sssd-client-2.7.3-5.0.1.el8 >  A c U](L<Oo> Pqlz<JڼETwz_Z~*8m^P{-ķI&&^ϾB&ӤLm {П{:83H-3L``9c}MӭrCy%k_0E*Dj^Ǭ0߬ (aq6z\n M_=f>&o!Rܜy1)$ޝBlixQAZqbvQb06R 7f963d05506e5c46debf07ba3d0ded942c8a8582a1ca8d245374767d8ffe346eb8ae410bcc12be64d8e45708fc69c8ff4d6ee443c U]AjpDXEtrO1qH?R<4m?P2I!uVx|_ֱ:Z0( 1c(:+̾M.sw6{?ɾvĤ*(zҘK\)8x~0;.b/7HR2v@|dhxaPW/M1~Tn'iٴAYi?_RqsTQq;g9=?]Qv2 1m7[r'*sc13[Vy޼I'6* 5D!= 06۶轄^T\6ΥxO3>8ĽӺ߬Q dk_ p~:59㧾HS!f'J7.d}_ΖajAaڅ{O Zm{9ĉ\{'U/;WUR ZwȦj+YzJ᫗綛^p {и9"$7tm3E ӈ1;vvyy7p>pA?d  D %+04// N/ / h/  /  L/ / //,**^*(89d:lb>?%@-G</H/I/XY\4/]/^dbdef l t$/u/vw/xd/y dCsssd-client2.7.35.0.1.el8SSSD Client libraries for NSS and PAMProvides the libraries needed by the PAM and NSS stacks to connect to the SSSD service.cx86-01.mbox.centos.org CentOSCentOSLGPLv3+CentOS Buildsys Applications/Systemhttps://github.com/SSSD/sssdlinuxi686/sbin/ldconfig /usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin /usr/lib/cifs-utils/cifs_idmap_sss.so 20if [ $1 -eq 0 ] ; then /usr/sbin/alternatives --remove cifs-idmap-plugin /usr/lib/cifs-utils/cifs_idmap_sss.so fi#D<'+#0>- _4=4O84~K = (| [ 2 AAAAAAAAAAAAAA큤cccccccccccccccccccccccccccccccbºbºccccccccccccccd59cd808bcb35352cce90788e03cbd5bd605bc260859bda4d954f9b570f4fd15edfd8007d5e26271a1adf1fdcb943322dc5578a9a045fd7c91155328cdaf1c9e04f702a7d7e90f010eeddd9fad65a6badcc7d5dc96d7eb54cba708d21a802220464921559f024fab4f1333f9af3775e10045f443b0c4b3ce16ec56783ea0249bcecb1848672aec24c951dc395f4757905ed21bf86e9dfbcf35e416893eec0a579326ae97d6fb953ea247bab1c9be5c226857c443835faec32b880dbe9150cab8d63fd180498456a6befbdc6c8de28c1e1d1a2c6f84ecf46aeb3271e51a0b72f0673e922f24311b8950e9f62d204fd03134f912cf9641e5b436819daa179b1f248ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b9036c57f43c939054fd4b831f271a14c97a488c38f98cdda5e887c5d396e3b3bc58f8690f1f655c21e34ab59b874d3a4db5585ae34f23a3936d843fc255c15c909f11bfd3965538066e858cadab4a0ec7781ec59680ef783066fe956d2f6e0e513b80ef5f4567926eaa46a37643142ac2e7a2d14a78551610110aaacb4122fc3ce045a284906489d98fec831e64870a3099453647323d5284fc806e56594abb2ffeb5c3a36a0d9124bcf96fd06eae52d39afc50cff422aa8a5f2aa1d47a018da9d629f2daaa053ed2e23d8a5ed57bed1983b655e6927eb1d8a2b464d43d31c6d0a5b4bf97dc6448c10868cfa315b6d0bacbfafb280f088a9adf011d1ed58b8ab3d0e386aa4cb67acd7064c31bf04f5c9a2b4e6df413f0ff2fdc62ec2fbddaab55a3fa0f7489c8259ebbd19d63f226717d3e1e7e2c0b221af14ebdeedc215ddb7d3578680dc1fa68e3d141091d4cd78b9c9349e6fe80d9ea816170772f309fd9fb904bd66cfdd8acf23a3a762a5faa99a33dd70642feff93bf1a1ed25c1307665937761f783d7616d26171c4f0ba3111069eb6e7d5a0b9e4d4459f978a548dbdecd8ce1ecdb9e60389515ed62b6733962909277c1a638670a40a0e163f94e931014ac0929a685b34f71d6a4baf3b25fd3727106eeaa4e7a95c9c5336a2461116c824../../../../usr/lib/libnss_sss.so.2../../../../usr/lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so../../../../usr/lib/krb5/plugins/authdata/sssd_pac_plugin.so../../../../usr/lib/security/pam_sss.so../../../../usr/lib/security/pam_sss_gss.so../../../../usr/lib/libsubid_sss.so../../../../usr/lib/cifs-utils/cifs_idmap_sss.so../../../../usr/lib/sssd/modules/sssd_krb5_localauth_plugin.so@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootsssd-2.7.3-5.0.1.el8.src.rpmlibnss_sss.so.2libnss_sss.so.2(EXPORTED)libsubid_sss.solibsubid_sss.so(EXPORTED)sssd-clientsssd-client(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@@@    @/bin/sh/bin/sh/sbin/ldconfig/sbin/ldconfig/sbin/ldconfig/usr/sbin/alternatives/usr/sbin/alternativeslibc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.28)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libcom_err.so.2libgssapi_krb5.so.2libgssapi_krb5.so.2(gssapi_krb5_2_MIT)libk5crypto.so.3libkrb5.so.3libkrb5.so.3(krb5_3_MIT)libpam.so.0libpam.so.0(LIBPAM_1.0)libpam.so.0(LIBPAM_EXTENSION_1.0)libpam.so.0(LIBPAM_MODUTIL_1.0)libpthread.so.0libsss_idmaplibsss_idmap.so.0libsss_idmap.so.0(SSS_IDMAP_0.4)libsss_nss_idmaplibsss_nss_idmap.so.0libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.0.1)libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.5.0)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.7.3-5.0.1.el82.7.3-5.0.1.el83.0.4-14.6.0-14.0-15.2-14.14.3c_cc@bbγba@baZ@a6aɪa@aKa@`.`@`[` @`&m`@`x@__@_@_#___[@_?@_-B@_@_@^@^@^^(@^oj@^ku^Y^S^J@^C^0"@^0"@^0"@^@^@^@]f@]f@] @] @]+]]Y]Y]|@]o@]k]k]Y=]Y=]Y=]Y=]Y=]M`@]M`@]M`@]D%]D%]D%]9]9]]]@]@\\`@\]o@\\\\\\\@\>@\>@\>@\\\\l@[Ѱ@[^[[ā@[ā@[ā@[;@[;@[;@[;@[;@[[@[@[@[@[@[t[#@[#@[@[@[qr[;e@["XZZ&Zw@Z Z$Zz@ZyZiZiZWQZWQZ%8Z@Z@YZ@Y@YYzYKYyYw2YRHYRHY@X-XX~@XO@X}@X@XX6@XWXOXXWW@WWW@WWv[@Wi,@W5W@W@V3VVVvV%@VqR@VO @V<@V/g@V$@V @V @UpU|@U4@UUUU@UzUzUzUL@UL@U.RU@TTT@T~T8TܕT@T@TTTq@T@T@Tp@TA@TuTto@TG@TD@TT @S0SS@S.SP@S @Sg@SrS!@SkqSkqSG@SFSCS!SSRRpRpR^R[RSRNREs@RD!R@R@RNQB@Q@QQQکQQQo@Q)@Q@QQ@Q@QbQbQV@Q'@QQQQnQZ@QU@Q0@QQQ@Q@QQ @QQh@PP@P@P@Pz@Pz@PqnPl(PaPaPS@PH@PDPM>M2@MMzMx@Mj - 2.7.3-5Alexey Tikhonov - 2.7.3-4Alexey Tikhonov - 2.7.3-3Alexey Tikhonov - 2.7.3-2Alexey Tikhonov - 2.7.3-1Alexey Tikhonov - 2.7.2-1Alexey Tikhonov - 2.7.0-2Alexey Tikhonov - 2.6.2-3Alexey Tikhonov - 2.6.2-2Alexey Tikhonov - 2.6.2-1Alexey Tikhonov - 2.6.1-2Alexey Tikhonov - 2.6.1-1Alexey Tikhonov - 2.5.2-2Alexey Tikhonov - 2.5.2-1Alexey Tikhonov - 2.5.1-2Alexey Tikhonov - 2.5.1-1Alexey Tikhonov - 2.5.0-1Alexey Tikhonov - 2.4.0-8Alexey Tikhonov - 2.4.0-7Alexey Tikhonov - 2.4.0-6Alexey Tikhonov - 2.4.0-5Alexey Tikhonov - 2.4.0-4Alexey Tikhonov - 2.4.0-3Alexey Tikhonov - 2.4.0-2Alexey Tikhonov - 2.4.0-1Alexey Tikhonov - 2.3.0-9Alexey Tikhonov - 2.3.0-8Alexey Tikhonov - 2.3.0-7Alexey Tikhonov - 2.3.0-6Alexey Tikhonov - 2.3.0-5Alexey Tikhonov - 2.3.0-4Alexey Tikhonov - 2.3.0-3Alexey Tikhonov - 2.3.0-2Alexey Tikhonov - 2.3.0-1Alexey Tikhonov - 2.2.3-19Alexey Tikhonov - 2.2.3-19Michal Židek - 2.2.3-18Alexey Tikhonov - 2.2.3-17Alexey Tikhonov - 2.2.3-16Michal Židek - 2.2.3-15Michal Židek - 2.2.3-14Michal Židek - 2.2.3-13Michal Židek - 2.2.3-12Michal Židek - 2.2.3-11Michal Židek - 2.2.3-10Michal Židek - 2.2.3-9Michal Židek - 2.2.3-8Michal Židek - 2.2.3-7Michal Židek - 2.2.3-6Michal Židek - 2.2.3-5Michal Židek - 2.2.3-4Michal Židek - 2.2.3-3Michal Židek - 2.2.3-2Michal Židek - 2.2.3-1Michal Židek - 2.2.2-1Michal Židek - 2.2.0-19Michal Židek - 2.2.0-18Michal Židek - 2.2.0-17Michal Židek - 2.2.0-16Michal Židek - 2.2.0-15Michal Židek - 2.2.0-14Michal Židek - 2.2.0-13Michal Židek - 2.2.0-12Michal Židek - 2.2.0-11Michal Židek - 2.2.0-10Michal Židek - 2.2.0-9Michal Židek - 2.2.0-8Michal Židek - 2.2.0-7Michal Židek - 2.2.0-6Jakub Hrozek - 2.2.0-5Jakub Hrozek - 2.2.0-4Jakub Hrozek - 2.2.0-3Jakub Hrozek - 2.2.0-2Michal Židek - 2.2.0-1Michal Židek - 2.1.0-1Michal Židek - 2.0.0-45Jakub Hrozek - 2.0.0-43Michal Židek - 2.0.0-42Michal Židek - 2.0.0-41Michal Židek - 2.0.0-40Michal Židek - 2.0.0-39Michal Židek - 2.0.0-38Michal Židek - 2.0.0-36Michal Židek - 2.0.0-35Michal Židek - 2.0.0-34Michal Židek - 2.0.0-33Michal Židek - 2.0.0-32Michal Židek - 2.0.0-31Michal Židek - 2.0.0-30Michal Židek - 2.0.0-29Michal Židek - 2.0.0-28Michal Židek - 2.0.0-27Michal Židek - 2.0.0-26Michal Židek - 2.0.0-25Michal Židek - 2.0.0-24Jakub Hrozek - 2.0.0-23Jakub Hrozek - 2.0.0-22Jakub Hrozek - 2.0.0-21Jakub Hrozek - 2.0.0-20Jakub Hrozek - 2.0.0-19Jakub Hrozek - 2.0.0-18Jakub Hrozek - 2.0.0-17Jakub Hrozek - 2.0.0-16Jakub Hrozek - 2.0.0-15Jakub Hrozek - 2.0.0-14Jakub Hrozek - 2.0.0-13Jakub Hrozek - 2.0.0-12Jakub Hrozek - 2.0.0-11Jakub Hrozek - 2.0.0-10Jakub Hrozek - 2.0.0-9Jakub Hrozek - 2.0.0-8Jakub Hrozek - 2.0.0-7Jakub Hrozek - 2.0.0-6Jakub Hrozek - 2.0.0-5Jakub Hrozek - 2.0.0-4Jakub Hrozek - 2.0.0-3Jakub Hrozek - 2.0.0-2Fabiano Fidêncio - 2.0.0-1Tomas Orsava - 1.16.2-2Fabiano Fidêncio - 1.16.2-1Fabiano Fidêncio - 1.16.1-3Fabiano Fidêncio - 1.16.1-2Fabiano Fidêncio - 1.16.1-1Lukas Slebodnik - 1.16.0-13Fabiano Fidêncio - 1.16.0-12Lukas Slebodnik - 1.16.0-11Lukas Slebodnik - 1.16.0-10Igor Gnatenko - 1.16.0-9Lukas Slebodnik - 1.16.0-8Lukas Slebodnik - 1.16.0-7Björn Esser - 1.16.0-6Lukas Slebodnik - 1.16.0-5Lukas Slebodnik - 1.16.0-4Jakub Hrozek - 1.16.0-3Lukas Slebodnik - 1.16.0-2Lukas Slebodnik - 1.16.0-1Lukas Slebodnik - 1.15.3-5Lukas Slebodnik - 1.15.3-4Lukas Slebodnik - 1.15.3-3Fedora Release Engineering - 1.15.3-2Lukas Slebodnik - 1.15.3-1Lukas Slebodnik - 1.15.3-0.beta.5Lukas Slebodnik - 1.15.3-0.beta.4Lukas Slebodnik - 1.15.3-0.beta.3Lukas Slebodnik - 1.15.3-0.beta.2Lukas Slebodnik - 1.15.3-0.beta.1Lukas Slebodnik - 1.15.2-1Lukas Slebodnik - 1.15.1-1Jakub Hrozek - 1.15.0-4Lukas Slebodnik - 1.15.0-3Fedora Release Engineering - 1.15.0-2Lukas Slebodnik - 1.15.0-1Miro Hrončok - 1.14.2-3Lukas Slebodnik - 1.14.2-2Lukas Slebodnik - 1.14.2-1Lukas Slebodnik - 1.14.1-4Lukas Slebodnik - 1.14.1-3Lukas Slebodnik - 1.14.1-2Lukas Slebodnik - 1.14.1-1Stephen Gallagher - 1.14.0-5Fedora Release Engineering - 1.14.0-4Lukas Slebodnik - 1.14.0-3Lukas Slebodnik - 1.14.0-2.betaLukas Slebodnik - 1.14.0-1.alphaLukas Slebodnik - 1.13.4-3Lukas Slebodnik - 1.13.4-2Lukas Slebodnik - 1.13.4-1Lukas Slebodnik - 1.13.3-6Lukas Slebodnik - 1.13.3-5Fedora Release Engineering - 1.13.3-4Lukas Slebodnik - 1.13.3-3Lukas Slebodnik - 1.13.3-2Lukas Slebodnik - 1.13.3-1Lukas Slebodnik - 1.13.2-1Robert Kuska - 1.13.1-5Lukas Slebodnik - 1.13.1-4Lukas Slebodnik - 1.13.1-3Lukas Slebodnik - 1.13.1-2Lukas Slebodnik - 1.13.1-1Lukas Slebodnik - 1.13.0-6Lukas Slebodnik - 1.13.0-5Lukas Slebodnik - 1.13.0-4Lukas Slebodnik - 1.13.0-3Lukas Slebodnik - 1.13.0-2.alphaLukas Slebodnik - 1.13.0-1.alphaFedora Release Engineering - 1.12.5-4Lukas Slebodnik - 1.12.5-3Lukas Slebodnik - 1.12.5-2Lukas Slebodnik - 1.12.5-1Lukas Slebodnik - 1.12.4-8Lukas Slebodnik - 1.12.4-7Lukas Slebodnik - 1.12.4-6Lukas Slebodnik - 1.12.4-5Jakub Hrozek - 1.12.4-4Jakub Hrozek - 1.12.4-3Lukas Slebodnik - 1.12.4-2Lukas Slebodnik - 1.12.4-1Lukas Slebodnik - 1.12.3-7Lukas Slebodnik - 1.12.3-6Jakub Hrozek - 1.12.3-5Lukas Slebodnik - 1.12.3-4Lukas Slebodnik - 1.12.3-3Lukas Slebodnik - 1.12.3-2Lukas Slebodnik - 1.12.3-1Lukas Slebodnik - 1.12.2-8Sumit Bose - 1.12.2-7Lukas Slebodnik - 1.12.2-6Jakub Hrozek - 1.12.2-5Jakub Hrozek - 1.12.2-4Jakub Hrozek - 1.12.2-3Jakub Hrozek - 1.12.2-2Jakub Hrozek - 1.12.2-1Jakub Hrozek - 1.12.1-2Jakub Hrozek - 1.12.1-1Jakub Hrozek - 1.12.0-7Fedora Release Engineering - 1.12.0-6Stephen Gallagher 1.12.0-5Jakub Hrozek - 1.12.0-1Fedora Release Engineering - 1.12.0-4.beta2Jakub Hrozek - 1.12.0-1.beta2Jakub Hrozek - 1.12.0-2.beta1Jakub Hrozek - 1.12.0-1.beta1Jakub Hrozek - 1.11.5.1-4Stephen Gallagher - 1.11.5.1-3Stephen Gallagher - 1.11.5.1-2Jakub Hrozek - 1.11.5.1-1Stephen Gallagher 1.11.5-2Jakub Hrozek - 1.11.5-1Sumit Bose - 1.11.4-3Jakub Hrozek - 1.11.4-2Jakub Hrozek - 1.11.4-1Jakub Hrozek - 1.11.3-2Jakub Hrozek - 1.11.3-1Jakub Hrozek - 1.11.2-1Sumit Bose - 1.11.1-5Sumit Bose - 1.11.1-4Jakub Hrozek - 1.11.1-3Jakub Hrozek - 1.11.1-2Jakub Hrozek - 1.11.1-1Jakub Hrozek - 1.11.0-3Jakub Hrozek - 1.11.0-2Jakub Hrozek - 1.11.0-1Jakub Hrozek - 1.11.0-0.4.beta2Fedora Release Engineering - 1.11.0-0.3.beta2Jakub Hrozek - 1.11.0.2beta2Jakub Hrozek - 1.11.0.1beta2Jakub Hrozek - 1.10.1-1Jakub Hrozek - 1.10.0-17Stephen Gallagher - 1.10.0-16Stephen Gallagher - 1.10.0-15Stephen Gallagher - 1.10.0-14Jakub Hrozek - 1.10.0-13Dan Horák - 1.10.0-12.beta2Jakub Hrozek - 1.10.0-11.beta2Jakub Hrozek - 1.10.0-10.beta2Jakub Hrozek - 1.10.0-9.beta2Jakub Hrozek - 1.10.0-8.beta1Jakub Hrozek - 1.10.0-8.beta2Jakub Hrozek - 1.10.0-7.beta1Jakub Hrozek - 1.10.0-6.beta1Jakub Hrozek - 1.10.0-5.beta1Jakub Hrozek - 1.10.0-4.beta1Jakub Hrozek - 1.10.0-3.beta1Jakub Hrozek - 1.10.0-2.alpha1Jakub Hrozek - 1.10.0-1.alpha1Jakub Hrozek - 1.9.5-10Stephen Gallagher - 1.9.4-9Jakub Hrozek - 1.9.4-8Jakub Hrozek - 1.9.4-7Jakub Hrozek - 1.9.4-6Jakub Hrozek - 1.9.4-5Jakub Hrozek - 1.9.4-4Jakub Hrozek - 1.9.4-3Jakub Hrozek - 1.9.4-2Jakub Hrozek - 1.9.4-1Jakub Hrozek - 1.9.3-1Jakub Hrozek - 1.9.2-5Jakub Hrozek - 1.9.2-4Jakub Hrozek - 1.9.2-3Jakub Hrozek - 1.9.2-2Jakub Hrozek - 1.9.2-1Jakub Hrozek - 1.9.1-1Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-23Jakub Hrozek - 1.9.0-22.rc1Jakub Hrozek - 1.9.0-21.beta7Jakub Hrozek - 1.9.0-20.beta6Jakub Hrozek - 1.9.0-19.beta6Jakub Hrozek - 1.9.0-18.beta6Jakub Hrozek - 1.9.0-17.beta6Jakub Hrozek - 1.9.0-16.beta6Jakub Hrozek - 1.9.0-14.beta6Jakub Hrozek - 1.9.0-13.beta6Fedora Release Engineering - 1.9.0-13.beta5Jakub Hrozek - 1.9.0-12.beta5Stephen Gallagher - 1.9.0-11.beta4Jakub Hrozek - 1.9.0-10.beta4Jakub Hrozek - 1.9.0-9.beta4Stephen Gallagher - 1.9.0-8.beta3Stephen Gallagher - 1.9.0-7.beta2Stephen Gallagher - 1.9.0-6.beta2Stephen Gallagher - 1.9.0-5.beta2Stephen Gallagher - 1.9.0-4.beta1Stephen Gallagher - 1.9.0-3.beta1Stephen Gallagher - 1.9.0-2.beta1Stephen Gallagher - 1.9.0-1.beta1Stephen Gallagher - 1.8.3-11Stephen Gallagher - 1.8.2-10Stephen Gallagher - 1.8.1-9Stephen Gallagher - 1.8.1-8Stephen Gallagher - 1.8.1-7Stephen Gallagher - 1.8.0-6Stephen Gallagher - 1.8.0-5.beta3Stephen Gallagher - 1.8.0-4.beta3Petr Pisar - 1.8.0-3.beta2Stephen Gallagher - 1.8.0-1.beta2Stephen Gallagher - 1.8.0-1.beta1Stephen Gallagher - 1.7.0-5Stephen Gallagher - 1.7.0-4Stephen Gallagher - 1.7.0-3Fedora Release Engineering - 1.7.0-2Stephen Gallagher - 1.7.0-1Stephen Gallagher - 1.6.4-1Stephen Gallagher - 1.6.3-5Stephen Gallagher - 1.6.3-4Jakub Hrozek - 1.6.3-3Stephen Gallagher - 1.6.3-2Stephen Gallagher - 1.6.3-1Fedora Release Engineering - 1.6.2-5Stephen Gallagher - 1.6.2-4Stephen Gallagher - 1.6.2-3Stephen Gallagher - 1.6.2-2Stephen Gallagher - 1.6.2-1Stephen Gallagher - 1.6.1-1Stephen Gallagher - 1.6.0-2Stephen Gallagher - 1.6.0-1Stephen Gallagher - 1.5.11-2Stephen Gallagher - 1.5.10-1Stephen Gallagher - 1.5.9-1Stephen Gallagher - 1.5.8-1Stephen Gallagher - 1.5.7-3Stephen Gallagher - 1.5.7-2Stephen Gallagher - 1.5.7-1Stephen Gallagher - 1.5.6.1-1Stephen Gallagher - 1.5.6-1Stephen Gallagher - 1.5.5-5Stephen Gallagher - 1.5.5-4Stephen Gallagher - 1.5.5-3Stephen Gallagher - 1.5.5-2Stephen Gallagher - 1.5.5-1Stephen Gallagher - 1.5.4-1Stephen Gallagher - 1.5.3-2Stephen Gallagher - 1.5.3-1Stephen Gallagher - 1.5.2-1Simo Sorce - 1.5.1-9Stephen Gallagher - 1.5.1-8Stephen Gallagher - 1.5.1-7Stephen Gallagher - 1.5.1-6Stephen Gallagher - 1.5.1-5Fedora Release Engineering - 1.5.1-4Stephen Gallagher - 1.5.1-3Stephen Gallagher - 1.5.1-2Stephen Gallagher - 1.5.1-1Stephen Gallagher - 1.5.0-2Stephen Gallagher - 1.5.0-1Stephen Gallagher - 1.4.1-3Stephen Gallagher - 1.4.1-2Stephen Gallagher - 1.4.1-1Stephen Gallagher - 1.4.0-2Stephen Gallagher - 1.4.0-1Stephen Gallagher - 1.3.0-35Stephen Gallagher - 1.3.0-34Stephen Gallagher - 1.3.0-33Stephen Gallagher - 1.3.0-32Stephen Gallagher - 1.3.0-31Stephen Gallagher - 1.3.0-30David Malcolm - 1.2.91-21Stephen Gallagher - 1.2.91-20Stephen Gallagher - 1.2.1-15Stephen Gallagher - 1.2.0-12Stephen Gallagher - 1.1.92-11Stephen Gallagher - 1.1.91-10Simo Sorce - 1.1.1-3Stephen Gallagher - 1.1.1-1Stephen Gallagher - 1.1.0-2Stephen Gallagher - 1.1.0-1.pre20100317git0ea7f19Stephen Gallagehr - 1.0.5-2Stephen Gallagher - 1.0.5-1Stephen Gallagher - 1.0.4-1Stephen Gallagher - 1.0.3-1Stephen Gallagher - 1.0.2-1Stephen Gallagher - 1.0.1-1Stephen Gallagher - 1.0.0-2Stephen Gallagher - 1.0.0-1Stephen Gallagher - 0.99.1-1Stephen Gallagher - 0.99.0-1Stephen Gallagher - 0.7.1-1Stephen Gallagher - 0.7.0-2Stephen Gallagher - 0.7.0-1Stephen Gallagher - 0.6.1-2Stephen Gallagher - 0.6.1-1Stephen Gallagher - 0.6.0-1Sumit Bose - 0.6.0-0Simo Sorce - 0.5.0-0Jakub Hrozek - 0.4.1-4Fedora Release Engineering - 0.4.1-3Simo Sorce - 0.4.1-2Simo Sorce - 0.4.1-1Simo Sorce - 0.4.1-0Simo Sorce - 0.3.2-2Jakub Hrozek - 0.3.2-1Simo Sorce - 0.3.1-2Simo Sorce - 0.3.1-1Simo Sorce - 0.3.0-2Simo Sorce - 0.3.0-1Simo Sorce - 0.2.1-1Simo Sorce - 0.2.0-1Jakub Hrozek - 0.1.0-5.20090309git691c9b3Jakub Hrozek - 0.1.0-4Sumit Bose - 0.1.0-3Jakub Hrozek - 0.1.0-2Stephen Gallagher - 0.1.0-1- Related: rhbz#2132051 - Rebase Samba to the the latest 4.17.x release Rebuild against Samba rebase.- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8 - Resolves: rhbz#2119726 - sssctl analyze --logdir option requires sssd to be configured - Resolves: rhbz#2120669 - Incorrect request ID tracking from responder to backend- Resolves: rhbz#2116488 - virsh command will hang after the host run several auto test cases - Resolves: rhbz#2116486 - [regression] sssctl analyze fails to parse PAM related sssd logs - Resolves: rhbz#2116487 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2063016 - [sssd] RHEL 8.7 Tier 0 Localization- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2098620 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets - Resolves: rhbz#2098619 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file - Resolves: rhbz#2088817 - pam_sss_gss ceased to work after upgrade to 8.6 - Resolves: rhbz#2098616 - Add idp authentication indicator in man page of sssd.conf - Resolves: rhbz#2056035 - 'getent hosts' not return hosts if they have more than one CN in LDAP - Resolves: rhbz#2098615 - Regression "Missing internal domain data." when setting ad_domain to incorrect - Resolves: rhbz#2098617 - Harden kerberos ticket validation - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol- Resolves: rhbz#2069379 - Rebase SSSD for RHEL 8.7 - Resolves: rhbz#2026799 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options) - Resolves: rhbz#2033347 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file. - Resolves: rhbz#2056483 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2 - Resolves: rhbz#2062689 - [Improvement] Add user and group version of sss_nss_getorigbyname() - Resolves: rhbz#2065692 - [RHEL8] Ship new sub-package called sssd-idp into sssd - Resolves: rhbz#2072050 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop - Resolves: rhbz#2072931 - Use right sdap_domain in ad_domain_info_send - Resolves: rhbz#2087088 - sssd does not enforce smartcard auth for kde screen locker - Resolves: rhbz#2087744 - Unable to lookup AD user if the AD group contains '@' symbol - Resolves: rhbz#2087745 - 2FA prompting setting ineffective - Resolves: rhbz#2087746 - sssd fails GPO-based access if AD have setup with Japanese language- Resolves: rhbz#2039892 - 2.6.2 regression: Daemon crashes when resolving AD user names - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#2035245 - AD Domain in the AD Forest Missing after sssd latest update - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files (additional patch)- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#2013260 - [RHEL8] Add ability to parse child log files - Resolves: rhbz#2030386 - sssd-kcm has requirement on krb5 symbol "krb5_unmarshal_credentials" only available in latest RHEL8.5 krb5 libraries - Resolves: rhbz#1859315 - sssd does not use kerberos port that is set. - Resolves: rhbz#1961182 - Passwordless (GSSAPI) SSH not working due to missing "includedir /var/lib/sss/pubconf/krb5.include.d" directive in /etc/krb5.conf - Resolves: rhbz#2008829 - sssd_be segfault due to empty forest root name - Resolves: rhbz#2012263 - pam responder does not call initgroups to refresh the user entry - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012327 - Groups are missing while performing id lookup as SSSD switching to offline mode due to the wrong domain name in the ldap-pings(netlogon). - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013259 - [RHEL8] Add tevent chain ID logic into responders - Resolves: rhbz#2017301 - [sssd] RHEL 8.6 Tier 0 Localization- Rebuild due to rhbz#2013596 - Rebase Samba to the the latest 4.15.x release- Resolves: rhbz#2011216 - Rebase SSSD for RHEL 8.6 - Resolves: rhbz#1968340 - 'exclude_groups' option provided in SSSD for session recording (tlog) doesn't work as expected - Resolves: rhbz#1952569 - SSSD should use "hidden" temporary file in its krb locator - Resolves: rhbz#1917970 - proxy provider: secondary group is showing in sssd cache after group is removed - Resolves: rhbz#1636002 - socket-activated services start as the sssd user and then are unable to read the confdb - Resolves: rhbz#2021196 - Make backtrace less "chatty" (avoid duplicate backtraces) - Resolves: rhbz#2018432 - 2.5.x based SSSD adds more AD domains than it should based on the configuration file (not trusted and from a different forest) - Resolves: rhbz#2015070 - Consistency in defaults between OpenSSH and SSSD - Resolves: rhbz#2013297 - disabled root ad domain causes subdomains to be marked offline - Resolves: rhbz#2013294 - Lookup with fully-qualified name does not work with 'cache_first = True' - Resolves: rhbz#2013218 - autofs lookups for unknown mounts are delayed for 50s - Resolves: rhbz#2013028 - [RFE] Health and Support Analyzer: Add sssctl sub-command to select and display a single request from the logs - Resolves: rhbz#2013024 - Add support for CKM_RSA_PKCS in smart card authentication. - Resolves: rhbz#2013006 - [RFE] support subid ranges managed by FreeIPA - Resolves: rhbz#2012308 - Add client certificate validation D-Bus API - Resolves: rhbz#2012122 - tps tests fail with cross dependency on sssd debuginfo package: removal of 'sssd-libwbclient-debuginfo' is missing- Resolves: rhbz#1975169 - EMBARGOED CVE-2021-3621 sssd: shell command injection in sssctl [rhel-8] - Resolves: rhbz#1962042 - [sssd] RHEL 8.5 Tier 0 Localization- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1693379 - sssd_be and sss_cache too heavy on CPU - Resolves: rhbz#1909373 - Missing search index for `originalADgidNumber` - Resolves: rhbz#1954630 - [RFE] Improve debug messages by adding a unique tag for each request the backend is handling - Resolves: rhbz#1936891 - SSSD Error Msg Improvement: Bad address - Resolves: rhbz#1364596 - sssd still showing ipa user after removed from last group - Resolves: rhbz#1979404 - Changes made to /etc/pam.d/sssd-shadowutils are overwritten back to default on sssd-common package upgrade- Resolves: rhbz#1974257 - 'debug_microseconds' config option is broken - Resolves: rhbz#1936902 - SSSD Error Msg Improvement: Invalid argument - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm (additional patches and rebuild)- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1917444 - SSSD Error Msg Improvement: Server resolution failed: [2]: No such file or directory - Resolves: rhbz#1917511 - SSSD Error Msg Improvement: Failed to resolve server 'server.example.com': Error reading file - Resolves: rhbz#1917535 - sssd.conf man page: parameter dns_resolver_server_timeout and dns_resolver_op_timeout - Resolves: rhbz#1940509 - [RFE] Health and Support Analyzer: Link frontend to backend requests - Resolves: rhbz#1649464 - auto_private_groups not working as expected with posix ipa/ad trust - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1961215 - Invalid sssd-kcm return code if requested operation is not found - Resolves: rhbz#1837090 - SSSD fails nss_getby_name for IPA user with SID if the user has user private group - Resolves: rhbz#1879869 - sudo commands incorrectly exports the KRB5CCNAME environment variable - Resolves: rhbz#1962550 - sss_pac_make_request fails on systems joined to Active Directory. - Resolves: rhbz#1737489 - [RFE] SSSD should honor default Kerberos settings (keytab name) in /etc/krb5.conf- Resolves: rhbz#1947671 - Rebase SSSD for RHEL 8.5 - Resolves: rhbz#1930535 - [abrt] [faf] sssd: monitor_service_shutdown(): /usr/sbin/sssd killed by 11 - Resolves: rhbz#1942387 - Wrong default debug level of sssd tools - Resolves: rhbz#1945888 - Inconsistant debug level for connection logging - Resolves: rhbz#1948657 - pam_sss_gss.so doesn't work with large kerberos tickets - Resolves: rhbz#1949149 - [RFE] Poor man's backtrace - Resolves: rhbz#1920500 - Authentication handshake (ldap_install_tls()) fails due to underlying openssl operation failing with EINTR - Resolves: rhbz#1923964 - [RFE] SSSD Error Msg Improvement: write_krb5info_file failed, authentication might fail. - Resolves: rhbz#1928648 - SSSD logs improvements: clarify which config option applies to each timeout in the logs - Resolves: rhbz#1632159 - sssd-kcm starts successfully for non existent socket_path - Resolves: rhbz#1627112 - RFE: Kerberos ticket renewal for sssd-kcm - Resolves: rhbz#1925505 - [RFE] improve the sssd refresh timers for SUDO queries - Resolves: rhbz#1925514 - [RFE] Randomize the SUDO timeouts upon reconnection - Resolves: rhbz#1925561 - sssd-ldap(5) does not report how to disable the SUDO smart queries - Resolves: rhbz#1925621 - document impact of indices and of scope on performance of LDAP queries - Resolves: rhbz#1855320 - [RFE] RHEL8 sssd: inheritance of the case_sensitive parameter for subdomains. - Resolves: rhbz#1925608 - [RFE] make 'random_offset' addon to 'offline_timeout' option configurable - Resolves: rhbz#1447945 - man page / docs update required: if two certificate matching rules with the same priority match only one is used - Resolves: rhbz#1703436 - sssd not thread-safe in innetgr() - Resolves: rhbz#1713143 - SSSD does not translate the 2FA text labels("first factor" / "second factor") on GDM login and screensaver unlock screen - Resolves: rhbz#1888977 - sss_override: Usage limitations clarification in man page - Resolves: rhbz#1890177 - Clarify "single_prompt" option in "PROMPTING CONFIGURATION SECTION" section of sssd.conf man page - Resolves: rhbz#1902280 - fix sss_cache to also reset cached timestamp - Resolves: rhbz#1935683 - SSSD not detecting subdomain from AD forest (RHEL 8.3) - Resolves: rhbz#1937919 - IPA missing secondary IPA Posix groups in latest sssd 1.16.5-10.el7_9.7 - Resolves: rhbz#1944665 - No gpo found and ad_gpo_implicit_deny set to True still permits user login - Resolves: rhbz#1919942 - sss_override does not take precedence over override_homedir directive- Resolves: rhbz#1926622 - Add support to verify authentication indicators in pam_sss_gss - Resolves: rhbz#1926454 - First smart refresh query contains modifyTimestamp even if the modifyTimestamp is 0. - Resolves: rhbz#1893159 - Default debug level should report all errors / failures (additional patch)- Resolves: rhbz#1920001 - Do not add '%' to group names already prefixed with '%' in IPA sudo rules - Resolves: rhbz#1918433 - sssd unable to lookup certmap rules - Resolves: rhbz#1917382 - [abrt] [faf] sssd: dp_client_handshake_timeout(): /usr/libexec/sssd/sssd_be killed by 11- Resolves: rhbz#1113639 - autofs: return a connection failure until maps have been fetched - Resolves: rhbz#1915395 - Memory leak in the simple access provider - Resolves: rhbz#1915319 - SSSD: SBUS: failures during servers startup - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication (additional patches)- Resolves: rhbz#1631410 - Can't login with smartcard with multiple certs having same ID value - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff (additional patches) - Resolves: rhbz#1893159 - Default debug level should report all errors / failures - Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication- Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1876658 - filter_groups option partially filters the group from 'id' output of the user because gidNumber still appears in 'id' output [RHEL 8] - Resolves: rhbz#1895001 - User lookups over the InfoPipe responder fail intermittently- Resolves: rhbz#1900733 - sssd_be segfaults at be_refresh_get_values_ex() due to NULL ptrs in results of sysdb_search_with_ts_attr() - Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process - Resolves: rhbz#1894540 - sssd component logging is now too generic in syslog/journal - Resolves: rhbz#1828483 - filtered ID is appearing due to strange negative cache behavior- This is to bump version to allow rebuild against rebased libldb.- Resolves: rhbz#1881992 - Rebase SSSD for RHEL 8.4 - Resolves: rhbz#1722842 - sssd-kcm does not store TGT with ssh login using GSSAPI - Resolves: rhbz#1734040 - sssd crash in ad_get_account_domain_search() - Resolves: rhbz#1784459 - [RFE] tlog does not allow to exclude some users from session recording - Resolves: rhbz#1791300 - sporadic sssd_be crash on s390x - Resolves: rhbz#1817122 - 'getent group ldapgroupname' doesn't show any LDAP users or some LDAP users when 'rfc2307bis' schema is used with SSSD. - Resolves: rhbz#1819012 - [RFE] Improve AD site discovery process - Resolves: rhbz#1846778 - [RfE] `/usr/libexec/sssd/p11_child` cmdline argument '--nssdb' might be confusing when SSSD was built against OpenSSL - Resolves: rhbz#1873715 - automount sssd issue when 2 automount maps have the same key (one un uppercase, one in lowercase) - Resolves: rhbz#1879860 - correction in sssd.conf:pam_response_filter man page - Resolves: rhbz#1881336 - [RFE] sssd-ldap man page modification for parameter "ldap_referrals" - Resolves: rhbz#1883488 - [RfE] Implement a new sssd.conf option to disable the filter for AD domain local groups from trusted domains - Resolves: rhbz#1884196 - [RFE] Add "enabled" option to domain section in config file - Resolves: rhbz#1884205 - KCM: Increase client idle timeout to 5 minutes - Resolves: rhbz#1884207 - [RFE] ldap: add new option ldap_library_debug_level - Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff - Resolves: rhbz#1884281 - Secondary LDAP group go missing from 'id' command - Resolves: rhbz#1884301 - [RFE] dyndns: suport asymmetric auth for nsupdate- Resolves: rhbz#1855323 - When ad_gpo_implicit_deny is True, it is permitting users to login when no gpo is applied- Resolves: rhbz#1868387 - system not enforcing GPO rule restriction. ad_gpo_implicit_deny = True is not working - Resolves: rhbz#1854951 - sss-certmap man page change to add clarification for userPrincipalName attribute from AD schema - Resolves: rhbz#1856861 - False errors/warnings are logged in sssd.log file after enabling 2FA prompting settings in sssd.conf - Resolves: rhbz#1869683 - p11_child: default value of ocsp_dgst == sha256 doesn't conform RFC5019 and has to be changed to sha1- Resolves: rhbz#1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command. - Resolves: rhbz#1780404 - smartcards: special characters must be escaped when building search filter- Resolves: rhbz#1820574 - [sssd] RHEL 8.3 Tier 0 Localization- Resolves: rhbz#1821719 - sssd (sssd_be) is consuming 100% CPU, partially due to failing mem-cache - Fixed "requires/provides" rpmdiff warning- Resolves: rhbz#1815584 - id_provider = proxy proxy_lib_name = files returns * in password field, breaking PAM authentication - Resolves: rhbz#1794607 - SSSD must be able to resolve membership involving root with files provider - Resolves: rhbz#1803134 - Improve "unlock" time when user session already active- Resolves: rhbz#1829470 - `sssd.api.conf` and `sssd.api.d` should belong to `python-sssdconfig` package - Resolves: rhbz#1544457 - sssd fails to release file descriptor on child logs after receiving HUP - Resolves: rhbz#1824323 - SSSD user filtering is failing on RHEL 8 after "files" provider rebuilds cache - Resolves: rhbz#1827432 - When the passwd or group files are replaced, sssd stops monitoring the file for inotify events, and no updates are triggered - Resolves: rhbz#1835710 - Change the message "Please enter smart card" to "Please insert smart card" on GDM login with smart-card - Resolves: rhbz#1838037 - Oddjob-mkhomedir fails when using NSS compat - Resolves: rhbz#1845904 - gdm smart card authentication does not work shortly after disconnecting from network. - Resolves: rhbz#1845975 - sssd doesn't follow the link order of AD Group Policy Management - Resolves: rhbz#1845980 - sssd is failing to discover other subdomains in the forest if LDAP entries do not contain AD forest root information - Resolves: rhbz#1845987 - Document how to prevent invalid selinux context for default home directories in SSSD-AD direct integration. - Resolves: rhbz#1845994 - GDM failure loop when no user mapped for smart card - Resolves: rhbz#1846003 - GDM password prompt when cert mapped to multiple users and promptusername is False - Resolves: rhbz#1850961 - /usr/share/systemtap/tapset/sssd_functions.stp missing a comma- Resolves: rhbz#Bug 1723273 - RFE: Add option to specify alternate sssd config file location with "sssctl config-check" command.- Resolves: rhbz#1839037 - Rebase SSSD for RHEL 8.3 - Resolves: rhbz#1843872 - sssd 2.3.0 breaks AD auth due to GPO parsing failure - Resolves: rhbz#1834156 - sssd or sssd-ad not updating their dependencies on "yum update" which breaks working- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate (additional patch)- Resolves: rhbz#1810634 - id command taking 1+ minute for returning user information- Resolves: rhbz#1580506 - [RFE]: sssd to be able to read smartcard certificate EKU and perform an action based on value when generating SSH key from a certificate- Resolves: rhbz#1718193 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly- Resolves: rhbz#1792331 - sssd_be crashes when krb5_realm and krb5_server is omitted and auth_provider is krb5- Resolves: rhbz#1754996 - [sssd] Tier 0 Localization- Resolves: rhbz#1767514 - sssd requires timed sudoers ldap entries to be specified up to the seconds- Resolves: rhbz#1713368 - Add sssd-dbus package as a dependency of sssd-tools* Resolves: rhbz#1794016 - sssd_be frequent crash* Resolves: rhbz#1762415 - Force LDAPS over 636 with AD Access Provider* Resolves: rhbz#1583592 - [RFE] Add configurable randomness to SSSD ldap connection timeout* Resolves: rhbz#1783190 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/sssd_autofs killed by 6* Resolves: rhbz#1785214 - server/be: SIGTERM handling is incorrect* Resolves: rhbz#1785193 - Watchdog implementation or usage is incorrect* Resolves: rhbz#1704199 - pcscd rejecting sssd ldap_child as unauthorized* Resolves: rhbz#1744500 - [Doc]Provide explanation on escape character for match rules sss-certmap* Resolves: rhbz#1781728 - sssctl config-check command does not give proper error messages with line numbers* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release Increasing version number to pick latest libldb* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release PART2: Fix gating issue.* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release* Resolves: rhbz#1753694 - Rebase sssd to the latest upstream release- Resolves: rhbz#1712875 - Old kerberos credentials active instead of valid new ones (kcm)- Resolves: rhbz#1744134 - New defect found in sssd-2.2.0-16.el8 - Also sync. kcm multihost tests with master- Resolves: rhbz#1676385 - pam_sss with smartcard auth does not create gnome keyring - Also apply a patch to fix gating tests issue- Resolves: rhbz#1736861 - dyndns_update = True is no longer enough to get the IP address of the machine updated in IPA upon sssd.service startup- Resolves: rhbz#1736265 - Smart Card auth of local user: endless loop if wrong PIN was provided- Resolves: rhbz#1736796 - sssd config option "default_domain_suffix" should not cause files domain entries to be qualified, this can break sudo access- Resolves: rhbz#1669407 - MAN: Document that PAM stack contains the systemd-user service in the account phase in RHEL-8- Resolves: rhbz#1448094 - sssd-kcm cannot handle big tickets- Resolves: rhbz#1733372 - permission denied on logs when running sssd as non-root user- Resolves: rhbz#1736483 - Sudo prompt for smart card authentication is missing the trailing colon- Resolves: rhbz#1382750 - Conflicting default timeout values- Resolves: rhbz#1699480 - Include libsss_nss_idmap-devel in the Builder repository - This just required a raise in release number and changelog for the record.- Resolves: rhbz#1711318 - p11_child::sign_data() function implementation is not FIPS140 compliant- Resolves: rhbz#1726945 - negative cache does not use values from 'filter_users' config option for known domains- Resolves: rhbz#1729055 - sssd does not pass correct rules to sudo- Resolves: rhbz#1283798 - sssd failover does not work on connecting to non-responsive ldaps:// server- Resolves: rhbz#1725168 - sssd-proxy crashes resolving groups with no members- Resolves: rhbz#1673443 - sssd man pages: The default value of "ldap_user_home_directory" is not mentioned with AD server configuration- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Resolves: rhbz#1687281 Rebase sssd in RHEL-8.1 to the latest upstream release- Replace ARRAY_SIZE with N_ELEMENTS to reflect samba changes. This is done here in order to unblock gating changes before rebase. - Related: rhbz#1682305- Resolves: rhbz#1672780 - gdm login not prompting for username when smart card maps to multiple users- Resolves: rhbz#1645291 - Perform some basic ccache initialization as part of gen_new to avoid a subsequent switch call failure-Resolves: rhbz#1659498 - Re-setting the trusted AD domain fails due to wrong subdomain service name being used-Resolves: rhbz#1660083 - extraAttributes is org.freedesktop.DBus.Error. UnknownProperty: Unknown property- Resolves: rhbz#1661183 - SSSD 2.0 has drastically lower sbus timeout than 1.x, this can result in time outs- Resolves: rhbz#1578014 - sssd does not work under non-root user - Note: Actually the patches were in the 2.0.0-37, this one just adds this changelog because it was missing.- Resolves: rhbz#1652563 - incorrect example in the man page of idmap_sss suggests using * for backend sss- Resolves: rhbz#1466503 - Snippets are not used when sssd.conf does not exist- Resolves: rhbz#1622008 - Error message when IPA server uninstall calls kdestroy caused by KCM returning a wrong error code during the delete operation- Resolves: rhbz#1646113 - Missing concise documentation about valid options for sssd-files-provider- Resolves: rhbz#1625670 - sssd needs to require a newer version of libtalloc and libtevent to avoid an issue in GPO processing- Resolves: 1658813 - PKINIT with KCM does not work- Resolves: 1657898 - SSSD must be cleared/restarted periodically in order to retrieve AD users through IPA Trust- Resolves: rhbz#1655459 - [abrt] [faf] sssd: raise(): /usr/libexec/sssd/proxy_child killed by 6- Resolves: rhbz#1652719 - [SECURITY] sssd returns '/' for emtpy home directories- Resolves: rhbz#1657979 - SSSD's LDAP authentication provider does not work if ID provider is authenticated with GSSAPI- Resolves: rhbz#1657980 - sssd_nss memory leak- Resolves: rhbz#1645566 - SSSD 2.x does not sanitize domain name properly for D-bus, resulting in a crash- Resolves: rhbz#1646168 - sssctl access-report always prints an error message - Resolves: rhbz#1643053 - Restarting the sssd-kcm service should reload the configuration without having to restart the whole sssd - Resolves: rhbz#1640576 - sssctl reports incorrect information about local user's cache entry expiration time - Resolves: rhbz#1645238 - Unable to su to root when logged in as a local user - Resolves: rhbz#1639411 - sssd support for for smartcards using ECC keys- Resolves: rhbz#1642508 - sssd ifp crash when trying to access ipa webui with smart card- Resolves: rhbz#1642372 - SSSD Python getgrouplist API was removed but required for IPA- Related: rhbz#1638150 - session not recording for local user when groups defined - Also add silence a Coverity warning, which is related to rhbz#1637131- Related: rhbz#1637513 - sssd crashes when refreshing expired sudo rules- Add OSCP checks for p11_child - Related: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Related: rhbz#1638006 - Files: The files provider always enumerates which causes duplicate when running getent passwd- Related: rhbz#1637131 - pam_unix unable to match fully qualified username provided by sssd during smartcard auth using gdm- Related: rhbz#1620123 - [RFE] Add option to specify a Smartcard with a PKCS#11 URI- Related: rhbz#1611011 - Support for "require smartcard for login option"- Related: rhbz#1635595 - Cant login with smartcard with multiple certs- Backport more sbus2 fixes - Related: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1636397 - SSSD not fetching all sudo rules from AD- Resolves: rhbz#1628122 - Printing incorrect information about domain with sssctl utility- Resolves: rhbz#1626001 - SSSD should log to syslog if a domain is not started due to a misconfiguration- Resolves: rhbz#1624785 - Remove references of sss_user/group/add/del commands in man pages since local provider is deprecated- Resolves: rhbz#1628126 - [abrt] [faf] sssd: unknown function(): /usr/libexec/sssd/sssd_be killed by 11 crash func _dbus_list_unlink- Resolves: rhbz#1628503 - sssd only sets the SELinux login context if it differs from the default- Resolves: rhbz#1625842 id_provider= local causes SSSD to abort startup- Resolves: rhbz#1615590 - Do not rely on "python" for el8- Resolves: rhbz#1615417 - [RFE] Add Smart Card authentication for local users- Resolves: rhbz#1623878 - crash related to sbus_router_destructor()- Resolves: rhbz#1622026 - sssd 2.0 regression: Kerberos authentication fails with the KCM ccache- Resolves: rhbz#1615460 - Rebase SSSD to the latest released version- Switch hardcoded python3 shebangs into the %{__python3} macro- Update to 1.16.2 release - Cleanup unused global definitions - Remove python2 references from the spec file - Resolves: rhbz#1585313 - Kerberos with sssd-kcm is not working on s390x- Resolves: upstream#3684 - A group is not updated if its member is removed with the cleanup task, but the group does not change - Resolves: upstream#3558 - sudo: report error when two rules share cn - Tone down shutdown messages for socket activated responders - IPA: Qualify the externalUser sudo attribute - Resolves: upstream#3550 - refresh_expired_interval does not work with netgrous in 1.15 - Resolves: upstream#3402 - Support alternative sources for the files provider - Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option - Resolves: upstream#3679 - Make nss netgroup requests more robust - Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not configured - Resolves: upstream#3469 - extend sss-certmap man page regarding priority processing - Improve docs/debug message about GC detection - Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound? - Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. - Document which principal does the AD provider use - Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs - Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM - Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Fatal]- Resolves: upstream#3573 - sssd won't show netgroups with blank domain - Resolves: upstream#3660 - confdb_expand_app_domains() always fails - Resolves: upstream#3658 - Application domain is not interpreted correctly - Resolves: upstream#3687 - KCM: Don't pass a non null terminated string to json_loads() - Resolves: upstream#3386 - KCM: Payload buffer is too small - Resolves: upstream#3666 - Fix usage of str.decode() in our tests - A few KCM misc fixes- New upstream release 1.16.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_1.html- Resolves: upstream#3621 - backport bug found by static analyzers- Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no specific host/hostgroup set - Resolves: upstream#3621 - FleetCommander integration must not require capability DAC_OVERRIDE- Resolves: upstream#3618 - selinux_child segfaults in a docker container- Resolves: rhbz#1431153 - sssd: libsss_proxy.so needs to be linked with -ldl- Fix systemd executions/requirements- Fix building on rawhide. Remove -Wl,-z,defs from LDFLAGS- Fix building of sssd-nfs-idmap with libnfsidmap.so.1- Rebuilt for libnfsidmap.so.1- Resolves: upstream#3523 - ABRT crash - /usr/libexec/sssd/sssd_nss in setnetgrent_result_timeout - Resolves: upstream#3588 - sssd_nss consumes more memory until restarted or machine swaps - Resolves: failure in glibc tests https://sourceware.org/bugzilla/show_bug.cgi?id=22530 - Resolves: upstream#3451 - When sssd is configured with id_provider proxy and auth_provider ldap, login fails if the LDAP server is not allowing anonymous binds - Resolves: upstream#3285 - SSSD needs restart after incorrect clock is corrected with AD - Resolves: upstream#3586 - Give a more detailed debug and system-log message if krb5_init_context() failed - Resolves: rhbz#1431153 - SSSD ships a drop-in configuration snippet in /etc/systemd/system - Backport few upstream features from 1.16.1- Resolves: rhbz#1494002 - sssd_nss crashed in cache_req_search_domains_next- Backport extended NSS API from upstream master branch- Resolves: upstream#3529 - sssd-kcm Fix restart during/after upgrade- New upstream release 1.16.0 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_0.html- Resolves: rhbz#1499354 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database access on the sock_file system_bus_socket- Resolves: rhbz#1488327 - SELinux is preventing selinux_child from write access on the sock_file system_bus_socket - Resolves: rhbz#1490402 - SSSD does not create /var/lib/sss/deskprofile and fails to download desktop profile data - Resolves: upstream#3485 - getsidbyid does not work with 1.15.3 - Resolves: upstream#3488 - SUDO doesn't work for IPA users on IPA clients after applying ID Views for them in IPA server - Resolves: upstream#3501 - Accessing IdM kerberos ticket fails while id mapping is applied- Backport few upstream patches/fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- New upstream release 1.15.3 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_3.html- Rebuild with libldb-1.2.0- Fix build issues: Update expided certificate in unit tests- Resolves: rhbz#1445680 - Properly fall back to local Smartcard authentication - Resolves: rhbz#1437199 - sssd-nfs-idmap-1.15.2-1.fc25.x86_64 conflicts with file from package sssd-common-1.15.1-1.fc25.x86_64 - Resolves: rhbz#1063278 - sss_ssh_knownhostsproxy doesn't fall back to ipv4- Fix issue with IPA + SELinux in containers - Resolves: upstream https://fedorahosted.org/sssd/ticket/3297- Backport upstream patches for 1.15.3 pre-release - required for building freeipa-4.5.x in rawhide- New upstream release 1.15.2 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_2.html- New upstream release 1.15.1 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_15_1.html- Cherry-pick patches from upstream that enable the files provider - Enable the files domain - Retire patch 0501-Partially-revert-CONFIG-Use-default-config-when-none.patch which is superseded by the files domain autoconfiguration - Related: rhbz#1357418 - SSSD fast cache for local users- Add missing %license macro- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- New upstream release 1.15.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.15.0- Rebuild for Python 3.6- Resolves: rhbz#1369130 - nss_sss should not link against libpthread - Resolves: rhbz#1392916 - sssd failes to start after update - Resolves: rhbz#1398789 - SELinux is preventing sssd from 'write' accesses on the directory /etc/sssd- New upstream release 1.14.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.2- libwbclient-sssd: update interface to version 0.13- Fix regression with krb5_map_user - Resolves: rhbz#1375552 - krb5_map_user doesn't seem effective anymore - Resolves: rhbz#1349286 - authconfig fails with SSSDConfig.NoDomainError: default if nonexistent domain is mentioned- Backport important patches from upstream 1.14.2 prerelease - Resolves: upstream #3154 - sssd exits if clock is adjusted backwards after boot - Resolves: upstream #3163 - resolving IPA nested user group is broken in 1.14- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.1- Add workaround patch for RHBZ #1366403- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- New upstream release 1.14.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0- New upstream release 1.14 beta - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0beta- New upstream release 1.14 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0alpha- Resolves: rhbz#1335639 - [abrt] sssd-dbus: ldb_msg_find_element(): sssd_ifp killed by SIGSEGV- Resolves: rhbz#1328108 - Protocol error with FreeIPA on CentOS 6- New upstream release 1.13.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.4- Resolves: rhbz#1276868 - Sudo PAM Login should support multiple password prompts (e.g. Password + Token) - Resolves: rhbz#1313041 - ssh with sssd proxy fails with "Connection closed by remote host" if locale not available- Resolves: rhbz#1310664 - [RFE] IPA: resolve external group memberships of IPA groups during getgrnam and getgrgid - Resolves: rhbz#1301303 - sss_obfuscate: SyntaxError: Missing parentheses in call to 'print'- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Additional upstream fixes- Resolves: rhbz#1256849 - SUDO: Support the IPA schema- New upstream release 1.13.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.3- New upstream release 1.13.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.2- Rebuilt for Python3.5 rebuild- Fix building pac responder with the krb5-1.14- python-sssdconfig: Fix parssing sssd.conf without config_file_version - Resolves: upstream #2837 - REGRESSION: ipa-client-automout failed- Fix few segfaults - Resolves: upstream #2811 - PAM responder crashed if user was not set - Resolves: upstream #2810 - sssd_be crashed in ipa_srv_ad_acct_lookup_step- New upstream release 1.13.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1- Fix OTP bug - Resolves: upstream #2729 - Do not send SSS_OTP if both factors were entered separately- Backport upstream patches required by FreeIPA 4.2.1- Fix ipa-migration bug - Resolves: upstream #2719 - IPA: returned unknown dp error code with disabled migration mode- New upstream release 1.13.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0- Unify return type of list_active_domains for python{2,3}- New upstream release 1.13 alpha - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.0alpha- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- Fix libwbclient alternatives- Backport important patches from upstream 1.13 prerelease- New upstream release 1.12.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.5- Backport important patches from upstream 1.13 prerelease - Resolves: rhbz#1060325 - Does sssd-ad use the most suitable attribute for group name - Resolves: upstream #2335 - Investigate using the krb5 responder for driving the PAM conversation with OTPs - Enable cmocka tests for secondary architectures- Backport patches from upstream 1.12.5 prerelease - contains many fixes- Fix slow login with ipa and SELinux - Resolves: upstream #2624 - Only set the selinux context if the context differs from the local one- Fix regressions with ipa and SELinux - Resolves: upstream #2587 - With empty ipaselinuxusermapdefault security context on client is staff_u- Also relax libldb Requires - Remove --enable-ldb-version-check- Relax libldb BuildRequires to be greater-or-equal- Add support for python3 bindings - Add requirement to python3 or python3 bindings - Resolves: rhbz#1014594 - sssd: Support Python 3- New upstream release 1.12.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.4- Backport patches with Python3 support from upstream- Fix double free in monitor - Resolves: rhbz#1186887 [abrt] sssd-common: talloc_abort(): sssd killed by SIGABRT- Rebuild for new libldb- Decrease priority of sssd-libwbclient 20 -> 5 - It should be lower than priority of samba veriosn of libwbclient. - https://bugzilla.redhat.com/show_bug.cgi?id=1175511#c18- Apply a number of patches from upstream to fix issues found 1.12.3 - Resolves: rhbz#1176373 - dyndns_iface does not accept multiple interfaces, or isn't documented to be able to - Resolves: rhbz#988068 - getpwnam_r fails for non-existing users when sssd is not running - Resolves: upstream #2557 authentication failure with user from AD- Resolves: rhbz#1164156 - libsss_simpleifp should pull sssd-dbus - Resolves: rhbz#1179379 - gzip: stdin: file size changed while zipping when rotating logfile- New upstream release 1.12.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.3 - Fix spelling errors in description (fedpkg lint)- Rebuild for libldb 1.1.19- Resolves: rhbz#1175511 - sssd-libwbclient conflicts with Samba's and causes crash in wbinfo - in addition to the patch libwbclient.so is filtered out of the Provides list of the package- Fix regressions and bugs in sssd upstream 1.12.2 - https://fedorahosted.org/sssd/ticket/{id} - Regressions: #2471, #2475, #2483, #2487, #2529, #2535 - Bugs: #2287, #2445- Rebuild for libldb 1.1.18- Fix typo in libwbclient-devel %preun- Use alternatives for libwbclient- Backport several patches from upstream. - Fix a potential crash against old (pre-4.0) IPA servers- New upstream release 1.12.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.2- Resolves: rhbz#1139962 - Fedora 21, FreeIPA 4.0.2: sssd does not find user private group from server- New upstream release 1.12.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.1- Do not crash on resolving a group SID in IPA server mode- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Fix release version for upgrades- New upstream release 1.12.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- New upstream release 1.12 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta2- Fix tests on big-endian - Fix previous changelog entry- New upstream release 1.12 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.12.0beta1- Rebuild against new ding-libs- Make LDB dependency a strict equivalency- Rebuild against new libldb- New upstream release 1.11.5.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5.1- Fix bug in generation of systemd unit file- New upstream release 1.11.5 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.5- Handle new error code for IPA password migration- Include couple of patches from upstream 1.11 branch- New upstream release 1.11.4 - Remove upstreamed patch - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.4- Handle OTP response from FreeIPA server gracefully- New upstream release 1.11.3 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.3- New upstream release 1.11.2 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.2- Fix potential crash with external groups in trusted IPA-AD setup- Add plugin for cifs-utils - Resolves: rhbz#998544- Fix failover from Global Catalog to LDAP in case GC is not available- Remove the ability to create public ccachedir (#1015089)- New upstream release 1.11.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1- Fix multicast checks in the SSSD - Resolves: rhbz#1007475 - The multicast check is wrong in the sudo source code getting the host info- Backport simplification of ccache management from 1.11.1 - Resolves: rhbz#1010553 - sssd setting KRB5CCNAME=(null) on login- New upstream release 1.11.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0- Resolves: #967012 - [abrt] sssd-1.9.5-1.fc18: sss_mmap_cache_gr_invalidate_gid: Process /usr/libexec/sssd/sssd_nss was killed by signal 11 (SIGSEGV) - Resolves: #996214 - sssd proxy_child segfault- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Resolves: #906427 - Do not use %{_lib} in specfile for the nss and pam libraries- New upstream release 1.11 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0beta2- New upstream release 1.10.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.1- sssd-tools should require sssd-common, not sssd- Move sssd_pac to the sssd-ipa and sssd-ad subpackages - Trim out RHEL5-specific macros since we don't build on RHEL 5 - Trim out macros for Fedora older than F18 - Update libldb requirement to 1.1.16 - Trim RPM changelog down to the last year- Move sssd_pac to the sssd-krb5 subpackage- Fix Obsoletes: to account for dist tag - Convert post and pre scripts to run on the sssd-common subpackage - Remove old conversion from SYSV- New upstream release 1.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0- the cmocka toolkit exists only on selected arches- Apply a number of patches from upstream to fix issues found post-beta, in particular: -- segfault with a high DEBUG level -- Fix IPA password migration (upstream #1873) -- Fix fail over when retrying SRV resolution (upstream #1886)- Only BuildRequire libcmocka on Fedora- Fix typo in Requires that prevented an upgrade (#973916) - Use a hardcoded version in Conflicts, not less-than-current- Enable hardened build for RHEL7- New upstream release 1.10 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2 - BuildRequire libcmocka-devel in order to run all upstream tests during build - BuildRequire libnl3 instead of libnl1 - No longer BuildRequire initscripts, we no longer use /sbin/service - Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any older krb5-libs version- Apply a couple of patches from upstream git that resolve crashes when ID mapping object was not initialized properly but needed later- Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during realm join - Resolves: rhbz#961278 - Login failure: Enterprise Principal enabled by default for AD Provider - Resolves: rhbz#961251 - sssd does not create user's krb5 ccache dir/file parent directory when logging in- BuildRequire recent libini_config to ensure consistent behaviour- Explicitly Require libini_config >= 1.0.0.1 to work around a SONAME bug in ding-libs - Fix SSH integration with fully-qualified domains - Add the ability to dynamically discover the NetBIOS name- New upstream release 1.10 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta1- Add a patch to fix krb5 ccache creation issue with krb5 1.11- New upstream release 1.10 alpha1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0alpha1- Add a patch to fix krb5 unit tests- Split internal helper libraries into a shared object - Significantly reduce disk-space usage- Fix the Kerberos password expiration warning (#912223)- Do not write out dots in the domain-realm mapping file (#905650)- Include upstream patch to build with krb5-1.11- Rebuild against new libldb- Fix build with new automake versions- Recreate Kerberos ccache directory if it's missing - Resolves: rhbz#853558 - [sssd[krb5_child[PID]]]: Credential cache directory /run/user/UID/ccdir does not exist- Fix changelog dates to make F19 rpmbuild happy- New upstream release 1.9.4- New upstream release 1.9.3- Resolve groups from AD correctly- Check the validity of naming context- Move the sss_cache tool to the main package- Include the 1.9.2 tarball- New upstream release 1.9.2- New upstream release 1.9.1- require the latest libldb- Use mcpath insted of mcachepath macro to be consistent with upsteam spec file- New upstream release 1.9.0- New upstream release 1.9.0 rc1- New upstream release 1.9.0 beta7 - obsoletes patches #1-#3- Rebuild against libldb 1.12- Rebuild against libldb 1.11- Change the default ccache location to DIR:/run/user/${UID}/krb5cc and patch man page accordingly - Resolves: rhbz#851304- Rebuild against libldb 1.10- Only create the SELinux login file if there are SELinux mappings on the IPA server- Don't discard HBAC rule processing result if SELinux is on Resolves: rhbz#846792 (CVE-2012-3462)- New upstream release 1.9.0 beta 6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta6 - A new option, override_shell was added. If this option is set, all users managed by SSSD will have their shell set to its value. - Fixes for the support for setting default SELinux user context from FreeIPA. - Fixed a regression introduced in beta 5 that broke LDAP SASL binds - The SSSD supports the concept of a Primary Server and a Back Up Server in failover - A new command-line tool sss_seed is available to help prime the cache with a user record when deploying a new machine - SSSD is now able to discover and save the domain-realm mappings between an IPA server and a trusted Active Directory server. - Packaging changes to fix ldconfig usage in subpackages (#843995) - Rebuild against libldb 1.1.9- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- New upstream release 1.9.0 beta 5 - Obsoletes the patch for missing DP_OPTION_TERMINATOR in AD provider options - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta5 - Many fixes for the support for setting default SELinux user context from FreeIPA, most notably fixed the specificity evaluation - Fixed an incorrect default in the krb5_canonicalize option of the AD provider which was preventing password change operation - The shadowLastChange attribute value is now correctly updated with the number of days since the Epoch, not seconds- Fix broken ARM build - Add missing DP_OPTION_TERMINATOR in AD provider options- Own several directories create during make install (#839782)- New upstream release 1.9.0 beta 4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta4 - Add a new AD provider to improve integration with Active Directory 2008 R2 or later servers - SUDO integration was completely rewritten. The new implementation works with multiple domains and uses an improved refresh mechanism to download only the necessary rules - The IPA authentication provider now supports subdomains - Fixed regression for setups that were setting default_tkt_enctypes manually by reverting a previous workaround.- New upstream release 1.9.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta3 - Add a new PAC responder for dealing with cross-realm Kerberos trusts - Terminate idle connections to the NSS and PAM responders- Switch unicode library from libunistring to Glib - Drop unnecessary explicit Requires on keyutils - Guarantee that versioned Requires include the correct architecture- Fix accidental disabling of the DIR cache support- New upstream release 1.9.0 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta2 - Add support for the Kerberos DIR cache for storing multiple TGTs automatically - Major performance enhancement when storing large groups in the cache - Major performance enhancement when performing initgroups() against Active Directory - SSSDConfig data file default locations can now be set during configure for easier packaging- Fix regression in endianness patch- Rebuild SSSD against ding-libs 0.3.0beta1 - Fix endianness bug in service map protocol- Fix several regressions since 1.5.x - Ensure that the RPM creates the /var/lib/sss/mc directory - Add support for Netscape password warning expiration control - Rebuild against libldb 1.1.6- New upstream release 1.9.0 beta 1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1 - Add native support for autofs to the IPA provider - Support for ID-mapping when connecting to Active Directory - Support for handling very large (> 1500 users) groups in Active Directory - Support for sub-domains (will be used for dealing with trust relationships) - Add a new fast in-memory cache to speed up lookups of cached data on repeated requests- New upstream release 1.8.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3 - Numerous manpage and translation updates - LDAP: Handle situations where the RootDSE isn't available anonymously - LDAP: Fix regression for users using non-standard LDAP attributes for user information- New upstream release 1.8.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.2 - Several fixes to case-insensitive domain functions - Fix for GSSAPI binds when the keytab contains unrelated principals - Fixed several segfaults - Workarounds added for LDAP servers with unreadable RootDSE - SSH knownhostproxy will no longer enter an infinite loop preventing login - The provided SYSV init script now starts SSSD earlier at startup and stops it later during shutdown - Assorted minor fixes for issues discovered by static analysis tools- Don't duplicate libsss_autofs.so in two packages - Set explicit package contents instead of globbing- Fix uninitialized value bug causing crashes throughout the code - Resolves: rhbz#804783 - [abrt] Segfault during LDAP 'services' lookup- New upstream release 1.8.1 - Resolve issue where we could enter an infinite loop trying to connect to an auth server - Fix serious issue with complex (3+ levels) nested groups - Fix netgroup support for case-insensitivity and aliases - Fix serious issue with lookup bundling resulting in requests never completing - IPA provider will now check the value of nsAccountLock during pam_acct_mgmt in addition to pam_authenticate - Fix several regressions in the proxy provider - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work- New upstream release 1.8.0 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental) - Include the IPA AutoFS provider - Fixed several memory-corruption bugs - Fixed a regression in group enumeration since 1.7.0 - Fixed a regression in the proxy provider - Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD - Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is logged at each login - Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process /usr/sbin/sssd was killed by signal 11 (SIGSEGV) - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - Resolves: rhbz#786957 - sssd and kerberos should change the default location for create the Credential Cashes to /run/usr/USERNAME/krb5cc- Change default kerberos credential cache location to /run/user/- New upstream release 1.8.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3 - Fixed a regression in group enumeration since 1.7.0 - Fixed several memory-corruption bugs - Finalized the ABI for the autofs support - Fixed a regression in the proxy provider- Rebuild against PCRE 8.30- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2 - Fix two minor manpage bugs - Include the IPA AutoFS provider- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental)- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - fix netgroups and sudo as well- Fixes a serious memory hierarchy bug causing unpredictable behavior in the LDAP provider.- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- New upstream release 1.7.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0 - Support for case-insensitive domains - Support for multiple search bases in the LDAP provider - Support for the native FreeIPA netgroup implementation - Reliability improvements to the process monitor - New DEBUG facility with more consistent log levels - New tool to change debug log levels without restarting SSSD - SSSD will now disconnect from LDAP server when idle - FreeIPA HBAC rules can choose to ignore srchost options for significant performance gains - Assorted performance improvements in the LDAP provider- New upstream release 1.6.4 - Rolls up previous patches applied to the 1.6.3 tarball - Fixes a rare issue causing crashes in the failover logic - Fixes an issue where SSSD would return the wrong PAM error code for users that it does not recognize.- Rebuild against libldb 1.1.4- Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the username in getpwnam() - Resolves: rhbz#758425 - LDAP failover not working if server refuses connections- Rebuild for libldb 1.1.3- Resolves: rhbz#752495 - Crash when apply settings- New upstream release 1.6.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3 - Fixes a major cache performance issue introduced in 1.6.2 - Fixes a potential infinite-loop with certain LDAP layouts- Rebuilt for glibc bug#747377- Change selinux policy requirement to Conflicts: with the old version, rather than Requires: the supported version.- Add explicit requirement on selinux-policy version to address new SBUS symlinks.- Remove %files reference to sss_debuglevel copied from wrong upstreeam spec file.- Improved handling of users and groups with multi-valued name attributes (aliases) - Performance enhancements Initgroups on RFC2307bis/FreeIPA HBAC rule processing - Improved process-hang detection and restarting - Enabled the midpoint cache refresh by default (fewer cache misses on commonly-used entries) - Cleaned up the example configuration - New tool to change debug level on the fly- New upstream release 1.6.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.1 - Fixes a serious issue with LDAP connections when the communication is dropped (e.g. VPN disconnection, waking from sleep) - SSSD is now less strict when dealing with users/groups with multiple names when a definitive primary name cannot be determined - The LDAP provider will no longer attempt to canonicalize by default when using SASL. An option to re-enable this has been provided. - Fixes for non-standard LDAP attribute names (e.g. those used by Active Directory) - Three HBAC regressions have been fixed. - Fix for an infinite loop in the deref code- Build with _hardened_build macro- New upstream release 1.6.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.0 - Add host access control support for LDAP (similar to pam_host_attr) - Finer-grained control on principals used with Kerberos (such as for FAST or - validation) - Added a new tool sss_cache to allow selective expiring of cached entries - Added support for LDAP DEREF and ASQ controls - Added access control features for Novell Directory Server - FreeIPA dynamic DNS update now checks first to see if an update is needed - Complete rewrite of the HBAC library - New libraries: libipa_hbac and libipa_hbac-python- New upstream release 1.5.11 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.11 - Fix a serious regression that prevented SSSD from working with ldaps:// URIs - IPA Provider: Fix a bug with dynamic DNS that resulted in the wrong IPv6 - address being saved to the AAAA record- New upstream release 1.5.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.10 - Fixed a regression introduced in 1.5.9 that could result in blocking calls - to LDAP- New upstream release 1.5.9 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.9 - Support for overriding home directory, shell and primary GID locally - Properly honor TTL values from SRV record lookups - Support non-POSIX groups in nested group chains (for RFC2307bis LDAP - servers) - Properly escape IPv6 addresses in the failover code - Do not crash if inotify fails (e.g. resource exhaustion) - Don't add multiple TGT renewal callbacks (too many log messages)- New upstream release 1.5.8 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.8 - Support for the LDAP paging control - Support for multiple DNS servers for name resolution - Fixes for several group membership bugs - Fixes for rare crash bugs- Resolves: rhbz#706740 - Orphaned links on rc0.d-rc6.d - Make sure to properly convert to systemd if upgrading from newer - updates for Fedora 14- Fix segfault in TGT renewal- Resolves: rhbz#700891 - CVE-2011-1758 sssd: automatic TGT renewal overwrites - cached password with predicatable filename- Re-add manpage translations- New upstream release 1.5.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.6 - Fixed a serious memory leak in the memberOf plugin - Fixed a regression with the negative cache that caused it to be essentially - nonfunctional - Fixed an issue where the user's full name would sometimes be removed from - the cache - Fixed an issue with password changes in the kerberos provider not working - with kpasswd- Resolves: rhbz#697057 - kpasswd fails when using sssd and - kadmin server != kdc server - Upgrades from SysV should now maintain enabled/disabled status- Fix %postun- Fix systemd conversion. Upgrades from SysV to systemd weren't properly - enabling the systemd service. - Fix a serious memory leak in the memberOf plugin - Fix an issue where the user's full name would sometimes be removed - from the cache- Install systemd unit file instead of sysv init script- New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist- New upstream release 1.5.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.4 - Fixes for Active Directory when not all users and groups have POSIX attributes - Fixes for handling users and groups that have name aliases (aliases are ignored) - Fix group memberships after initgroups in the IPA provider- Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication- New upstream release 1.5.3 - Support for libldb >= 1.0.0- New upstream release 1.5.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2 - Fixes for support of FreeIPA v2 - Fixes for failover if DNS entries change - Improved sss_obfuscate tool with better interactive mode - Fix several crash bugs - Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this - Delete users from the local cache if initgroups calls return 'no such user' - (previously only worked for getpwnam/getpwuid) - Use new Transifex.net translations - Better support for automatic TGT renewal (now survives restart) - Netgroup fixes- Rebuild sssd against libldb 1.0.2 so the memberof module loads again. - Related: rhbz#677425- Resolves: rhbz#677768 - name service caches names, so id command shows - recently deleted users- Ensure that SSSD builds against libldb-1.0.0 on F15 and later - Remove .la for memberOf- Fix memberOf install path- Add support for libldb 1.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix nested group member filter sanitization for RFC2307bis - Put translated tool manpages into the sssd-tools subpackage- Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during - rpmbuild- New upstream release 1.5.1 - Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins - Vast performance improvements when enumerate = true - All PAM actions will now perform a forced initgroups lookup instead of just - a user information lookup - This guarantees that all group information is available to other - providers, such as the simple provider. - For backwards-compatibility, DNS lookups will also fall back to trying the - SSSD domain name as a DNS discovery domain. - Support for more password expiration policies in LDAP - 389 Directory Server - FreeIPA - ActiveDirectory - Support for ldap_tls_{cert,key,cipher_suite} config options -Assorted bugfixes- CVE-2010-4341 - DoS in sssd PAM responder can prevent logins- New upstream release 1.5.0 - Fixed issues with LDAP search filters that needed to be escaped - Add Kerberos FAST support on platforms that support it - Reduced verbosity of PAM_TEXT_INFO messages for cached credentials - Added a Kerberos access provider to honor .k5login - Addressed several thread-safety issues in the sss_client code - Improved support for delayed online Kerberos auth - Significantly reduced time between connecting to the network/VPN and - acquiring a TGT - Added feature for automatic Kerberos ticket renewal - Provides the kerberos ticket for long-lived processes or cron jobs - even when the user logs out - Added several new features to the LDAP access provider - Support for 'shadow' access control - Support for authorizedService access control - Ability to mix-and-match LDAP access control features - Added an option for a separate password-change LDAP server for those - platforms where LDAP referrals are not supported - Added support for manpage translations- Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade- Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf- New upstream release 1.4.1 - Add support for netgroups to the proxy provider - Fixes a minor bug with UIDs/GIDs >= 2^31 - Fixes a segfault in the kerberos provider - Fixes a segfault in the NSS responder if a data provider crashes - Correctly use sdap_netgroup_search_base- Fix incorrect tarball URL- New upstream release 1.4.0 - Added support for netgroups to the LDAP provider - Performance improvements made to group processing of RFC2307 LDAP servers - Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin - Build-system improvements to support Gentoo - Split out several libraries into the ding-libs tarball - Manpage reviewed and updated- Fix pre and post script requirements- Resolves: rhbz#606887 - sssd stops on upgrade- Resolves: rhbz#626205 - Unable to unlock screen- Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but - doesn't require it- Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib- Resolves: CVE-2010-2940 - sssd allows null password entry to authenticate - against LDAP- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- New upstream version 1.2.91 (1.3.0rc1) - Improved LDAP failover - Synchronous sysdb API (provides performance enhancements) - Better online reconnection detection- New stable upstream version 1.2.1 - Resolves: rhbz#595529 - spec file should eschew %define in favor of - %global - Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd service - to fail while restart. - Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel - keyring - Resolves: rhbz#599724 - sssd is broken on Rawhide- New stable upstream version 1.2.0 - Support ServiceGroups for FreeIPA v2 HBAC rules - Fix long-standing issue with auth_provider = proxy - Better logging for TLS issues in LDAP- New LDAP access provider allows for filtering user access by LDAP attribute - Reduced default timeout for detecting offline status with LDAP - GSSAPI ticket lifetime made configurable - Better offline->online transition support in Kerberos- Release new upstream version 1.1.91 - Enhancements when using SSSD with FreeIPA v2 - Support for deferred kinit - Support for DNS SRV records for failover- Bump up release number to avoid library sub-packages version issues with previous releases.- New upstream release 1.1.1 - Fixed the IPA provider (which was segfaulting at start) - Fixed a bug in the SSSDConfig API causing some options to revert to - their defaults - This impacted the Authconfig UI - Ensure that SASL binds to LDAP auto-retry when interrupted by a signal- Release SSSD 1.1.0 final - Fix two potential segfaults - Fix memory leak in monitor - Better error message for unusable confdb- Release candidate for SSSD 1.1 - Add simple access provider - Create subpackages for libcollection, libini_config, libdhash and librefarray - Support IPv6 - Support LDAP referrals - Fix cache issues - Better feedback from PAM when offline- Rebuild against new libtevent- Fix licenses in sources and on RPMs- Fix regression on 64-bit platforms- Fixes link error on platforms that do not do implicit linking - Fixes double-free segfault in PAM - Fixes double-free error in async resolver - Fixes support for TCP-based DNS lookups in async resolver - Fixes memory alignment issues on ARM processors - Manpage fixes- Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online - Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests - Several segfault bugfixes- Fix CVE-2010-0014- Patch SSSDConfig API to address - https://bugzilla.redhat.com/show_bug.cgi?id=549482- New upstream stable release 1.0.0- New upstream bugfix release 0.99.1- New upstream release 0.99.0- Fix segfault in sssd_pam when cache_credentials was enabled - Update the sample configuration - Fix upgrade issues caused by data provider service removal- Fix upgrade issues from old (pre-0.5.0) releases of SSSD- New upstream release 0.7.0- Fix missing file permissions for sssd-clients- Add SSSDConfig API - Update polish translation for 0.6.0 - Fix long timeout on ldap operation - Make dp requests more robust- Ensure that the configuration upgrade script always writes the config file with 0600 permissions - Eliminate an infinite loop in group enumerations- New upstream release 0.6.0- New upstream release 0.5.0- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in without a password. (Patch by Stephen Gallagher)- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Fix a couple of segfaults that may happen on reload- add missing configure check that broke stopping the daemon - also fix default config to add a missing required option- latest upstream release. - also add a patch that fixes debugging output (potential segfault)- release out of the official 0.3.2 tarball- bugfix release 0.3.2 - includes previous release patches - change permissions of the /etc/sssd/sssd.conf to 0600- Add last minute bug fixes, found in testing the package- Version 0.3.1 - includes previous release patches- Try to fix build adding automake as an explicit BuildRequire - Add also a couple of last minute patches from upstream- Version 0.3.0 - Provides file based configuration and lots of improvements- Version 0.2.1- Version 0.2.0- package git snapshot- fixed items found during review - added initscript- added sss_client- Small cleanup and fixes in the spec file- Initial release (based on version 0.1.0 upstream code)/bin/sh/bin/sh/sbin/ldconfig  !"#$%&'()*+,-./esrururusvsvsvukukuk2.7.3-5.0.1.el82.7.3-5.0.1.el8    cifs-utilsidmap-plugin.build-id08cf13b85ba82a1f36ce90432fda37a086454564224e336c4c22f8525562ace77295f5c6da9a3039781718a4287f95b01b8d20a146b9248cd9fed2dda257c0030a7cb86921c5b2a1fdd5d4fbb5807c8eabe3eb2f6d8e6dcb235f060e56d251d6d3164c16bcea2fb90c42dd4257b761bbaf346f674c73d129bf804df5b7200ebfe17e2ea374b1d5f501645bb8e140cd0cf46dd3f45f5a65794e3aff44df8a410fcifs-utilscifs_idmap_sss.sosssd_pac_plugin.sosssd_krb5_locator_plugin.solibnss_sss.so.2libsubid_sss.sopam_sss.sopam_sss_gss.sosssdmodulessssd_krb5_localauth_plugin.sosssd-clientCOPYINGCOPYING.LESSERsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_localauth_plugin.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gzpam_sss.8.gzpam_sss_gss.8.gzsssd_krb5_locator_plugin.8.gz/etc//etc/cifs-utils//usr/lib//usr/lib/.build-id//usr/lib/.build-id/08//usr/lib/.build-id/22//usr/lib/.build-id/78//usr/lib/.build-id/a2//usr/lib/.build-id/ab//usr/lib/.build-id/bc//usr/lib/.build-id/bf//usr/lib/.build-id/e1//usr/lib/cifs-utils//usr/lib/krb5/plugins/authdata//usr/lib/krb5/plugins/libkrb5//usr/lib/security//usr/lib/sssd//usr/lib/sssd/modules//usr/share/licenses//usr/share/licenses/sssd-client//usr/share/man/es/man8//usr/share/man/man8//usr/share/man/ru/man8//usr/share/man/sv/man8//usr/share/man/uk/man8/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnu  directorycannot open `/builddir/build/BUILDROOT/sssd-2.7.3-5.0.1.el8.i386/etc/cifs-utils/idmap-plugin' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=bf804df5b7200ebfe17e2ea374b1d5f501645bb8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=781718a4287f95b01b8d20a146b9248cd9fed2dd, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=224e336c4c22f8525562ace77295f5c6da9a3039, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=08cf13b85ba82a1f36ce90432fda37a086454564, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=bcea2fb90c42dd4257b761bbaf346f674c73d129, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=a257c0030a7cb86921c5b2a1fdd5d4fbb5807c8e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=abe3eb2f6d8e6dcb235f060e56d251d6d3164c16, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e140cd0cf46dd3f45f5a65794e3aff44df8a410f, strippedASCII texttroff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix) !.8GT  R RR RRR$R#RR"RRR(RR RR R RRRRRRR(RRR RR RRRR(PPR R RR R RRRRRR(PPR RR R RRRR(RRRRR RR R RR RRRRR(RRRR RR R RRRRRR(RR R RR R RRR RRRRRRR(utf-8926c9be38ac05c4c91d699cee13f75a36c74a970bfcd7010b1a1ef9213b3c047?7zXZ !#,=] b2u jӫ`(y.WX&{DM96v"sv3>WDFϧc׹7I_z%0NS:ibe't8KMQiJBIzu}r+΃zaG^=Jئc^@>cs(,LWU1eX&mԅszDy"`ZޟDUHE 2W (B'(;RZ)(7%4O0J%2KE[CTh{RȝU,o撺g3hE9=Sﶆx)JT%w0l3Zo/T'+NZR Vlbh>Ŗ`&T<,5IѓkV|}.QѮ =6G5@x/ׁR!ъP>:64&Y{~eJk1nSH?g Qe,;MSg}= Р7(͖"᲻(WF( 2uATI7i^fTԝ4* Ǩp݈4C"gm`/{21ԥo@OuH6Q"j.[j k s'!(\n''!@?cb^ù6qRG"zp8sn-4+Eǖ/5?[pgSOQG~?rz.kԬERñ9" UN RSpEa c!h'Pa׻P/O%ӰieƦ>aUzQrZQ4& ^zh4:XRzJ 葂`zp~?+F YFvLj%?BnԆΥ<뚊 r؛78=Fb1JVVV~2C:¢^]-s޳d%EʊBI;LnK->sdIs>/&'o~Li06 鍴`*j5Z*额C~P]䪢 bR|Md]7L,f)lZmZ}>B9?f|to/NBi~NMZk[k G |OG]z}93'fyI\Ѳ!@(BnKa:A3&SF g8[j6Wrd}iMF|l{ i(h~SOGS־sPREJvU4?'-6/\ ) fʦh0|>ye%toR HOtϩѦIXr8|R/R 88']Р(|K1*>jXM@|,'#:9 /B#CB2Y2_o. 'RLqoإ1[<$FH1 amp CQdF] &^=vbl ]#p-= 'OQㇿYe$ ⃬Zj1\@[رe%(a5lH1h6R{1oI%:ryhBU1 ="ZBx+qM?_ D] u5)Ug&S͢qQı9VObDpZTkxb 1/Ft4%FkoyOr:cGʊfL6`}340.-?W9qnw@npK띻O%~`976z@C4Ѯ9x49v%~ ڱ췎jFq~e6uptg؝pȍ >BNKY>SW#YrVٳWD`vaz~@*5)Đe-Rs'%qR 5TdVݮK)U莓j{ex=EڜͼܶxM j8ɞ55C9f14$nB$0CQ2| 7L8+v\ a"b̛i]wR u 2ǙA7ppFQߝ$ODUV2g*D@[t*{r <﮷.=%=hY#aul ӏ s^.[ Uo8Y,4ᡁ%(˾TY]_N60ﴯz{d:ǀ6q-&K!OR뱀%i캁 j Yt]|V)ntN0ڻ=,ɓuVk}pql vtA?6Kü`m$OVsdMކXE%8 -<Q5ub U&3[Zyu\=mx%hϱrRǕT fx\h *hE5(j-WԈi!m~%T$SbD,}&6ǞZ?^8ݜUkwǶP!(+9י^E%hķo(N=/$x}W ek壷 RV9I[& DK.$^狨:d ȐuB怄XMrǍu2" ȞQ}BHtXQ lD.J?s"ڄ[ӣi6k6u0 R 0Fyc/m&l>360̓;uuma 72>GB'N|;|I+/㕩ħb٤ЃZc)F;#7L}N_v3c_qj9 nĿW#m#Bt'%Un|$txk舂͂75;.vqj&3"QWF! lu XRjlv׎IKK[dr@ Ex*+H3ވ=CΡjGJ1UvdAʍVH2K8D"YF99fFl Nih&{hY z޾ x+P(;m]\p] 5L;F!a&VRpw[~ĝ@M6Og'lUVpL@sq;C--k~T 5Wz3`.NL[0gMTwfpsvGWt&$z3Zm+Jr$([jd')mR[ 6J`h/ Ý>#8kg MC& h AuT $QN!e@=-SIH I_5V vPy #q et gSHיZ7^,F%97~RZEƮ@!5Lv1!"^q(X[GV2k)9np!aKWm&Ŭ¹T*h1MSa>jej0ݾi!ݢ blPD5µX=r(@S2 8CTnKGh2eQlF?xL>2r!2 :\7=U ,KFS'Gث>@" ڰ~5ɱ! "1R7I"ɘ[h`n:f l|l^>):ueD,=L3FZl 74,v?Es3[3@ꮰK㩼RӅQblrNCe]~ 1=% +9̩՛b&T1'U5v3{150sv({$ВW^2C= ?q-* g}*s'pe @uUCy~^aR.eڠ~Ҫ`hO{c4~')Wߜk! ,*]rApo80ҡ?$b|A]IfaF[g`tpw't89RG佉ާo\<@iR0S Zj`BwlMSs(ǚoWVz9U/_ oPj^? [QV<Lc7C }͈ӃQr̫`اSA)gѥBrZv\yc*N## a=%%9)r] Ծ"8Tc{zoXhS/{֮aW-3f=ȞnZ޶ {kMw =@Oc6#nɊA()EhFأb"G!D-Dy׸@ r<љ#,a2 sx} R$HK=&NFrx3/D KC%1mFJ=xFITf%}xw\ {M{Twِ`_y-NktLΌT,C)!/yZ~eϷa(Ƶ{^TMڨ vVO>LRG!?SUUp8:CɋUvvY|"ib= qcu(JKxIqe4u jpGqA1ixDC[$ԫ#r "NyZ,/ݷƬElٱ>֜V</O%i?5,QvޫObZSWSj,Ab[5p voeۯzNcA=@<#5ӽ]]G* #wmqf)Ğ.DZ|1UVmI`uwJy6y2? t5E$h*1i# 0xS5>J!{yN7oD/PiBLB}-Q$'LLhY^3-5} f_妿i`(V;W^L%kԚ\+6_@c<7hs7rE 2}7nWXyɆء#RJtF iX:}r^홱~<PWB"l[}]{$܏ϻ:gPb4Db \gCU gh,NsI#j}umJ.v'ѶQAes=ld oa9녋^,vd6^Cк50O <.;]R ,,N\Unnyׇ9-Pc(oĥ*X@\8uol GW$%ؓO>8=2yꍹn_b6ѫ?tq 8v ]ujoNd$䲣ǏZʋǰ̚+0JM%`{VvHCCQޓy,W!:qs9͂ ^U`\)~]9<*6Ĕ#[J5XzLJ1&{u 28l^NFV*banbWBڟ'\>5U2`i,Q8ol5vT#!hŘYP%{CމC_LHʏ1΂4(76mMEAߖlm]c4cڗ@l10'2๶N_ 3,ijڋz=-iOLva]119v$Іf G%;8nmKYLdb +̹j^ f]H|tّK$T"m uժ)fLXOz̟b`oI).^!OK9.Cw5AmmRW& 0ZCNr>O˳w>ݔ8W"?8,_"+h׀5 ѧIR&Ph(ܠ#W)=znvn]!hU{͔tv!}0͈ 4NCaeEDꓠ_8uvRsᵟ&vC0.>6YJ8(^ ㆊ"#HxVα= I[{'Nڷ4.Zfayp0NEU3Q>сT4Q[>mc[:)i衚R!^֟2]iOm]Kܱ̻$ݸ7a$}3$V #)k\gc9Ph v#уITn}3f цAi AAy_WoV#&Gx{ZQ cՊ8p;}Wn*Oyȅydlm=@c7}3yȔiz1ub#'W"*.Ĩm q;}*'<Cʽ?J )ȗ?|Vst[$sM$/+j J]4%Y Cy G}pwZUT:)BaפQ;&w~v~ E2V)EG">7_s.~a_5MM$ cc}?j ~Q1|BԻb0(}wQZ^(![JƣU,9{r#TN9_bbSA@ڡ4 ;jʺe|0kV$ef 3Tֿj܌ibx@8f  Ç5(~wrb9R烞&%L 28,&$RW:ᔕƨYmIkjE, 2*)4S5H7j7:O8@puL\VBJoZ1 Xfr[_ if-wĚC|*<3RW)hQU Qԗ="l\|{KO2G%nS^Zgй\貚Ј*NɃ)/ L0>+D$Vg4,(w&h;%Iec#Xq$K`Y#vkFu>o>3N#hǦ.NFjh4^cuqXZ<تi*P.ʾ'|)K6%6V0 qg z+F2L "uiGMc0`~+?p:'̆vqGa4n(˂H|Pz3 >a ݗ|͝ȏ I~ lcHF'(0|CN6 Z[_;I|Luf4ڭd)ZT?b+vz鐛2i ,DṞYE &M&({cWSҦr*M L/ՂޜV O:KY, 9OU`(yv*RݥE#1w 1?O)uf>, ь-}!#4 Iw*-&/ -#OFzߔ r!X^.IoZT+l6ҟT#TS,0p!pϼ0r qA >̩lgF {O+{Rꣅڜod.LAESЙ6qٙBe8 t83dDWQ}udoE@cёمlU_w)'x-W`[Շ+ճ:3~ջAd$ -*2lQL K?`9$ܭ&fĆJ-J{pRVN5؝M|ѵlѲ Q烱U悧t(3vFDI7d!)X[s5#FâuYy#@9Zff|hNh'8י=6._$_11rl"+m])XrŢdʴ`-{Z}(^ӗob+[pm9wS.T'GpqHB%ljW#rЫ(Сnr0I\C֥ZtwwQHL#ΧY̏E  s` MLuf=k%{X!bSQfNO|ɗ0 :)%<3pEp7q-=|Lbn|-l 3X|@N rWpC,PKHFW?6i*cFOma[=ԢA&"Vtpe߈3%էa{s¤}h >u\bGg׬f)k"(CQFM9&J=qf60ҊPp9 `=ݟLfU{PZ|^2gfˠR'ʘ~F.o~ut)C33OG $`*=nD3x00k J M:E5B>D2svՅ#֭}˙SHM=h3w-Z9"HkXECouaou4Oڶ1%)$M]Cqh%o%;M6*@KT/qX o׽'1u2)Ӗ#DU%b~ca 曃Vk;+! Y}S)۷cx ]uhA_mqMPEMo{P<> yj|R5*2nƉ]"f"76oou[=.x_OFS3MYSl~ѮaС汕ϧb;0i B}dicU@򆝰ۓX#e83;F gBx ӭ9jtyI.DR]\5 e 9` =b"bC4b\"&f<\Ȍ,[nG)B]^F>^`H Yמ5| ;&>nuWܠH!Ł;߶ +q#L pҊͩqz=i YگV2gR C c@};0\@+;z$PtC4BG͝N]wip>P-k;QꮂC`{h+|+xD^9\/&e923=P1 (+~XK3$`PGq+OhiG۷pcuJ2fxg<_7cQHwF4BiS=NXֳQ+Xt3rZ~+%0cMVm<: &F`"ܓ2r&vQR1Į#ms̬F$}iz6D*~2#/L6۹ DsHqQ%~vh?uDU,K<|E.]+L^&?ls~ۿXup7l0(:T;*ָ{d"h+ gFT+-@E.5#n{Ծ[s0J*<{Q4EqNW, nm9 .#Z˕Ƃnl*L6Mr=%.tqos<1z5 $UN#z{x1 Jw)g0p/'I@NT@tO"Z (Yy̶ُU@X$J}Bd5-ͻ# 1 Ge+W|я7ETz-;4 $f<l.ɃyݰDKK h~doOg`C_sMsO ~5cn '=т<@tZ G~sFBgW1CJ @^B:b2yJCZ=`=}\i~5y3?vi0O^?G9lh}e`:|}Olm\4#:,tםWU'-cQdV<ʘձ50hRd:J'n($F 9%Eɏuζ$U1bB,ziFrG 3C]*KoT4Ԟ+Y39?7FGTFa@zLs3c\ n#ե6~Gqv+SL%6@d.ɗcҧڬ2R!{yYlGmq$qBk$9V4 Do } SPRG˞Ԟ{֮2L%ӞK XEm)HA.+= Vv/@ /=?NQZ+'Qj.E535Ɗl`0e/={2ѧ"uؠ 7H=7=F.:F7;E\׾T5t!C5{Q-h[Cj+^( ո꾠őO?ZhV<WD{'rnξ8-ImU @$jb\Bk㬁+o\Hƺ<ޥbRk 0Όrr4`LBp'[)d%oUbHq s.ukVښ%OP4"cJŽr &(m9iN p.2( к02CFY'PD{pRSƹ$ka`Q9ݾZ m9`MxMt8C31xE{Dg 3Gsl$.r8*Sp.Q+E11)H[ݽͼtit 쭌KV-va<:7O5IKWgPs7OöCs4DDNx,=P]Z]lqZ}falA%_X=ћڜHo (ZatͶOwiiT.sk'֥m8*lw`]8s3޷`#[ohKg4l/ܺ?G^6 ['N  PC9DֶSԭV/8l٨,nbxRq)չ+U] \\L׌yԩGɚt ۍU@{}c1KeG[W&f1Д_ l}d$$ htޕ`0LM5;vDvgʿC e{fN.^X>bEY zw0Uɐi>К nVZoB,?$Oxً͎r3UHb8-$v?os ì9"y]ۖ~< hp`dݥ'icPP7+bwT{ ݷ' qs:<-݁l""'*oE"&H\0=- Jt13ѺnqڛzV7c ,z5z)yky '8 / KlrH,}:P?/xg ~პi6M͗z=2@TS Ā3Ի؆J3{dP[ͨ@c [ %Gz6dF#9 *D}v;2b#t`Xv`pC,欵%AkOr_ Rw+UyXmykżemTۛ$I`_uNb"q 'MԌַ5$tek0d&{Dbk_,6KB}Iw,ҢAqn㢟ۨCÆSɃ8@9)yrbn|ۨ& +k^_߫|pz~*Eof!91 P=ޟpE?Z8žrZ&{ۚOY6Yw#Èa+08EqCOkn4qIf*(iW@ K fQLq*N@F>Z 6UPF^ze2;BwҘR>λ%\y N0ѰH&gLlR@RǥCp7x8^[$vi*Z`n V}6F]42vR:!"nGOhwW{5 {ј2XM65.~3'9TjհZGr>X5B1O%HylIgɞK\v6dsY$cPa E  /*,D+,d1Ջ%KݕaU),'([ S~ގ~)orcݽnIb`^C;kzX0} w3y% 9rx>B^pz-P ݇10lS/a 80 < 1agJ( "`/J;SCQ־\^|~S a0L2^b/5S[Wz?n+>?I5ZI<棉rc*ܾg[-wD %2*Zb._]68IG 7)=Jj2X&ӗ.1jLe-ڷ炶z_@;a̺5Sw8qD޾{0Uxoon嶄`~oTll"?a/`\yX(;[F(Wl6#Arl7b^Bnm0vE\'J5S[n;mfҺbGrLYlmiy^[h6-w 2J~BϜsNw_٨Gvmh@Yw_Iȱ6gcl<Ú8j_ '|K+{B S+y*5ޡD|mm&0[:W|+f6(P--L_?7#'@qQL]Er5+ٗryy䦪fG0{-!ۅ' Yl:}m\p`D-}%:D?w2.GxKn&3;`«-xIXoXoPr}ָS0f>!(an_L.{| 8!Slmj eln!;p`W' ܴdLc@&Vx&_]/3*>4Jr,DiQT/:˓cFs{BHp4]2 +s9+ ,,g4SxVO=Qkx48ǭǎ[``lCV^~-+j#?W,D*6 +ZhV[/PIK5~@2>B@ ;MyW5jlh!Øjq;6p>Gq+*_ -&%F<SC*'8>u%B)dqkꋎ79⽺п U pz@F3xxoQMS!=A2qNH&Jy<M@؄Sac~[񗍏lzZ"oRhc H2X1[IJ.z0M-[/U&g;S$NUi0%0IsC{h%ZTTmB 4B;nK1Z3;uP~c ^P<%#6-5 FcjzBfkoe;0SחiN7ت]\a Z8RUb"9v9;"i " M(|7oZ^ipZ\K%KR'MܓZiG {ؒ(cQ]RL٪!9:ִx@;`K6aXP)iT[;#C>HX =6mo<35@Ew*g7ӱ#(͍3k/ȌNC:Zwl S!(c5'U7G/՟_13KxvL7\Խb Uo C]3u" /9 醓* {_vyq;=xXπܺm#/|.jjQmOESۖZ?ڛUζl\.2S4'mu?[L ĄV0/"aQBF2d*@i-St|9a,$\ߐMa/~*Mj|yrDzĞi9ABzĿ'( .YEb,Ƹ%>@m58ij5 񄙧zΰyr~r>2|mDҘ/W-R~4?]wޗ|m,  g]agׇ츦Wm 1i*{jDa~WxDm{yȂyAܒ z75B[^bm8pIh]/?7S?$Ϣm6)y{]U &g2[YP{zwa\B*C7$ơbOF *?GsF[A&=oԣ0#(As@f>Z%YX͊BC9~'{~PJ)|ƛP3u|}v47Y(g;p j_u_4aO6RQ򛭬3Ք&z.٢<.gW:[U2MPa&Orp]-{}۩*!V.Ѱ8p_6IȕB`/^/w& K}wAcO-L6٬|:n:j*p a+lBN *ěc`]z l`:̫nَ~` =7idqLApdR'վ:eÒuNxU8cEb˔m_HN$Q<1D Ntuu&ޙp_eYT*LeE~D\(tsa7$KЋn=#]ne8!5c`7SGS L`r'cslsIͣ2eW=Aع lOG *2zIw 0+\ ^Ttcԟ`.@oF^F0~>s%!rN`@o(/4w@MRup%mi2ڃF hGq]1x˓qߟ36!%alZ-%mt켑Z2`=d3 `p)q ъO/^y[^}B>Wv/FWhWp \CvCs@3^L9z $`(o˚qZjy _,qjqXvw]I@ ?E $ bKvKf lR$s\C03NpO5LD4_/w\ވyRP7.\O9f+*L|a'ľze ~pʃc _}ؔSs8:jy\/f!!BE4,ES/GA8yM؀YdY<NSy=]0 >ភ_|G.ΫcCa6lQ|4el>P%8Chas}Viڽ087X6G0zXjnD'aHjl5QJ4m %ȷDiv [`gQ!ʽ\1QX`/Hp_+ۭ۫NtKg3`H̭W332kuk ueҝ/ fMF,!jSx/QIsMuא3,AqG% +c:+8)4]UPBiA`OL|l(o/'<eIVSrMV-CY/_ߵ3iJѱh:F\"/Hk,jeb5+%q`gt2n|f˭ll.rxu/#B@Ez quK]MO94Qj:k螹E~N[߰ A9"0Fet"@Ul$n"h@6i}˶}&71wZhaI&>VcJ$$:H/RvDK}7nb%=$eRu㲭Jx"۩MX3u*Oci<@e0@-saK`fTMO:$ #iōi*cv=;}W654cUWўJt@J[jء`. vCi#;~-Fy TpamQ憒h# ww_غyqz/&fvA ;W'Uss\/e|EDcm5\)Gx2l\ ޗkul\[k-92Ojhe 7^ ŋMX3Ԥ?ݓ?wpK _gEϔ;GQOG>o+# ,S5P&1ia!c[~0V$;ҵLWNs4C#$rp_A/j%{?̗ca&Pq>a-|݋~c|#6#UWOG_(X7ĹXꄐ<֋gjvr^8'etd6í)۟!Ӯ0C1R8Y I cr7Km3P }0)S&ޠø)In#' ][X:022F?A ήmrxWWl*4oJCN4FvSJ [91PA( lBɡ~ko9x0kYqp k\܆S\5#"5sĺ>:Yx#q90=;轎?OYLl8>1OMHȌ}5_u掴`P%S,1RpLxݶ,[<`Hx՚Hry7ê 20Q֧$ԍ &jfYIL6@~FB AUDr TK)`mj(Y|#OѝgP]@j+cC7upWwn \9(iy "D\r|2dH,<2_V^ebeJX]TCh:vOxbDZ 3zL.H<J{ᶉL֠^k@`eTY%lH'30+HwMZf <ΐ[MyW/{r)u:;&F]Z]d9d)39CBsPLZQ`:=tHwfkēSrӯmOSnU3TvmRf\Lΐ'9@ݣM+ן^"x'_jCfyq_EqjZV͗L"T]j 4^ˠ& D* ^矖ŵ|8^Xxgy>[#^߷uz^9(Zp˻&xhTRCb|?TEi.k\vBd[v6ѕvs#bGK 0(TٳD1Xr)`2q~4n-yh̴c^"oEE|lm/SG"`MiGODDMl0 8r5@re띞ԴƮg.?Lȋz @ #m=6Etg(jP 1ĕ04i9[<{/QϫE>bk{Df8VBW~h@ZgO6[tT&C8jznShQ [u5v5Fnzmn9׊T"yERDj_LodA2*Q$NB7V{%~ji`f.sE{'qf y@RΞW9* Km;"{3rtv{a}JEHޚkV ,`F'l:(Qތa"#Y^]~PɦۿfgwCr'ZJhr)):Όu|Mr?V6Oٍd]{*zG Ğ}`^"^*,YSL98$(FOaY [#3cI\°'kK ;:Ά'/ƈD 8zf#>&v:Y4NynC[QvSVyHZ17kSOv:++ Sb$m.Pȓz\ ooyv]<>Hc;^B_@0RGe(pW}^2Yl^ &+_MNgIJe (jw'Q 1ncl{StZ) Ծq~ Or `&6|a֎7m)ڵtL8ģo<1IϾ1JeYى|_*sޕA yeKp [~o:RIP[fE ٟX* CrLi{g&4fa_S(PVe {=8gud=QQ۬ШiwX^PH~Xs;~,&&vx6s\/U AifXl-,|,CSE #r]*,7:5 #:)[f7lhʁISm gM'UF턽%c z#R;5=ă!5HỬ%6jΆ塘`84>'G.@p4(TI f7N)C/)5]@IvN6]wUTP j4ٛi@mg霽ś%j?_gw G3X=9X5)( wyj,AРlHT_M|a-4 O=@aV@Aſ/+2+ BĠL{s%P6eQ &B{z"*㾀R3‡V pnIf,`6V#Y2R﮲]vRŏӖ* =%a$Mo9`lVk;t oR+s+˞&uٰ`nAHYzxum"'Xʄ#G*T Ǡ9c]3 J|co:w yjT8@Ad:c9hDN'$Ĺ b?p|LTh%slΊQ0XpW8GnZٚM2E)h\%d@TV)O~bgfcuuMQմ Rq EB9TN&jX:Ny5TRxf/7Ō3ZH6%KM*pW漴׋KɤGOT&G&vO5dhx܋W`vxS.%hZ /vW'Q@lu iX3t]MsTXF4Dm@,ȢO7E?vxޕ8r;[]P%Vn0+ʒ5 )7rÑ- Qg_ϖ^Z ⭧j;O>Dj#Y˝!`97 70nc@L}2.]'(z *)HzVO[dMg!iX PGwB7_OD߇iqhq 9bzF:x:Djꠃ8kIUnfHb/bT "7;|ݞ3B'43HfzڝLQ?=;6Տy~Z n̫BVMǓaub0ܶ,E&EJ iAWalέ>lEPYnW~>IO"nc mh< vFR] ;kr+Z.oQ+ >By}ԸZd9ONemK6כ2z0WII%|.R~sXNL jgZrE}Iփ{Ä2{ Wra\|X^B@˵0j}ЀF b.!g‹H9%B7g7vy.;^W OVFHٞ>.>C8u[ 1*B߿wQ,wҬv#PbzNZ8)-GţWo' IԬ'E jma?U25Qvs kۂo V?L%| rBVf%^mg@sOrh/BZPX+zɄ&i羵z8?qBJ.9`BT`7il2qAmY7y3>H/B ӸR3NzNUuhX"y݂XІ+{GN& $`yNS|nqdʯ$naG A}Ps/wlOg \l]Bl;Qm[^`MH@FbzAwqya`\ovߢ1eLsoc ]]\ #Ls:%l6{&<=daZ}<3W[ez*x3tehiDUV[Dͦ.DiíY5X^!@RݍXД?Cj /*"O:wj\Ɂ(= Z]4Hnc+jԍui<,~j7Sio\ rIsTrrx@ni"UO=ʝTn =E ,AQRn[5'p"Pr%L.etlʻhXK5+f_ Ր@^m~dߘNɐ =,(i=k:SԶ^"ixe ҲWeFOBӐ|Z)ŷ=<o TΛXtXJ/|ԙ.G ޿,A7^@UK<qdL+i[922΍rNݰ-J .J1עxh3\邈n;,ˠHtlx=K it@'q[6̚;] tze:ۭ,XS#´~½ˎۍ~%ڐM;4kL_p4U<@~kXo ;w\YL4gc, cpP/ľ.bHGs)k$_TY9y2妉_htB K0I;H_s>BlF^ 8A GƨKŘ-?TX)l2Hb2(PsU3H*gp0+{}(q118!f NrCf2CbNs1[u2Qv&9@ >[8f֍l{3Cok/,kťWjm)%rnu~E؆}{\ )hp2\Cq C@0d:OFHtb9M/;iq[jSu}{w㞳'#viFP#®/5.2uV٭Rx8]uVDe(ZWz -9ISQTV> 1>C%m\4q;"7Dog d|<2'Yݛ(}Td_$ {ZF{sR&54N-lrT3ׯ"<(r!=zJV 2 giW鐁GO1NltCC#V Ak(S^">ywA]Ε]&=;P6 ؎@6+Ƣ?W,qh6.*˾ȫHG<$T6ʠڴcA{1@||ևB qU@lRKq}7HD 0$d7s>m# Tu*D?hi ]"XǛ?{{B%De5c-P7+V^;z ])ɿ KW}BKfO[[iZ(gjMdG5\Lw[.`GP)Gωˎ)5:@AP|&l#ٔ?>@ߔLx5N-5^N$Bhl>7JЛ PVe8Gdws"$e̬[My{#q!|7[鍨<;7x Ctߴ9_yӾ=gjxjzHd,G7R;B 7Av1ؖLY< #F5OWJ$- ͧTWO,+̮NZ^34k{m,gq(qM+r&Rv3 %ߡ?ėwCD$)^OE-'_/M Uf6/_-:\î.{yC<׵uj奃_dFj9~.*s4(Lv1tG@.~|>t;k%PanOߣj ʭe :X-osJ 80{j\M G.L qzPH-{uF&`^yҪ% l/ٮְ}WĉFM"u'>Oz0?7Ci;#7/Rgk(t]F-sg0ѽ=I-5vV}pbx$نr wtz泤!|2ª ~њmJyO @hP9Ѥ2GT*HħDby$ 89_ZE!5rl _ꝡBq(mC_/'HU˫h1p-7u#/@J-MC*TfSr 1xwjH4>GdpKʸ7%~d/y#1NAvf@%R3?H*ח7f( Iw\Ux;QKJ/ lwNVlBڒe!R w}б[25C 9Œ*Q.W g+/9dVi-Kn5HFsȇyzJ^H:L/^5@e m%߶ZؘdZ@I2L<@ Ybw >rʎjjv\g-Ce2y:˫r'2X%=WSmO { ?Fb`ʧP[NPG~? all58i`}v̐hrT7S`s79ydcJ M{rT݄Pā?a3 *۪Va;e A9Nk/10x֊t9Su*Gb!lꉀH.[:VP\; ^v bmAbOu4+0LFU袽pj=*!̌ ,Ɩ;Haa&DǍ9_CVN%n_["У:ߵFv7$Qz*,H4إMEr#xCls(nq3 xt676 ƆcTL f6OP#yj(ol/.#\e> -3$e7aNDmo&H,@r-;[Y68 }ݰ4qm5':t&E gIttC0|TxJ>u٢mU}g5Rx ϛV.ixD>o5H`n3Tbc DM>K[N2CrzRISs1щ1 uxnvk_0>"-ChZ~Oa!g(oCRSa $ c#fy(:}U '(#۫c57XhSPk=m݂LX=4K:ޝ>:!h' ]Di҈f? da[l'L4 c!v]ԛg9]N6-pjg24.GfHRsC)\d,svǚ%5a&9E35T4l2RtNxP57s#<*G>x;HI$"KD *&rY2 cm)Į SumU *!kgD:P8\sdS.&{~n[*{M,orp( kĵG#{l2_#4ڥ #^_~Yl50bG o]m&l `|85(Tp}%XoeBI{L)k!@|oe~=Hj*pc:}]=kD:#ؑYj},RfPӍ5~Jum1<=7b<:$ˍuPk  ٽ5 TJS&aKPhTq7khF؊-!\4_" k]VF<{w6,&7T#y79 z7RuR*k!٢O) jP]2eF8E-. Y2іMz˾~.lbhF-; F7B`8*( \37 ̴˾!CEnӾ g!YQZ^cA,@.$b3)ܟٓ O@aW yV0-T*2`e}{*> BT8ʮHNsGZ=*ާT6ߚH*SoXӟ"(XiyJ"^Lb)d+B_ǔh|:6qE)WO$9ڌLeCckPOqQ]ek7JB₺)9/IBs՛֔(?sD4rZx+/qσxa=_4e19iK$@&{ID FWzh2bm7;,ryBKx _ri>LRL ǠXN9(EVsdE-n z}QquSe7#SeMC$\P ib;Wu}ESqoO+'h \*[6'KU_RG NCq~KZ\zTJU)l<`$^|?f4P"m@t׸{>jIWVwnq$?ٚ@~{G)΄-u/2Nė5+\QZQCk5R!mc ц00KcD4149EI܏~*- ݯ0ՑM?CFΒぞw Q?~>6!7&M忮Tr)/xSEqxD/NQnsz ;4+~bwR Vא2K :A 0٩݇tۼ!>G)4gR 97d>~FT{Wg2fz$a'eAo;AaqE_$w5b[=.!13Sғ"g+-;FY٧7Fc{'AHon:=h#: M^f[DU:Z:DCϱ.&v]t_?#OhNr4/HՖޫ-J3e.udGqV$͸Z:Iia$$|wTy pŜ xg.T|]&JƑ! B*n=Ea6kthT7m=mECYUu?Y\aÀ{YѹTOFo:0_uɑ] ( !~f,M(z8#IŖQ箓]q/ٶ]J|;']԰oAfo3Lf(_C? zl>5!^EŽP@ t#ldOϴ䚳Y#B/c T#Wf>,jsD dk `rigqC&uͼa!X>֕C 7/?Ա "%$Ƽ+X{"[^Uk@;UgԢRl6YBj7qV C%yy8s?Z"I e&੪=Skq~/3NJ$pd凊MI:Y`pXy5 ; +}i uk]/^ Y Wd~@ ?g*&|huGCH5\VM")iH=N44='7/Ts4AShJc "VPڋW&tրnpV+ / 鈰t`\T(rROFɦMy@ FgĖ xBa n>r )ZRhyi]./37*?κ=6R{~2 ';o1f'i` ]FREJ88,H2C%>φlyX>)9n{!BENd'JX%bZ_R0KTL#8\$QV-9ͥ 5W\[ EozOMr3j?P`_5VN?q I`g05)h\ /8(8lK.Ś7V{s9pXS?Q rژqihS9(~v~]y qZaj [  $4` &xibq}z!u&ηڣoh cJވD˽>'`X<$ahE1 sgH!*@DicDnT(E?UŴ 7SOL̏k4y%KASp7KOAe@bsY,Dm$zs i"R'}1]bf݈[k#D2ttv!Ĭ1e bG(,Lbz+rbNcL#~ I}dԂWZ)7,4@,쩕6H.jjq5g|X,C?Ru8= ;-BXό8e aF'Vg3p%>K^q7𓬭iQ^ʑ|0/indf7-ܦMFg1NQAT G|!4V 0r_/N.3(J욼JgvED⒖#'τB/(bLk !e|R80SɢAO5Akz? ac;7#!2Bl_>(9!PJ{*YZ4:P lE*qg@X"Y;`PEҽ^`g;Z/DzȼEF8џ2"i{^꺱 i3FsuCD40ubד 鲺)ۡXw!'zv#K:%8O:"g}CHߨ&]_|Mh/ ,Gc{4T8Qj=k՞p/ {ۥ Wv+',A>V\D2}ʊ<2 G|d7a4&_;|3 Hm8 jn:"~yJX 7 9Pj[ؽ@ŔnwΉUG )>ػ Hl6| ?=,O;kK!0X<l}R*+\rE})*,, mU*ԡ?Xw#;qU?7?K[|!NFT%N1c?|a&7E,m6ETv3i@%8$J|.)4"R(M%e:ihV'R+tPUVa=MY[Ǻnjg\ڢ*a<"xB |E/h8&`^`'@؃ 2 #jTFѣM"ٌQh Ƕ6ĸYI̓έ~Z+a"d)`* MNnJWqUD:D~B@ Ԉ'譔UL@i":Vɼֱt4t`ʅh]ך3^?LJf oJƼ_-lVKĚp,҂ pt/mT$ 0.BGIs.Ru tx9ϋ'D/$.}Nb|xYEҭ7%ħ1A{P> W={jܓ?P%뱦pJr ;B'RVr9q\P M+2cmp\MN9̐ŭJғ &lEW|mZD,.,>h]ӻwsUSIUÇw;#GIЛ`} ~4;6t`UeQ2n!d_J^'gG8g4H%:,/R,H6B\"'B[@lA,ȑLmߋi:&eG\ZdH8lFT ƛO_{Qu (8r}XX ]kh]VvU߅t5 Ņ(۩P|@>%su Zũw#Vۼ R-ϝCy$ 71 w­<kRy'0ǢCq^߅ tD(̂JBxs/u0Afkov7uy>OE#-jk^v^ UU KO"=|գYN!lnmCM=5mlIZ TT{ |Nug}#^~=ט2&Gw0::"S5I4 3y 0U<ƼNg ~RHFWu{"ɴ+([4 [!P,YIcdҞm(߽WZldPJ60*}n:S+Of.h 4}Hk)ŷQK"ex!ZP- D,hcJ(]"fn ~67>gph͋ M1uߵ)\k;h׀m >&"ѶWPW18W/($k9oAn b,la>-J|űK~=ʳ}xc^9dD6TPbt ѫI%+?w(rCf)< 1C9̯2vMh( +5XM\* Gj|,k8I?V]W AE[Z"LJ $-iYʮ&\8oQ<}~ Z/蹻q#q,(9ND~P ˈb\Ce*$pg7QA[K3I]gKPsxKGۻfM,sa ܅jgTbg[v}1~>QkĄ.b-_*nY>G5_hm-hop{\;b&p+b݌4LsnlC6((5 ÃWcBL Y>=DYZ@ 0'yHa@2>Qdj{#UIi&\ZCGAn0kpJX\YP*e,s_ DRFX{wCP7Ko闤nYj̝(A< nP?L7F^8WL{Eg:̷MHi6{F<Ԣ=P?qA6lij,:2iyrc#F`h:YNCN{('-*rƥa)\>*c)<.÷ 4n0h1 ֠_y40ZŠ?nJPtKp8NZn&PLw:o fkyQV Ԟ,L-\.8֦Ҁ[٧ݛ6 JeƱFtBхfX`w8a8xC&e>p#Qop ; 2`l`#>v=mTN)q$v-C{g|52]F H3[-4hzĈ_1$I||u-e]E}=%7W夒MJQlޮ?22-2:/Ј fQV(n1Քif$7Jtב 6ͮQg3Nk깍q ` JI'rj77ņ(eǔv!&_<(mO nkW{$Qk11%䎭޷Pa'z2| <QGpңyFxxūQZODV|2Uo*AcRyw,;HvGtb&vfRzZ&b<㻯&S^g j. 4geHV'y=}q؂t 5m-*P,rvyxq:Uf@[Ӻ0QoMGJz#,t AncsݹܨJ@t=W\TW1TgHN7`5@T£FMC^jx'aaI^{"tX\.AQɟ8P3peB{d&DZ\, luJgOr"ZSy1PWXtx&h%sgI@@ )N|x$Kә1# u[9 U?*]Pi**`Ҫ|p - ʁP@7%JU=psI;Bvc@ްz}(pȁ0)†{,d^9:PDwB{ōp&hqndXa0e o,:c6M4xGuΜΐ+8K^w)_sbmꓔhA0CgIܳB*ZDri+2l(7׭p3u'իmh~&ʹ_9գΫKzo'7mRYA;%֣5 }:fI5V9p]0uVELF㟑ɳ\nٸg$~HV{oO[/Ek:1@qcq,OUEθo1,=01=HAt2.(Dr Ί>e1E AocܱN'o̝ʒd7{iXU$*&YllT(rm}:F-JYНng%Mjy^4gf|ctp!!bf4ambEX|:hCfqQJɮ)Ŵ=D Uw56&ͷ&T\e!?T5,qV`'Z1Ԩ':E*ߥ+-0\&UPd:p-Hvː rWZGuu}%UHat]$[o;;Fu{/).-Ҫqgg~[ʲm:)l{ QifmB_5qӂo'߃ 9mImф}vU* A7FdaZ FtLߛ?rukgdŢ4TpvyӝUR%jB/+5I!^j7fS2` #~HIo&tV {A1/n*Ln^(Gơ-+srb{\D I~yVnHN΄LeTZu% ߢÐo8E\忼h*?o< 6:-e:WwVV) dys:S nuJCvͧAȴUO//ST %N[ xxAWԩpヾR/R@>!*Mn5#7,[x00t%:?3+$g&ɭ3zu ^)J8,?H}pQtn.>41"Y02sQɭK%$/FGlnD OjkB㌫?fyTI إim~,!Eoc&pm->Z\[adf^mWZW)a3R+gCʋѳ.sWh ]߿Qz!D:s8L3?Z;z>9,N5AG'-LO p>*2a<~X _&^̯;Vk|oP:'@'AF`3͇PٕN]oU(^ Q(#yz 'p-[`qlF, OW{:iꚨ{h@]ڒC}#+-M\ XZ>^5uNa[ HѾ &; w/*]s|{mٰ+JNO ';w~8;Ƅfip$Ƶx+ pI@x&w*XjxZ? Ed9?r&i=dW1-$6mdbpTj|f ( *g|iq/9Ք >-.x~->Pi] q_$Q(TDqxEk(]Kn[ĕpLA-e>&ю* D7vTZXBۂ|W'k壁{Qn:PCnC>]Fut} } &Y q.sK],3P# ּׅc_t(Џ5zñT?Ř'{G%"ʀ(#|#h`=$ƊRA_O̜TD\ ՠp?9oup º1D :lT?*4^eyvl=E  ."9N@i7ΒZϿG,V!;NϠTdOc0'/'tq (0_=h< a1g5lPhl_qg4Q Rf,cT4,辪$,_A;% 0 oa,ZBH7͘gqEsrcYO+}2dDEqt]j@}BN/˥D*( o?<ެѝ 3ex*˳xγ GW 8}#QE#Q1ng>#T$zDy}w)o6@\0wOݖqԔmV\ǬҬ2ǰRJw]M/䣋zpA!-+F]K$-K9,aDGI!_Eb^_h)O6izTw}aTjxtī';PлcS>|Y|;Air/{u4$VMz4hXYGzzQ' 7̯cb<*+$X.xw am+ YxP(mxȧd #[3ھ2reU'Щh,?UeVDl馅ZS}\*z:D>?4Ăv2933sZ_v yHIQ%NJ6t ?k9$%'/U'~T WKsSZuq"ZNV0GflEH1q6f* pJ4q3"HT`m]Ot#'aS̄.k[ȏ7`nT4NT 1:]KQC S[d= ځ=yslx4B\oABų0≫j[/|eD TWFwt-'Z՛?O$闎b%`9u1M+=Tmu&2WF7APLBJWx [tf|6C &e%F?uK_ѲHAf 0]#S.+o7I80&e'\.95Ȝ: @;IFhbI${HoF*;Mb+>n/ɨ Ȇ1*+ $1ɼރ?Qk&{n׋d'JB_t&窟LGY̙ɿn+9UK<^Sҍ5;]Rrp. Pe)%1TT4EԌH*$ tU8͡Sᑀ וk[E@W.}mdE8u`Ͻ?:qީLi$vPMب'rQe:AIPȿWWȒt>;1}FYp&`bQHҲ&x^?ZG@Ϝ+tSyJ6,[쯤kVB;INt@*2lmM>IZ#iB`L (. ah3>GRnvt0b9.Eav:"6eElAr ό2%3 y8r4v?Wbowt>_'VZk\gB6X|ȏ.*kc EK43%_BgR١O5%YUJ/h;$`k 4U5{ΙU C#rҭލv, E 'Iّy[GYdԸlG6f;3h؈?1m"/ꊚ2ur}"j?Ⱥ epԊs}8ÞLvx I@#CDoP7q?Q ?Nk>Ηw/524V*Ǵ]L!x+^^$t#+TblO!ȴbZO-I 015G"~FcEUTۇ˸P^8 &}_V`\o(o n{UtpA2yb=$lbxv.>$lLìTEK!`Ǭӷ!.#+{oW$Qp,vϛ7 oT[c0 6 jb*ė+d_jDdo^Ӌ;j1&0# G$t"G~*t,-j W1 CC3c 8Gʨ<{׌@@fzVzIqxOf "C{C$:Sy͙PB\(kr午f7hĂqTo&RSE>]J8TL7Z `;x6kRn;]~O+YOD!ةN3kvԨA4՘|0o+5kkGJ W 7.vsSXbkcf5z䶖Fic /N#\J*Ht*/ɈSn UjHTBK&qQGVlrr6 V?ÉTwvPqTʰx4կ4]uvp=bw{Ŵ <\,Hݘ5fJ@2!-p{Pw%k]Kz߬!64s֞US$u:T8")_mmyqjB`'bctd1ACÊ CdRjTt4їoڥ_i ցZ S_ gnP5E*4mH~p^jpoChᏓCXBQhHe? l\vc{'b2(_Rz֖y%m{)q $Z1Y㊎ ^3a^1IZ @B,fU1QDB*M_8d$Fa83Lj4Nc( $]i!'[ܘP# G;Ip 5?Y=f賧{~LFsK>:1j,z\6[ nĝ kM D<;HM[KGfúB (Ҹ'6CG*n(Un[q av`B!!Z];V?PP x~e39d3N!7*슱MZ^u숁)Ʉa]()6|mKFPgYe+%oH ~}`XxWQΎ/E: ˂!]=!gEF~]`RQ=@)!ZoGBdܥ楌*%s*hij',S [yEmXNzya˓otBn4T Zi^%WnqO"Ֆ=k8BȬG"𸒖$-3^0(ow o4Sƹ.)w*4nD:|L<&_Hy'# TԮq|jcLu٠cZܡtT* ;zPu~\cw?$a*(wR~;U`͒e"vG{[a Or0'YzmTgԅC}Mf)S'||eGi8$ں*2A]7: 77Q[ b hQ=97 @ԄKMc7tM9a#{ *-6dV}7younVK}߼Y˦;7O<͍?CϲS6-nHՃ0Ǜ%y\ܥ`i  xg{ya{J" H2+,pcK*ﭙXA)1B;%mJzţ#rxPmGhX-{[sa+xޒ ŖO%lǞH\ U_jCnb8RsQ*8t@w!ħ2 (d!r3(8I49!(H;|2iz4 B?Hj="}|bD18S(^:*!-0AOW3cDi[rlA *ɖQPNPR3˔hw}`*\<9GQ;R&{fA(?EZrߨ #0ȴ$>P?7E1D)k/ *)hRk|hb(v^g>ioTa`ԅ^ErJ] g:__v1^n^>>Zr] L+$aYEKƸzL(Cz ?8˽z216mttPdhZFg.w0ihaLJV5W5`.Ierڿ,D{I^y5`;P뜨nJUSW&Ü=#`[ u N=Mj¶?C,FZUhM-LaVH~ Oͳh_訴'vxF(Ih˰wy%[ѱRԪJ꧅o\"u]R)WAЗg|\<  n $(yM*_0zX)JWo}|c7O顡]PQޠ4g&|P\}&yZ~ؓK[he2hXۧwRf*o[iٗ'(SLVe6l D7GQ E̠&/o6)eEiIY 7O]КNn.*gd lN(;E^a{-33/r(Xэ8p 9<˺ZfxFn156Arr6?V"5aZb/}]@ԆDsre#w 3_HԱpxSG2nCU3OMOe:p UV2^{}Z_BaEbmAB+/(aR6B&U :y*c*'LI0x= i@eMG̨.GfnToR*McR:8j)V2dhKx44rz8tp"rM٠gD!d}lb>ުxȼhyYM+&Q6X7Cl4%{9M\\]m=$^G⃘ ?}~;%}̯zvW:QSn\r D  #ˎtc旦^G|ɝ2D 4jn()\4glO,ʞ\<фx E|Yi*CXn( ?˦CL-ogÿz.-Y e4R"{GI`%VW/?-~Rdէu\+泈 4dXzm\d{~8Y)ݚ94%zcV!=#2S ˱c D,Z4"*"䢉-PWaŝ[ dF:jH"_J=P/'oZX\#]dq!?5'T9Y^mSOm}L\D)gͪ+,RcygjM,Xo(hޥ*!?FwŪ; m)Kvl-3Y͑6K1C`"O*7zTSN KIUj?j^豳bϼ'@nė䒂gy(R9jOni8Zm!qF$V><\ ^V{-P.X( ԙSZwNp@ ]:fuj{ީ6`HOi e>3RJв0$>Y{dR|ovvPV49ȼ@!-*YP DJ"j;ɤW+_Ze1ޛ{@G ˨!n-{e4MBbECs`/RhCZa'9ذNWt;3`: %546?'FO?"vʼnwKfE J"OoY|jj搗CZMS֘rdPv*@&vڈS)|dfhG<_@ٳN[|$.#!2I].(DaTWiŭk&㖼ՙDx q91Bl)t~ ՌD9M[l8#'^bvåeڣh.l[E"!AE&:s&e8$my>V;v iCh#7_ZHk[:)ã.zTy1TM|,J{58 zR)k|}Z vGQإ w& l9-ORv˙]&-\5'6^e!탉U?I@u4GS"aR ޴Oʩ |.&TUL~1TlZɲZ$aAO>荜utZf$~&h5}Y~u=i_LU֧9F$4v(ܥBJ^b?LNFN&2A_{gkϨ}P/`%T#Ѽ;a՟! k(M]y1 _|MZ/?BuZa/Szc?7U܀\E4We9+M=/mOi]°/JKEp_@bSSh)(s iiaH3\!EPX/*UH"_ .ؙcF`Ѝœ4mqeT^/PеMAS96K7+8J=M{sq?'E$kί ƐZz}[Y*uÇm|z{5CXm 7'bS;=K j*.`T /3a۫͢E?kI, o](w?8mKnnmTUe[ֈ8ӲI3bkU{lj>Oҏ)cT ڸdg X_ϭC_!Y:7vxja !{3f/:|Kۤp6?DJHu$LΊJSh{BC ]ۚmh*6p'e}2tƳxA|k\m͔s YygSS4B!nΌC>ޅ_\#&CyiaVN'?I^.Q",>Z:.>cqq80}zXb6I4 oI#g*gmEۘlzHUqk6 w:Mi^;~(RLdem ٯH=8#j&򵻟<(؃#4ZelG_7#SV SqnvY8am1=Fu?G˹j)Zn _zy0R\)N[1WaW3)cA&UvjVyhsEVqӃeC<_Z@Mٮ %/RHõ)[K)|l~Xy*Nڣ`Òa;8PR過\Lh+{O]4- ;-Ud{JQG#\Fbi2V޲"FXv;@OL6)%@(PE d'rd#ZhQ՘'eTC%+dbezD5֞~L3fKSXKoSq_Szèt&J(9^#8(V[*iT;HR"|5'+yUNߡZr'K-cΜo+T 2vo.NZZ9W#po„%iL(kf֩;@%X ~h{BL˒ }G}i },hnX*3·P1JSc9i;j?s(CJkJRj/^Op\{*jGRhevrAϮJ5} Zm]{[Q\KY.ʞG=-{Eoi5]&!E僑_ЂhDn?KT$ϋ)S\MgV^z2Ž>pM9Pi1I ]Ǚ)bH40F}ò/{VzU%y5`NHj8 K8Vjs= Ex%[LaJ\nj޴,3knD4"tn4'߁I/ϹS#vIMݛ`_zWn *{(Z!mi 7U:3KPȯ;;eJrv y톐t uy (,{nc5%oqΙc}-I]-;ZKsL{J{jq[Z :Ji^xALiA8c.$zpAqzi?h5u/w.wTAN7z~ٺ,czѵyt`'q_i ~ sHIeomS[Wq]MB0:*ͤUz|,7E9t` -577/}g| GJ=Gku]m葇Og|lò6tϧG &jHv&+0m|BtCPMV ,ڄ0d7R@}W6@{v.<:8G8GS%}ELV..û ^.0mXюw/|[XdB؇@Qk(25:ܖӦBr91A&_Ef}*۠w]Nvrڭbԭh6f?ZGw'ݱ67Q)nvbv'>7t%a%]WY:9eivfKv|4HWa2ēsNQc[,;bȞ~]a!й4g4&y>ũrkqN5VWJܑԢ,`0 ,jc(oӖ{1s@:6ye|H"IϹT?] cc0{iL_@c#ypı=ښ KA zf%Aa&5^k^I =cڽ&n,U]ݑlXʃP1MSKߙ[GpY+*ZJs/Cu{-OVdڑl8+pkAt&eX= Ұ`ƭ \"2xqE"$!?YFr2`x32^-r."^\odQ(GkРoGN+CXhLq?vkPOm0+W5 ClEajuHW|] ~@:0y.CKS#)D#gWMYo:.6:z#Zl2NX]E`_iUqAbQ,:$ U>b"K`@̲6P!NWVMܺ&I4#hDž^)HDIyvK2ͥ &.M[Osk gd Ϗz7XTkl}q9؋E6:XzLNmהﵧ Vn6:c0&A6U7r{33'<"*;zѐUMRM:IY 5YL=OγUlׯ M֫sSiѩt(#jَ'FtMl ਒p{}ֻ-]bI}䞁 ha 3Rzq.̈ek#' f}Β/Kid:0*{[_nIH$u:};:@w˨dM{T~bpO@J{([r[ `.Dlxa`M܆ruHMc3Vl, 6;$ztԢ\> Su*m_|wb&E,2B3-D&1fҺmt XƠɊ94.GJ ‹)hm E{Xegj:[k NKM)e#}R9qyb!H=`VusC)V-.-Sw #_364D)}P u$O\Hi֎J.R 8at2r|]@jAs@dI$59_xx6ӷS7 rD0osА8^Rω&"څf^Vt}ХC$3ix!,UI/팜o\H}l6Si^ޒx=}5\yi=?AZgw+^ȥR@|Sl^e [vBo~"PT1XۚPL|o._/b7W͜`J&xW_JpHoTtPl]=yJѱYOgxqP+~BEEXGUv87B{9EM6\Q#ln\[2#t)7hh02bMXnVj^Jt'D\1ո8=웏8g&Z ffiͭFd\>hdt|P  p~/~s@#ڏevMI& ;el#x2Rz{0[RH=Jʪ2pw NKd|!VJ?^f4kˁfŇA$%L ԊC:@'o ŷ o PB2K{WEf'S7Lt5Lu55 "0J*ai4"Gfz9@L]㵍K\cNuI}#&c-*<Y7 @Oe|N-S5K޶hgw,[y_̡QQ7Bmc0L0yˑxܶvN"U:4U0Azm `[?y Da'3Lɫ9Vd~#tRl/#%9=u: 2 f)Ւ{Č  SѧJmGTfv9'|Rv^}u@Ķ±EU:-8KWw#OjB>{LnHNGjmIOC6K6wor2hx9G'U8"e };#﹬̛B˄j'V9*Tl`d"| &,ݬPdui9Ob'4ĸY#r֜FjTFSkWbrwP[s y Nqt7!XX8o+ eAXBgZℍE6߬DDm۾εyg=zKa8bb$j$8Nм"bS fv{D [+ЎCt@ĉEmge [e{Y 7Bwް7x;;yְ?ϳ,@vj kmĨDƩǺ 2״*r4:y;2⤀* %K]k& {Q4 vFt"Fjpd?*v_'J: P?J_ݨpiýX^v>)Ex&zx_Z 7ϘaVu 0ޘX9?/C<^؂ڟdg%bA0y'xk@s&s݄GӣǠ,4R2ӏc -ZbH8#uxQ NORruSy*M NoQj@l&/ɐBAϟ{OU>IN̷`z&g0Jq /(KղE)zXpx쫆8 Ήn#f_/ #\!KޱHX #sJT]i0oj~E.Hܠm!& m7|fEJ `⫸͏%{ۇQl6`³_o>q5A]]_t Obꎌw-[Fi!2X=dƷp0ʃh: ~"V0]PynrSPDAwZ9&(>w|`+͋ {;GoRVW!;{`@2UFf1 Ӻ\f{,Lބ#'Jr-[Dơ;rnQ m& GZG&KwpV[ _-rrxJR xIu} Dok[fؒƠq\Zm~+H|rGOvncPgZN+ vΛ~ΈG+5^'┻yq3 QqտzЪ# }vSE=l2. ƫpiDؓNZ(tp)5Xqb+ 6zR$=-`!~ϟQo᳖{y>9B[ rW bH~wZOW3RbbČswUP[^B:EsgQk+[oxwg1R<[JЯb]@JR=c1fľB]H:Kx&-޿:g2iA-i.XN/9 Πr\DRQ%835{=lg-tMɐ%NY\MNTQ$}O5aaԞߞM<5gAT˧%9iNUu#W!Xm@znf P&ٯj@- #۝fhݛNW(K8 rjqDE_)q;<İϒu0˻զm0Z&c7|cNtt|A pMkz~l^knի<|l\EFX6#>d0_qĒ%$=8*km*ȀXhñ)"V%XD:HP;4s|ƞEDX/?.ZP R$I1/M  ̛Dܸyrs\i~h'jV بh42sOр-H0d4nU>w^%@#;~D8Wk5_mZ\#V6j FI;w4(l/Q=KGpOyxW"̽;Ѐ;HiD묎A_)ƒ1KRZۏXFD&!"MUhy"?|K6Z(LKzhu/+1`Pu3O(=T}93IkSaU,5'C Hm-/a ͥ]f9 KBgekGƎݪ˕cG)`tU EUv@ճ?hy/^ta=F`GX6 `.6`q(l Xq+C%"4.]l'[x`.[oęiUݤt,5I nޡ6D\zsNYcOC=f3u/]kq%u7 U5d/s&: },6 gMc9sf0dJAtaixRWFOAX*vw,|#mN}L00~iAH)gʋ@ | yWI,boatR!@8S''Tkuo::rQổlZDfrnDA}U%Z q{MlDի'6>4nzf@~yW9md h{J5in![.g6\%TCG3t7.ݏ羡כWx/>jz}ae#bF}ro78@oE/I!cijCf7Nttaoܤ#`1oq'CDW{Cd>v.kIra1"/0*zȥz%{)C6ye|X xJWPbgNn٦a8hЏ'ڪ7eO;J^a(2^G7xTMh" t{j$NzJeLOi=vA`1mg JG YTȑB-Ty~fQt?D54 Ks+7{,${tDž]ISMQ<R@+ϞA7d(Șn4uH* P{ZNS]$UUmG9$B9Yg?Q{C%#Q2o'uGHX1O|t5NE&b^rD nr5ԛ/zצ4:z'N+'Tޗs fM4a0.,Le@hwg ɔX -n^iеX2 nOࢄUEK'Z0Z>SD$lA:T+"@T slc^l~La0gNuWOPR1`dO4enlKzlB"1l+zs^Y@cnV;B;jrQMx$WQT 5k$W t l]v]3F@bh 3@H?p+uLOоȋHp@;ۇubuɯ%D|jzIT+7)χxbU6'OUQjz(SoS([cB"+fx".8L2ih ZVgQyc(~P~ӧØ-]xWnK0CI 8  }lDzFp/zӰZs#8\.? _W@/lab ڷdV?ZNӳ);f ƲW狘LN@d}YIL1|wE ..1GK:+ \1F3`!Ӕ[`GLy., WruomymݣXy(K8w:t7Z} Qrt0ǩD/3!l'4>/|5H=|7,Y`[s”) v MKl&1k6g{Q=|mUD8p93& ȥ喕fD C㼣NsͲ${gqHY,0"34b)[)SΔK [ }BzFr6K +朆6Zp`o}"`܍z` =~nTilӳ/?trr>e?6|h}`6*bL|)sa/32Nڨ.ʔtNu J\9 Jbwv#D9}x]w8e)I/hCWb>7D_ ;32bѭ#In 3U(-Z$SC]@^7y{矸x%jE6~G{=ؾWYF$L1~nu~ji I"k N֞~$-{EY4tbNv1gO*`MǿKhx>{04sl 7XFC*>܍} L#lUڙgQRF }HaY$sm\R w"|yLԞE-1@Y:;RHYBcNWպR28 4z(dL?^MWjᄿM(7h_ɢ[.@د=;h0͠^.p&Pj$E->I\˔-ge%eEB 8S\K]b:ФD6gڰn dފnMn{ röL%?éZjsv>{tUݜ@xV ŷIڱ0-9H7'i)~\Ϝ•)Jm`ۉI|R9df(e!(lkUaa\Snq]b--YH\xn{Xz:7^4u#B_HU l>*f|2g/XtZDa DHeZ8>4tqNA[Ts濾N1Y]3T+Mw~2$]+1WUc˜T SmeFk,&11W縋ύdr`,KjngHD% B2'|0U+T ״U-kS,0l|zwQ(T 璻hZ WdFyG59 82 D+#.q8FM6zJi~.Jߋ$/ǧGu#tHo;Vfôڛr"!CG$ qPt:Ye5YCAռSW$ 3CcUgurA2Nla+B@7#'%^p5#]Z{VOf?1B_?\;`,WACop7*W@S~v(>HBo r><]uhD[p,_7ORbn.E&prδc` ika"M\^tHv>J^~_+Kt DAAі#%p4b:jʲyfhaAB pz~& ܽ m"=9X䗭 68i*0#}&oG'EyY)\-=.'[ɹ:Mm 'A#/Zpânnieݳ;"˰)zN7A*Ԓ5g!Ʋ(:V ǣ)y(cB@!t%,iN#=ᖾ*,ruK4L-+ôf*:c~uʼniƂERM~SO!a,pE+ڗ&pBpI'OUh5stz+aWTKEDíZǐwCrr#XSN$՛;´2跻?o*ų}ʋEBã0bd~A(};[=; Z%jm$]Ja(Q<;ÄbGQCɢ+CQ \dSQ[Pu{)Xo o8KMRk_+V;#īAo)ʠ Auʎ/E-O7@p/3B/RyN@ 6r=7k Th3@frpj3O(6(FU#[C["m5NW d4^c$߀2 A zI`h(>rm+݁#Ux@SS2f'."]mOľbFUK6h^HU+suQ8d9_sBS)7oc 0)%`CFux~e?E\/^W:>ȌZ*Rf4CgcreV_fDwm+Urb{^k;/LC=BsDuOZ (?R9jC%,WSDFzI(҆mLVs0&/EDD}F#p8"tK`WLL_ Eaac5իpnj[Ou4K']v$FusyGON&q \d1ˈ\+g[i&S T8}-2`ν̊=Hm\VduzlZ$~vi1BͰn.5 Fs>=6VS,7L8M+2;ꍹyK2?ʭg.e p|$xC^E'oc;wxtz {"O߇AX/-2j> !`c Q2hG{%T[2 AM|0;?JqN%I\jc/ƥN@5VrMɮ&?9܋_'flF/8m~V`7p$*]G;FVo+~.sΘ}@Ovaٳ^^Q,e#ԹT2H ~d24}'J(&'GEX.:F Z=whU_Mu+Ѱ"HHFgWÛQ\&_ddZE?Xrg3H d;Y J%c*07Pie@v. Cyq4O'%2}Oiء8Qs {8kl&J|m.ݦO4"6)*+@AjpUTObY8} 3tF_;NQHZe# S6t~@g$ _)kr&akRkIwB|2.KZ(OR M~2@ 殸~Y?XWZD4|[n{qNI3ƻDkQ~9GM*TmG'YAd"W:E0[? 'a4E@D$,r g|OQq'ILw_o _=}R\ Z|Qyp,c$pzw3}sK*獵yiÊJS-ȿlSa5;9[^(cr-:g?)8SF"Q[vuxXm♄ /mHgHT0^ƽәМhĻZ"TuSiԒu+:7W -7y )(O;fXOU}y胵)Jlb0yɏwVg 1d'ٖػU?U]l^뭓j giAZj'لm8TSYB=\I$cAC?¶D?&zf_[$[FDYc &#`2SQfOD ( qk̞C`I _Y"qҖ-}]te;iܠVG) !9y<=m|5/ 1 c쫭nXI[[E|ƌ@^PUA];2՘w4c1A) O4m6m):"z1yH 4KXӦUK܀#]e $ANP-_%R\S?I{CIh[ z>͚ro_lcE̸^ęoY#;/RjEDVN+:$juo {|C/=/ZWdAmafNFw(S0~WHk)F[ЙMQv[E*%3 b|b]|BV"$$ȾV1+M6V`qxtOl&#v7)>EQQ:]"#,IOXˍ(L˓̿=)\g1;\WVc:$( sjnQM{f1ƯƄ6=X Uc^I':Da" oU5|dh9(]ɫ9<[vR'V0 D0ƃhbeM#y,ѿiĉ =0 {F*oSgsp&~sL{WiRΓdڢ)%ʠ^ u 'SJOãMhFdPbh_XV[ qnM<# ,.$m3S"`;bIT]?fMC&MIra"ï rD3leY _Uݳ&Eޱ|ۑ@u=6F k?ܑw 7[m wCʑ*R)f{2ӛ%M&&kv昻b@ ;G?2\<Tb7*q~?s-E;+ʚqsھ= @+;yѼ#>=BA9D(UU;WnVD;qd;a-aI;8hK :n#~j Y=(!}?Wtac2 kz#wsyA|RL6)ղ YC~ͨf^NYgR: *nZ =m,c-Y쑻dGnx\FhZҀO.^)< 7┟?6  3\P`ANXΥti{omzD9" DR]Ny9\^H^W;+G"_z9)&snkUطζUѮ)Apb>bO)|ldRׅ nBd{[ 9e Qb*}BSA싗0O˻vs$wS eIe~&L'~¦lTğ4HFqBfЂX`R} f:;ۛ-`cأ<o$=D>o̕mw "|D'yЏ~Nߗ{='oٖwǂɕ jlCrIb"'5P q.?Fn< tv\ؖ nk36PPm0#-O)_}ѯlK Һͧ*qUŨ~j P:gE)؅`_QT~K;~L!e4ł\ۢƞ oj9QN(tc&} ܮoTp,*^BtɨyZ$?^38G 7?1O/>)1OS5z F@g8Þ GQq6x>{4)77;;J,˪ta?E?w!&چLRst/ۉP<,s#rYdƑ܀2m f#_nS^ PjZ.rgcr唚Џ0l/%y5zr`Yl\鄸hX ? eAT ҆ sWE1o/2_t?}o GXy: ݤgZ%ô=r6T/mCG<ڪ*aLNP}qu>( .z+ѲjS: hfޏ͢ŴJaaB, ~({mg3C hfyi"yP(ȕN5Hsr^Vld tƧ[ڱvQ[!&vPr1BTm[8_p)6; ~H휔az-A.E7;\[qZ!&߶.sQ#TOD\0 aSMm]h%$S?r4Y~Y;lpT·3[֘ \%uLP|%HPu1:!4ŨW)}f6q^f\AյV+J*#fxjqU'PpRgDL3tO[d09?(셌/gC7޴}} 2=vf8À}5W9pP hmM,qtO4I9ĬZXR Gˆ)r9~`⹾(C /ѓ.+k}ʫ N& . ʫZ1˭yf&,r +\5] ~L|J De=/%Czd;[VB+2Kf7G ޠ5 ՄtmfT-\ڲ^^ }<{FÄWF0>hi ]RZRp5/Nٙb/Zè+̑U66^NG@\ݮ5WAVװisBGmigʺl6imTـF5O֛WW/Rz B+heuu"vd&|y"-C8P%xNKA53S@ׂ1)M%t"DC_dt9|T>@D0[~Va2=rb'>C~ Kg8vv u,ZHcB9G 2PFކ\dQoz@F<OD؎2|55.EA}`Dd/W>U|E)akT\&4Ag7}B3aS+ BRIn cĖ 8&& edWڞcNN`?$:tuX-_9cAy1\Eb!3>ZFJF% u8 a "l{4zƚ.Ĭ% :l1.#D\>F; T{덡1)/Ws.`\^VׅtU[_ w5>M,M D\˝FWWpXT)o&l\&|Ĩ`=E8'"{Hb{*<0HzAyP +LѽVHMI$cHNǎ]?#үQEIG{|8i@իȱw^`mo(6GNE wrOG~Y1qu]Xm -Vڳp5v VRFhl&+uJYЋ^aY:=he+tI9'_;+|LS(zN߉ll^3[1i0v{D% n+?VטU2g;r҅Iԥ")>4:6#h@VY8UCz.k T IFbtdp^GOau$ Cu w(B *r^U\:lb~seݽkF>o'" :& G#XHg̋g&mIuTՂ_-%Ge^1p]kU.e{VzQ3<uqIfQ6=, r0,R5MviG2^}[;X^{]'Xn( s^sZ+K)l/7k S+K|EaYN9kY*[944?L lG?*i8)T%uiLQk ;s^ a9mT$Bڠ}}0\NTȤӁXI󤫤侞݁R6ks#M,"Lۑz>#).pD~5Nrv"l]/yMYJ?MAL#P~K@If:(kǵ~ 2̪>4+EWM3Xc-ahYt  hM +-'uG ݁kỌw,p(ܙ|V){ÐwA:lB>zk"}]" u>qv}pHb{NDg3. CPkXaG+vqx><RU`=8 gblȖ-$5=[ư2& m" θ[)C\>?voYMůD%ݴ6F@g mi )n-kDwQ%ޢ 6s^$x܏s$0T{;*jfDӎi-Cv(,\iэ>lrfH0hayz`#4e7/ӕi<'8RhTՓDT^5%vȃkQjTem2: *ze@ R,W@Q Q7!oup dznUxQ;2JWIJ10;W׵iǠ6X$W +A0CխBSK;GsʱD`G) x#?F=nac\6ɓ 4˕,`x].ގu-a[2#jM<7&S:&)/B ك7AI`NI;m€/9)$Y{*چ95:c'9>j$e=<h#w<j@pu ?(tԇX@݈ʔCGL^-h:Է?^%g!Y"~>C?aɧE D 3A}a>!и>MBm|IB7NGQ? yݽ3$Y^`%#~F>r/RZHnnb#I~1HE1[r-Ua=A?[ӹ!DI^[n?W>ubD{p!|e8/[ 6C2ѯ*lE-ck_5WUPF7bg+> Ud|E=E#.uHDoڿn5`'ȹJ'嵳X%PuN-@Tq\T(!$7l;m'#6.?kEjoy㞖 w_D mI21H`{Q4+) 0˕r6^}X{\mاyppt9i[آ~*akY+ƙ9J/i [dE;- X1 $[:b7SIOV7Ⴧ %!an|T 8sǛ:-!fNfQ4q 0VQUI1pO I7^i$y c6c$kPK9kxT my'RlLEO$]n+mnD C秆8! Ou@\dBOCN\"z!:"! ~THFhX,3r//O5ҸḐx/Nukl$пu$ӧYx/hb h%T\i{fihieo-Gj62o>Ьl~=TV}UG`(kKK^a!*$J;"?\Vvv\-?,׼ ~=gUbGIkx#ЂB%GܦoȜ-9뉆$~+P \dv_Be2V;lf9Hu_zTmG2Y^>`Z }ϳ(RB*As.&;%wJͱmR _Ky؍%;]ݷ'_4Xs3|-%*VM*aRZ9CKܺVXЧY#Ѐ8sڜw&QrAj"2!MV0% a.{FMQ}BN=Y*jI_L_@-lSCc zGdMl?|2s"t5t0g & ݆'% "]Yew7K^7y;岷]`dW6x\,#G4@6Y4"5I&8ƚxs5DI H~{[V^i׾T^ ^o>u$ \rEp…s5'8ϰɦ:WǴKX%+DeR0hk%I` ׊nH/2jeS𹂍tꝝJf'Wju:r]"s/ cA!Bg Gѓ*zU]WɇŽSRSC{ҕE{jJ,t,.Ջ4?On@ͩ 8ITfHOm[zmvPnmp!-aB9vJB$Rz(/],G3LZjRMګ?'1c7 @uXK=LfSk 1`RZĕiٔdp N>yds\^'v7-&^IUU{soc̵wa:&JY%0؆sxo}=WcDeӲBcv[ؤqB]w=a= 7bdP ;*" 7rRǢ02:l }ٳ8bXާ5GU+eH&5`d5@w~E'gy.q[ТA^p4Cr|acrpE[5)`:/I­^d?Gm9L[A2:ܣ?@- ΙMݟ(YJ73`mn"0$6W[, {u&*O1-nLB p,( clhsx(qX1v}b|=i 6-QD5j 2srϗUhayWbpףbsNo+8lZ2pXZ snAmFͯˡYߒ%)ثe8%|r6M)qSy>;elř&x͒< eRuC bh9 ?[u8` >(c$-bpߝ~;?d:)G}s׼ܧ{P~"y W տv-w&tG[\9$J z^so"#i㭛j)vnLêgh4G:]Pzm8 d3N4Hi>V1c$uSw'}8XPR%.T yL-vl1 g6^ʧS8(#:DJXX1'e Dv7ҿ]H#@z8=do+Jq#WO5*r;jDٚFX%@jڌ٪W K $#]YȨ7-9Qm:M$Ađ'N0W |/FLH<3_H^+:c`򙢲VnRTrsbt_ ǁʁYwbpOtVX)a菽KdHʡo~6$ i`(OUX>1Q]!P"(JjlŏH#3RE'-].74dj͍J`l"oMWkENb?>CGpϼzJ㺿|HƖNq@]}CyW#t19T^3`>Qm)/3+_3ᶾ\ \nN7n2̽+hLJ z]2fn5)R[[i@$ܢ2(t!M#Y`6?C4!nl䊆X4n &1n 4 6W((Gf=C܏t 0Fw% ]5V́ͦ}eTLVBϤQl#>Fp0J~JI6 3syV =)zm`X&g // rQD Eb#WQsCb_'pM8B!&9\NβN_Ce5S$&7sjQxq4Sy{lkё2F&"Fݥg&OcVzRrJay(|xx.hY=#+5cdZH$hT 5TjགྷA߿_Udgc ]Gs VO2`a#[}ݴiŇw  )4\nu~lPr˸F8꿁ȼS >4⾑4= iWs6MϵQL\rVGM{DV ޡ}kIv1 ̇@1"Ee?;^1 9_cbgWK֦j+(^uݵdE:w\ϋ{j7;::H䏭$V텅>Hp@pBO_Bfz2ZhP׍zZxX'^ !oy:$GB]_+e?C~D1;xJPr(.$L1֟K5?z!F fL[nb'W>Hzy&QJD˲BG. _I_$h~ 2]KIkJ+l"q[n&k5FʲQ-~\j `m/J"x-3zI@l[ M%M^947(gZ-l|0Ȃ]<؎,CܒqCqY>66[;ik38!S! n}>wUUݯoc)3~c*fm)'+tOPKAkDw9MFmod T/dg˳D]׳ DM`@yWQ>*hkq7uUfWb{p-EW_Iqjܙ)C~aU H?D6Д !?xiB ɺ" +n5Ԍw֝C榘)iR=" i^ Ѭ #;4ɊN5sg._hU"5r^thNoG0 EvAǤR7_HRikR[5>am"lvYdYR Qy{*ؑL @8,41. wyݯ۩xڨ:9U"+h_j,3x'P$tEIZQy!D?U_\5~z.Wr,p$d?F ik{C>)|ʦ2,L362f[yXopl9rߔ'l]Τ.K}~ە+A]͉oVQJ/b89{5; =[ 6[5N0Wy͂f ֭@=i`{r_[Hs1UF-J(qm|T[4>KIk%*j[1$?h-C 9+K,m'|3s8ܩTMVpM,^S^KXg,>Y#}5H@.GB6㌘3ng D$p >)'^-Dݝ>|Ыo kV28Ͼp>HKTÍݭ{9o=e3u!f'Cw[UEãְrA:;#;O/n .D$@z|Ƭ՝7ح2Z@,u`;t8 {ހ ~)Վ_ՄVFSScDo:hPݺ`@TpFVV;!s#"VwJ䮇^ܬ!27K×{yY>ԅdyJËݲ._ 9oիC&ע$Dkche,zKb`ʂhG${ź.z;aݤMmu7֬CJ`s蘾ʎCۍ`\@Gy?bsW-=s[3@zbƜA5-g {a+,u^N?.[2lO9K / r'b@4ؠ#c #Xx%Nʏ-5CW )Yp> 1|pݴAW9!WSԂ('(0nKNֱF'4.oTҹoby|PVʖX"kQ9_ [N_Q{#vS*b~`莘G/Ap E)o 1`6E_h_{O ʹĉ> /LcgT^q{CjMVx!@5>֯oϧ8f)UVvc4(T_"ϟϧl*>Pu/FEA H S! ^z1^LYAۘ`%ZۚА#+u 8xd{tJFN v-g+Ō Zm" +'.o;p?}+'ѮN^aZq\Ml';XTmֿK?09y5i?+Cnk:PYLBn I1o貭/efU͒PVbi'.Q|pk݃.Ee:?pIBEf :PX IY1b^ G%3&¿$3Q3 Q9;ωPj a}ai ZdB 6[ׯ #r$PؙZ;&38!o u?j 鴱avyF j׊2/WF D4FCr@:$i\̠ Y-yK!iAO(ȸ(Y߯h YuuQqΖiyO%rƀ/ZN'`;8bڎ wЍ! /lΫa ;YxH8R%rCN}?J?Q #|kS,šB+,^4ѱHhj *O@6׮*A#=E'e*އW6aqkq݁ |YE@ %}dSi/+}OXԬ'mU.wTبAL3vnNLDOpo:!F0$JP|ÃbK1361|80-D_QIWȈ`0(O@M oLqeV!9ʘg )5 M/6&ETZ}b_!5g_ƚY"T7}X&Leia?i'|urLљ$Em`̲__Ÿ LϳLF0 5drD-e;dJui;F$Z1~¥e4.m"Sf9{>?yٰ0ä*,heŻs׸!lUnU9481EN^^;!M:eHӋX7d .@~<l") FaM tW P US!"<~ܹ^9nŐjF3 g_k{xJxҚ-'&hZ+IbM!gJr#G$KJK@^FX2nuw6vq 'PxPz#[dnM[CEpxD+r(8?؍ yJ9f;eY\w9`ZZm%W/C`w0O >- v`Şw'#鎒B%{9%Xz>Q%ŊN-^^L=1عtm.SV:m8INZ!r@r5T!_dtkeYۭ[ x#BYm Uhz8(qa9ch:EՉ d.#{JF-$TNA"Q&V*0|&*ε?'rK ~%0KRz iZNaVPW=J72KV.L3>xim]H|ɯDÌ ܊ vf0'bmLhAՋn*&3S_,4z\ ٚM! yF_*BuޥLP*Rm)p tGJtwTK~m#Ԃ4ׂXV#:sfBkuvBA }0na2[%=B? x~AhFJ_?<9l%amn|c4båh$ 3+ ҄;YK3OA 1{_a"d5f~țW$Zdvta._A^gmQ*0 ۠f9wn7NgYrs/FOi52\ɞ.yaa@r7|}4ι9Р&jP,|!G)4;96Ȅ|U/Lφ4YWl֥|7(NW2©nʪV9Η#KAKQTmN'koȘїKxvY=6"_f̞"ÿ-=* go_ 6)bYHWkqApJQL?]M>YJ {[|n5j]7 nI^↵I=q` uf_Ŧn3tQi ؙ)K_rKO-La(b=h9 Ӧᱎ .GQ%\a hg~)?AݛL(.ݲ5!Cɿq|ǠD$n$Lϊ1j"jC20ӈ 7(C;{$bt#- >ʇ඼Zƴ3U)P Fy=BmVrÅ]BgYݟ 鍧},2`K+ĭFٯ +H.TbRlo;g.2Aޟo^ bB}I>6$@s|{>ͱ'_(f[~Bs?4Rzh( =Uy)6g8j7>9k|"Kiހ<'0wgh ?G.jIz}wO)%p?X;e*ޑJH@~r;p ťTݫ:e%D~ge0v@==oJې4P~ڞRVb rɀr@i5'lKSPE0]MAi5e\>ƅ(&+T_#J^XA=Uxu F8t׊Kz 28-OGU2-sYpB"yD.7)}~bHKj'jU. +y%,@MS"ޓB[H8缒,^<2I@pE݀5I Y]1:igJ$Faﭙwx-9HP[(E(T' S8|nNԳZ#5L# NMq󕛋w]=88X < :[Gx Og!$b\U *5ۆcfx 0 02zbh?M ΢(T]ŊGz.Y6VF'h6ůB1x"!7%xY0.O!C3:'+}iuxw5--ސ537"g'V Ggabk2݌`(UfWgF@!" oJ~θzPcfEeOV4rCA u1sJz;vaP!5xh%.-'{,'l*A?OIKFn^eˆ.QPD  \Aez.^xNED帓]2yn>^YaiEn&yXc<%s \x"#2tU"/ѢS cNF(T_?r#$^*owTTQ}*e^SAʭo]Ws$6zy㠺臀$; p(×ps~ʺ`=b cJ77{F€= ntŷfF5:S# FP#% Pd0"жIv mP}/* dOIK k*,g݃+0NRa&5MHy_*DZha,ϺI\鳻+ 49Y6XqI`ok/e88ٵ ERCEk%6Pxll x0hʧO +^$Wu9zK;']$(GPgtĸI;r!Au@sixe31raGrc##>AF9#Xo聗*F)dcZ=-ƅlN*L3yMWwX# 8҈km7.W$IG q=d|TCh׵$A3\.@-jÃs|/4&u]Y؋]ۇȗB%*[(b6o}a2=xoi¼WD%U΀:_/li ϲ6kJe,dި\lwˇk^nSwD8 Ndc` 9j .͛耸nnd,1o+A:pÓ>A f[Se*uctѢ-yl>7mO۽%^6Կ,1P)*RZ/)4w^mO_|fY"a-aI uez{K@:h}g_2St%$[{:˩-t<k}l `JI^ k)[@<}Nʗ ,0(Y&PI`nD`'viYxd^.1#=icdaľzAFO5"c"V&[A{HWW)ꂚ]Ҟ *$^a!Oㆼ1$gIoua;x3g_6G|a` 7=S>="ô;(Hݏ~k_%0I(v#|fn .=FkA2%. $r,]K`RUIl8?S +{DHƑvZw!.@wd)`u*0b^<2PZ; ,\3፝2Nlhekw>4l1_VR^`h~8nbv.ۈ칾OIڃxS~T)v<( ύv4Wq{@(oQw"R6@U-VE,ɒˀƃ S p2xНu ZgLˇw7%d&ؔuwz65ӝ4{ >J5E@㵃-u-wI @p>T?QF3`pi%0(-C[т89>!gAŨYǐ% gkKp2Z qZ Of۪620CWwL>@(|G.͡.\aE&ZmN㣊\N 2wDhu分n.Fh{Pr>g>H鞌Q`Q9xIFYܔvlﴖ54 l<4RjaMp^m<S\E6/k_z yiR/! [1]Qr2t(Wq&H ^0X[VPdicV"x1\T) 7vҔR̯sh-]4:F]8M'l*I1_TczF08ŵw=]浦kd^ntWK-ôx3e385ŏ8yt.^VőB[CFs[ЭP/&8MfVdnW$:;B+̧yp`dEr^k9o~y2Ne_ \%&nE5 BK&ƭ6|#=<)[I[ǜ^z*A/\\ g!F{mo-i^{Nj1s&ͩw,b4'guo64P8NԀ 2u͔ },`۫;mm]2aB)=^]|(K*>OM;۹VKdQjbCjF #Sq z*j|t_bj*vl6MC6+O k$˯~Os\MY™̫%pN7z#P#f;cۦu7W/ZQ tXŒ>UIcq"9㈃73(Bћ0b?tș)N9IX/pjM!4j!,',9Q_be hӞ@J 9|hSw|+OrDyez⢾g%Br:X(%n֋$JRv 0ђ\wi^2aKe/7`i<9︕CDrnrp_M&j4ٳƹF!_\6z3T@LlZqԺ b2>2~>n  aȱ^ -%vUIuXEO4 n!2;e5Qw2 v;g+wUA&KY{c{1|(rbYvıQsZE"mK5~.(D0_v.VqUb$g(KAg~:)q&oO_Ou!TG{F btqgD3OTZvŚq˜4+˦)9 vr"\oh@U!>;G3#rjZhw6UUo 6C=8o(oh]W}[F$,޵@~^Dsy_f}<}NLI{f1  m3jMOPS?r$?fa=:mF5p$ΊRm?w;g58+,cXi,KFb}-z7L6&;ή2t$łM-8T2/%!FPC(F>2)URߏ님)5V~7Uv7qh}@W)M$c1!v,F҅Cyq[Xefȋ`dOAT0HiXmx']c29W(*O(y7 !xݲ^RVۖw\#3R1gF=!P%\>J:eu!S!)Py2ug+·1 W2 Gy8Auv #nGOHҒC1,cI=y@j~v@6}[tdc8{S 0fyg!Kַv噥m!M]0wO뾥\~AQ; 9 eT&S d؍̝_/'b]f6oЖb6XռB}]P vT+cV%\#^3]k5>WܵMpTrU B/ۨRL6()Ak"FBVlׅʫ5VұN2q6<9{NajmOውAу^x=@ *Y9vC;_p\M{Cvu5| m^vz=u*)x_kà>x =*nZuX?P;/3"b{fu:Rw: PӔ4O܍k*4"_yZY򁀖TS-dFP^~2k,N䁰>#5ꬌ@s4#ؗsٙnnƂTlBS/P9=NQt~ S4; (gnU5' m=Bܜhguf)3D }<3|ɵPm!LB?LU+L>p@kzW&8.2B-aC: mP:}@ 3"wݎ[ј|F3P"ƴ|QfD"vɔ3L:3j`Mw7JIXQV,X n*(B UJ A_Nưd?Zv,2  r&{gX}fE&,31p\ƳyWWvCdz2%LƘoȽt?qs@uٮU)b#NKd'rI›>K嬺ӦVG#OZ&=cnU:"'BzSluU]%Z}UHl谑!] C $\XAk5 sn(NMj ɢ/(ɾIgS}iuAKhK%6R1f۸rl`| lSje 3 r 5Oꎰp̈́T+}c\˳Q rL2m/|Th6'dӦvA{Q2MVlLvΔ\Tt ?+l[$#rc)nɤm #Է e 6$YMX XH!uvCAEulB7g4@X3&u3flq/ +x2硫 Lg0;`"{AD <\!&P޳ic؞bo KI6U ڂf]*iԽ1T&LaAHDl ۄǦ9ʮ+s]\똩Y"n1oc^2nGb-`dx\.<0j1% LNBS!"(gwH' b- h輚".)#Nt 37vECRdՈr1}G}xlvHχ;ЌN,h}ZJdgvP{jquuT(a,\$s0숻J=_>NŖ\SHDSS8_ M('Bk]&yل_2T | SXs}dD`p8)<⡲_ws,C>*Ql(lnU Hc:∾فLhдu2piV]d2GWE9]ud'X'.m=ӍBA5@m}d  S8,_o2@ \D͙Pվ5ErCxpênpH8T9(cB{Q#_{GohԖ֑S*8ιx}jBӾg^ &,cdT'{$T='e"l녟l#},] Bf˕8rptN_*KO"I'mrҶY-vmFyn#[M`zlWg0,-f ̢ N~#JafJxyR _{$LXWD#|Asr/^BFOP#߰|BXH<(+|z-a +#U7.Hr \MrwJD^ꓨ !T+ӝK8bݓ|N=B;W]Mb57kϸ(_4'gu}8}0܄..\AJL9"dQ.\!7$/-$­l:W\i;d/>ܒm-h_tDZdaotOaxK$2(B׃_e-Pr'eqwƋ4:i,.ƽ9fIpM$xa6Ȱ3GIŽ]+z[a^,5tmAxA) -dt;vBc૶[K6`w=Ey59#ԔZ=>0Ѕ/j Wu4JCQnLL' dg^G$SbBOTqfdoAI}Z۩r lډXC%1v'&B3ԚkvyB4Yv(IG1C p,F m]:>Cʞ7WCDIˍKC iQW4-uq懘!]gp ml8?6x *k04sA"0yBp]_5(oаI]Auφ9ypI[֙9ij3һZ?_ yZ%7]15}Mg/u>ۨa:tͤpyH>71rVbMBj1A%Ȱ-Q!BU*` -\sǧK~p=CI/rrcǒCPSi}7 r@M*=ic*$wV܆֜?Iq}!Xq&#hkٮ{0ȄM"$ғsp-Ƚy'=$x}*UhΒ%6R R•u(^\= S x5y i˪7)+~~El.Kh"eGAH^{{qu14ՋjKH2L/BKfίP5iZ\5EU-ehyMO| N#qWEmPSR?Tdң^ۃϫ|Lc~O|ˬ2t-gxqnZk%"ImXH \ʗ ږ vƛ/ʶѵ3)4RRBZVEATu+lkv)xjԡXqh62I8}_3 wgGaa{)sV@v/tJf@RҮ ;LI/E**N /d f3n{D(7&WWo=N1S,O5^LUh_|0_''j7`${k 9u{D-aX\$>=5:p{ }QjeqJ{y0CO!.ՕyIy6C?_/G  7{Ē}Z J;W)y0V( ?5MMCA~}x댊YMr4QQE}bW5ev @t-ڃU\uO;Z )APq;ݶ 5Map"2!XWx/‘ĵabg29,'ZOQ8^ᖋ>>H^-w+9y4BJ"/+#8AL_Sоl7a+ߓl~|j5; qyZEzhGT˲(Еe!hX0:F(*K!e ŗ6i24l\ \p 0*B?a6A'&φ>ZҌ/ 3@( u1H撡K .yi^T4 L}AT+T"Wub#"1nIa"c,CqT}." I)P. ް&r=련 *k*Ka dN0s s% \U)lk hpxʚ!5͋H*j`ZJ|L(T x6? Wsn,I'S錈Z#X0,f8*2ޅB~5G3.ƸBR@;u79Mdum6*uZ%mg>qa@t<[*||yYZc ;Į أ}_ Fmifܕp'mM޲ɔM|fMPe,G,=kAG=`i ǭa5 Y /DP^۠.Zxy@VRQI8I9 sQ^# ߤPf--h׋ā&;}0lecu}˟(~Um?`я0Gn^fz؛gɳK{zs}H^RCSf*3A7> : +8v#eI7XV^He9jQ1'[ \^af}?D-0Eܸn%JsgcǗgnBH+0O' u؜ sd=off<h eC7 Jp SNhoSlOߏG=}gKW6#H6b) "@c&'Y*Vttv8@CdٺuR|E])SY0)=8U*(HSQO1c lb j); ?Prğ`5@7^V:Ir~m\F\-.fe?T[ɜ/utz**nQSa**\X xb4kY}gu}4s}$T نI6x&@MIG8YR9Mp0w_" qё_i ͓gj17`Nq+m¼H8f`EfM(#..oJsoG72KhL[Lܠ+.{J+] QHdvՃo`zF!FS3 >EU"11v#mW'%<UC9J_5f`":}]a Ӡf=ݮ EVSV Kܳ<*=]0ڗG~6t:NGf/=(A0|~oY8&  ɹXPE.|9u2Hk)hKR<%-[u 2z;!>6)ʯ,3 PقA4+G`N?sVo ^>X~qmaʤA/n,Inh_b؃8/Dj;|ɴ.)kC`_ dËʁb9P& C7"S~b]p_+Ɵf]X.`¹fCEbٓx*/u:0mJZWݎϓ-hb1q{M>SbaBA=^aZgQXHmbe#Fޔ::C^01$V%v-|Yw3f6Hs[ZMw^ 2!"wTc )%_d;UiuF9PluՈm/Kh$c#0t*D^C7VKRǸcU7 R*6gfWS[pp0U#*xsr@ObM̋/w>hA{vD2@+g|.~Pb2պ.%`by/1p.`WtCd˪Uf?ֳߥ:0 kCOJ ÛHvHړ?MmD/t1m. VP?7 ؠ5&!({d9:Q}_xJ ڠRzqIMtlpָOKziTm&pew<(6QJĆ#4ص~gӄU0'Ja;LK6S|sCcܵE|D梺Vu^UwߜycMN]09i D/qۥLA*=B_WR:9w`? FlDs:Reoy:[)ۂ2yPŶzm6Ȅ.ЏkC_@Efrǵ&~o=ީ<7A$\ 2׆$i] 0 ~(M<'gBP%ma~TF=z }j_ݬ5m;ހ0S8(;~93Zg˘(Dž5,}n74䁀0N}xQHP:Je!*"hz JàtG AI-9﷠ɮ2 :A#|,`M7l‡;1&O &~j~RsJޣZ$I%#g DX΄^M9$klqfQc:ղp֗_oc e6$R<0I@7J#+AQ8gnJ'#TO`cp0pTPRVdF7oWeFVeO^c fK^^T-=Ѓ렋!rMOë𖱞T;BpI Jmz\]i~,s wYM7HxeYBlqlXD9Me(EK;QMBlAwgFNx?^7 ka I2ȊXBth3P^,N>,ܚ\8\1@>1/|: ,r2!zB֊w~e!Nhz[Ν= *fdEk+I }M$zdU+Ze=G~pvf9>o,矗[t*}dмN-Fj D7ɢl9X&m~>jH2:semyO 7JMH|q~A0O%ISa߄F!9ӕ|\Jyb6rﯠtx$; u!f)ձC< ixf{hq„ >m M\ބ +H4=tcp:l&yU$ofC4,yW>X:r 9^h41|g*bot*IT&=o%w@0qiO^`s?6*Xu.*(wcj )Ƨ\D\1E4f,*)#H4"/dV₮܅2/h7Ha%n`Ȃ&K,BRK\P ǀ(3seű 3T}gx1 ?E !s hSt+~)")K! wb/]]_Fm~޽lNKLDCvxT! 1`^×DLK>x V0_qn3 >2GN1nkYwӎfQH3(oǸ&)#t.}O\hw%,"'Ot%Ѐ($v)*@Ƀ*gi! .wS+zW%ބsT# H~j)s-KJI##{fN䧫``sb&‡%d{`mP>ukO(@1T \MHKLIc4gm@n|m[ /}_Zɘg: *@꯾=^U8{ {ZKVҘ*[`3$KF&zL#5 R] ?*q!وD٠=ͼ_T$.7t̕P3kE1)O4 uMABWx%>x;Wn3YU!2i`[ >avlk@uK'/`Q4Jhn0R2i `bZK| XsLԒE(;߾`3|zl#!Oy Kf__ Chzz̪(Mx?YOmD8wKR_X*Du_'!LdEv7S4rva17SBQhK$ ғ6'_rF ҽ62`d"=6k@:٫”2?>v+Cv큽lTć+/14pVo`8eZ̸27YuvDoo);r{IFJ&h8Ma\`58or*=İΐY^B%t.~r| أ+x~Kg 7{ Ʈ*G2p(ir3H>kf'>/' M3[EI9r_zSNiQ+4r:[|ݚ6 C,K=? qU).oJ%GҘ_q *x mՋG^dZݩ!"olTsw"u=$o&l>A:t^8`0Oc]*sb!{<%R xPy%qneqk*a PVa7 NK5uy4g{A՞Rn8jwGg 殴#ϱE/A%jl2Cbb )S0w(sCnDC,3, Ml"RgʘX2-'͘ZjTk3,F+6ˏɮ_5dJTpʆl*?/0w`JTpg8Ul_c>>}N7E\B"Rq7x  oޱGXQk%餩 MK2*} 1=gN[3XqEq'Wtw?Ebj85V!LXŎlzfԲ\;l,X3`K8Ͱ3.ԶpU(}a͎ @`~Bn.;xPV/өuR$T ֢Ȧ4<ɤOtO6T̺:BhFRMD/c,_bߠJ!ݞ.ӆ羔D"ʩ>jCvBڎz=Ȧķ!Nza>h]2ȺuH9qr>FUQ=򙫨m_˪ I^GNb KeÈP7 n˳l.Nqx+Ê ?T}[w =WhKM Go]JṎ^Xֺ?LaY1Ёy<{Uj>աp%WBVJLIT&0bNB+R,R٪[Ƨ?#IEVH |E0;eFsl<kclc*)$Fj#Yo( M ^;gDJ?JW;x?PWx*nReZI"Q˱}NJM9"̣dp;?\YcƓ?>i H&8[9k0en2t1K:s0)jUpƟiB)1ڜy<E)QI~>0*aho!x# y 8bDLiM "WIX@6B]:/0מO ( FsurD*ɵ}|[Z U>J7Wi}o {+݌K>v N4uḺ'q偙41!.ɼPfa)v8$FkoZx7Z; g;j(*~`?CZUN!%.#!; :tgx.lZlLk"N(82Ң 2,6MN ,Pq|Pܕ4!HQtQyhFML$Y`Km%;h9KhKE՚iuT@(g"L>f[݆ 痄bt|z/)ᒮ',=UZfLr--z'':a/3Sg*#g%`k0 3^ _u:]M"4!DSk@[–ݨA~[8,yGs8)̗ Y8@hP*ht1&`6+hƫ4+e]gFᰕi8]yeEX=N=H>VjCs -ڷ^yFdd%E2sa*"7 8Jlbq֥+.gSşfx7n0)x E`@'y};fYy}(;$^ȑq^r-_i4kʹ Xt̓=bQ确T0&QQ˲g`1x9I.U}~r%V&I紉%k-4- h̞7(T=-2~_6ϝgq)&; *_ñ׾jTݱ^,nBw\MiuD }{TA"rT,/OZwTT3WᇲB1[kՀ_i%1?ykhW,8 KGФ:'mMjj5jBcdJd ܘ$TS >(x|O'oU7V^4JqC8J"2!8k^tj1tKavUo~cm:/Uj0 Bְ>Pxu5qcsd~eAA h.$ -hkQ]tW/wKbE1 + %(od^" S\@/t|ͺv/"hʐ33|}Aц$iaǼg Wl{-?Ay(jnx4P2oKbD;kiת);6oB2gӻG/ŵV,p@}_d"Q tC|=(\*NT exiS_$=OƖFEtn/'{2 Vُ_WPzG^vRWӳHg*Js$yU;tkD F;BuVYWx.OtgϯnѧYsU[PvPdMKmI\"nyaa JRm;x~-|/"l'Nߵ>5tJZp.?wo{ĘNi[a6cg>Fࠥ@')ҏ U;J_JN\ -ٔ((Gjh߲}CN7W_3m0˅ͶdE{yT҂+';RgL!VAzcj^nd± 8qH.{Es p-*~L'Agy^u=w6Ol=3T 6 mxG,~KGϟD[nH䖮[2dNeZOm2弸J:{WEVh*I dƢzڽ'c3% Kj ,gZ=Tu ~Hriy}]=xq6>-Mij?GjNY򶦵afu3]2?Ǽ<#qrL1<"1^=cm+[:WrriV3M7BacKg=*c&Y4qiz>>S5&OG!5^Cc'X['Q !ҹzITȒanō#3WnI/lI/(mdk&⣏qm ^a` 8+%Fs HAA1̫j,~BUY$IfxSWC`-SE_}jܾt9u.s"C^ϹU-գqgpNL Ծw].ـMjK.ɔnzn!QkaHL ndl?J3]Il`?oD2@_$ ɶ(yJr>d_1ׂ7OQR}<0VRh}!7hg/A}tU*$J,RCVͰ-يnv8WY :V ,3M9'ģjnađiaFK3Z)aŔ[i%ՕyL5kݚ$gխU O!D2 %I{ U(Q'y+b=K3~'R&([X<'CCW5y<Cj5._)yHoI֬#?sM-'jH$¤SY?N ׵C>_U<7TBbJg PpjEFg/t(f{хYӇf27srZg7}v{%W 8;lyewC+e.H%AHuX“;rn7O,d@oP FbD-ᅯ>Ug۲MFM-baц+RR+pLѹ_xd F,5[ ߰G! A 0Y@u 'g|irh?e4Y' 7a4|}KЂ.h\K ׎HQmaM8ɕ?f̕rk7 QX6$"ؖc* 2{,WQM?= 씍&*hjgPDw@?9 :xt{>xt0} Gnz/Q~Z!tx8vBT$xwjY%'4ֆ@;.zsfn0/jN=ȺY¡l! .s9m|!1K܁l8|38ωy`IN"^%/jkP{ABKZ)rUPKUCb0,U %F$ͯ9ydH%ݝN@|/(tx>u>#.K"sBRA?A=S:-9О7F'3lS}oL>UN.wk ?Qx%[n:%<YiDVXC\ 70 )̀kA+%;I"8($=$+2$xSAv#|nPN{'n`i͔lEgO&HΏbcDÙ>3 O)lZK:{n\.YAw+9F÷h?VJ$ HިV[vr->f}&WڙG¡Eycdv 1BL\%C " hïuTP/SIP gU2;잇,P N8΃=Ntpe W_"D3ž~}:?&˾D۽ YEKf z v|@r)w>M/*r1\q/9nY!W9#lrÉ }aҸ݋3 OZ֜g29^N$o6d&b,ɌszXk ieg͡l5bP{tXoZlEς7l89lֽ-̃L-w*f|MZn[@nkAڰ%sJqOx,ИJ"l"oH9sgrs"~GIξ #pdCy\K@$=!ZMC5_o^LL՗yCoTpnAQfPx-=OyT(TrA& Ǣ`~RϔO en#HJMg^םPd-=u;"+'vpkG,Ϥ3 &O'{0S%އ(|bHdpiz Պ<4yڒ.zIrE_TCL/%5]-r,ӵi]/rr_!)+lُE(p{q;k IPƑ4))8 jOi?2*vpy8վQʃ'\pN؁ͻG[\+<>Lo ~08&-M03Gs[,U9ܷ$(+U$\Ν_]irQm-0Xdgo3@9ݖh&7W΃8x6"WBsbTP}_o4RV 57{4}& mI < CMQ !@OWaY]`qI5A0eb L4B 4=au]8gs (">e ;1Kr+/`ߕ=B.: EM̜<4%,lTɒ 1fXeJ`Y(Y1yW7m9qPI.8 ޹L#y- ݑC*%*v9v  kqҨhfT>YsDk84(eF}ku m0JU2@ofl;CkF$'XҚ:݆̎9fN](9I4!#Jf^ɦPWwsPlq-ơs(`q -c?B16^ꫝ_γPLw.k:#d<:4Q]A$4R澜7SGR"ĒEv޲Eб|:3\ݎĕTr?„bM-Mا60"~]4ڙ0NR LAGYnto2"r!9[w}ilzfJz ,8}c R0ݘ†z'` pVrU3!@t#!t*plp*AN={"(KDgEt/]Փ^\]Be1W6ZX'삘TI8xDMǨ 8eV2Xq7?hwp^D EzENVRx t^Ғƒ^=D;wZ K l2TN(`0d(}xZonD12[?vjJi=WS<kc(0&>/k #;2է^uD;~ڢR]T OъjJRi$0a_*T[uwu"ȩT TV~ ̮W(̨ 3_8{d%/LUl: lJ M~Sr[yؾB8нy:S3lqpEn㭀t_Zqé%M-}F2;e)bRIA:9T' 8Gk&1feSuasݩkv`0Gg#\S]%q!=ufldA׽<;hOe'V wŎPe'a$S oBƊ N]f2]vkaYQ&͔K-nYZxpERF uxT)'D 3wl!Z,6zE^qK<7^a̢jo󳤞(] xqثNn2,Nw*Eݯ `p=,L"єeN2 ?( Ě ѦjhOs7v B-"} zBhg.Ž%q!C2/!Q))KqAX"zVJ3 jyijuޫQ>4\:-T{ q&5n]ޘN3OHYM_pg9\2@`a)hOQ⥄Օ΃_8] `W:(Hia IdQ-V;tᖖL8LO1y[۽=xʕ9n# 2SH9)N+ <*Y:o3\d4BFC\% ?>?$,2muWGTwZY|r&C U5B!NUvگhǑ$}=Sշ H߽S?!.&1?]Qd=hF$m^&[a[Ś߶ YZ