policycoreutils-newrole-3.1-150400.1.5 >  A bvp9|Zr1VT bQEH6V8BzW #aeu-H:|ܳq)boiM_v@ZYߋbnfOL^^*=I3e,U4jyX1j104ГD MzԔ("[XoTg3sOwi)OC :Ql*zhTZr-7i$qKܦz- yڢ}dǭff13912364f3c9a0156e5cfc09ddd1bb5df7023caafd1d1602b15f93225eb0565ee6c307b96a090eba42f41bdff42c62374e989bvĉbvp9|&|ŘBHs1'K`v<8"nPsS_v 8nn?>GBFµSh>͜]Q8P&s p4[z՛kOiBR_ِ9!;l LP%myzhf> NЅ4 oA4Mry6I6"%'ͪxKA[Kb(XH^EsY@J\8>pB??>d ) N )?iow      $8Lt((7$8h'9': '>:_C:gF:oG:H:I:X:Y:\:]:^;b;ac< dPx>`y>p z>>>>>Cpolicycoreutils-newrole3.1150400.1.5The newrole application for RBAC/MLSRBAC/MLS policy machines require newrole as a way of changing the role or level of a logged-in user.bvcabernetSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxppc64le if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/newrole fi x*/큤bvbvbv~bv~0c0171b7579b3c3e2a69df88a47e9516b97b53ac201795b7904b71c98672483572c041d4312c065ef22f5329aab825cd4391f13f9c58e666be74bfeebe237e63f718e568ba9e86aeabffa77aef9ce5c5ef68e5b9e21847f5ca085f21896b4b92dd0663d9211486b6a18050d5a0217dc64419451f152cca982a4e55a5e416ffcbrootrootrootrootrootrootrootrootpolicycoreutils-3.1-150400.1.5.src.rpmconfig(policycoreutils-newrole)policycoreutils-newrolepolicycoreutils-newrole(ppc-64)!@@@@@@@@@    /bin/sh/bin/shconfig(policycoreutils-newrole)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam_misc.so.0()(64bit)libpam_misc.so.0(LIBPAM_MISC_1.0)(64bit)libselinux.so.1()(64bit)libselinux.so.1(LIBSELINUX_1.0)(64bit)permissionspermissionspolicycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.1-150400.1.53.13.0.4-14.6.0-14.0-15.2-14.14.3 /usr/bin/chkstat -n --warn --system -e /usr/bin/newrole 1>&2az_Z@_!d__ @^@^@^f/^^F^W@^M#@]@]@\+@\d\Yz\X)@\R@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@jsegitz@suse.comjsegitz@suse.comkukuk@suse.comjsegitz@suse.comjsegitz@suse.comdimstar@opensuse.orgjsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.comjsegitz@suse.comjengelh@inai.dejsegitz@suse.combwiedemann@suse.comjsegitz@suse.commrueckert@suse.dejsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Add run_init.pamd.patch to adjust to SUSE pam setup. Removed run_init_use_pam_keyinit.patch and included it in the new patch (bsc#1190098)- Add get_os_version.patch get_os_version is implemented in a very RH/Fedora specific way. Ensure that it returns a valid string for SUSE by changing the default. Also remove the RH specific logic when generating HTML versions of the SELinux documentation- Align more with Fedora spec file to get rid of python dependencies in the core system - create new python-utils sub-package - move some tools to devel sub-package - Cleanup dependencies- Proper default permissions for newrole (4755)- Update to version 3.1 * New `setfiles -E` option - treat conflicting specifications as errors, such as where two hardlinks for the same inode have different contexts. * `setsebool -V` reports errors from commit phase * matchpathcon related interfaces are deprecated * New `restorecon -x` option which prevents it from crossing file system * boundaries. * `sepolgen-ifgen` parses a gen_tunable statement as bool * Removed Requires for python3-ipy as the ipaddress module is used. No requires for python-ipaddress as it's assumed this is used only on recent systems * Drop chcat_join.patch, is upstream- Pass the right value for LIBEXECDIR to make / make install instead of trying to move the file around post install. This caters for the planned change of libexecdir to change from /usr/lib to /usr/libexec by injecting the right value no matter what.- Move pp binary to libexec directory instead of lib- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines- Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch- Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available- Package perm_map as it's used by audit2* tools- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)- Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Replace overly complicated %setup calls.- Removed hardcoded python 3.6 path from spec file- Fix build with python 3.7- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)/bin/sh/bin/shcabernet 16519614803.1-150400.1.53.1-150400.1.53.1-150400.1.5newrolenewrolenewrole.1.gznewrole.1.gz/etc/pam.d//usr/bin//usr/share/man/man1//usr/share/man/ru/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP4:GA/standard/95b5d0b12cec2f3b7c51184fe2f6056d-policycoreutilscpioxz5ppc64le-suse-linuxASCII textELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=f9c153ad0888bde9f456ba07371e3bbcc734336b, for GNU/Linux 3.10.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix) R RR RR RRRR9pǁutf-8fd3c2bebb8128cd44b4b6927046fbfa898066769dae8c0d6a12a3751136de9eb?7zXZ !t/737] crv(vX0&3RҤb:g>YEѧV A=]Zʉ[cZuvczf뉉jV[C.%JoP%cq[uXRAh)^q'L,x%zCV5rEo9snlN{ߥjR xP&]*uƯV8ts#dG0 Y?Ȋ^;ƥݔ6_ދjm`GtLkq ?G`S~\Ӯ}f:,M$-FK[VqRf!Ոfq {p?@ <شF1 ~sjg_$ZلNʝCԌk~ut6-FYk!5xw2CyX1eR8[3>Ã/ZLo٪e#W_!6 {dmn> ?-w+D_3a*Iw|zx8j1xfL\bo?^bpׅyH\u^[Ifn,d. 5fCG2 Oʜ#7Njٱwg v;Zf2vMIvm5Yw@%㽢;G#^u0Ri"u T1n~9j`lB2+b5` J=I>Nj^u;D1v]`s߱s @/աUÛd\Y}ox{J_AcPR]!qNBWXSWlϦ|@lU-r9/fr>)!9\EdTG*F[ nL5zh|)~3"<Ǽ&sm@VaЩÚk!mߞ:dts8?3[RՇpat +X̲GapTÐwr{mR~5ˑ WꝢu  XRYVG&p}G5!UҔFAb"Q]^*ў0TJq vzL\R,BVOov=["Q'2EŦ@ \C6>z0MEv[XDNs2}*j퓢]DK"x0b,9;mHIt=F@(Nu첪QC6#r1 # S OFl :a8IV 9vR ȳ\ DGOdqZd6xp>Ù ~6NvxHȖEıwG2'B@9mӞCod3`ΟݻfBIV2[Jd$įƴ0ٌZ78EJ%h)0o/gѨnٗO&gv}ּ >9fJ0ʤT_-)}txh+f9u3u "ghUPG.*Z > U $qsT'0RJ-=̐eĤWjiZ$ TQwhh{{~[^pI̝⟗6|h~يPdV|ȴR40Ң jI$j(]LJM=,;$>lKfSjFN;GoOGN{jמƼd% 9e5jhx0#ה]輲_XmzwLiaeu#6, q1ƥ:9WQ@[|e]ackeJ6UbK04޾Ƥz<2d&ߤ6 76}O\J̩M.Wgs{QwV;Ɉx}a9%t|T?!Cc#C@N]Qaupe}ar~K&XQ , I"(4 \l`p$V̊: 4VXɺaolA1}a.@v6[W`K !.IT1FESsUB G.IFÞ̓ISxaZL$? /Pg\XSon‚~r'N{ʊXq%xVO"Lƴ_vбW53pQaIѡAzzGN@:)G܆U@ sQ1,|GK©Xc"KP9 _LܱD봧iŲGtDE+(;h;G &i)-Z[iՍLEM'@zkl?umܦU-dqa8Fa1dM"F;sCk XJBJ2bi]4SA\y:g z4Ey381]vI2NPM:T?98R~kg1DҢjY -! )˅m cW)Ted<@.Jy? 0X$'_v0I e z-g髢DN0L ΉB)tZ~ A16]@b}( گӭd\ȥWu;fz&s?PȮ(8wj8__}bA?2.1.3)#Idb~m DA۬/_i9,}1\\=Yae{Q>\mDENpEgI>.kfgmU*Ŷ \ [W1ټ`[5hK _Rp\s^c&2L+)u dzUiZd}c#Im$YW e&T,,v5-t2 ;xVjXj`!$Qbw+l@Ѣ{G bD@ }/I<)@`)ę};e{Ly@;3=D'\>oI>2 I`VM ՃE{oKTil&TtOmɫzpۖ+Rݽ.t_R)0gQMzv,7N5 4U$)|J= n>jKm8є6CͫyBzͲoK^|x{C9ղ}<Vb- țvS2;^vx +xOf) [3/.N&~gm`6S;8-! V\6ڑb,xJy"T'֜Yxm/3qh*aLPόJK_}@R?ʽ_o4(zf̦tbx˥؆oC40+H]=64zwȝn -D8t 'sT6Cg8ldbwgۍя%U܃) 9=@~C LzKڵ\GXc,V/z*HI2#:8ITeN_Lb gJ Yc6޴i휄CK( [n6鹥P"j ktv#)-K{eвB<.E*ȋNhS+G:sIr#.6~; I6hX9BU'n6[!=Qn.)J֓ (bV![ [ʱibNz)إ8u˒i0_z{=^pBЪtܩ3ngzϯ# Ib2:_0 "&*`#<,ny} oFEiRAXf/wUT SV6”8-b8,Œ_ LTly8L?9GX*]_ئT׹enˤWJK.% )CoZFy 5MG]TiԱU>Cêk :#a"ir A7Ju.QJ|Iunm23(/#vVoR4x/7X(5moo8- HAL%nVmVRV˓F\-+~A-<._V?&^FkMezex9sWn d ZH u5O"M8(=}˖J|6Ri-&2_H]}J7tIƟ7+]zYH}"8GF [R(\TIiht uݹh9ҏ.FP8 b8ʣ) oɧw _{&oY1{OF\˭+ˊT0@)S{*鐢ItN":σOz[z]Ns>֢2S!W(ywdgԘmqŘ4)F)߷HNH8ց;ׅ򘺌ٔ|"af??0"ėhOK4VTZAAXٽ 1T}ˇKfx!\-Ie>b34 V??CCPil4}s"Q(5~w[y- sEW`.FwW[}"꜆<XDzH'][Ee|n_XDԣXbcG{ΪUCS@~'%xLZ\,r뛈B, "?lMn^((؈h ZIxwq,b:eXΕ103!3C߉*MS=`H4)͖ -5lᇇ(b~TsR:S& ^]Hg] H&0T0s^Lk}R-]B-Kݽ*=~\6H?{KMY)u~sTcce'tj[TK5}1> CD .{4brmtDnEuiIf{ ݯ#U ^g4Ѿ[EԕQM}:=Waľh1T2mgg_Ђ/F`dž"iFTG'5ӱRbHBsx7ݓWofT7lxyyvde ޓW`&H Rlgԅ8ƼqR3~RAwYb^=XlK6#;*D'9DƼ6+ӇJTzFLVܺMZB;왡A/]E7;[O183s2.?T> m[٘k*_G(' (Os'qK[֔ ༏cGHw8G?ԪS81t;֥e?+9 `% ;mL1jV3$pb~'sό ^W4t8I-h鍅-':ϓ9:?1,h`ݲip-=2=0m׎ U+(fKZy>4͌kO}U(W:(\7%a%L4Rxw#s`+7Y ݣrBpƼlVcQۆ)KjuOQHmO=ɳz"K"'MPo,ЬҤU7;wg[-HI66o=cΊN6CPɳxl[g_~& pk::[&/}i! ~cjh"zm}yV{ޒoٞd7yZaA599{ʱl*:^ ((D$$2x}xAkѣ?ޔ#|ePnxaIq' > 4suJ^=VAk3E:cZk PQHOvc,s`fG0E|?YBQE\WNe?U1i/o4}-Sd\s01xtߔNx~//b q773?}c#މW΂2B {6ޱ)trǥ4N$ |̈́IGy{:+rof,<=\L?Xr7:7$4a&vgGs-iQ7Fý.Zӵ#WuVJ)ͤ2W؀n0yX 7 P_&R@1"XօXlk-ׂ . wH,UwF$-@7:*@67a-C d&Dɲ|tτQxK,u NfMƼQBr\nH7u3q|tmY]dzQ*Nq@_eB\Ą%'oi'[?l"7-{G\`Q a@t^@Z|p)Qq}?-^IR!j:k)`EHKY}u{m7ֺ2 D12ۈiUf#oYEk&iY! MQl$mƭqwXllZU~?9$GlT+s9`CPO5*,J"wIG)jᶥcadݕdb-<*c^?<=yRzzq`$jf3C'͡KR>F⍜hoW*gsZ5i LG8^gt޻v|0oJotH)-T<׸ VlIw_*FXqMtXH_7Ȭ%luhsVJ\o| *ݶ 6 $XzN]f[F|fgr%ž6 =F PmW*g~5{wfg%k n9_@sM$870|t ,L9o?\P_td 3BTJ'$^SvlBڒH*SEɰ(gYpfY'\ۘPJ$>}0b>Lh'aߝXZx*_lh/T̑1Lp YK1a.Xb7E z*im"ܽZ162B|V*"@O?|ޒ9cNH*2 ̎JJvhbkW$o#ልucG!PSPITJ%b=tHU:Ky1L}Gm$lM׵!Fw>Wɡ`P}&qKjCElR_kpgt$=m;#T{m}M5@-k#qP;*ǽh5v, _x&|jN1J+}ȏLn?ج䭸*ms Dj)Ս%%Nrfn[ڕҘy=p(o&Yi|YsAJ.va n5"I@t4ۿ/ m@75%@Zw?:'VȗsUrN'` 4g0v=ka_Iyg6Oh%ЪEE{3pȬ%|(`r1'_8e4ʄ*;0M_")dNȱv `kɧ< bܕnĦKd3")Ñ 9QYf&-Ebκ%\?E2X'2c;ʖbHo;yˊH֧y'*] 骩Q|]et Jj͎jL\(m-zw'۞.W⟟>"=2U?4t~<79k]/[*=g a -=h}$D\Y*J#n1ѤteL W_ps\. Pb촒xt]hLDŅ N(?YP7{g!t8mEx`Ǟ!C.Ԋռ; ѤhcUaMȸNFgSEc\[98|m?6~62J%Z<]'H ~fonՍK$摉mAG 6n#@0+2"ypOFM1UӪwRR  GyjǟI[?]!Ow2d^Pg:Wl/>oc>k7G*3(PX!Xe\R!)bvs?hdsw!2D~%=d:ELGP&_nُ‚bHڿ/dᙴD@bE7<58v >ՉUHdUan8_W.͗q($.X>((nHcO[CZ~vq.5I8h ěfzua="i#D2a8o /gp䬣/ƾXD_v\gK -xOڪğ ގ)|/8w]t!`łΧ:%6>*d%Pr&$ +)R@HLәFt=WMVrHI ]|@E[ma6^aA$}.eCPvsV`;@˹ˊ";Gx7Η";XIsaw`ȌCie |uU&`9N؛_iLuu(?[="j@\vRXhd&Ĝ]J)GK0bd@aPcEICi% oO=L+s¹E ,EX3[, .%E#XwY.O9=Fb'm-@v=~a ЍYB=C0˱m=S5,HbjjXL SO#8E1猝tB0&[EQ,3h(mhM]XVc)xe$C "놫c,@>jMC'W-DPMo{?@ elw\lPzJ4A;rd۰"Ʀe?R2Avzljj E3*`[Zj/ H8y CT6eôi>٘ӹt3N3,9=ue֐t;hp& $T_ ;KL ؒiOhԦUSX7|$ZdЅ"Ia4Kx`. ۨL,*0?CJ A-l¥c#^YثlԈ-5vfFQR~_n"o;<'O09ʖ?2ɟBlQ'`k[X gfW3 vexD򭡿ױjz30k@2ebW& xFC?lr'- 8N b>lk{my,rjX8`ʄ)xRZA&H_3P!Q*UG4݇RvjB1J9G?S@f a"L{EaH |ֽfԶ YZ