃ'"i Z,)2֬^0$w,UkЭjO|p_|Uįg9 hUu❲Q`z"yhH}C!PrX:J5BZ7:Z{/o_09LMx-䘙La'/ل'gMP9&ag͡p{s$ZαXT|vH'?j @s-y㿥Fuk#/tKE28{G =/X&?]Me#O" ]Ne9<ݱhcjoXĽe!Kҁ=LoxC/Nq-K[2U: ;G{JWu}F )0PV"mzZ'ajWPyJlA/Q"|SC$[YPq¯flNUM?ie$X/W)V$/$ϱqh<6)E7'њ`sQ[+ŭ&iyyTdJ< }]X m~f{Alq-<Ez~t} ڊLJK ͇S* :2sbĆ=A4 &A6HGU;Ϗ뢬2 @5i%!vP=!F(PJco[\ _3໩g9{(ͦ)5-zp_t=`^Av(ʠ fʴ^:fy+8xU͎oj^2NH5w8i}6ѹ98 A,w@P9?ӼC>'+'KlC467'TZ֑{GB{r͐x?KT%w4%ϙ}OLb!qĿ6DP_bBfMm FtkJ0r]/ sviMpը/8(̉":\7-*>J %a /5% %G`gx(}M\);vlUgՈ0~[+AVxb2oD]~l.vvZ5WG9\S,li&4&犓ߒmTB$^Vu] 9_$pr0g&V2O§ _̡$K5iq >7Ne3Z3ʴw "p`mUGpd}^@ .^[6 MD+NO&B_! +KZzA?{S[ՊAEꅝ>CW,,ϋh\ϊ4Ej_H+КWˆ[D%_0Am.ћ͈ !F]A<8y\)Hu)uүRrnͦwuRubê6}]\9S6tCjvWVmIJ+{H.2\&W>^i&s.-tYáZFQ@w#QXN{$&n-E pFN)`/S5B0-A\Hxi|$H>m#=t!Fn:U%~m͉΄@,(S:4986ԢZNE [I,iE0tzbAKH( @#+~8Sm~堛tUkH(2~37wh wj@ijZ =՝mq:R͘:%+&?I+ ί&@<{:"N:Ho\?3s"Ŭ7Yޢ[J ݺq$-@77x)bEE, A;U/oRI b=͚H(.bITsLUB178~iOH! /#*͍QJk{.%Jwr~4ہ`e&jEpI]|\^ 2fITEUIIf"'*뿈':; aK}rXRaw;,"7KF[28J~ρTy:,Klց"_yKIDKb''a݃)3i3hfy4䭅#`NL^}QGd8:_'(;+Ze^ri1d^dbL%NG yJxjX:݂=]ǔWYuD&lUrfP;NqYm7˃ێ\5<(#%{= .-<%"MCaܡVjU1=p}arӻ+lETlf1fp.>2eW Ը5AO]}n)%"UWUf d8Bo6;;l$>b}_#L;Ԓ )=ѳAgKX>l%h/Ӿ iͰ6mOMp[#1h۽Z+9"*tY~Iҥ)5!W H6!i>i /^ keQڴr@%#ϸcT]WDl6]AX'i``Wt]ufebCn#f8cװ~퀺n1+Uͩ$?֯f V⶧g'y/AF⢔؞%1z5 ^J-_f([7/0w|N~ w1}lLJp״%`A5]د==ބeЪ92Sc`jc&Mhx< םwÄА~)7m}zll]u'7Jwo[āhi&9,,V?! 8pƏ?C,zn.Ɔ%1'4v^ #0l%<[WNg)Jw۩rl$uO40\R=h'|= |Dy2y?EmaE`pA6@MuڠF15[;,ehi>!ٻOsbL̑ĻwscHMk{zL?B]ٵv?(BsO"0A/[pM`Rs_5P6cHXX"B(N)SpwM*dy[ |9EeBǧK I Z5Tn-W3(kD8X+ :j<[>97I0ڋ~(tۣp%0b"[֠;+$m/%Q36phHV'Fa7|(͒vtfbO%s~)((Ďв.$rV}a~Uv ]ÁrHHژm{)v=N #U?}b^Fۆ!Θ;POwmbb zI6+ny(zIT C@mA~hD(.n;fe[.g:c]`A⭫d1Z`B;wɶW==RYůV :XMoT ;aצ.oK=eUaq“7)h/8\qmdDˋ`{b#>[|F<4]&tͿҴ27A:jȸVzF9f1-װmr{uno̮%+u DB|˩>ĝX+JٕQU~{^&[f'_fq kĜ6܌EދXpY1NgRGcdgCmrQnA2s'Ϸ89!KS'Wa%dVZ>fD^aq$quMҩ,ޢ!.I9LTpF虇9 SfXmip"6$rTGӝ[|6"O놰X&J2O70|"4:)/N;f3]Xڙx,0\: S`@48^V|v .' oT}vyGuEvXqѢ홾OW4gT?|JΎc]gBz E9r+I2x؞ySe?uܫ;i=ہh2ÌVg .Pp%yqՌ.?L!vt[z2{]h:6AeS_}CSZ/!.?t$nLJz8`1AHSH"䙴>ƫ=4P͚`8\}#ڜqqwx̖ltdjŨkKRs?a }s(㤱n nqݿt|)& 'S/]!8;Cw@y-.t#ځX^nILxk[jN xGrf1aR6h0 u`ސ/+:I'ɣՎaWasY3i'"qCM C,V_*yLz 3NSqK0RnrB BݕP.ew3o ZӐߑ@u֡eXeT.PD((vC_# _3h,H_ꓲq~ VV(Ur*2P[K}kW`K $-/yl֜X~w3?o0PauG= T>N)axзZFf9`7uusL53uEKO2zLq)u)`eڙUprH>~|s&o3P(}q5M.&KY ld)$O6qȡ Nz07ʺJ9/d\@8_1xf<`TKȵc=Z@ߙ4w V9'4D~Q=&r!ҟ*veSq0=ǻp͝`5F|i;G=F_ѝ[+Y>3(uYغxg1L+ zL@MTASAKH0ܟ,)8?1xܼ% ZOe"TF,A,Sr O-ubk\5vG-Z< XJ '̻-/ hwĵBP>)+%CQL`ZpOd#?#1eS"?6'6$&)ZS2pT#Q#)NQmQv.WwDLDsQTt;ҤT-Hp~9"V6-_E'wlt 6[&b쓽:@Cp4ڪ=($]A5\ƽ:|z^4 ?O#vv?wvhuFr7R1BRJQk7@ϙSS{|/ߑO}͝hr jLpMοJn[Dr0Oe$BL_d%q7MހUn;ݐ2c#bo:>8* LixW CVH5LuZ`YOIB|>R#Iյ~ٸ@Ikԧ'fxbqu#\9Gtά,j1bCLq[vUTP9ws0Xӻ!Ca޶_27K`:< QJtJ|)P7l2';Bӑ!g 2 (-vFQEMhDܽ.\f^RfVWX`S.yP؊Q&uS/.BṞ07aH\ n%KZMPU3Bdm+z+x\9_Jq[ ΕZ͊dleM|b}p,OC jit#܏@21RSgR9_TXYq*wrea&J/r ?( Gtb5PCY4#'*`WMvD%*Gk1HSARo}ksŻ#T`okL=̙e.';gz7Q3P=e."v1Я{'Xl/v ޭm`vo'pFrE.1Ȧ•xJ$6ބfeʚ@[>}c~1T$p}S7%<MԿ4AK⺆W5=w:Y)RYɋɋ_/,LȠ?l4vᡕpGmh+%.uF0k/nju#Zo:'Aj).({ϣ:|X &Md$VݤwE7KOސwu0Ca}>{u…JKE ISFŋ@1F68Id}*s>~ MHUGsS<ڽ: 㷘]U|xȵ|Tqz9 jf2.'ɂEٵ_r:^7 73v"Vh!ߴQYB/+KŹY ՠin|ßf.W `[is_I\iŹy4r nV;)Hb5mfUsncKӞV~6GLYɟ7u`$oƈnF͋20!> {q퍬 8=7@<ft$iX?Hz">s=*DJ{%#V>WG7nptpn$_c5Z&yF~ugICٖ"NkXH>yu'.v(ܤi*os!y1 CrYa6ۄ a!] Ǝ%;67gq=+4f4<(M{n=2&)"CrPI;bԖ:!SmK"g"9v!s(|vQmLLKPvh:D滋e,enFɖ_!4])r@'3Sh#~S-԰vdɲ5EV#(?iQqT,N0!;$m2bef95֨ߪ$hQ&Ge\@~w>MSN|m_|o3Up cdC{ 1I9fWQ~,6M4;e&%ʋ=96v๦.m bzj~[BPaL[IXUc[*ۊED/lLF0WKݕsF=qr%*QVhjąAg M&Z0`xvh5VtÊVo }) 1FD x@!ϭ.̰nh'bIT-:\qPAŴlrMĩ"5/jӶf,eHظuϷYWl@>NuvuUׂ >&k 0M !=G\E@i5~k5ش ] L=PdiW˜fx=B3fQSnt4?OI`A0վ\0 ;J$p˔l-OD)gN|q˾ܿ;wR'8ߡ87{eV+'4p ʊIW! xkFfZy*}86f9 WJwΜ5LW8Y:)Xܡ#(J8 je;'>j? AX D| tSYLP{ hõ2"Y7y*mKSDqsVӥ`Ozv;ƒn[Ҵ} oF|jZiy o[E5@XdT-l0)@C {jϦC#]"D>(,\ˁ[]w eNP˞G18υeHsVg9y ?ڃf+}` A./E Z"v$*y"*ߧSſa7UȘnp/?<ę8Fo{,sw,n@hڢ=lsScWA?B{*#Q)Cޏ,ғ!Tdzz9!m01Ud7_]jj0OH*V#@*{|d }WK27=/o`$pl@TnZQ2l;8hˣr2x6i@ģ?joN8l fi9EvrS1z-"&0-0EVۑU8s{km1wGO2j$P5zN9cGbK GN@P #8 }foZ]W\ǔI?B*խI[_^QqkJ`/lW!ky:H.E/d=h'";e_:<$`?p •Nzus1 *OJD[$Mx7 @'Uq ЅT`NT1̈́|xcP.bNuEѬS.f?.cpvάoFe ƀ{ fOHB"c8%BD%X"mƋ*hAbND&EKم;W>HDD&K 'Hg4b46Ͻ3,zybc:bWSY+QHKy ǁҝ?]`Hy| L',Ԃr /k>;4v&PgJoU N HBR@̊4:bEGJ6qRCW!Z"Zd,Ӛ|AW$ Cν7;r,l6_E+ͺ:H8㯆3,lg&<@\|Cjs]eFƍ`ksOw*taʼnt!^̢ BgJ^1'XH ,ޔ͜=fQUtCft.ä&iz s Nׁ۫eiN^&q&\󅆵VVx`LE2V+Kr iOBk4layYMPcPs+gRTn`ze_68I;6AeKMJ&kFwtM{㬁&cD^ n(OG3;#o=@-N8`~'٫f!55ltNJ"g:Q@էzfid5RD'Pm4z5}t#P|nu@U>_yC"ocw>kkAKl/dP!T!t30 \Lϐ ~"21C"Aˊv C@ߍvMFo؛ynjjtaA<߼xO$.ժ_{b7J\(O1;ƍl_IT)4xۿLYGVR9olNפ. 鮮PΊTx()aM^ŷ %9vLK "(SyLI+.̤q,ݝmhJ֑J!KJڋauN `@܌ ͣ}ŃV"U@5pn:,0o- cK2q.M4t= b_=^),9oi?јM% Cdkz+5L-B<sbp-nq"C~p`2U8ԝg:iNGqpU p> Iyd.`1 c;[E JbFS}&u9U3 <*!Moeⶡ`wJmnueEu9ƢfHlhI:IXd=HTin/$BH4 ]Ml4TVQu46%pPwt @:hq]dPl' t)b6H; "Rq?eb9q(BxP3hv3QYHG[Ĭ_ "12,^DJ-EYS^F,F3tmPN gW?#!Ԃ߾pd!s%6Yc[ZTLm-WBg^ ] Lβ6/r󙘸Z)S+@"jmZhҋ@lmyfWCU?^ۊpj 4D3_6 <4yA&\/ 6*9(F)V9Roh kMiв"/Pde8ˋ98qSf佤@`v<|v63V`Oh1!>V LIYsa>kٶA)n5D(CsH/l^oZD7Ys:Io.ndT=Yo/`ت,rn !{S qX%/dM}۩e,n+BBr`' 6XZ db`yȝ΍2Κ,2kS[ΕUL/"$H 1MU؏5yU=Pc\ %L..3Ҙ4p1e+j!R$^M>N5/yO}]AO;7ybp"⦦F:&ެѰe`A ^v*q\> biCE('V&oLDCZlK:b^h)[n>9aK_ fiTߍ&Z-bQ\7?bNA6fU.2kh7bPޞX=SP&oV>3k%R0SqVmiN 6֚dTHP*l [ ["DJ.K% N^iDZȮm0b! w5(z~5IjDk5+?`sI +Kf9/t4 6pN:D&E!mB b/;8>]l)A-z~0M{-#A9 |zէ( Z3SƝ 4dd*s!˜AʮLCK<؛)x~dkc{g02diJ0)昼F{kX\["n|=;NehҎұbmN[;9 Gpj  |fGϤ} {Aӈ'~A, Jpflлvjqc=|ΜG1ʛ"ѳ+4\z}n ٝթv?} ySv jX}L0@΍#ton63lw ܀/%ptDqo8t#^HKB "D>幀 "=525Hp;1I߾4 =6'0,I6\sƟTn{C t '&󑪾CUҧx  KchPA؂u|`qTXӾQU>eKD;E-*PA&1lꍪP&F?ՀvhB1ֵxs_  K [?7 ="p+ufMN~r?`-0p6&Xwuǩ@< ҁ$UV@{@q8@ѧ(!@Ѝc]k6I wwvT԰(p]Ǵ=b4s1e)S׵ QЗ"s IM $K^ DJ8h|4hZ.iBJw/irԵ&ѧkLt9ëJCI6L,׾hnwyfr@N0isjٙ.(X'o] p@nOco/nriL=W z8 q.9A̪Q+R'4p4&}~9zK*(d 7dk`? ׼:F,,}p-Jsp?w$ÜD/r["7I`B/ɈMY@0\܄z`Y;p=H-|Q!3TnI34 b=,NgL<&D+.r{M t{Ξ AqG~$-b;,5"9v' ,e>c?gms$ rf>Nro~!2:\-D}[{.b+as\sX}VOn:su>+v}&>͛AW5"[.YI\̿1EL9veN;wP>4|l6qX2quq~/h́6۬\iVXwR+Pt4/&]>_~z[/ "jl=PrZLYۺ#Rq __ۼ0 U{ˣzJֵbz~Dمd@OFo@Yz7: 7le. /\-ԖʸZ&Ek9N ǒl$Q!7M5uJ(b߰3h0zWق=bqAm4xH܈B lx1dٮpSw*~jطA4ٸ Hvnmvg𤈟 3W۬Nðr)ߪi@!uġF[bsNϔ.qa@)PWFZ|kI"鈁WR[yOl`*cIJ?0䷿J=$TMF4=pUR|1kqEi.Bhe+xT8%_û$7- ԗF~fǭyM;b h7JօK Q׮2F\eGP\PyDz g efRk*Tm{z*utQ nUd.\kʝ!Lfbi).Ȑu~zwl)[ecbb<8}өf\$iDΪ]XʲD p~vjlpNԸSkN}z4*󠡲5Nn0  V ʉƤ,;~4]MYfvYlE6@Go(,-㞶s CIWΦ-vHΕ!"tu0#Uyz㏥g+E{8k.BNF;o0i{?S-!i8tcl|}ռOs^9z*-;?+T/'w Xs+Bt΁E ꛠI l6.\bt}91ǥSzFT]|5_mU.ߏm] ;"d]l ?~E :q2 <\ډgv.`]~ ooSG?;bIµG#.bBK $L9L< a%@٤~ G.tߧҦt%m*AM4\)/VAK)RL& y: hӻҺr^³ |W<曩9^Y2FB9( "<~/ D1VJedbqъ/YN$S*,J TSy2{C+piDjRj;|CsA3Wɶh 4OT&GBsh'hgѼA~ŮɇS^܍|:6j hSJZy9Bp4gyZ ,Xdenhw_ִq^Gg>WPqbږѷ?68Bsx;~ `m*$Fcq4.Hn{ Dd8˱̧<`-EW%zzEI2teS Oe*1kIi,{>sb^iSγ_ԅ2g(Wt|CgAl7IS E fd^B4b'Ka&kWe]te;pq;Vļet h䡂k3ETRlVk050[^S$PvRրj 7|/ͩm\ܶZ.xH< >!6]FxK[L~f>=E+#Dtu96zЊQwyYs։.oSZqCZׅjJg[/.hDј--w;w3JO7n@5(/D*jopKwo0_pxBRh>8?([rM*ŲJg+%i)`_Yc^2E<j%W+:D:9sO=Z ApdCѿKX*축YpģtdO\W6oc{* nJ_ 1 Ç =Cz[U5u? EfL ٠eD̹RN7Q霪MA)0?eZwuO&h땂W|-[U"ǽсi=K|c־pw=԰R+ 0Ue^- +9[NSB'j/q4S9C>r`ߨy;8 :O;#:G?w2^j؅bsش=-b CM?_n%@{̟.,E$CPcM'phJF:uˉYPH8>N,LDZ_z:sN6= ^R~E=ʸ}Tsn2ՑpG6N94lٓ+j-ij gLANWV0⭘u>Tm1 @r7VtGf'OUX/o&6,Bց İ7.'R|sS#Qu0 ZڣNzQ^_rXZG(#Yl<%FPbRنgѨW6ISzmxcmtgThj@|f&5$`&yGg42e ͭS`¼s$2DYD KQ@6D@I{ȋ%*7[¬&&|S ̏(BF|@aoCd7^HD:qZ'A]FUa\J' I(T3 iZ=?O)]Fcq a_~ua08=[l8H΄5Ro'yRW\X"}-6xLQҴWJ,ϣ8hu%gmk50+onygwmO9(K~1Μ^SPM(-4BrJPDtw pW6`piL 0E4"5d"QWrLk^J!v ˖1!:+ڽ 'Hp_tv#3^jw-gc|@T)JB} dyw͡@ԻC}fFSp߀HߝRY,DSTwB2gEkbUġ%d GW& JXo.?/L3U%q<]o Ys׳;ó@W%RM $oljLSAҽ;.ܐ _*Z^KR5)zqn í+2>DcLc3*s?y'Tf7M@kŅP,7A. z:DF!h4oV'H;ir[5$,!a0j`Qԡ$ȔbwP_ ϡ lْ8%[?uܪݹeqnHd4Ip`-xB-;x߀(՛(y|RI(W|{W쮐g-4\ryw}?M"G ?oT~Xlu~Z>بO℮b |YR ȏ׈˹Lݳ{k]=#)><`$L j)Hu>hS@p+8 Bų _ƒk]wz'a%b\5x8zR> WM8ѓS+$tVT폞#icwEk~LJ@4?jԟwOW.Մ*GMChɤi!jxnCVhk[%w4+f`ۼs&$ӹ5fX}j/gnBASr^QCnWӱf߷c <#-ژ ȮMɱPc\Wh(|٨V/Vo1h԰g< &m F 8vtqaGT[Xբe$/_Fa\ 5 P2XT۠Հh,jn@9?9Z4ثzАgZ 8Gj/ً]> (I PQ!` ὆潭Ճ V4!Җ}$("i}#( ̆ܽ4qs6$x{H되d-r"UV_ 14fƪ7n+z2m{5 /nnFBa6 `q0VE2,#|y$^ˊ,SIX dsTUMMul̲]r+J]x{DN@I},]ٱA?1!@jxb>}mHtD?(l?׾Ղ pړB]m_B`y ,YS0}J:GFI(%ϥ@LIGD62G7[uG!$p^//g<'o$°ο<l+ne]^l[B!}C9YU3.qͥ:6gnBlr$ LN.+lx"6Ɔy'hQ~rkb$ޒYԽr`i/h6L;XJWT5R7lBo mtX&f}?5mq PF>Ņ o0[adO½"%Tڋ teR_݁t8 sZ3VBRXX0@8p?~2^-5 [>8 ʆ&HmԸ8Z4sBa c*&SmrXu΢ 653JzYZ,Ư=)K`A;)|~(C?tP`il!2*`TE}xv[sZr/ /e0Z Q=-͕0 }MHJA8hoXrRlU oRbj{  ;4B*r0>a6`0ڷۂo.q\3u*B+T5ẋ<cکѧQXV`r F/K&yy"PLqٕ k*e/ZBy1R*D`Dn:A8vЭܹ !NL1*vPgbꖬ&w_Z#sJGFv;bl0d74[tv9VXی%!./&  CpSW)E:<_EFϴVo<(3U"wTHぎKVv > 6>R47DB,ӹ,#xћ4/B ABA{7eMG'9VA&UĮ=OI[d`yԨ!O0S`\ gƲ'ȧoGkW7}ʞpڹҫ0=Hq3(*qE?GR.Cښ1qf$FC+/q~~ne$s7Bު?xLIJ|FKEI,>P+]Rp5V\@xA*X{ lq~oUT%+*⟙r=>H\HQ^9G\.{?0>o.B˃N(Iv0o?Ic'^pP$·Kyʝdx@`ō>F'mH٭jMlanI#zEĎ͆a圕{sF~6B&W geQ9یfja!'^̇;wp/eC:g) /dQ-3: b=B s9 Tk>au-EY_S",,HgpF =+oi!rqZ>. K}90Y|tIn-f8+@_(>%$C%W\ÝvָlhiĀJ [ }HZNRHplV9"Ʀ?%* ,,γڛ~[N$_r^(7ˀE9 R~D!և0~G]sl"qDEDetL-Y, JR-uFl3ײ sb%G=!׼P-#}:F%U,6JwhE+fwl 3w LQ Z]];s7An e72P$iys!_% R~ c#4HYLw\RAipN~{?D,6Oa<*pr^iqqZFH0㱦o<ɂo3MimbNj>tmlnL'l7nu%^b'  <*IFŠK6"=PM9I%CZ.d ,Hdål:,y9y+l\]8Wz{RףɍNH+e ژ"&IZ%*\jOQ.L465@N69uv@dRa][RթK%P0dy!(hOVh,1amF>wc RYvطrוA?`cIyc~/i)Q,كY3*#^ld9x \.SM0`ԸK~G!~|C^a=։ >:+m#?p?_|ŏ r4U_hfy:8X`pr#5P;쭳";vMX~ gE^Z0LS˫F^NX A`xm~.G; *WKz C^炤z < G(G<vbkPNm +[ί ZWdͳh)2ڠ&@jW|^al}vk-Y@R\4stmb@ho;gd}I"d/ϵ,#Eʷ!Q!Lle9Z=BEIt- 5fj.mi.ljQ91Q?YEo)}>x'|8X~\̣ͦc , OS%:SKst\=*ǫKY?!:dSDQz Yp[l{eHMFbqm{lG+D}pT)dՉd+OkeT*պqMHr[%g-fKzR! Z駩oF\EUp {:d<-/TLYΝmG <(C V\"Y "*mpЈ \ Nւ ,BX[śon މ)(N[pw-Y pѨy'&| y6yrn'\Ũ<ȹJ$'Q$$#$ÂEq PEǺˇߟPd"]G|BW⃋r싉9pZ8 bcۖ]y<.pQ]l4E ?Ҝ#KFޙ6ܝZFH;wA@ö[]lwLڀ %Nh7dcxUȕ˄ 0{l׉4Y.Guh^S_CTo=@'c65ʹg ѧ~vƒ>H L\ ͊dE}oޔv)v0\mN32=ᾢGw |-"cEiav-24ϥ|4, i&,}Q'gKLFo'3@5W n:Eyy6{ ų-jRbm>U=iPm 5G>W|@c4q^Pػk-t~45|sm+\FAVʸ SQ9 QofnB2f~Q>TQ9jO7 #t m8q4LegOQ1 %?r.fT@$%HwFiodrVy+9|8&nf?o5j?^X<ې/~T-*[C:R7quWffJC,-FTo+tZu!Ah\sC9{Ihæ%}@]?e'xt}G^-d/>I+ڬL2&l0ݒj{]/c\GDs)|T/|1 Xę@W&JֶJWU Eفdd=ZCq lVuZQ q I6rs)NeT`6V()*ߎEIS[__V3:eߥNS䌮=,AF Y~xĠ~VTop;7xtM4#[jN u]P ^r-"gq嫷jY$]5(<ğ`>mLֈ s̄Sn S~)C;E iƚ\Lf}A^q@w{G94nÜi2SnPaBqd~ʷ`PN'F\߲Kֳ t#+ WFN~F>)Y/ne{0Q 7ش4pVإOp2H v޺ 7L%0YL"jW Ia5BћN[8XҌ5}VRۊ_ nVyOåN={+qXWŌThp!;epɆ2? 5亇 !pY(e};d7&EuSr $:DtCEU/쐅 _Na/܍e/[G9ovMyDza)f&8H?tSX` ~eڙYV5䋉1[Sjs`01T,?=sTM';JTycE;hgnA]?o^v-AW4GC/pCzwb7b -η>b$@*R*?gG (b3;IGᯰ3M`VҷӦ9KUHvbf C-cyu&Y`M)S+S?6^ k# $￉yRL\[iX39'. >o,YLuOT}ǣSi>g{KQ:!nƊ#C1%g$3nv2u{cH>qCO? BYP BWoqVo(#lCF] 1c|<4xTS 6]Q0<+ײ!v>oC6>ټ([q(y&r0l`blh`I Qts80EGJ3 F黁&c?- Gmjthi{XSQ~:rnM(G̖q!#1[,dx1t.Xv6^ғ G$X?~[=(ZZTaUtcC~:+l $nT)}I&$1vRT&WST8IPhԵX1:6<{f$[Ibj?bJHK"h[^j#'y2Rˉ+*~O܅9re{*Q9ٶExѭ 9SoGix[OSR[&~/j*в:,b7|Aj'.ӑF7i ~i7{vMTRx711pIa}" (d뺜wTišϒMotT-3?dBzZ1u;A Zskb)GRѽ~'9- zEhgC{R_*335>Lyj抷ˇ2o(C*zy uYݺ5|$f0Mq>\`WHW H W82"p>c5sÇ#sƐ޷UX/F37;seE:"ۂa(siNrg@AKZ|qf} :G NIF@ o@Y~]狙LÇ(1M.2Pral>N9X{L-:'Ƚc~~U˛Ny[ h@?hvk[Yb  J X@y/Ժ;8[oy`xcP/s4i-LCt_E B;ܑ 7oF6@{b2r#c^"5y0#<\=sY1^2G z.n"\ ( ҌqW{vO+.Df"W$Dže&* 4C/KMzwji(`oy\mpv JeA7a̒\EG F;bh>J#^p`UDUZ7ߞU _)Ec B?Xm e7zMvemEeE΋[lsSƯۜDs\k+Kpo ]Is{@D,fk¿Z @J=$^w#3GFsԲҦ7Gs:bqq!(M Y;c{'lzH ޗݩD2>Ё oz'/9 fͫq/|)Q}U>s z>[hW'8Ⲓ:>ז- A4ܿjH2% %<vHf9gRl³FQ?g4@+0Zj'ZO¦9"vKm{2j.g|id]u6SAX~PحJ??<ڢ^qIy&82u.i뻰Mv#v3V`q;fW8/b.x~F٬F%{-Zl bH*r_o@W=pI]x@k&f c25mr~ =ÉVBX50lDF1,g5D' $E_>EM6,RP*)2 (sI|rƜ=}_{hLUU_A@E2lqk6?@Rb$9o3v v {?tFcK[Ƌ4Qe2H[6tpٺ[xATax0Rn[V'Xo2Iy>,:-* I~? ?lҮ8̝d7̸1Og<t HCsX-XRfwOuv<4nYk+vM+w3| ~\Q6ilfg'h%,K?o-{ෂmzJJL+.$ h[vWMeiƂ %.-4eVKZs?Q9(:ي:e{qɭI7*X}_OO:98B;?G+HNo id=,~TcQy \u`4Ang"ΰ:~ʺ=r7.ja=˩s"|L~H=oT;qqX-aT&̼fP H@S!#̸]. -q5JmH`vPyȾ4W_S` e=fݤVdۉxq_*/̋^YϫԆ31<{#joQ2x:4:`amu4s)<ԏ8`QǦu= |'~Y=kzylZ{+JMENJx|< > ߜ‹BZjT߰*s2tmI h1>ozM Zϛia; 7R0лn~!RDw |VXF ҭ߫|lrIF0I+zQ@)/Nvk76H@@ J;x @j`(C.&)>RD\O 2>RAS[%̺8 ]ծ1=%{6O&b*E a(!Pu_Z;<9` >0zֹr\6Y!hJP`̇#@p\D8t@Q"D'H6p1P e_.g'ByRY}*Z@X{>;K (иRX_jzP=_[yR=vGXl@k&oxL8i82]bafH:d14>T f+$V#}~ /jf: T=kn=<@nI" An9,gzph|0hٟ(Cء/?3MĎ_\LC!,LKD ϳJ͇ˎow9/a^blDduԄMWMW !dz֦.K 34S[Ff!|u `R \o Ls{#l[5C͜Z;~ , b?g`% gS ƛxL+J (, ^5(nLR?2^O4D2Z; 5AF+Ot`tEcZhXKO/֭]8y*a<=p l.P~RXW['+/Pط"\lF4Ұd@%j\~(ڻr@E!F*RWڶh0[TC~122сG*QWZM_3dk='c>FN*6b@'Lk/tR/ MX{qYdE U@/V0d> ,e)M`pcj+Q}+'e9v= JH1|wHVi)EY5|hQq dn; ӖWsI+lj$xu"Q&& (6oY]FTIhtB=K` r"xF~"\D[S0 6},t2h; bF׊Gox3ʪT1kSʵjhæSGB'=a&*ϥb=qf&ׇ OsQwn]{j~_#YW֣mcB@,5 ˜>*YwPNxč.Q2,a!^m qR X2BiaF=_#k~o ؾ* ) xe 3!?oBYmBnN X%N:-pjGiY>vx<^7HўVg1we|P#aΘ4RJP 9"[_[nj&uyJ6 \CI ,b#U˪-|͜eVnF-׉{4򙜓3|\-N~Ӛ`_)7 W PO )2w8 dŝptsś ˱B8MӔڮ{}: `쓜&INud [u&Q[GzlE0E>B_˷;ŁD*gUYDhvz8B/T`WSYFN,͡bǓ4;5Ln3-wzo~.ۤba҂6_:K[- ?"k&'gHѡ?P8QZ+dz=BFPq#%FB EC@~]gjƲ૱yk϶_c0WdG9_"Y̭9Q%LA=Ȉ. V֜&앶i_zV=1m[*,&T %)2'l9T}T. ϡ Q\R/vi{08^@Ì1ɵq-WON|Pj,D%[@}dU '^-B{d;"~ԜjZg[ ބS5]P舟]㙉[l7ZB8SA-MŲ.$뚽pUHlIh(V.=Wp߱;#"w8٣KRFc%GYhy7ȗ;W?ā.~K| vüFUBUy*B=R݄>^p5 C~wV&Kdj6g}DG[5E/#[Mw ƒT\>7 ^h˩ڑ@K xZd֘٪{&j( t{0t|C-'$dY ^&zD?*ELv6soB=PΠH=4J!!`|Wh71Ùu$d@`bfo :b(v4|4h[(W d95wtT]*Zz$;C6yjhx=_D"OnhJ@}1VaޝriVP}Q|`-;Y,yV{׾7RvE>AE[K;ޕ*+5J@88j dN1.(FG?Ly0-U\1MFG#$tjK'AT:ͩS@0m;W8$}v/ EûYދ&2,C-ޒ :p+*5R}ILG>&l~>s {h|s iBa='ӱlZFJe1B[[ZV̨#u{zs"gȍA9"d!lZδxm_4:Ѻ%ُi%uبD#K5K4L&'Fz @j!zI<ƗKٟe /u+!ڊǓ_Cs= WD܄}#>pNCNmNyC, l<*QNtDXZ &We1|1?&:Br)CDRt3H_p\ } C %s u^ TVQ*GĀ,Մ_2O[~ .",*![w 1} |`Ae^$S@H|.*Bi _]1sT^&ʖdJ3>+($b e{$jwP=`Ӓ < }o.@*[kVL^!JΰqŞw[s :24ՎdiHlW]*0H*ſlqk1W4\.$&\7iin&?/-̘*i^ Aw}|?b{w㥖5ʮJjɝ+r) 6D`?@_ @c+QՂRD3ӡ] hQL1_'מrB Q3-4 n[ir0ԸN5jnجYX?v::HƑ}I#?Ì_JHF$Lp={(S/*ӅMWWg%QGHcWřOP&-\uv?ptx ,vbdטpCխ>_e | YA=.t~C`++5 :Ѐ x5l)A!{HŰLu_*Xm}2kvFLrfխ"Ӊt?rWؚ9[vOyOL9SvQw\i.~Rw%w#xKD~6q Қ槌GCF!ivD,|]?ps:#+\.{NNz},T{6FxǸ)4gel$ԫ#Jrxr MGiST<w5͎wn†<<`.'lbREQ.֬3e ?uw<5LH*g9uU:U}p#'Bfyh%jC8\!=,R`t؎]=F!f][ۿy;el8LvUH{s\''9K9087MIbH7NJyt1}{{VB$6B10..j/3'_aqcIV:0[60Coo7 T sة`cO%p9jWD׳6 l얒+Ñd\$}ھ36@gFrt.u?6 <3KlB{kG;c$'@X:?D&;k Rd-y:y%a%ww/(VފFW }'=<)@%)s :xS-`| $ciw^~#B[2ZYhWq馫)QIFIF0T~V$}N],ޘDؔW ۯ=M4C&vUX*3zh\O\n?o62rbLv9̧_zޱ#/6S> +q&^"QXLP=vaw Ϥkv`Wh>o6qϤL052KNe0M= e׵0H"alkEW4 U&^$[߮I to킐{'HߊFd9{(i:ēo,JT%<)1iW+Fv B^lVV2RA/:H4vYiӨkrs{OUOE$JLf@AUef88I5LRSi_ޓan#?NĺI7Jc@YJ|VZ<ƽAswG=Z X}֭Ǯgی0@a1䵣,p*?Ajy@,Y?}gRb3wsKq|(ȏ Y<'I`{eZs }gǖ"Z,ߧ!\UUCv}2i.jqk;޲ȁ/=ېx fڰ7fNG6u"]_w߻6ά]FFqs5?pʸshT{?.,|軸H,Πe}D:KC.kO~1'L` O%$3'wZʏJxX:mJ勅CQ}jrSd|4NӨ'^/6Cڭi:>Q[@ݝ]OkoyKs0 *24쳽obg,1la?H3 n {YlB;4Aq)y `f$@K8-;-rG{VLxPk'WtYſX+^ZR.@g)G~)hԓ#j/+8>N׍_*w QߞP)*ҍ竜Uob7??CDZv6r6"1vb&~p{L_Z~KICuîfAyK]3M׻Z9|J0ivhɱz% YъrPuKh-`X q?}1fF% >$@t n,m-'G ?Lsgei gu\X!sbC}P^4rGіxQJ#qwvL\mEjl]2M|9@, 핸p!l=.&c+Bp9ɀ,"aQXNƍ>Kضw,[XDtœ2 2Drd'PVwetGZuK,=m~q?G@Gys3d64 &L(ԃ]AdFL+@F8wp!WhGIoa M[W&1J-Sz4H&ߌ3!xe:Z:2LrN鋀jmޡ|x,TX@>bWrrcbެΗ@ z03JC+ 竤/6/p:<*` Lz \ŇGiס"IOM"U4d7(Z;9]7BEVby6yRQSrڹ|i?/W kMy ac+S=I#'Q \֨d.maTWWsL彔'.F+mlh8qpTA=WFT?̓u>бK3d8hTǵ[hVݥ:M*o?oU_IZ{ș{ǴȂ_ FyfL_c q%:Φ bnև}7p)`GLV$p-JaDNKSV썱OنjZyMRvP:?<O`Rg!cmY?hW)Qm]jH<<'P"[ Ϲ1L|(eX/'ZSdnnv1?W<tr4ڃC(t{Í?ndĸ!$9UȗwCoY~qHT/ᚁ-INpW\ Cq7 AM+Ըx7rbI3|R"X4!0YLZ_6MOW|SuLktgG雛WVZjH*~L)*(vsN$pɀ>Ȝp/&p/27 I{HMEVf'TLuF;2sǻ\E2- uh:p6sGXYMru,>dN9e9ԫR2H hV.Pla\o`أmY '6Hu}&^[ CvU'p3@蘳b֊Gc(:Q +;Ճ?#\L1qJ6daHp浤nhzRi݁I J+HzB&;?F͓1jN1.8*T6qGXwf]ahYSRo2=1ej9i^EU16'RrR3Eu2=Q(ira\Bϻ^`D' 3 Ifd^kƠo=Bm%H F 4UW6E\ AKl9CJ`^}Gu( {]z2(%Sm<|kXcu17e'1׸ZO"5'W[\2.ϋc }z}mLCΓvB3jg;ֈ8{?ғT?J O06C_ ?C!՜A:شm6cPDB BmRGGymBNP־Tn|S2Tx'>cPKRD(6F_~9+?PZCQaX36 [@NzG|=hr9NYϬ5R ;T;ʸwNLU,*qM}]gȃJ%|;A*pf ٟD@T&;\)7~A|M?)9N"Nm'by\#u{[buKiȭ8@5٪cA/K?b5WD~ |V{{%7bhuUZ%Uiidh/:Ԝe] /3W:Ǐ0oo1"YyH)7Ԇ*wj LQ[QAj{_sAN(W5Luwwu&;`m=!t ͔ΙgolUIY׍X bCѵ +7,ɇ.aSjdqC"Bu/[%ɍJoH;cA~y]O@jdr4!;HyFDFgk{kmk9ӆZ(wD`B{v'0/fB;ո0|?)k+_ӂbz^~b&I?nLj:7= rWa򛆥X1 0P;RĠN_W{( }6%|2Ϯ0k )(uj#n Q3h3UH@"b@ʼno/4ܣF()i`Nx8+\Pm)0!ƀ7Uy݆Qց ZE%GR2[ l >S>4y* mXx"*KUC?M1ynf+:)*D@ efY90k2k&fAdWrߞr_s%=2қҸ2j1v9iqSdס|HT ٞz#V 㜠}.ęm.$BT4Om)@/BiDӿ/rgI8E8Zޏ䧪ye9-ͪ P U2Zu7*ehƃM~K;j*"-=t#up`i<]U\ecʼn81"|z|= rر89[0%˷u/͵Dk 5YhTNh@-DUQDd;`&&. ' y>#@|%:QLM ( SeM!<G Cel10@yDž]K5`L+Gƫ3R`l{;T/!>j>h=o_aKi@3Z7.l\ '6w[!@E7ÚmdV4Y n]\} "L NtəϫȖKuTc[@&Rʳpؒ]hᆁNq~ѥ]q cQb/z u.s׈S9T`d;&!1\ZMBHhMwJp%PN:}QnC ^X%Old.U#%)y[b9]QM L ,:s(1̆:c;0V>-*7أ;Pᔼ5#oZp|UM]; u3< [ "fvA (١33GJM![k*$)tսu3ZyFGAR[tTje6lg_?8_`A2GߓS2!hPqx9&]ڎS;lF9&^獫;!]G*Eҋ?' GSz ]:x=6s*D"fCF 3Q#.^ JOAݴ_[]i;Gs%+3Aa7_s== XqBvJ^lhY"+<O T:="RWª/gqc<Y=aUg/LZ ys ,KPw~(_fpDײ!Cq77tݴ̫[;## _%. . 4X:_6k8O㛬`;O>Am>aAjgۧ|0&Ȓ!-,N\}G,Q J;Ѳ\zC!Uf07n, fyk;9 E @^u}{9 EKb%iP Vb]UG8T)\y jY&x~w%ϗ2/lMrMׅCԕ>_l#93+ZmjNj]c)[m\M Hk# 8x2~&ERnh[G^ ,ЃKb盉Wt*1eQs?0RwfN8F҃"s1(!k +n&{?߱tk'kՈu fbu"{+@\(l#ڸZ1ɋ4`pSZ},~~ +\4".TMU~ LgXN% ӀTdYnSJ/'d?5pn&tYF Oӓ@v;i$I"'nZF1k2ʑew۵10N?Ͻ*AQKÊFיCoΈ_Z!zk%ƛDbY~ZO#:+}g4軨zFF(balBm >emZ9o@JvBv`-&gkwNn4(˞K ܪ(cU~^l 'A].dMF=x75T8W =RJiX泂AY (!4x|&=|p,4utcn4_ H8X8TFTNܵo0EAAU!;A)o2UV7s BxpxgJ;:l|+f6@)RF)wSmĘ;)T-} CC ip^eܪ|ャ=\sBoI/ &IHyD)OlXe2C._6<~21+p@?Yzj?"P8pKxS`a|3{cj7y晕&*D t͘ k$K|I9w!]Cգ&4x)%`Iboʐč248/e>hj#^Ꮭs];b=lHA0u[SDʅY:!~Vmhl:&+r+s54 ǒHtxi!ŜpmџTM~A=Qd{({W9`|0@>? {FBK ܠ1T`w7ή[(R@Mב<34~1^bk;j_' }Y!, q` @{ سl*r*/V{,ޥ [2{O<@I6(_ڹDsfӍ&v2:z0Hd)YySpM: S/W0B}qch(lCDc'McG.} YcnSv#Cg'P%x _lp |E}s\qj_?DIB&"^q@E|z^>t(LcCx" ==b*} S'JXsűH }"RC1o$Ǣi޴'CNL!NZX| 9>( b0^=;Iݡ1 2j$Ӛc6gҴ1?vnf)@޷1TqE# sfE_ dA™){.dYZЙ 9/psI|;p69GJ!yϙ r āH)FKKFh@vNwf]{dV.uߪ˟9WA&/LoslN6|!o/ӌ4hwtB-KguzO(6Ngt82&vQgu*@z"ϏX>z笅H\lI>A!?b6_X*AlK0VB-_ -XISv<3e>v29bݏ?ĺT8#lͯw[|{p6yK_Au^:n|3rJ8N4Qp ef00JZwG +g[EAPosKu8v7skk$HĎJ41L,2YRqyfr"qfX3n]" +(ڭKN\>c] @R]O%Z#.片zDT-5W9rST[ο|Ժu#:?V`tBOs$d GthBggpqO7n|5/d5g9'7}ŕGl&ǿFSH@o_vмַt?r;Q3W]m )Mao9nbZRV!:~B4k^ՃԄMq^K&/Bf~{1#mPBBVCvGLcy D =re{0̰ri5v+O<_ٖն&2ǜA1<$`B,lO)3ONO;.Q זCʴw`~j|Ǯ:~C O 8m'7.L,_;`|G19ccG,[BU AZ1{4\},oZ@#RbP?SP陴h$V\Xd|P5HcGh̚kIT: ]N0*kOa;_Me7s٧n0 V?6zgF:'sFZe'qo rZ%3@Vl C1cz]7f`js[,U7g"kp t0,j\o\D1SKV)U)c`SH;Btn)+\n1zO Ĝ#weL̞nTPd鸑=Iůe {kGkw|3@SڸI-`q_ (qt[1\4cPX$@ q6)`BEҎB{p<ٵ8vc?|guɮA*)zK\3U[( C2 B6%t/1?Jws&]k15Jl1>+;+OD#++U)~ADwCiiiE'S\$k8pKNa;=ͯȦ-?!@'%NP?zh&@1mkw]")tir O|ssuT'8;KlI&p`!!}ZƗLlI_suJ[4f oQks93L =8^H3>s J}$xDG($@qW^EŽ`(?)u""j99cl(c*l?h+`M i 'jվr"%18EKU fma%?łCp`êeͱ|c!w<XNJK oX0v $:ު/1"0bq6\J9薸`bl(s1q8;/y#%9=Ii6㆚j<y_.q #Q~H8.0v3s-q7ZGp7)[KhIU4][$ ëm=drM+ iSp+e-?M9SGv(mIP'U# eUNH/O 5…\xgJzAYo1or,{ԫn`x|,]_p t /"?p9Q[Ý2,V|VȘ z *Oclh3J4a_ ADž;p+YUq's6zf-6co3&tp J"BI߄)ے 0_`#` K km Akm}<&chiRԽi9[tO~Ih;59Um?RvuJn2$ԁCƝͧѶG㈶ZAh+Ѡk٨Xi(rK/Y*ҵ{z\!=tyCв/tޮ{ Q9h~-Ƭ=ʚقDW9tS^Mpq- ])o6ܹ=͝o6cv_ %<_22༤_)b&S%ւ᳦ND񓗅P9`T5?Y6NX`TΣ'M(àIh._w;Y( pNkkeV+ءf!R8•w# fQHc 9{S=?l&Oa7n("&*E>ViwPR3\v?L#&z}0P҂iX *9Gv j00m (]nc(J;޳`qVr[\& 4͟^Z\X7A^1YNyWokͽaNT3y1ܬlWƄٙT#p-cs/b2a'곇* M5B^g%Nݠ븢INޡ%v841$+s+R'чaKu/HwEt"-`n}ou@XK շBp"p Yrp8ǽY~6A2[C(47u$ISǣɉdž|)?Y%KE4ͮ)WmyD~qڨyX$BҲK1cF$26;y\]*`>ӷUxEo¡ bXucIӻXGg1K6.c[{:-C52?*X(Cx͝2g# SYla+88Ltz "iyYoÓR?9LNs&'ֽE|Qqdb\>xtՍd-]8ezfjdtL+pӤ8 }4Mg.yz,43K6v;VClo-vĭq$dsB,QkK ̔bcmP̩ )`H.._l8K2):{;r4 a`Ey)RW֑r'R(L}Ҧ=c0Q(ﱡ ̲.1|$O"yD|b'_{3{'&*{BHQ`mR= /r5 {aH nwdXƣa$/:Kȳ ^aj3p"w%(r~[I6 Xg 9g~'@'ײ]^8 Tӳ's!2@R!=c5ܰŮKJzE$ e9\QNyN^VH՛ƾ-gzEtF"|Qҋ'm@ߕ9,jԬ)/N۳`s:J9ŭ-ۏ/uPnHϳ ]RFUGc,k]meTuWe>g,=^Q+w }'UM<(̆pwC4}x fAT\+B(kkJNpf|q ld 2ޮBn%مPEgeޝ(3%8dĖW+⑓%_^ L܌VO6-Xԯ?Xv<V1; j|Tqjڠs;M@A`C"טF`ax6inY5qJ"߳4Rr8SeV* i[1-4%Rkb'mK񿘑L`>{a_e< $ ~59`5!sMi4tVTLjv>߁iʞy!z!;Bbq kIM2u= "CW3yxFN}>#8:\O-' JOuUkj2-}>PҀ+Ή@;RU8.{մ.K.Ƿ4ny/ эE)V[IXҙkNq3C\̖57`w?((Š&}|$_J w:J͗zDTRi:﫴w]$#Qe+{E7mu{Ƨ\]MN[]@?R'?B\Uzn4b{O>O 1IhxBjs&.)~bck?kFՈ[1?.'G0ay]rfɯ(5!ڿ4CY(dv5y$kY1q$ fJ>6CH:@KgG ."%uEϾ=вܣ^.OZj̿Scn-~@EO,9옑I1RS;'-c&.jlue#'uϽ;ؔB8px\RZb̮1j<)\e0FCi@Y`9"E21j͘#{"wXfq(.$5y2wm+WEp\?\%asu @rOGio`+!>MD[/M.UKvj -h2\~;eeIDɄ W:7J(ސj1O2NY`Kgdp2lH0a{7:}|\*-%"~-חj\$'WHsz쒆Vd(v7iǼAÕ_IX@ /n^r$o||ո}G<ݺ(朸2NşMLhXl `Dˆm?I(nWmf# "ьS!]Pz%ֿx6Қ4s.)3eŠ!hm )߱0[i[˟KZ<­jpl\%m(teEAuI1%Tم=:JA8jpJ9l,Z;͓\<0"V𡃄mцQ|I\_V=ɡ$Y1#y/ VC5F.rwnU8Z%yၦyE[TƊWR-29I辩Hc c~뢏 ;Z lIGn%>烵ƽ7nTtbWj~TfKH%? ENl^q./}dHϒD(\+1Z^oυ?z[tA!t rw3l{+@. =6 SMV1ƑQP5 Kۖ +هY"eg|03H+b(=81$%ʨ$hg̈́>vHN1Z}w꟏u:5 qѐn {__<#56r?۲ѷWDwj# g-H!V3mV v7 @)GU[Ɗ Vܠg$Z9)Nb<64YwQ8CxK6Ѯ>B& xm0CTeC@rDp[⸐BP[o2)z2z܃ٸC%p+􃂱Ga2Tѩw( w. $za&+Ok'V&R$W[Q~J|8D z(;/w|GAT@iϻC~o#^?׺3^"]T\w79u=G2serˡh0η坅kJp`sV[{g8N*v|sz*nkPS\ܩњ;1f:!5_$9raWz5UtyЪCGi)pOq+΁ceViä2|כf j缚`>u-?m-cCBF#TuFzϓu[FA]&6)߮''T!_Uvi2 c ֑?o.K8PvZmC@=YGĹ 6ѹ9 żܰGSyOWwݚd.2,rLiq! XQj?s_7 -7 iȸ$#)<,tՠ.|@7˨=9ڠ xevD]^̈́L Os I )]*mڵS;jy)>Cot0_iA-tEJɫՎc.&W2~[p[dwDo5 f=W+jr` -[=tDpSn# ۽nǘ(vXɴVq9Kb &Z=cR~&\Aҩ1]dp9fk/#ֲLNZ$d4+/MIժr/QMq_賎;# 7N8isU1'bL4T݁2;wsh9zj5XV<% ?40pZ"ßk`-,.b1/L0erKmgZF Q!9_$tC,|ỳ N~&Yk~}p!˻,ݺM݄ 8vbY;(b~WuZ S ¯k9Xz%PrzPz.H)Jڞ+( &876ukVO_ s!IeȍB2k-!?g=w(HOwZT8jo6Mq[͎:~O~qV ?+{$h$$㗣"*/wUT ڵQ1$F#xyx&LjA!T?vOz#*D[7SйILY_o@5?VL0 释sz׸Z"N&s>V"} w8#/v)E08OctZr`l/Վ3Dd ܎*sH$Ǭ*ľXqj# #TRC1R'K"@TBarn o|Q?0P& ה.}PĮ̬Jup+Cc )zA\#UpeMgPdK3h;7 +T::K`3a4h[ ]Y(1<ÎSA9e.+iH{7sxXShXJVN(OAҩ/|YXPֻO)[}ļ;g0~ky P.C P fQr 89Lm$јBҒyq/cLo)#e6qYMy" ?c|͂Gg|Nj@mQrT!k!y9nh9wR,q0RJ.ړDfpnWoQɍ7 %r)4t^=qN˲JG\TnUW6z TsdUx} tJP8B]4.V'jy5'&I%O,%{Hi,̨uv#ČĠХRU&ՀFI5oĿ U:lО z;svrKT]C|OuV<\Ds2_"M8hX:v<wmv 9l[˅w| 2(h܆ TJ}00X}V1<>I q;z;%Udf4_8[.P.:TIx1Y<[$cΑÓ%N3;{{32KSpᗺAc t ىNhNZ1[n2 CZHs{w~Kp(qڐtWo{## mk$oUaXMdI892K5\VЋ5Q++֘OLxdnNa=4 bl QTznWwSrU {H͆œjaf(V?lSK[Bޢ'6 c)TNP_EfZGuxju@m2B@[CfaTow>U8c_J]1ؑ}km{πvXqMt0ҎF&F}NED$,ŕ C ?su݄r2w,?<Y &޷#u_O@| W $( Y}~HMʫ00шjggAѩUTɰy~¶\$>y# Wa |u{ Rxysekw&jcHbԯpgaϜ觟&*dN2nȯm-n oMΑ͚Lp44w(.f/9h.g/{\icaBh~P*4ƫA! suKlN8p=>qFф_O .v1X^uю$˚YeL%~6L}ԞJs=4vWכ~Mڊ/ꔇ'y6|2l~G*s-d#Ȥ/%õJ2g9 e DGK6[0p[qzT@bS˹:D`޻opA J.9 {9w>P:>~O^hCtsn a4|h?DzPKG5qp: a4х܄q!`qS'0݌&g 0HkWM"VB3txL./p.l%w;WX4yYޙNLMR>õ~ jK(`y$wlLCf/[Y}{IFH C?m qs 3.1u#]bޥ((RYr=1,JuX7f Q(:(U-2 W,Z+!V@HkbLc8,7[nWz G [D\[GNlpNƬuٛV;`Zg=۪WQ27oڵxȪf z*Rvj '{L۲bpqRiD)|F+"GC?>,"MHZ[_nV&"U)ǿ3ܱO {dfM1u+V lH@kzvm-/ () .'an8 T/;E&7H#l63 $cSQZn".#ίbܬ 1(6J/g߬m%^8N:~ˤSA S͉Ipj<5a:A 9J yPJ?Kfd e K)9kQ~o4ܠHR"qJ5.x1E?rE>@L,<i ^6_$(EEaهC):*H;V\Tˍq`7AB)km\4)Vz~\\(Z\Z=ɢ.t|&&|:ޟf]y[ /?un4e|KUG/!.h bwn8}&[lܩ?ЃUŵWƝKCWߟ{@{S#k+E1gހ,i:1p!M LUEzk@fH*-:vΠW&5ؙ5x;ԑǶBFA[t!I[L ce M*yEB³+;rT]d }7H'ycV4[u7]=)t핓Bz2ȧ3: y!χ`VUAD Rђ!KLm?>/΢h _Ԡw6ÐZƒm2eG-[? #(ҔMm$]Px.e U*mg5HNt`+fAdJX}U&mIoVҴٲ%-d(gs#1G;wZI #[C`xlϮV1(TQ^o/㈗g&S: -^̫ coM˹%ŀ6j7ʝix ` ^ک%1YUAGl>+.]j-fp%ydC>MHƳmkSj cYT V=&+ l&o6p"mk_9g uilk̰4n.i%(O +;(c"Ca_z}Į3Bd P4j|ɀQ`l>5rz@1.t2qbȽa@GVsEa .ʷ|-ޅGkN![dZqlV(ߦPDWJsEyxyI횢r QT1_BV6us?{ͯc_r$Ϝ퐑xJ A:Lú+C<041Mp9TCcӭa(:ˣ6J2ntB?iX<(Zzr16J? X'xq./ptEIc{h8UsV54 57uO783^"s@t_ÏSvc.`[).U i䣛B{KOL͜&M,X=VnRX#)Įҭa.D϶L_^7%:'(/y??+_;"ڍ|G:n TGB"6!YY8Zח,:Tsr7l_;x'\*|EhGFPW ?2)bkJMtH.tǔ).MOoüP~WgC+;F/y%mcW.2|#]u@ FM bh{aHl5Msu =R`eGw{X5U# ZVzrwڳElay e"hNFL/jKG_ xv447v@k9R-~>_|H;#-hfi$9zSIE*䄬Wy> <89$`4jX%H$TP뽐3=h]n5p:LRSik&~F:ajj@&I}6SbqA> 6>xS(鼀>'C&>(GMd*ETTΎ&'Z),$/1d>aLA֛{.= 6#T NK^W}ҹ+"۴ǭ 6:jsVM&LنL_mԵsʀ#={ԦjĊ1* mpjd:ݘFպ7h3qB0J^-}JAty3G_KrE~GOcwgM *d!j& c\z⬚J?U\Hk=B@۰8p!C\W0_IKYbk@A|_&}KFiRJjЄZIAaх]?_w[_ DyYıog'IU=75ܜvzHc*1 r@!xu`E[yůD_V2}L[̟6U X&cFܑTƐ~v$MD(Z?.D$'`. <_ cCd?8EcCPeϊvQ G>YRQb3DT-~+x}09MJmo piì|&^ _b&%i]ŦQ_$O>ut0WbFa2퓹}q/zi(ڳ{jTOz)VLs+Qc;ת(Tdآz%(xuPP_3AA %@V']{Jz,?"8bȈsڀaEtu8 UD1(;(hr`W8ME$=Fte7Sylh Z; ^ !;у/_+vIYY`Kmص plVwN^To37'+OVRm ι#<hm.G /s?TH'ݗiIO}3HJs19Q{'sM `_gѺ5 W#}g[0~z~1e Q_ը?gn(]`626c/@y+Ѡ~]%jWT&DleT3mt W<[Ǡ;SŻ6|n@I yx(TҌITH$%(,b*NVp0-$UMjJj5XG2L3)m_SS}387:fѿ09AB"dDA:[OLH<3xC{4~Kj"oyQ薱M+y#I& \/$r8.8Ou򨙠<G#&SV_3=(&on-QLb)iҝSXEk5.gP @;R8|jT&&#WƸk,Ad9 BqF\.f/'.(Y7uK,U2Olh=A d2>-:;NR+iZLݭ8F.l^R-UY泆^Y^8 %<S7f}]i!{Va\>m rv&^=80ܐHKakl~YotyL6D/(z"Q=`Bo9jد[Pl 2ͽ.׽ ^bz>5:PTt*2eߡLK p@}Ts17ȫ[EWJ`L6 *|~'-61B5Bx؇z {G=*e#$ƞjFd/^f߹'* vj_fEv.;ke> 4Ff?,O8dNdFx(i/B=`Hf[J\JzAyP (ٌB08RL6|_/+{أ)vK|BXqm>ڕ-t+jVH2'Ыפ.v뜱bTB6&ds7Δ9i Br~ݗ]n`S%TwDsb!c+I.xꍛe`Ʈ9å3J{BɁ9o|'Z!Յ!g4js(Qh 1t}@T3ѠI*Uwg.Ğpr95N5ڄav'oLSOahFILW0^ v6>M&`f:YXAbXDLs9{Cc>qOfT~ۧ M}MVj,0Q {@v>o"6B46R@Qvu|~{x 19 z .Vvj(CѴ7 '_v()k}tĢCxscțc?l`Oj%L$SWeh$-ybe=[ -k獎RzEYxLS2HI{t>#:ZpP\Rc%Ai5'8 /zN&PQ 0^BؽEQ4. .9Ɓj0_ CmĔ1c+(c=@t̀R0[ JYYηxR$"r,swZr;#&ZH{&7c3UCOK-Qo^ %7e!z<u[G6F,BfDN>iғH6sp,LЅb^ˬلٌ@We%5e(е0)+pG.4Yhf8Fb[F>ukm_Vjoʽ;PI#;dkSZwJʊN"^)XN>iv@6)5J.LF۩KeDׂ?m#vu&"DpF_t]Ojr{w1qW`/%!|pX`#_ %Xt;Ty 4gPΙ6gc|GhCG4\w 1M7=x}D]exѶmXu31Sc1~'Z+T&U,O1%9Y8d6o4YQUMAFSK0A!]>,QA9MHQfL} 1mga,&2Zn + ̹~j^]5XeNy$;/ $h7m•vBŢ=D H)oVYղĞZNb8r'!5}V@KA[$ZDKhT%)?&sirpI}nH+ eS`M[c'#X[T"іWRڡ-nY!xgE'q9H0*=ɚMḼ`{#]0b`Pxjjs{1Ōpp@wX4\K+EHy2`\.̈́V?KRZJ Hew;ҨlN#Ao JlT:법-0­yIR &snȅMEc0BBdY'$iliVK5d YY1测k7t1l76Z^'F$ζ#UWμ AͰu;K[AO; TƥbEɰ3/:"v?%:օnSI}=Ѯ[;ѰNYm؎,jSri\7#䂌ۺM~S80[]6klX99ДV+0["!S3ø}%Όtd˦5o94MYTy| n 'DvZ0Ԯ 6&$QJGB 18OX7'Jk0ޯÓÀ_/~ezgO_`AQp " U:a?#wP1;Pj? v.. xР(d ɫ㘖O>nf-Zb3kC$WBCX<\[aX3V}6j۶srg3K!t#;z JSzBV\U4E *-*, \}9X:p&qtݕF0tk\l!Pf']##fۼ[} MQrƥg)֌ LBדecVa(o1.e:c?| Okկ|$|D~ŧ+RȏJ5DN;ԀHXEG@ud:.o*[ =%?sfG_|@UA9q#^zihΓ| )<LrjiƥP.DOw 8-G),嚴-nvSXKd&5k!I49ѽ2Tśh`?/6@jYpԚ%G,ߎ+߾Ii1mh"N%_'/^*W匾+`ԟXn=FmxRP 6?Ed[HQ5qϙVȞ C /Lʚ  /F,oAPHȡ]9]c Q5ru0R;9n5iGZ߆ 1\G_[>W.7T-'2tܜu$6yAd~dt@L2+&U LvB%%"+:{Y]J X"^i;t-YבFG?[I&/ǝϺDv_s+&$;_<־&0L$3>ϑ霛[.,r7z/4Gw嫬|s@@1Ni3y 0-c~EIؿy[C|,A4Ģ?vK*VrL>`lV"uWׯ$m0}/iu jGp;$;LɰȃBypeׁNJ;,â2-b8 |~֦p3?6a©)6zؠ#ˆ1VW5lxarvmoA`|q8?[Zڋ,&eOmHVxOͺ|HL2atɀQrsg5s_@|aZ؆<쑅reMDc`)81ʣ}!E B_l vj}쁪θ2L4,u%p.Wbv=/! tڏJbi 'CZS_ޭxEUc4(`fl+ G쳿Hs\EY&)0ySN94^4*uU}~v "aާW'&3NzC^낒%NJD2U'2 1+w6ᬰNk 2$jKig"CzfXJ?$%fR k;J4! y"BZ \.[E.žChZQve":֓Ukmg<S` ; )|yHעQ(ʫDaUUYGbTZ<*9ǁ;#0E3:WGL-܏6"fHw̢^hQRH[@hj,YnK ]P kS-\t%$&S!Nv$;K+Ӝ έӀ4=HqIa#jֲI°@" qڑg}}5-a~D¼v$~.`AlOדUT[@|.Ɛ_VQm?7@޷GH (mE2w+_F'5nw q?xdv[ Vry`?-?wLo:{I dW.IVv9ʃg>xmލtNfg1҃tq™oMs M )|/u.}_݌ yHC+ZYcʭҹ*+| 7I&˻cƹBnJŞ[h/p%Ȟ=cʪeHIT̷˒ESxOV6Hf6 ?TnNAcG?Ԟ}5[0 _~)xR9OٜuX z !`CTnR's5g&oe˜XW @Qr0h́T;e)DWrD46Q0}rW1_,)ii.|IF&gXj=Wׅ׺3-)C,J<1TSwx֑৽J{20T% `yULs}=i<ɇ>1XTk_Qy9gU[x'$}RrOfdrSr,M\c8LE7 vx~|*"leX0t|>#%9(]A zJŰTD6+Z޽if԰F zX0DQe ].@lI[69Pj9:fo󰰧nTЂvߌc20&-DmpX!F-8='ӉP4 +`w3YtJ30`@8h8%+)w? f4F/~.Heo~k5.U2Z4Osٮq9 mQ`j̞xOɌ}{]RNYi.|'BPzw[!͎jldO/kBbU .ͯ\û~RfnlSDe4(_,ы ]F { }ZzV ByIFA%ha^Te K0bp:騟m; f{ yJ^Kw ݢ RQ+JrP`;dH \Sc,/.8L#%}nJBZ#Wj ^po\3huvZe$76^^&75Ŗ^ 9GP̠iQP)^^|F<+TJE2e'@ *j>:-#`Y}zT3q>17;i =Y+Q[R6Mlbeto b#5TD~m"(Fc5Y2GWK_MV+w( J 9Hwb󤅯FOl;1ZZOb̬A:<†^t-jO˞}KDGRi8p.TN1gmJh.v-mnV<#8跇ZBስ=7*0P-G;沫meW`c!*8iF!N.U&d|*ō>$XGcce澥sz.e=饌qG1}kq7{ jf҄MX'@9瞨y!MօH>V[he/dq'gYL(%rBa5|d&Gf<`MTkV]ocR򶩦wux>>CHN)JIFyE|7/Ԋ+ӜO1}ͻtտɧ9!`URv2%Z"tP,5mJjtHۀBxD,OV dy̧B2[ƿ_woPS7cEc]uN]}{Q ], LE6jyJѦP:sH@FM_qVFɝriM\28WMCyŕ'l qڰ]ƾ o3(THHoPaΉ9ɊߴۺZ~(Y;T㠭%3udcFfV!TQ8f[Ram01xs/`W~=2#u 2SrƟ~*(KwfR :/aM *VoJzfQty诹"eMG)idP]ct|zi @_ǧv'=1P d1]ic6xDC6Zg `h[=8<T!~n#1 䟑=v~6AmgL]; #nMWB! m6`f(\˜00>7y!3|(e̷zPџR 7Ow/Dp+)G*6%d1i6nF]V KC BQUMכR,$UAGI:1_HI޽4+)+*vA0gx1Z왯x/^A/!Wy@Y)Y!DVD ,;Mt'#JBH5A [#-&wzc1CթdDz|C+YL'lZSD!j9S?8!geY⭘YO ?aqF϶ ф>vgM#oXőś }O9q+U;)'i%=g?.sf-5Yـv2xtKi49cBz qϰIԋ~~*AM7Mݱ! fve +V]*"ChP QA bC.kc' )hKnvDؠG;[HoW`ګ1Kv_ TGo!e;tOM#)/y׏MIqaOzx81:PR΍O1xA[Id@nܯ4{.\^4gpTɣq9IQT pB1zBxm[ތ5P>z쉡+ZHn>o&h:_)`P >?!brg e{?o( $ `\ds \R DDcۋ=]Xv]TuS?jREPL7.pf!eآ *,ONW8W3Uұ,uĮ3bY0B7Q3#.JQCwI=[4zS[7J#TɌ~ 'Zl! gk^3'1!UgJxA.yi)zf4t7;ۛpzpT7BBFkMɒRn&8V B ӡ֗;Dڗ3j& 6sJ{(ޖ+k&s.a')_PFV#fZUMBH\1{ٳpƿx1{ٚ&.>T_iϖflYݔcx/#=Z_vk (v=IcXVsTŷ(-)zEiP?#3:7]M+|egy̬'&].4atZPF}~)ݞky.?F rqi[ we]ZukzIY#=Ѧ_jT(S\A* .GWhmzČǐ_-X#d=ȗהc >.%!7B_|5Bێx nfż(z>~QyGy;\k5Wԥ;DW\NuuQ (_ޫzμIdɈ>F^1M G QQfvf:Q<Ͽ&Dw]"%XnzDw_ b0@j|EQ\Ye\(iEsޱkW?zbXEFNomhKwanK6)t tR{N^Fټ˜\ Z$tAk0?Kx OcHCbQ݀  p~-Yh\WWohgޏyM C Ѽr^lO\| L$!8qM+pI2=']XT7G[nT$GEK~3DtyP?T\"=g\0j7Z,7g7D=#CO0JL9+#>4@壦B]L>_%ĝYGު.,|1^/KԪ1w0]f$TfOmV{X9'2'P úxƐZ'éD#(7c>֖4dn^?Lj*-sR! Xdx6kgWgj^3y( 襇7 \9l$G:/ \^}W\j_C.ؤK/&fiB `ˎN}=-:FwK)vmr \v5V߷gHmv+O0y@tK=(ZE&$FKLWn8{'F0{(Z n1l0COM+lscL-=# =)*-`wQ hhDO*^A/g5HsN{-ax|K](#<}rY,/H՜!s]|E cs SN9+rQPQoaz8 %r, My'J^~-uaf$-!267vR 8Pޏ t\Y>{IؼjL:|G<-`](i+Cgy oiNj )3*˘PjZfQF\gѦ"vth25pHX*=j qd~ |g R5c_juq8ʐnPayV%cmjd'v'v': } wV &Tjx;ӈ F>~NZ\)?%אĻJZq@"[4VG4BʔG@nWم7?qWbL״* {ܮ1H!b)C8}&-7Vwtw:IY^\W_OW7i\iTNd\E8;6"61-z2oUIYōh~Gf_yW({.:V[ͳkR[Z$yd< 3~H WjR !rXy,?"x,g*݃5 A Ǽdjr/ 咜 4.Ihѐڹ<=fGH9z ] UGJƁf@Wa]Qa{~bv@3 G3/ <02.cQ\j"a/d (bG~$B&,o" p7=G%8OYVjcS~ĺKJ '~U6Lq"6i3z&#v kqSs$y`SH&'pvg/І̢odH>}b{G)HQ t-@)Wi1Ȁs렋OMGpi .; =I%_z'}L/Ђ1pBƇٗ*J^Ehw쟈]SZx3wX 2pk騺ͽ>5Y0kک,_ Gd 2 %F=qө 1"#I]~`+a*0U>53tf39fL 4QzS 0= (z@^##y~"0ԹMu2Z 7(B0zi(YIyԏ Sk8Wjש@9it3ӉY9SˎVךB^uF=6_7JǘS~̷EM zWo>KK(ҷ, ڡTE$`6Jkt3$ {;8O>Xk;okVsZۧ6MYdLXݣŀ<;]LD"cy 83ݔކԱGT[}秒BN$`ӴQEʔSޏpq+<]bì_,ct. \Rе'TM`t"#Eޥ'z:!:797q\* h/:m[1mAjvk'ݠ9VDQ TTp*F\ Q%D5xʰn|tJ$2dvN# )tJh#Yx_~dyC?zDV89wz$礹y+I4Uָwj8cm!~̿Y(9O@^C*N6aJJ\dV1J\W&JT9Ҡ ڟ/݉w&P;Yy3xa'sNku])d AI ,{R:Rl+7ǞhK[>Kw]w^n;0KND Ʒc0$L}CK%Ya.Ar ?QqPͬ_4#oԺFʭ=ȃI;`;BzG7i<'U*~r<"ᖐwOĹvJ>Rg.F,ul¸_Dgn#IgIEX V Ƶ`-sefw#M)11qS'ag5:^ r_7Tܘ(t5|ʙ16A^ hR="M|BVi- [ݯ$&-1\ns+ﺵ\:y%&d32iTJz!M|9N65mb<;_tٯR4c$e#a/c>ULF y!ߘ焣hBqvu؁,0.uP`-N&`;3/<9'rXOx)9Ѡq!"C{bT` =I[޿iG/6v58/1>q@ +T4W5۞@!g$Oi)zAH\_z/,<ɾj"^"wt9d‘tZJ`UpjI˜vKMo.eW&a ; (񢕏tۈ͚bS(=*Ea7ПBy8)ƣ:]J[]~QH"VZH$iL`~ 0>r(dOO֖KrQ#h6@$2hg)j10ݝΉa;A`l׺{˞f6N\%4(I/Y|+ӽں9ӺkすȭkV}Ȓ"j~*aӾEZw~19^UeiLVyDM P=XULVC* N)Rx%-m<хMRGh=uJ̶<*=C{7?ARRz2ܫqfD׏>Knn÷,o|P5 |<>H]30IpR! p sQf,sݨi7((P0xgG"]/<,j}ȕ:$/xO2gGG>[QiNñMzKwnҽ+>‘ě5(N[{$P}SKB۶Fy-="dozYWY{ "ԣ,Ah*.NDi!!YbFx Ȯχ+ WIc p_> +Y m(U⯠m:ve|Qza=Fr}͙HGp?qaYЌP;94K>Gmn!Գ `řcWX4!JO.[n'=W%ap7خ&)OVK?OGQ!肎S<,x'*czͿ,K֜dY|H~<;ҳ+/b{l;MVcVs;ƟG3+|bK)R '~` #Ҧ$ȧE. <9 UD:oZ)).'Fi;wԏF1RH%/_k8iKNSX \C2_ ~R^:/o'\y~] NNAҪ +SyφcEo4 .BN`Wɀc?C`VT}BۅIumpw2`r4mnWA/ج]l8MJQ5-{K:*<1r##7z:[c:$ g(=.ML[i ,`ЖJXA3|3oYHðOR#ڟjEahA_7#>eJk}vn-r{$S ,C19ZIVW6<)Fy (<(unP. k}SJ•6`ӗ3$d-љ4SOP,%~q5GJS3I(x┎eΰgRqkY㍷%437=)wNA_a:y2c0FiEs aʕs6`FarKHl\|MKPj֜`ޞ2YJ8Xr_aBwLcj@ ]\;U'h ԷCi?pCǩ}͉ ~dծ,_\;Rz68/(*n]P~"ı2xOKH#*C6ggs7vŸ&j 4{^_r Ye=L?Jt"w5kvq)ij1AoIeneˡk2 .~7))S JkË= k\)e/n*;l- B5Ko'~ @}DGYa :渥e,k|Coɞ nc/gddp=|=6Si&b ^Mn/?T4oi`Ds7y%L+W:Bnp|ֵ+{qԱٹ])eqUxH 1EvWT6K=^٘צ?.g-E(857aO@'ЉI`vmŔj:I!uXjO޲k5b$5!9Tb.g)),3;YUE -giVS )v% [`ՓAGUt>sd?ko  鲜sЏovR}A@cK_j 8(KE35)c";e E`z3~}pI7EcҟR$A}>0 Ď*νs,F '@ ;9 r aK#s] Y;gU-XFW>^W!br3'r]rW$?']L"*t %Dvb[1ߨ=bmcpJuk  ve,LZ<ᜋIP2nf  l|!2{}G$ :*w_kؿ/dP׎XaJbzѪxa{.^ǣE}^'ǢAR1@o+c&tv8u~s=kҔ-#;%160opuLVg&̯9"AP( ӐXU WH0z13=[*.\Q= Z'Ɨ"rj3 XCS3-) )~Ҙ5o+]'d ܡ _jb}mV k/ZArقŰ 4>݌ע}pR0 |OKnZ߹G тvKAzt\ ρ+pDȯ!1V(3BqnuXl/7NbI O@X-si3TwUue`mT{#υѫl|T5\w'*sN߽⏪KܽhnyI!bus7S zu VhvZ^ZS(2cgyX.$=ahf:uiׂbv"WץG7^=fȁ9muY@,;;lv#PcmmR[nt|R(+)V>t~[mR>_y}u1D‹\dC/rmy,_Ui >`%@zC*' (\9u)Z#WƵy=wnFn.+Y.t _Ƕ{' Ϩг[y7Z\.{ns+}QxR':CgaT\."^)Y&% uj%/1?**bϐC1d0!EMt'i [Q+, Vpqn'6&u p7>o6눡Ad*yD&/*fe5pj* )4uV M7K&?X7J wDMCHDw$(ENl:oVۈ*.7F[>kee5S 4k/tO< GB&g,c'g@ yt#6ΊCD>eIHQbHݬ9( l}7CP:M%A9U9w\T@ݼe4ȾrO>dSսxJH@ö'V+9꣯q[=FqjPT +a7arp+>[>r/1sC9owFMn7L~n뭎d] ǃn:4_I 2Rz~E~bN Nֲ? ^s\!Y/7+Ysӎ_p YIYCGe8K)A̔3,G#z\Z"#|/5 sx *Vv0I +U󒬆zY'5Z RGd%&oyS4%5k;-Lېye&;ρ`_X"a4 bMG:G2|Q9݇5tOK|)Xy9}0¢&bSI1o7rjo,02FGfqty*_IԶwNENp]ã=Ix?xYє8efkWIћ脉+bidH9Lo/PGϜA閫cW v8BfGbE~ Ne 67%*Jo ye=X,y\MW1끋H2;w 4vF^qFeD!{6 LPi&3e=~9`7I/R7m Й=A`,!K: z1\A02l[ [À[z< ⣦n L@Q/oܥ ZNBqe{ gkrL?!%.$S/tT o OtNVuQ6F3v$ߖ8ޅ .l45Uv&c8{NIi[zZqL~؏b`N{ZR$AͰpIkY\X{&g M%Mks'JgcpY^[VP}.l/u)X )PJ'6hJڽh1w]_ ءEt VRwp1O}/d1e,RMoSQ׌2EJz: 4"l_ч]uـ{=(6_Y@<=47m\9fҵ yuoZL[tLg1cL06Etؒ!Q&sJі( bc0nY[8wFGp*E\pNfS }w7tD̪~Zk_?T ѹJ*9" SУʻF$NL+l/db Zܜ4 dIJsԏfm6C=6REGos>0ׂ3m:U& 9+޾Dhv0~$JG}]JfBivlˑ!Oz:C(!(p?T Xͳ `@4mdG$in c$.|K"VyShu͘ԪM gt,AO'9ʭ>J US:@GgOiDux 7D"!d:'O{lB"ϕ1Gqh' VlJ)RcS!d׌r4* }U'Jis&LX.OOy8f-yaFEӏwZA|K<@ 3(92 Y>; 2hbZ i<ɄҠUKFh3Q}P:\'VJ:=锓;i_m&hhC^?}»D)c4>tV sǍ-'~We#h]io66g ^g}8=;oǞk-qWfEC ՆNFIksȴ".k'$\)nġYÌB=g!lc 2Ի(lb`tZz*(? gգ[j2r?+ x鹕Z4{PpX+d7I*lԧCo* ܜzuލ(P描yE0ܝ U5wT㤄z[|dRdZN{mw79[$ vadH|mk&T{={,KA=pOI׌ThJӏ%.;iY5:> #~ⵉꠧR!ү$fTsx`;%,W9(}_]hXu>=782I-3BQF9 38R~e]yBLF[=CwE.iA& 㨌AAo?nRDC[Bьߔhs*`B Mٷ2OOqt)R,o?6=6SԆǻtCҡܙ"O ~ ì,x=Ν O,4J;NfU"{l`SN#?yqG+rp> nJzFųl_2k2,5WwكlgA=n}7u_x\'y#ua2 ih&H:EZ_ 35ff*u }H`R޼jp8EḄn- j`;H_De/Tjtb |٫YMX޿*1k-\*MaXZDXf% _` }\t8P'V' *5Kr"Vz֩woacPx SH߽*G 6r>= :^'ƓULK{DeU;a@ULڭ5&LCIX\y˒;_@R.kЍ J ­Բt#IoK_$L.w&h&K]V4WK}}vH"7AuGeCcݍvz1`2@8NgAYkc-U k};'S4[ЖJշ(u-([#RAW!@ya-,0mXlhߴ\O8L!L:YEҭ.9΂ yIdK]l0 C8n=v Q7g0)$34A]nuôCZߧSJ6FdjlBbNf5'(b%7 v5/sw,!v! ÍfA+fEђ@AK %?Hp_q=w'qYdO܄z;4Dw(] ،x=4Ԕ4d6)N}#`̔Gb*t?mrT|l8~&b"WEpȀs˃K:VI "N.0>#88I`ʼn,*,T́׭ƹ'$ gCkMh\J`1S_=<t4#fSkWk*(J;rjkN?f_M%{g\oIk aQ~ԣ =9 0 ^O,Ґ~3y%B6CwqwN1=dc־f/):S%6Ȥ%d0"ڥ7yN9iSWǘ 6.,\nFԓP=ɷUsv(c'2s! =d]cS2Oa">SI3|W,>orU2c_b<5RBQWmk!*BMח )_y_i`ٕݗNG߻ Hy@UP" ?W_*q8O8[.<*0 -b>:~^2qa):xez)di~? eO,mwhmâjf^sP-&(6%* Rk%?@sv 7Y'6gwD!b(Mg,Y"8 ~tњѬ44?:gl%R~U/69'̻}stֶ: &K7E0r]`뱓ZF,+b,FD[fK W0X#v~ b?#w(sFr@yƏB:XBhsbѝ$ߕw0H/я}^u`oX!_zhoЮR^{6gBu( v mzIҶ̎Gc;D'g}R]IPF "A(<mӤK 7 Яw4\L c!M`S!dM)S\'y;G}R2d~iwoq%ƨ Gp gQ5o,~su[]`͢c/]$R R.2ݎ?-fh v"3y.xOŊjSO<1t DWc7WF$ Fm RCʊbp7Rͻ#_w+ؒBAg-d3w FƼRi,$7ںrRw%rEu9ovtge@~Y(!'ӬޞO4h,*a͂ie - }nfW2BD&BH$N5fP<įcCp:m啁tL[U-AuA88ڛx%VYw$ Toǖ:Fs;k4wW}V1ly$ ܌&렯=qr[۵tJ}iGLY/;CO8q +ySmZJW$̳kygWׯk"m%51֪2&ѷ1Grg gNZYGo>{% +[RTx(c#MiD.bMK SmyhȞ_(FA@"|`&Q3`8w4(/!mŢGF90; x' gK-픏|.P>u1 Ҟ`W1ԡ\f $=$UZ(Ԓ|y8nؗڔhOtksPͭ1 ƐrY6ݽ7zO+\/3%"D9xڵ%"-B|!C -B+X/Vݯ A]#)k$x3qd|/bL&/cmホǓZ07=BO|*lQ Z %ch˃1Y΁J5I& AZShٕ 25:*<2amM7Rnɤ5۰OV8>ʋ͛1Xmjʣ_2u;c#qB Jd犁Bb\g xC[!M*S)zi86b ꇟ@69DLJs[K6Vg 82L,`i]PkfZwZ5er1^/.C̶J=[|nvҋ8zAeѠVOFeu@9S~nh$CROZy{БT|J󜵼ѿ+nLg-Ɂ &jCH1RhKFӧg{iN uWaZT1T' ;AIKn*ꏲt)stI ɝp70:_t̍e3)_ǰr{Pq(#/QZRc`Wb-r3U4:d5ۤ.pص L>]H쉷(D!<ԩ~}*t! JP{ө} =R]8 4*$$Pߨejjb9QbT5f5/SXz.]n*1KT3W($͑RDzÐ.M^u8s9B G|  k0/O<ۋϝƖ+&)=o `U^^pe{:upyd)gI EXrV /TbUmWzړNiA5d??E<M8/@̛xKCˤPMV\9c"]\;cLdYB&.6-J{ KZF䲫*ҥ4[]`Y LFV}呫]0Egj; "^T& rm8_ B}=}lM<5e]pЊQ ~d˦QYrJ`+@{7JLSSewt|ebY=)ߠ:.'> $s1'wzpb|9%՛!;+B4P7&A<xl,?S c*'/g4A;Tnn^#0I9d{!F Eb:E"fYBJwH}MSB $=g%ZKK-y NFPm; nzm鴉. [o7g?%l1HNи}Qn\A4y^wmfV ٚD&ʦؒȯhW>B^+% g_FEpnO]x.m\.ٌ#%VdYݼ)dJB7A Zvw PG6ǎ= &b_xsNZ;Xj66\~EO jvh-0[* zZJ>|i6- dj5@ ٫OJY0%nggMX.T7ɗ"7\!CNxްiO6: hŢbLpu+Y0L;qTONS)@a1 Hƫ6ŗдZ?r\J[HeJ*r}.\m; S2iR*6k M{ȥdPM< 3k +V3G߂>l%.1âB ?$B vHY+"Ꮣ,E9I(:1C]Q I6ϯ[maVxG̱ƞcE?:4iX5+ƽY o߲%m.3y6Z&̋Fm$Բ>T~-A} P`- yî}VZ$ T|ZvKG;@&P{_%YWux l)d-јy%TOr1j ^.v=^[<7%gcPoLֱ)GYG l2J4/B̈?7nWOl秮J>5Mn\FLh!3 T(]=HEBCP{@zҿ!TTc:J C1+agYsy +p*8<ѣeTPR|[A '0$8&}IZ0%>x=:xů!=Z7'o\b&F֧2 &rPONvyC$<P &,FvxӝP0!5 j!GF.2/x;+@~s)-|b:=i"{ ÉU;nx"~07D8#fo $? Z;w-H)DUbM)_co:oUϢj|[v~=ݻCԌܧ uع*38-_sg}͉[A,d y-oEb)V-WGcef=, #Qfg _JnA]%|U$ւmZNz]ϣJOc8e(Oџdi/X`*EVReO],m]e;B,ket2|Jev'YNBk-Z20FS4f`f$)#C"&2N![Wm^Ͽ]&~s[K,/sW>8)ԞCzNA-J#k#3WjXu. wBMiz-4X[$|G!CU֋SA91:L=$^^T2svwvds%$%lqe(nc7|:r"%kr 1ڞo.=&"y-Ht܈yA8e?7s>/o]mн؃ ֧p|+vhJSx~e3Y43;x%;Vk?~"jC{%2BmgVjij1F$]\owB!k;9Һ[s7&es=N7NΨJvw\,ڎ+$]nUn1:ozBny4ڟ}l+(.NS aMgGbTH)cə#|) %?Qj_Y|O5ܡ8ۆjoΨpՆ~ΰج(4Dm5~e]BϷΡKR Ҕ2%/%==l2Wnb#QgOMZr`wϏVm!X$v&/2 MxۿpKZdPxv>v!mi@]@ފ&3GiEj2`#:x+wNyYLvgq]xp}*\:NQKL[_Q t+ɇ>Կ_ D'(kgݑ5C.Oy.=O g.;29ZG,53yH6Ep{gA&욦(8ine  צ6c"/g$lYxFu `=*9]9xQF:Ѭ=`;ȶו%zec!Z? l ИAܵc+af^|-{U(NTy*^k-#xۨwC= dhb+q񰢂l FAIC29֤cbKQ\ll0FĆ5-,,W)Z@Sť-j{!xKVAL~ 4+ޙ- ],Cfj2kvL|1EZHG+I}2"h#Gq6ł aQ\2CȽ0"2Qm]ɤK;#g'.jYl-I, Md%Jih("lxZxØ 0hEbmKĉw&^7HsΙQ`vssetIa' L16( ߀=6]L1&aT^93/c%u# Y??.|~_6S˺r~֒uP ++Ek0 S)FA !]{ظO:zw1*մ |A"UmRzeY,^c*"rCe"CzBvcֽHt5A8N*$rB 3 UKtл$ų`'h3RFo.lv^>CD|7]WќrG7->FLkئ`fg=F_` J]>sk` xM:>k V2_(YJ^7!wg{لǃ$ l/st "Dɕ[Ƀ^}}|0_-*>bp̿*H=M uYԿ$2's5O}j/Kk^D*ftbP3ԎZiKŮf6~XӒ =6Uv ,~ ch'>d#9YN{rΜƒ&߳m`.t3ګOq8[ɹ6kqlIX'!/Fg_iwP ԥ/ͭ'3 OHɐ!dU]P++-E6dKXY} SA3m!'w:#8`6qnl<k|7fnZnuy4r]50ޖ@~&ИDAʬYh?L nA>Y_y$Bn@@qT5+#9.j!Ry0rÃvp  --ً `4 K.iEHEԤ/s nQhu񼧧Rjṕk>ְ*bRy_k'+[ lph!ə}0& Vcdek#Q>vk_sf6"惯CvEmPi i9#*{0b|*c 9e.:UӿLiS,|ŧؚg,I}^Ȣ:SE >e XRtweiѓT^H%pk|N<`Э d&']~m*ĀG/}ׅJ4_5:kh4F'#^sr8R*[a k*on@̰]#ؼƒtE]g8m ,nhm}od7ե4DyOʩI \2s (ZbEk/\{r^ D]7#HQ/A] &/ AlA 0U$u4Oanٍ^-iI{n˓Qf&`JE.-P!MqknDdsphA2T.Q|Og4 }%ɵ( B bj©!%n[?gC5\FMr')6ѫ.vt#wTo(G QDT M#Ǩj[.3gܼ{ "g{6ڻem7D?zxv~XJsܧ9x;A4ڹ"Z-UZrSX.Yt}S19D7L Bi4:PKẀR/ZśNN"YOa";Jv7CH9#^5,~F{[mݟP#zS:TDeRJo"9O\^hwt,> Ը#˛rVwCh1y/7[Tx %m,d2m{FlGކA<Ɇ? duݢW4ض: YZ