apparmor-abstractions-3.0.4-150400.5.9.1 >  A daNp9|3|E?Y8.t YʰP#Z( O^KsGvr{xMxz҆Sy{tH d@ 4Kx%/&l5 _:'Ce+c-|c-#ܢ}\fu?pvG:,ϻ*ƦVc1 Mxa5c'_S%NW=6ni-Ҋ3|BKΜ,nD12b73dc15ac7d2024b901acdea593c43baffffa2b08374f8ef417b1784b2efbe88352048eb6a6146dd68399cbf73142474718ab3VdaNp9|] e6tI{8Yi䦯rUp"UaZ\@tt%,`AJz#TdUZY9}?6(D00;YKmJ9*:'o^M?ggE]:/#h_Â!֐vwek5 qKxh"OmO'n9p= ?d + Y:] s( `    . /1488,:::;(;8;~9=~:G~FΈGΜH I|XY \H]ָ^ݡ bczdefluvzCapparmor-abstractions3.0.4150400.5.9.1AppArmor abstractions and directory structureAppArmor abstractions (common parts used in various profiles) and the /etc/apparmor.d/ directory structure. AppArmor is a file and network mandatory access control mechanism. AppArmor confines processes to the resources allowed by the systems administrator and can constrain the scope of potential security vulnerabilities. This package is part of a suite of tools that used to be named SubDomain.da h01-ch4dTSUSE Linux Enterprise 15SUSE LLC GPL-2.0-only AND LGPL-2.1-or-laterhttps://www.suse.com/Productivity/Securityhttps://launchpad.net/apparmorlinuxnoarchaAN)4{ X.5{ | 3?sXS*=qr| `h.L|D_1E5U S_~n?, 0 79Z=+rpw$5zov3zcAA큤A큤A큤A큤AAA큤A큤A큤A큤d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_d_a786a2fde512336f885805b557b0fc4df6e0c2e21e336bba8d6f9b3c8d637a6610f5c1711820f28ba7382fffb568a8f941bde81fe769e86a6069d9128c882e168cea5b34aaa543b4a5e84ac957008fb77f216e920c27a4d7cf6ed4e0080a736efb6ae34e1acd68392ff40a14def0872099cbb1f4a14db9225e7f9128eca86472b03cb2e6a38a48c2228a3b8f35b964d47fd30f08c98be75470eab70c7a3df60e0402371b88aad0622b0e87a9a3ab2c6f8300d08317f3a36ce51b5c7049d9d907831dd92d6f6f3e0e98bf0959e1f328ac9a1b2c43c3da14bf76e8e3d309badd538e522d19dc3abc846b8e8c854f8b611a364826d30d0ef346a7b5c11235ecfad24886bccd9702bdc41b7008b57ca824b368f61c470ba225002149bea782083514a53a0daa4901aaacf364604bb83d7d2b3fc714dc99b910b4ff3fd231db0481a966d9f2dc99f447b07f0fa4e41905f3b9e374a8983d180a5b5a85abe88fe095acfc42004212e6c17d8d91762ef35a03180a858262fdae60bbb697ab8c0d0fedd36836da4139256543500f6efe43c13e6a21cf3819dd6f36b3e4ab487bb1d65240ff11d508a8865ca3cd294d821da742a0c4c62eb39a0562c0f051edf082a6ef4c3cb121818f0022869d166002f4434cfe4af9e03f0bee5b05930376702d3ad7b14e9f0bd76e04694681626c4f252f363de872ff5e766f1b1885eb0b6e90ea65e20708514f6bef0c7c3dc89d40f96a33fd5c400ebbde8ed482fc7c343d3d5ec4b9e6f7f7cdb9fc229860c0fba829d1b6329c010e38374c4600894416e77cf73daf7350bc23c403b29ef96326baebc72524b92b49aa597d9eb9483be3e7a731232876aa46b39e1fee3f373dc8f2e8197b3dd1d1228c888ca9482213c6fabea94abdf15515ee28e86293cfd3864deb84a85d2b10fe038897f1bff436db08ecc2b1eb1dea117f3177a65e87fdc0e46b3acc02c0b2d595629b58bddee7a574263825e1e4ee25b7612a8ce191738fc7d1cd6cbcb9d45851a07578df81970c4a8e1ea5e4ea290b396889d2d113d50437a3c4c3c44b0fa4685969605ec330df0a9a37240fa256228d13583295cf7e9bbec620e4052fe9245d9fde49ef8b3cc06b3fa0e54b2b4bd7e8c44d7c3de45c5e657450adeb607e70aaad5190417c3012272fdffc9a91c6dbf8216a030d08e925df373c7221547184dda203f17f00f6f8b799c8cf7648a48b1c9e858d1a1bb2bf4a903b63997177d325a69c23d65134e657f41031922061892e83919422a08afa45e74c36d8e01b0b09a855f93d167e501a59e966ecb2078c46bb9249c69cf1b51e1a3c2dfcbedd0c84fa50ed8786941903829b1ee208f2a94dcde082272010ac203b3b131ff0fe713b2d3eb139cfef635ee0146b7971423c766831441f045c8585bde30dd97eadf41a523610cd10e250d6776c8a29b239fcaf83d45bc4a91cb824b4632b7243803fda98acc2ef562dbe5805a20bc7f82a35901c91f53f2154c009f67eef729187526a4f6dda417796ee45fedb30d7eda9d5dc297fb0fb5d15f1a3190dbd2c0f4772497a6c93d9417f4da8b0874a9bc2fb185b81d220d9852e41225b93a91fe4b9cf66e104e7315db1cf751b1a3aa93fdba57db183cacddeea803ef0b51cde333ffac9280f92d8057cfb8b6e8821ae3bbf6ba933fef4ce14faa68d964caabcc27e775c9075cc32a61a9bba58281bd8edf842da305bda5f3ea342ba5cab2cab6e823518133b8a202f0f0bd64afdeb19e0f6c68ba690265b0674cd15ea2aa7708d56ee34265fe5b5d44f30f488355dded04b47261a7131415e2ad4710a567dea4788b7e7322d5a4678e571bea99e065343fcb7e0032cb008542b03398d8090b5b1e093188507a809304cdaaf35ba69a47d33eb422389d0a9acb4f5889adf0c39ad10ee9982f02528978002eb03ffc0b5d32010761b69fa9c4930ca09d2546d62ea4750853ac5fbe5c5b6c20bf90742fd352dccbe906930275119618500029263aff681e7760cee8fc419bc120c56b499929d95fbca438796c28ae452b92bc003f400a47993a630c52cf68b8abcccdf39dc88da548f4da8a7a2d745adf5acbbe2a9c85141177b1024f035275e4e95df22cf60e6fa65fed7794b7a7fb916d926eeb1a5f06126427751c1824a3da5325a72ca8b6def02ca61bedbb04d83dac0a44cc9e9f11ab4de144d09acd9ed408f74a85f5332f1e8c448a554cb5811d11aac5b6600e99031d9a13c3b7158aa26ac9f94a7db3ac439ca05d70c80a981f7ec1624a0f5f8dae49bd5f727704e685265bf1a6268883ebbd684564428866356c8c595f362c0af32f17c46c0bb9b12e41136818110ed545b0b68c523eb325c8369742a4871d33fad1b0d9264698d20ac2906b9eea2cd20945c88bdf4bd0f340d87b1b364462cdcc9b0dacdf0b8ba0c2f674f5c836d73c525489dd8965183a2fe973e870d51f8e4b068efdf6625d984a67fbc4be041e6470afa60ff136592e05441e8bf4fa2e00f76939c74e074c0ef7448565c0187262e3f49c62af16e0f5192d3b91140e20e6a3371be64d92378e023915c0e32ddc2eddf9c3be5a388459bd8b355fc57387a5eb2fd4386f40522f9354cef7ae94eb467924784f3cb56bcc575172006354c12f95b046b2963937e6c81c58621925a3932f1a2e645e0ff9f76cb54181f5ab97c55c93b6e649afa0673c7533c3620bae3413b24f8a01832842cfddbb3cffee6e75b5faa5eec31da023231aac6790afb723a918d0efac0212930089eebb9a51873b4c1a951866887caa8f92f810eb53ff03c22a87c2f1203391532a845b7fcf812414e9cddc96b1ea7a7dccc5781b647445a93a229830ff34958a76cd31ea4097559d473025998d00d6716c5fc88d62506c20d6f60c7aea99a8163683a742ddd7b71627039d1c6e777e6a6e409084ced00884861e1d318fa70a0990c43f948dc4cf567e23c99c5802952a5da20f15711ff73051221cb0bbb23618c201f8315cc96ceb52254bac8dc4f97f0f480a3cd345266012a39214b6ee65503372dd60aa73b7499ebcc287f39f000061a89a3e6cdf496e8a3d44e75019e32e24467e35b8140feda3bc1cd739e5c03c98f1467a47bce416311fa7e78612cc1154a1c0a646afb3b81ecef009fdd035e59511a93ff4d4a230fb19aa015ef997a982ffdcbd34631654e2531cab4faaf549930c76ac2b005c39e9b49a495b6ae708ac9389ba6e4f29e948f8b4dfe8d95a9beb388d3c57a7ef6fa162a2f41338f20df3c08515cb92d0f2d167595db453b6975350ed31c3db215ae57f863dbcf2a1053c4dcc333054fefdb909d8b1fbac8c7f91f3af71f5ac0a0db5c7c475c6fed82f36f09beb8076aa4b63dff4ec636e26c65c396eebe27bf5390253e2ba1757b2a3320eda0c9a583bd083dfa0f4017cb30bd071c95494a97caf62a22902bdd62f4303ba627cd6f18a3a3bd4559ef2d0539115b341b911a9c1930515e4f44c6b1eb8d2be53ba37636fd831bd5a201091ec3a9f7a9c6fa86d04ca5067281340fd02b76ea2e3fe6bf7d69991a93d65121cb30c011af198da2f48e244b11d37668b1cc42457f46f12aacc34310635076997e6f209cc26ddc0a786d90120672da2067ce095e3b76d38f558d91dd97c1528b7507b4ab3e13381258b2ea9fbc7a1cee4958d808da77661d3867ca34b4220c7747744be1109c0b2cc3b447cf5fa24b2e1ccd67bc4b29aba54a6614c91e40569c16f69b7a0f10989b55183ca33c247e9a56f6885ed2336e3edd74a4847c9471c6bdf1c7105aec1aa196ede07ef57c58b1ad408b3212556c957c8e5f4d5b88c7af6a61f7c77e88124514fbf52d558ddd5cff3688a0d9c4d52eeb6f438b48e1fd4916a744ff8a746d3d921fa76afcdc77bb8549c998399df9aa1d9fca989026aa705f3f955a4b816b9d45a8a1758cef2ae21b2f099f45a51a70870066f67a17f7967ebfb6bafbb3e5ed70760dcabf874b506f958fe31c9ea93773c2417b3c552255e45c09f98f8cb0a1a444bd9f987ae7cbaa2b29de416751e539a4207b79d5d446b7fa995ae98bf20665b3d5b5e214684de237ccf996e922a383fcfc142e3469a1a6134f1c4fbef6e5ff530ee6b5de9b86f877ef9535ee08bf30f0e1d64835573f148be09b69ec14ec655afabaceaaf7ab591edafa84354358aa7071b3e83057ad55792df1b657d54379d493e03818a3599f4556d77ea04ee889e10947a63d75d74c62ce87e57f2c5911343272934d4a48040f338227935f9fab57299a7698d74498c0c5c4849b79d9b751dbd8e733e109af9ee057f9c941a684904db28e3badf333483456094c56e892cbf36079083c40495c6f7ef08211c5ef74540afeb7c4544d2c7fa9fd90968729784b9df026e724fa03af40b1a7d6bc6cba29b5729d6e4f9bca17c0f0dfe085ce2eca216484459a6e9ef611bc6158ece7c45553242b48774cc031ae00578ce25d5c4908bb89032cdd8dd2154297e9ff0f75b53c7ce8081fee440a823de1c24acedcd004948d2b80f610f41756b3cd2ecf3753d5b5e0bc1bd1d45079ddcac1daa06e47091c7b3831621ff3db394d3ef6a90474a494ec7e010950ef01c37b2bad5a620e3f5853111e2942f508a9f82ca458a9afa7a820e11f2f62da950f312170fb0b5f11b2200cb44cf6c2669193db1fe534da78e24a801ebf97aef19a58dedd4a6ca1f1b3de9a219f8eb24377ad0f0813c46d5fbf7b20b4c3acb01e98e9506ed4909acbf89c23ebf4fde5cae555130070b2a6ef822885ef818260bd62d831c0bd4bb74699d0c76a8cffb09159947939c732ce9d3b184e71b6871aa497ec9537318e1fe01def0f3366d2d6a13d8c8b7b0f61cb53af03b5b62a797a1106a9275aeab998012bf48ffbef185aebfa16d77de4a4c42c7ac2b4b770128cc4e6807bac64a0d8a1dcccc315414fa99873c5a1416d24ead9b931449ecf95312147fdfeaec1e5ee711639b00313da261699672b55b71e8102bba2b51ada75b2054999fc3d5d5b09f8678756574def3f51f0aab7e4a2eca5a0f6962d1eb2d502126704b2770ca741e8a67cca45c97f00f65180c17b673db777692edf0db611cebac14b491bd83615cce96f7287ac35f26dd2db89ae8acd0fc053603f5fc097fa607ecd48166362e3f2dc7e5dfe1d0c3dec03c7c7bbdc5025e82063a7f70248c8f21534bd5506fb0dc65f55c18908b06e46f9dca7ce440c2e98b0b724ba843a9db669630310f64677bfc35db131305583c477030b23d4e6b4692ad0a4d0231819e1fd5006aa5f8dbcd2219de498794389c8fc32b3563f56b2166f3f8c4ef1d60bf34d6a90e6880b4e2fc8c1923e09a631c6dc8fc11aaa2ac75c86c59f617864979f73da97d2af4ddc7bfbf4cd2a057f82e4500856b3a879a87306a73a76b4fcdf660d949895f128c5fbe8f3bd9d12361bf756846a60a32851fcabfc6f58d5be23c3889f1e4b0864bf4470d076e5d18cb16a44a645891f6ddcaf20ef14a245db0622ade347d77f16d9e4fd8cd9cf50f9828c0b2951fed459b898bc8964b5aa08c885b93fb535dfca0dd48558e72a002e3771b93e88215ac695f38afe0b2bdd044d171c132ed72cd7e5448bafc79a38e958fb6c29046fd6fd7d514c6064064f1e3af29e8b8f87bc3814bfc94f2b2ebac0e97e30537615a9ac0ae12e2c8eb452019e4ae90e1ee6d790f0890ffdbbf710665916e5712ee44e92f2789b7c2049a4018366fd2e2787a21e0bf4a35a60ef853be4b0903780c220157398760b4e2bd39e55d051cbb51786f5674c95595c52b5a221bf15e750734a85604e4806a34f03cbf44004566bf60549dc0ff14a67b7a8e1449697886ef5592e276656bdc8f3dec78755cc3b1d86700053694a762b81a03c28b0522d51a6eda3e3aff5d2ccd1a2f252968563849353e19941dbb92c4a668c8b71ffa828845d98d62e8ecb58cc76c8ff84f4d2e0723d311fd56d514ae174f89b47450394af92044c554a26f288bef5714388a9f6f9d209f8015196f2e391ea02debcebecbf8022ececfee3a08e3973c3bb06d4d8b00539df6ef85035d475ccbb6aafbb88d4f2b5ca0e218aaf44dfa99b3c964e4bb4f3c983d50d3014f0b489cbbcdbdc24bf4ea122fd09e1b7d8897aa1128758731ad52936633b9a0c738605a2a08aad2357df91ca8fbe3bd2c3427d7aac240bf61ec4278709d2ff0f5cd475805497cecedbee49450c218ff3f65e6a8b236254c30442e78fe6acc423dd26bf319230cfbf45481fca564c75968e4becbb5da459a779123479a998542f8b54429510bc4005a8deea6159718cecc0aeeeb8c504444c53660da20944a658a8a42984ef26c302767022864f80a0f53525ae60eb1c4b405443e4e6cd04887fcf1999be00ca55e32223878ab3e1ba05ccbcc3cdc87558386ef113b736b14319fa1aad4f0b09f367147121072dd1ad354e528a16a588c58287896d54de907d3d7b6cb41c8ad57ed4b4a342f6cc849fedd1377c7142b90bd9705b1ab368e32f4cce94f2242c6947b8624985b9c6de2ab4ee01b398dc4703rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootapparmor-3.0.4-150400.5.9.1.src.rpmapparmor-abstractionsconfig(apparmor-abstractions)     /bin/shapparmor-parser(CAP_SYSLOG)config(apparmor-abstractions)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-150400.5.9.13.0.4-14.6.0-14.0-15.2-14.14.3d@d@cbk@bi0@bZbV@bT@bRbBb<]@b@a7aZ@ap@aabaim@aEaaua $@`#@` @````_@`%@`!'`>` @__ǁ_ǁ_Q_h__@_~@_[f_P_-B@_@^m@^@^<@^j$@^,-]҇]o](]K@]]@\\@\ \\v{\I\ include in apache extra profile optional to avoid problems with empty profile directory (boo#1178527)- prepare usrmerge (boo#1029961) * use %_pamdir- update to AppArmor 3.0.1 - minor additions to profiles and abstractions - some bugfixes in libapparmor, apparmor_parser and the aa-* utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1 for the detailed upstream changelog - removed upstream(ed) patches: - changes-since-3.0.0.diff - extra-profiles-fix-Pux.diff - utils-fix-hotkey-conflict.diff- Use apache provided variables for the module_directry: + Use %apache_libexecdir + Add apache-rpm-macros BuildRequires- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in de, id and sv translations (and fix the test) (MR 675) - add extra-profiles-fix-Pux.diff to fix an inactive profile - prevents a crash in aa-logprof and aa-genprof when creating a new profile (MR 676)- update to AppArmor 3.0.0 - introduce feature abi declaration in profiles to enable use of new rule types (for openSUSE: dbus and unix rules) - support xattr attachment conditionals - experimental support for kill and unconfined profile modes - rewritten aa-status (in C), including support for new profile modes - rewritten aa-notify (in python), finally dropping the perl requirement at runtime - new tool aa-features-abi for extracting feature abis from the kernel - update profiles to have profile names and to use 3.0 feature abi - introduce @{etc_ro} and @{etc_rw} profile variables - new profile for php-fpm - several updates to profiles and abstractions (including boo#1166007) - fully support 'include if exists' in the aa-* tools - rewrite handling of alias, include, link and variable rules in the aa-* tools - rewrite and simplify log handling in the aa-logprof and aa-genprof - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 for the detailed upstream changelog - patches: - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0 release up to 3e18c0785abc03ee42a022a67a27a085516a7921 - drop upstreamed usr-etc-abstractions-base-nameservice.diff - drop 2.13-only libapparmor-so-number.diff - refresh apparmor-enable-profile-cache.diff - partially upstreamed - update apparmor-samba-include-permissions-for-shares.diff and apparmor-lessopen-profile.patch - switch to "include if exists" - apparmor-lessopen-profile.patch: add abi rule to lessopen profile - refresh apparmor-lessopen-nfs-workaround.diff - move away very loose apache profile that doesn't even match the apache2 binary path in openSUSE to avoid confusion (boo#872984) - move rewritten aa-status from utils to parser subpackage - add aa-features-abi to parser subpackage - replace perl and libnotify-tools requires with requiring python3-notify2 and python3-psutil (needed by the rewritten aa-notify) - drop ancient cleanup for /etc/init.d/subdomain from parser %pre - drop (never enabled) conditionals to build with python2 and to build the python-apparmor subpackage (upstream dropped python2 support) - drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed - set PYFLAKES path for utils check - add precompiled_cache build conditional to allow faster local builds without using kvm - remove duplicated BuildRequires: swig- update to AppArmor 2.13.5 - add missing permissions to several profiles and abstractions - bugfixes in parser and tools - fix two potential build failures in libapparmor - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5 for the detailed upstream changelog - remove upstream(ed) patches - changes-since-2.13.4.diff - abstractions-X-xauth-mr582.diff - sevdb-caps-mr589.diff - libvirt-leaseshelper.patch - cap_checkpoint_restore.diff - add libapparmor-so-number.diff to fix libapparmor so version (!658)- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656, cap_checkpoint_restore.diff)- %service_del_postun_without_restart only works for Tumbleweed, keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x- Make use of %service_del_postun_without_restart And stop using DISABLE_RESTART_ON_UPDATE as this interface is obsolete.- libvirt-leaseshelper.patch: add /usr/libexec as a path to the libvirt leaseshelper script (jsc#SLE-14253)- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON to severity.db (lp#1890547)- add abstractions-X-xauth-mr582.diff to allow reading the xauth file from its new sddm location (boo#1174290, boo#1174293)- add changes-since-2.13.4.diff with upstream changes and fixes since 2.13.4 up to 5f61bd4c: - add several abstractions related to xdg-open: dbus-network-manager-strict, exo-open, gio-open, gvfs-open, kde-open5, xdg-open - introduce @{run} variable - update dnsmasq and winbindd profile - update mdns, mesa and nameservice abstraction - some bugfixes in the aa-* tools, including a remote bugfix in the YaST AppArmor module (boo#1171315) - drop upstream(ed) patches (now part of changes-since-2.13.4.diff): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-fix-utils-network-test.diff - make-4.3-network.diff - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch - apply usr-etc-abstractions-base-nameservice.diff only for Tumbleweed, but not for Leap 15.x where it's not needed - refresh usr-etc-abstractions-base-nameservice.diff- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)- fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff- update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-* tools - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog - drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff - refresh usr-etc-abstractions-base-nameservice.diff- add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)- Properly pull in full python3 interpreter- add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657)- add usr-etc-abstractions-authentification.diff to allow reading /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)- add abstractions-ssl-certbot-paths.diff - add certbot paths to abstractions/ssl_certs and abstractions/ssl_keys- add apparmor-krb5-conf-d.diff for kerberos client- update to 2.13.3 - profile updates for dnsmasq, dovecot, identd, syslog-ng - new "lsb_release" profile (only used when using "Px -> lsb_release") - fix buggy syntax in tunables/share - several abstraction updates - parser: fix "Px -> foo-bar" (the "-" was rejected before) - several bugfixes in aa-genprof and aa-logprof - some fixes in cache handling - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog - drop upstream(ed) patches: - apparmor-nameservice-resolv-conf-link.patch - profile_filename_cornercase.diff - dnsmasq-libvirtd.diff - dnsmasq-revert-alternation.diff - usrmerge-fixes.diff - libapparmor-swig-4.diff - re-number remaining patches- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751)- Disable LTO (boo#1133091).- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877)- add dnsmasq-revert-alternation.diff: revert path alternation in dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid breaking libvirtd (boo#1127073)- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3)- Use %license instead of %doc [bsc#1082318]- add apparmor-lessopen-nfs-workaround.diff: allow network access in lessopen.sh for reading files on NFS (workaround for boo#1119937 / lp#1784499)- add profile_filename_cornercase.diff: drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (boo#1120472)- netconfig: write resolv.conf to /run with link to /etc (fate#325872, boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]- update to AppArmor 2.13.2 - add profile names to most profiles - update dnsmasq profile (pid file and logfile path) (boo#1111342) - add vulkan abstraction - add letsencrypt certificate path to abstractions/ssl_* - ignore *.orig and *.rej files when loading profiles - fix aa-complain etc. to handle named profiles - several bugfixes and small profile improvements - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.2 for the detailed upstream changelog - remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch- update to 2.13.1 - add qt5 and qt5-compose-cache-write abstractions - add @{uid} and @{uids} kernel var placeholders - several profile and abstraction updates - ignore "abi" rules in parser and tools (instead of erroring out) - utils: fix overwriting of child profile flags if they differ from the main profile - several bugfixes (including boo#1100779) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.1 for the detailed upstream changelog - remove upstream(ed) patches: - aa-teardown-path.diff - fix-apparmor-systemd-perms.diff - logprof-skip-cache-d.diff - fix-samba-profiles.patch - make-pyflakes-happy.diff - dnsmasq-Add-permission-to-open-log-files.patch - refresh apparmor-samba-include-permissions-for-shares.diff - add fix-syntax-error-in-rc.apparmor.functions.patch- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage- Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342)- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)- add fix-samba-profiles.patch - smbd loads new shared libraries. Allow winbindd to access new kerberos credential cache location (boo#1092099)- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing (logprof-skip-cache-d.diff)- add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545)- create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package- update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec)- Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch- add dovecot-stats.diff: - add dovecot/stats profile and allow dovecot to run it (boo#1088161) - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753) - update 32-bit-no-uid.diff with upstream fix- Change of path of rpm in lessopen.sh (boo#1082956)- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is read-only and don't bail out (bsc#1069906, bsc#1074429)- add parser-write-cache-warn-only.diff to make cache write failures a warning instead of an error (boo#1069906, boo#1074429) - reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests" to avoid pulling in several Gnome packages on servers (boo#1067477)- update to AppArmor 2.12 - add support for 'owner' rules in aa-logprof and aa-genprof - add support for includes with absolute path in aa-logprof etc. (lp#1733700) - update aa-decode to also decode PROCTITLE (lp#1736841) - several profile and abstraction updates, including boo#1069470 - preserve errno across aa_*_unref() functions - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.12 for the detailed upstream changelog - drop upstreamed patches: - read_inactive_profile-exactly-once.patch - utils-fix-sorted-save_profiles-regression.diff - lessopen profile: change all 'rix' rules to 'mrix' - add 32-bit-no-uid.diff to fix handling of log events without ouid on 32 bit systems - no longer package static libapparmor.a- update to AppArmor 2.11.95 aka 2.12 beta1 - add JSON interface to aa-logprof and aa-genprof (used by YaST) - drop old YaST interface code - update audio, base and nameservice abstractions - allow @{pid} to match 7-digit pids - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_95 for the detailed upstream changelog - drop upstreamed patches - apparmor-yast-cleanup.patch - apparmor-json-support.patch - nameservice-libtirpc.diff - drop obsolete perl modules (YaST no longer needs them) - drop patches that were only needed by the obsolete perl modules: - apparmor-utils-string-split - apparmor-abstractions-no-multiline.diff - drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in apparmor_parser - refresh utils-fix-sorted-save_profiles-regression.diff - add aa-teardown (new script to unload all profiles) - make ExecStop in apparmor.service a no-op (workaround for a systemd restriction, see boo#996520 and boo#853019 for details) - lessopen profile: allow capability dac_read_search and dac_override, allow groff to execute several helpers (boo#1065388)- read_inactive_profile-exactly-once.patch (bsc#1069346) Perform reading of inactive profiles exactly once.- update to AppArmor 2.11.1 - add permissions to several profiles and abstractions (including lp#1650827 and boo#1057900) - several fixes in the aa-* tools (including lp#1689667, lp#1628286, lp#1661766 and boo#1062667) - fix downgrading/converting of 'unix' rules (will be supported in kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_1 for upstream changelog - remove upstream(ed) patches - upstream-changes-r3616..3628.diff - upstream-changes-r3629..3648.diff - parser-tests-dbus-duplicated-conditionals.diff - apparmor-fix-podsyntax.patch - sshd-profile-drop-local-include-r3615.diff - refresh apparmor-yast-cleanup.patch - add utils-fix-sorted-save_profiles-regression.diff to fix a regression in displaying the "changed profiles" list in aa-logprof- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)- profiles-sockets-temporary-fix.patch to cater to nameservices with the new sockets mediation, until unix rules are upstreamed (boo#1061195)- add apparmor-fix-podsyntax.patch from mailing list to fix compilation with perl 5.26- do not require exact X.Y version of "python3" - require also matching python(abi) which is arguably more important- don't rely on implementation details for reload in %post- add JSON support. Required for FATE#323380. (apparmor-yast-cleanup.patch, apparmor-json-support.patch)- add upstream-changes-r3629..3648.diff: - preserve unknown profiles when reloading apparmor.service (CVE-2017-6507, lp#1668892, boo#1029696) - add aa-remove-unknown utility to unload unknown profiles (lp#1668892) - update nvidia abstraction for newer nvidia drivers - don't enforce ordering of dbus rule attributes in utils (lp#1628286) - add --parser, --base and --Include option to aa-easyprof to allow non-standard paths (useful for tests) (lp#1521031) - move initialization code in apparmor.aa to init_aa(). This allows to run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser don't exist. - several improvements in the utils tests - drop upstreamed python3-drop-re-locale.patch - no longer delete/skip some of the utils tests (to allow this, add parser-tests-dbus-duplicated-conditionals.diff) - add var.mount dependeny to apparmor.service (boo#1016259#c34)- Cleanup spec file: - don't use insserv if we afterwards call systemd, this can have bad side effects - remove dead code - remove now obsolete 'distro' checks - Replace init.d script with new wrapper working with systemd- add python3-drop-re-locale.patch: remove deprecated re.LOCALE flag in Python UI as it was dropped from Python 3.6 (lp#1661766)- Fix RPM groups- add upstream-changes-r3616..3628.diff: - update abstractions/base, abstractions/apache2-common and dovecot profiles - merge ask_the_questions() of aa-logprof and aa-mergeprof - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor - adjust deleting the cache in profiles %post to the new cache location - silence errors when deleting the cache (boo#976914)- split libapparmor into separate spec to get rid of build loop involving mariadb, systemd, apparmor, libapr and mariadb again (see the discussion in SR 448871 for details) - libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but with minimum BuildRequires- update to AppArmor 2.11.0 - apparmor_parser now supports parallel compiles and loads - add full support for dbus, ptrace and signal rules and events to the utils - full rewrite of the file rule handling in the utils - lots of improvements and fixes - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the detailed changelog - patches: - add sshd-profile-drop-local-include-r3615.diff to fix 'make check' - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed - refresh apparmor-abstractions-no-multiline.diff - refresh apparmor-samba-include-permissions-for-shares.diff - spec changes: - aa-unconfined switched to using ss (from iproute2), adjust Recommends: - move libapparmor to /usr/lib*/ - drop %if %suse_version checks for 12.x - change several Obsoletes from %version to < 2.9. Those package names weren't used since years, and 2.9 is still a careful choice - include apparmor.service independent of %suse_version - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires - drop latex2html, texlive-* and w3m BuildRequires - techdoc.txt and techdoc.html not included, drop them from the package - run most of utils/ make check (some tests expect /etc/apparmor.d/ and /sbin/apparmor_parser to exist, skip them) - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests) - drop sed'ing python3 into aa-* shebang (upstreamed) - build binutils - aa-exec is now written in C and lives in /usr/bin/, move it to the apparmor_parser package and create a compability symlink in /usr/sbin/ - aa-exec manpage moved to section 1 - aa-enabled is a small new tool to find out if AppArmor is enabled - package new aa_stack_profile(2) manpage- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/. This is part of the root partition (at least with default partitioning) and should be available earlier than /var/cache/apparmor/ (boo#1015249, boo#980081, bsc#1016259) - add dependency on var-lib.mount to apparmor.service as safety net- update to AppArmor 2.10.2 maintenance release - lots of bugfixes and profile updates (including boo#1000201, boo#1009964, boo#1014463) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details - add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression in aa-unconfined - drop upstream(ed) patches: - changes-since-2.10.1--r3326..3346.diff - changes-since-2.10.1--r3347..3353.diff - libapparmor-fix-import-path.diff (upstream fix is slightly different) - nscd-var-lib.diff - refresh apparmor-abstractions-no-multiline.diff- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed)- add changes-since-2.10.1--r3347..3353.diff with upstream changes and fixes in the 2.10 branch, including - allow writing *.qf files (for disk-based buffering) in syslog-ng profile - add several permissions to the dovecot profiles (deb#835826) - add a missing path in the traceroute profile- add changes-since-2.10.1--r3326..3346.diff with upstream changes and fixes since the 2.10.1 release, including - allow dac_override in winbindd profile (boo#990006#c5) - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since Samba 4.4.x, boo#990006) - abstractions/nameservice: also support ConnMan-managed resolv.conf - let aa-genprof ask about profiles in extra dir (again) - fix aa-logprof "add hat" endless loop (lp#1538306) - honor 'chown' file events in logparser.py - ignore log file events with a request mask of 'send' or 'receive' because they are actually network events (lp#1577051, lp#1582374) - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2) - fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607) (libapparmor-fix-import-path.diff) - refresh apparmor-abstractions-no-multiline.diff - drop upstreamed profiles-ping-inet6-r3449.diff - add %check section - runs libapparmor (including swig bindings), parser and profiles tests - add BuildRequires: perl(Locale::gettext) - needed for parser tests- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)- update to AppArmor 2.10.1 (2.10 branch r3326): - fix incorrect output of child profile names (apparmor_parser -N) which caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) - fix a crash in aa-logprof / logparser.py for change_hat log events (lp#1523297) and log events that look like file events, but aren't (lp#1540562, lp#1525119, lp#1466812) - write unix rules when saving a profile (lp#1522938, boo#954104#c3) - several fixes for variable handling in aa-logprof - map c (create) log events to w instead of a - add python to the "no Px rule" list in logprof.conf - let aa-logprof check for duplicate profiles - let aa-status work without the apparmor.fail python module (boo#971917, lp#1480492) - add permissions in several profiles (including boo#948584, boo#948753, boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and boo#921098#c15). - and many more fixes, see the full changelog at http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 - drop upstream(ed) patches: - fix-initscript-aa_log_end_msg.diff - syslog-ng-profile-boo948584.diff - upstream-profile-updates-r3205-3241.diff - refresh patches: - apparmor-abstractions-no-multiline.diff - apparmor-samba-include-permissions-for-shares.diff - drop libapparmor autogen.sh call (broke the build) and remove libtool BR- add syslog-ng-profile-boo948584.diff - add several permissions needed by latest syslog-ng (boo#948584, boo#948753) - add upstream-profile-updates-r3205-3241.diff with several profile updates: - add /usr/share/locale-bundle/** to abstractions/base - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash - allow dovecot imap to read /run/dovecot/mounts - allow avahi-daemon to write to /run/systemd/notify - allow ntpd to read $PATH directory listings (boo#945592, boo#948752) - update dhclient profile - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568) - and some other small updates - drop upstreamed apparmor-winbindd-r3213.diff (included in the upstream-profile-updates patch)- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript output (boo#862170)- update to AppArmor 2.10 (trunk r3205) - profile names can now contain variables - improved profile compile time in apparmor_parser - lots of improvements, refactoring and bugfixes in the aa-* tools - new apis for managing and loading profile caches into the kernel in libapparmor - lots of profile updates - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the complete changelog with more details - add new apparmor_private.h and the aa_query_label(2), aa_features(3), aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages to libapparmor-devel - drop apparmor-2.5.1-edirectory-profile patch - it's most probably no longer needed (see boo#621394 for details) - drop upstreamed samba-4.2-profiles.diff - refresh apparmor-samba-include-permissions-for-shares.diff- systemd-rpm-macros and %systemd_requires were at the wrong place, move them to the parser package (boo#931792)- update to AppArmor 2.9.2 (2.9 branch r2911) - lots of bugfixes in the parser and the aa-* tools (including boo#918787) - update dovecot and dnsmasq profiles and several abstractions (including boo#911001) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the full changelog - remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and apparmor-fix-stl-ostream.diff - replace GPG key with new AppArmor GPG signing key, see https://launchpad.net/apparmor/+announcement/13404- make sure %service_del_postun doesn't call systemctl try-restart (boo#853019, bare systemd edition) - add samba-4.2-profiles.diff: update samba (winbindd and nmb) profiles for samba 4.2 (boo#921098, boo#923201)- only install apparmor.service for openSUSE > 13.2- Add a native systemd unit which *at the moment* only wraps/masks the early boot script.- add apparmor-fix-stl-ostream.diff which fixes odd uses of std::ostream which are not valid. Fixes build with GCC 5- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)- add Requires: python3 to python3-apparmor package - readline isn't part of python3-base (boo#917577)- add apparmor-changes-since-2.9.1.diff with upstream fixes since the 2.9.1 release - update logparser.py to support changed syslog format (lp#1399027) - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667) - update the mysqld profile - fix network rule description in apparmor.d(5) manpage - drop upstreamed dnsmasq-profile-fixes.patch - update expired GPG key- update to AppArmor 2.9.1 (2.9 branch r2831) - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368) - several fixes and performance improvements in the aa-* utils - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and bnc#908856), useradd, sendmail, man and passwd - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1 for full release notes - refresh dnsmasq-profile-fixes.patch- Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858- delete cache in apparmor-profiles %post (workaround for bnc#904620#c8 / lp#1392042)- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- fix bashism in post script- update to AppArmor 2.9.0 (r2759) - change aa-mergeprof to the final commandline syntax - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several bugs without a formal bugreport) - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java and user-mail abstractions - fix mod_apparmor to not break basic auth - update perl modules to support signal, unix and ptrace rules (bnc#900013) - don't warn about rules not supported by the kernel - fix logging of "audit capability" (lp#1378091) - add support for the "hat" keyword in apparmor.vim - build html version of apparmor.vim manpage again (lp#1366572) - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0 - update apparmor-abstractions-no-multiline.diff - remove upstreamed apparmor-profiles-ntpd-pid-location.diffh01-ch4d 1694064909  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~3.0.4-150400.5.9.13.0.4-150400.5.9.1 apparmor.dabi3.0kernel-5.4-outoftree-networkkernel-5.4-vanillaabstractionsXapache2-commonapparmor_apichange_profileexaminefind_mountpointintrospectis_enabledaspellaudioauthenticationbasebashconsolescryptocups-clientdbusdbus-accessibilitydbus-accessibility-strictdbus-network-manager-strictdbus-sessiondbus-session-strictdbus-strictdconfdovecot-commondri-commondri-enumerateenchantexo-openfcitxfcitx-strictfontsfreedesktop.orggio-opengnomegnupggtkgvfs-openhosts_accessibuskdekde-globals-writekde-icon-cache-writekde-language-writekde-open5kerberosclientldapclientlibpam-systemdlikewisemdnsmesamirmozcmysqlnameservicenisnss-systemdnvidiaopenclopencl-commonopencl-intelopencl-mesaopencl-nvidiaopencl-poclopensslorbit2p11-kitperlphpphp-workerphp5postfix-commonprivate-filesprivate-files-strictpythonqt5qt5-compose-cache-writeqt5-settings-writerecent-documents-writerubysambasamba-rpcdsmbpassssl_certsssl_keyssvn-repositoriesubuntu-bittorrent-clientsubuntu-browsersubuntu-browsers.dchromium-browserjavakdemailtomultimediaplugins-commonproductivitytext-editorsubuntu-integrationubuntu-integration-xuluser-filesubuntu-console-browsersubuntu-console-emailubuntu-emailubuntu-feed-readersubuntu-gnome-terminalubuntu-helpersubuntu-konsoleubuntu-media-playersubuntu-unity7-baseubuntu-unity7-launcherubuntu-unity7-messagingubuntu-xtermuser-downloaduser-mailuser-manpagesuser-tmpuser-writevideovulkanwaylandweb-datawinbindwutmpxadxdg-desktopxdg-opendisablelocaltunablesaliasapparmorfsdovecotetcglobalhomehome.dsite.localkernelvarsmultiarchmultiarch.dsite.localntpdprocrunsecurityfssharesysxdg-user-dirsxdg-user-dirs.dsite.local/etc//etc/apparmor.d//etc/apparmor.d/abi//etc/apparmor.d/abstractions//etc/apparmor.d/abstractions/apparmor_api//etc/apparmor.d/abstractions/ubuntu-browsers.d//etc/apparmor.d/tunables//etc/apparmor.d/tunables/home.d//etc/apparmor.d/tunables/multiarch.d//etc/apparmor.d/tunables/xdg-user-dirs.d/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30575/SUSE_SLE-15-SP4_Update/509e71de7e3059801e8af2f2d82e38e6-apparmor.SUSE_SLE-15-SP4_Updatecpioxz5x86_64-suse-linuxdirectoryASCII text, with very long linesASCII text%Y/'ގ# workaround for bnc#904620#c8 / lp#1392042 rm -f /var/cache/apparmor/* 2>/dev/null #restart_on_update apparmor - but non-broken (bnc#853019) systemctl is-active -q apparmor && systemctl reload apparmor ||:/bin/shutf-8b4dcd20548ba393fb65a311b5a87751caa5d52b9b1852d52403030fa17a7edff?07zXZ !t/⳻n^] crt:bLL (%T-޺ڟ݃8/D i %3KGwZ :DԳ|;}du@d҈8 K޹π#GH!R‘}uk7"OHv;(J~/&H;d MX(&5o PKP)f K^~C`սF89Q9`89 3aFqxm!߹jgz^xZ.@E8+I–*TB\G>in⬮fXa-$68~ GneV(/ cTӛ ˥nۛV%=G~ 6,X<\(jAXOvzx>M~Wj֠^6m]WҚKʕ;h%y6Jzk@m8;5'A!:b^ ?|#+'1X&[Cޫc#ŅfvD~][-nVov nT# !gO*6!FT}GM?ЀB:=ڶr<~ոֻ/-٧r .x bS،qn]Dܒ G7 *?|$B' ?N7:LĶ8ǔ L&}/ ]+[ |_3y^` Il4?{|]D= V&ln9EK)JF/,F))h.|PE)jGz'fɡ}H)#"x4S$5N(uȕp7t O$O@ !Gk_ wtj4*^tן&IV  h8yQ_҇~™\ݡg~\i6 xgpŢ9{1C[:y_y|毡@`+TE6YR%(z7a?K-MhsL 觠jDnsG$+[VsRP0$P0>ʫpmLXi<}٪eմ^|^#sόAaDI A^0MǮ<^FY dܝW?e9Qnk_uC1>!-DYIwbAuejM|+yg_1*Od7 ZB*cs:ȸEuy%}oN_PcEm!Ki]3&@n:F(+C%efZ8{9֧Nf .[_ {V)R eak$Hflu5˯#"7"M]A B^(*.>Hr- d0.jʈ\r/;T҉'uyQO\(ɒ`A-ea*,4lg݇R~tЗ* YIx ~eCgW?$Ճa ?g,^}|`mגwis^wd1Ob4\RNQ#T&(+ S<aْ^5y]yDdLZ:x@$PQ׳u5vo : U,O}!+㔣\]kMTn.l{ITHyEj1x5R#"|JzU< |]pqO>a{AH5 Ic{fsA -͸O.n"*+W LԸvŹ~W\O FxT-gUp-ɥȷȋ,fk=ukVC#UǺqrg$"2jF<ԭw,Ǐ'Q}]ꪅ81L m%r[[2}`:G6# r{2<̰} ꗰMx ܡ)>iž|`uZ_4ɽK9u@b2FvƵU+GUu2G|J.[9w5 G-Ú2"{ 繹m }̶=WQq ⟞N?({wp>ի[Z8hnsth<"$Sf-׺#<#g`y_| C,4hi "zo̮A殜&x <5?+ $XW,8pShcɡGkr_mD"8~_et``{q@bð} $:(h K88Ԙ/k!.i_2H݄d֦!{hx ۘn؏]2lj@h"\otԏ݌f]G|" +w"s}(uP]BmUoC6l}ߏ+a(Eը2sv%3ϱSVs]sR@ft8q[o.նf:y?7{IJXxڎ1hP}}mRW_,B.'[QjjZTX:\@f$;e1N!a\KOe0Q"8Q uT;xbXeO_GJl4DS )Q80Pc2ejy: )jp,FN`ek]PL%e}G35a`a_nm>i :LGO3S{h7G佺tڣ̓]a FKcbQ&եo/=}y2Lx}YY ;SܘlyPc[Ḱ#i,873TW7ru؂ H6FێPQȺmRዔ G\C.zOw*5{ Ϫ0u0 'cTV؉MI|T{d{J9mC41ܙhq`K(='`UdG[~";{%.9YG DM`ohNX8,K٢) Xuia"(? GpErYY$,8GT%3w探JHsx*?~ՊT5ޒOL8[g/!J1-)8dU3)]usf<,ar%dɂBXv &(HC+9O&y۝^6NxJRfC_x'B!Rxi~\s%/MQʞm> Н"Qӡ=+bXNqјiR쀉1HDdU%}H^mpDc0N uiݨ砸fOJWq uFjq8 ,#o|: t4ؖ:pisd@lsUlLo`R9?aбĺrϞ7cb&ΓYHQ2) F_ć 57F (T~kl!kue[~B3W/d  .{m.D_xu@vYە_,*IxVx4mTQQZ\4 =TNc-P(Qnc[)9=~n1yDb\PB`ʹXt!~Xh _&ӶM1keD5<:d5ע(u(v!|Ȯ:z^!jhH?8͖k#8To% w _u ;; r?j-5L[p߼hݏ~ .t+V$ wvhWV)_3Pk ϼ|f4•. A*;*l;t$DH1ZM4^ ڄRln+j-^bk\G Qs;o3&+Rw27#+/w8.#fDr=^ &n&w<4&y@n,ˁa`"㛕X?iQdld}ݔUmV)sR<7 f)߲Yt.FD"3}M);u4dDJͼ/-ج>\(&z ͘pg#B\7.AW.QΤo^i-h =(0΍ I$>NĂü]Q/a 7)7NL~&@X7sI[V¯m7A@Z9Na.^Hsxt\YqRB,I/a ^ߧtP` }$ߐs8tH'ZBMsj&΍!"1q_wT:mu R5, Z[)Ԯg;B:-j\P*s0 :n=$3he+1 3QF#IEZ mp{Әot G_`@Y3x\\w%;Qc5x4yNa?r7@Og[^m|NW0wCƽ.HŊ*Jw,}^ɼ&D[$"O~BzM VfQ Gիu:,u7پ8y~]*3GܴGA!0ُ M]bGr/p70+ CWւ+ ;fYPh1Ɣ?Lug0 QN+J|+#:(t{JQX}A,y@ryJOd˹9&lmܚ3NX'qPX6tHG$qKܭLhhx%K<*wzuG7!ђwp$kL.CGeHHoi4 LgroTW23h:B,2hS͔ (E#ֈErJÀ3z6laZ܇&yO15Pp }YBę+\ko !ăTtdjs}pXH'G{.O#)- 0zn}ǍA9,}raΔz6g:2sfcFdxLdi)pDI<~kр* x]6X!E/S,א$! Ι:vuM&`հHim)z49͐xtKP$4jм*LwVZflX="l; +SF SF;5^a=Da%0$iYgȳf֭֞2.2ooS5V Cdr:w9pnԷ@JrPwQ>Rȧ2%r䕰- BOIs/`| 3|Ġ>x|fהH`P(Tt$_Ny'~VE("Şr X%2aBqHC>jB1mMSǢЁoo=zFoH D0z6J#Xǘߢ`z.oE*H=\?!b"G6gsHf02d "d?~W;Gd;a'N7WAc[qF)?q13 76o|h Qu8c ɓQ;n|w,j,Je=}H8`lXo/F{SϣQ f;g(3=vO_fMgM)h\dXkc@Z("~[rU#j(U 2"pq ܩ~M$EL!H2!b lT9"LAj§:~Il UvO2r :Pu{"ƬtQfYoݮzXIWѱhU871?黗–.DD}zJhȂm=]N4/ PEz*Iwlk| xFsa̾THJcuG15w"qehmP<'3셊{`^vf\4Q^aUdAў="I[œbxJ#,bXV̎rrW pxO^>ݼ&ϯ]8{L]J36qu}3'F Iٍ0# = *l=R'3`fJ,61"'{ |F0КIP5VHcD]GGlf;H^왟&h[2&$ʛju :Qf)ˏ9yDT@FXYD5"1 LC)UzUMcW+J7=3&?;@m0Ab5Gd (V j Z_ja%MӷnX7W5pĸ|#v{Y*2nH9;hvf:66e~?sRWu"ZZ{r`Wȼȕb5;UcGq-~ l,5a>eR,D!?Y7-hoB l)AԱ]+yd Tr1 Zޕx4ZVNPRA/}22I6CdJ-%j$$_6gԔtlu(1Z 4.*ll/{ddP#0ۖ5pu 0xeX\uXi Nx l$fv)#xcG9{^7;C .X&38@ ;q8o m5,*Fsx@0o(YX?Bq;㪑|qeN0pc¥gp)tWYF<_>9e dmYUMJ!A%} G }eUԥ+yĀV?v“1.MOfÉJtbWgk?951ۭ]j#@ӗm-ti[2l={3Ku9j@@! @ K^6(p̾% BW/ajF= ͔rf6Rt$J)55vyF \ulD%+a}:*JXV+ɏx[59< ۸O,HB'S43E\uT8S>{'B9D6Qr.$JL)RaE: dLqT~l A|J(g䇸(RO-7eBf[8cϼfm–⡲wJ4Z X)ȱcMMc*Lu$}l:v !A&qCC7[";ʿ5DvnҹG "ůaf& -NP}&q{W6~[ȑ%,?<; jO2i6KeA̗פ˫ ܞ 5YpM9_b7[  .}pG Gf;%.&BeLN&-10ieYQ}K>1gN~nNPLZ ]p)ւ лx[>>S5Pm9}a';rŔ6Ꙛs 7qШ6^r{YlK\/TZl7Du8M2'䳧nCG`1@α=ad5crʀ 64_"bh1TT?e-Qr|BJruJ dDz(z}<03,֟KkxBKi9l}䀖̼Y_i"lk7vnRm{4?M }Sj/P#t%J'~3ɋ~#c^ꢵ@M%yټV}E8-Ÿe6usʎL{IX' Kz`JƎ ꆯ􁜋)r!|nIi˒f'2V#:8GeՈv(!tZ9;RχCL ;>s_͌L,tĝ=&!O> |@1%K29bRg^fձO*K^~kZ,QT.6 m͞ l. itaȃ?qq +rY }cRGmvG fUST~qpxMG蜍e+3u\%4re TP4 -[fcHx-lH`UY\`"]U75R~WaqE_'#s4#^qtݽ$~N4Hh69zAO:ĴBjѫJ6gAo(*ߊNP"}#RnffryULwkN]+5 -;4F%K(7yVRWr˜ #X4 wނitw<=t5zVȒmnMa)rdZWUp /Hb&ՖM~hTa!k4ǥpER`)-D ;⟟@i.8sPv BbiT3Wp&I#^'魈=^6'NfѤE1QT [LA$H9#;ܧJPTbe,/r|MbOˮhWKs%c{KP`{c|߅~=Q2Bcr$Apc\TvFѻl@rf\6l04ŒHA% XK{rf}r2EPZǐj>0i0:I0Rgs{Z ~Vaⱇ^@W%?ShO)6/ M~MI/ G{VWDц M8<)Yq/)OGsC+. 'gaH~w~ _6wξi US"K'k$r'kE"mta>7%;GoEnZXNxQuwLۅl<9ؒ&J}cw% oO|TQ"@dZ/Y\e 5;Iaͽ+ϲ. 2MQwυ};f>a߿ 59ƅZ)aN (i׊~p$.`{Nʔ/*]Yf( fٔc\ E3S<\)fjICb"LO_PJopLK@ R f6⺆$ݏւĈB\U\l+郢T\<>*y;Vq}q\ k-> 1aYu\ͅD^18Qt!'{weUtqKNԲaD6enCdVT9-Kנ3 DU}3 dmO7QXm퇭`@* 3~R#TFixA?0\*\] Aea7 (5J)RĿajQ@pHeᤖyvPSHȳԆ0r%hKUKQ71DLk[;SiR/Æ !^&9uatR*Jcr[1*+Ha-I<+``Q+݁dz.DV#:3 gu@ wl9yrǹ$õ {Ǔ| eVcpa *c;2LJ:&=)XK[us (,}`gM˭wŰxgXByu8_ 12=]*+ᩚU+Ymh.)$MOBPN]'s&9Gk%ݰ}ƽKS3.,JN\Rϔ !yu'];ChN+ Q ;w֒,l=:EMYEf"gE{m3/$pZ VxZnaRfT?af`Zr Ք$ά*R5'`H̠`HAZ~JDf] +u-Xj+(wʛ%'\#g(:O٣89TP闗xߺ@V(QpJ= y(oIVxDON4 u9\/ Gl,]B8O@!HN|¹<)-@E\" ~&-V֣,I(ʹԇKbH)DbN$Q߈CILZǠ>fmჍ@ _ &# JhZ $>XI4ق+`rZ}tC~dAg"b&42GV'cFwlBڌLȹʽ-yqɥKcBa-đOq!p,Q%E X<c-e7j! XxeKdNHjݻKv:;m:?&pbˊsmyr.ݗbLk@Ly yE{ Br7Wt?B6̤ @ ~RoȿZDKW[xe뿳vM?a,jŒi"]%Y_YTJeW FRфO \(o$.ЙX?|J@ |-ak c]X5IKERuA]~}SwŶ5T𿪭98c/-a{d*? )mR4=QnZҎ~֍]ʃPuGE]؃1` >ϳG̀-_Zqlz>=BE^Up&ѡc ^ 0$Kex M)>:&~^ɬ܀78Q3u54am䬗VF.bcmKzlbGt|ŸKT42tO(IjٚAt+ԥFɤa OP&p\R!Y76AYdC g 4߶gCn",7_|,p|#%sVsb8^ګe1.{|%w x@}9 c-{͡bŗQ]@IHӀ l4j_q*9# 'V5{% 7N9lKu+7SÉ2ո* Em>Nzyкb<G1T9IOWm3엌dM#GHقsu>벎uDvX Hwym%M*U ؝D=W4Y֖Hc)51WEYa-9 S :~ ?=V"p-i1:XmP(:v(jf$z`d&9ޘ/w5UǮ[JY[ ãƌ6{U |cץ# |ןYME;,wZi&tLxLUEBaW1vmSm> R?ۺ lt{Y#c; -WWH1r y`Kv;q T[qw82br+9TO䱎˸f\eHׁ݅vW8H>C@7oh?1EqT*A@Fe:H]k.v^-21ueZh۹c!QiJ.TdW`KD[:7zy'U;>o xh0Ft'`ܢiH=Å dj&GJg B^jY-:Ɠk1;YpJo7S@Vh{s\UD% ruZKg0!喊X_weE!|$|B (q !+ѫMk C':ȃ>Ń]P5* S-mQR^S]˜*$_R=s;nٔ"Nil̞9l(4"V sN$a/GUwF $xP䇵 >j 6 8,l :P_U(0W!s'ƫ?"vb䂘b/=R Ƅ_WIKɎIT '_qloU:v^TUҁ}~&g,rTP9w#o>D;_yhaW0%_u^?sqM-- ?b`?Mɝ[n2Wӻ=Fý4aVXӦp ir&€ #;an$+z(hmD wK|c%)ٱ8HяÌf$۱4eB^}t"`E{}*a%t=T'LIhURH~{ޏ80퟽!}$$"x @>_oo؇t+EՊ H?=\?sJ̘(vq֏j'EPY{AQՀͼG߄>gnV\3U`\ -R6@Uy݇w*C@0?5`\NP;' /ug:8@pGl1yNkV7ҥ %!V8\~񅦗iUz鈆u<}i ѓCu"wHQ/DZߘĒ^ [o(ifVUսS[\G]`jE$ȱsl]-pѭ MWI*cm;=YMY?g|^h{L(ꩧ@5><&(Z'>ȥMbsWǐ1QMޱ fv=YSzcrPtAm|ƾkmE5 Le#iHs R+zhsUs:=*tǨ>dfSgAsrq;OCzI8-_˶6ȹcxGi^boKֆFMcfq_bZ̙e$/ӲlhϹYa@WsTJ'κ7n}YL!~+~pxgJBN+93KZTB `^Ź(biv8R< O6VF(KS{ut(U*v{7TԫPً;yo*2bm>n=o*MtLoo|Pau?z]5qaWA\6ʼ4>ǎ6Vlɤn3~2In V̭|㗯 䉚yx1J2íCXz4QXs`>.Jn߁ &bzՇ\3CRN)JcʧY c]H=k#hOX1{cijfO_h*QE*p}%EEt$tlӃQ+Xj{5O' :"֊s .r T6D(¹ ps4IAw\7z)D!v ]B>`ل C|B`ڬź] wE#v=9hu#+.7f6՟E@8cc" ]=Klt&IPq0^m/&@ĽGiiXk#7> jD;pC)}9tG_ tbt)l{ciLp2, SJKMxDxcS5nH+FŻ˙h.]Π:S#kiq[&Al,f`cu1Z1=T]F ,P6`޵M\qRλQPY¶Nyx3 Oh`&+OF녯mTe-X,+g?C77Cl ^ * +]zd*J%EJ,Mx-^ޫ.>_+~ÚyetvmAxYzgo1~8gof M j̠x`#_3ilhw8%RF8zwcz[T3v|8|$0=yq*Utm?Gz{5/L%C&!܅i7򸩊}Y5Ԝ^S&"=2r T)TB}+yˑUJ6-4 V\ެŁP1 =.80mI$ߐ=*7.O5*Dʑ06zM%\qvCpB_Fwjs6)q0Z PDR=R0w$*?u Z^c냯O W.KK%* !_ܖ-X Al&1~nMuHS=,* U wn=F9c A bu 4d^ GjxY[, `wH-.Iypi $ |/is4ag!?-^GGsM$Nά>|wd=sեՙ2sX.kڲ& >6J?4^΍ӊ`i'){! -:?*l²FsӢcw@)m<E&5=可WAt٩9 eJfFc0ˬ,AޙŨ೺ӑ+'ET8|%6vebtl!說iZMqr47Y{4f֡4]Edh`U/}`d[!rc;g:;r3O7r*_♟Ԗ >> <1 PzRX ,ӫazgb9L~V98i ׵T>mH??33JJf%ↄ9xn|QIėAE|^ShD4FLʎb w#"q?@-zYH)4qDӔTGrx0eZrxH?w)2- $(Pm19َ?e>%šHVO܃|A~qSD` 5]Bkߥґ\_BֻKB2x LI] ZQ8g j\VnX)Ibr%5^Qx"v-9I&=\1 ICyrUDg@0k Xj9ʂd؏cXT]CTF*߶a.ٴ 4{D~6^ݳԣXTYJzRvZ{0Bؗ?s{1 y'G+JkmE Ȧ4y`0SR<ꀆ.RY&m& :yLr4M^b+{+<+%ZJ~ `͛PZ@LLyMcMa$үr;b>Z!;ph2M,Y2쎕VNe)jJ``{{ENd,J`.ܰrKˣ̓ 4-2It| m՟;uWΛf)aJ{77.bH d"v lnl[Mn`D ˉ7sp+ 0LZ7J t3sjoD"yxg+Ɨozo%ZѶ9ƒu$wEӬ"rl|Q_\V6 SЌ?a/JT'_?/=UN('OöۂesoE?*CtXEC"' F#0ۋ)2L{,~ /e-|*Ck3Ϟa dPgdݪw1U(RKLXFνJm gֺ&خk\/iVHi(ƃ[q7,W:e$)mj˪Nꨗ+7R#;hM5Tg&sTE L!!^kϮ6H͠+ 04aEu#RRiN¼TLrV[~\?F\uh`d'S5qT P;]|KgF'esˌ2wȥUT+O1Q1W2vv7MYF#,W7{h:=!s[ТXĺOi^h?M;3HjM@42p>eVΉ.%#WWu~yw;3I.V~ەLGpḻ1pF4&tGQ`b!\3ŨUDd&0Qw'uGehmFϷF<\09[:Qlld%Wyv :8 t@&']Pr;shA5mB9Z07)c ^ u%-P7--o@cD[(z:eoCWH61r^gzsnB>։âU F.DUSK̳hܾC n{IsKAJna3^z9r8_%"QF1:}tVO]_]nߣ& sL1*4W:C&1gGK/`NڎH\Do) X昳g>x-lA'M ,JPBƬ|n79E[? , F 0|P{׃ +wb Ҁ᳻vܰPG#/9Q&UӕwP‚%Xx2:3AK5W–ޛu" B[tI+ئn0W:Ndb1P&cV \RMc,.%PTaDWB.-O5å4Π{/Enޮ?fr 㩧"9cdJ[<1HoO0~=$zm{r[iz8PxiQ߰ `MWRKJ x.bO#,mB?CѝgHDćw!-%Gcdhfڨ1W@y>A~PLTiIJ>Xe{~(̻}{ֶͣ6D@zޡBUVY2N# *X`ӊdpt VjX<{>qu|:GɋA{YugD׫cJ3N$+|ЁwVg wSQ'%]׏l <.=.=<>1baRTLͥk (#WUqcLgkxz. SŌkr~b5rXľˤ p֝á.fԴ_ٽ`C;顏4,Ք.jjk[v\lɁ\ׇBMYj +,e͞2n+ўEԊ =>T$);7p.iY6R B8G&L' z럛{=XqKmz4W]&nɈUZDx-F?BX:ҚdvhA,ԮW`2UPH֓V &YxHZ(Kz EHA3HM~k3eշo9ؐxs,T}N;2 M@nH@7'\ (æ< T-?oQ7۷6"%z#+Nk^ɋ\C!;{Oyz>,7f*\\*Of|%P1A@)evVx\G+5j1nfzjV8>r߮q=bYVu}]:IAu$VvgRxZ@2ZNIt떷TS@/ڮPYJ4cSATT#`\=l  է /U͜_\!3G0f oEtH_{kj6!P,=e! ޵< ( /{IoLbX#' ᰌGwCzFS08S $=GvFgGnQ9Z;zҊXjr8 4nSLex;Tﰪ$n\L;}tvω`)cTvgRjojkPbnеs,32)N)lxhj쨵`p12^2{Qe4s}q(?HK=0h&1~q-warΦF!; nPb.P<+\-_W}Gjܢ8~hkt?*`@=QM`ØszS6w Wty?a" DQAR~3mv'5 V]kz{/f??ضێG4ÂaDu̳ە H|2~օgWȔxrh^ umT'?1u6$Wri'4aێ0򨒗'ވ٧97Z!n̝_=,س \TaU _|s߶c,؇wCqa71/ )k[phb9NջKQ䝩)7vw+můw,ݳ˞-}+CS?h'+8JNK6I׵ lݭZ&V2٩4Yb1.cm̖hTur6C5| gӪQECT$Mؕr ~(Q ̞ U`ekn]VbfcI֥pqֈa[x>̚ #C3mvA-)*?JnCM|7kEL8[31jvWݞXܱO++ Ag[O1N{ q OPEIȃ pgϭPV#0`2~)a' ogU7|t^ёKQE9`Z^Kv ҿZ;'7{ĎE^9nnyiTb28MZR(@rvdl5 oSyl #*@t8ڡ뙩Gϑ"c*N26Ip&CT%Hjyʱ^Dyms9d^n =g) $s3҅!UL×{>2 O`_K!)vsmOJV/t<Ϳf1A*@ AN@:Wik\O,nA!d.6\}Dթf<2=2Z7 3D7]L7F0M[~dѾ0j$Њ~ܽ0T] DeFNF/jg^N.:%V!bD$8ZE~,-W*k{8F  o̡WYg^ K5oQb[ Mf'?8lxy2#-C)Z:b\*qR ^ǙRGIpCn|jMbu&!ڠcؗʴaE2cgl$U1W5sSx0E{1nq7(S x'PSЖB ԣ)9шX5BJvkdPUA-9O#dg7~D=OpV'B N`@++튺i!$ 45R{du4{Be:7LB˭SUɕfpdhKfb`hxp-eS!{` ILŸÉsP69嫋N#jٛP)pUydb9AZQiJ%a]L.#qK /M Gט\moauKCGI|S 3n\"K>7B\LﶕF) 0AOk_f[^_/z/ zI/dD"i¯}{|+IǢhXfۊV8U>qϔE$/]d0Ve=د9u83.Zbv}eC*tcdOC!Fm)@,#E:`.WmZ ew_4쨽],qʥ K>K'֥,zdNk \70C9*RO=K>*S+"Z$*rrfnw*h Y4g YZ