sssd-krb5-1.11.2-68.el7_0.6> H HtxHFT[ ?*}}CŽ^0W'^TNvܞeffb41d99c4d2f5a5ec9ee632bc4f9ade8df98a1Zs gV-隈FT[ ?*}}-" sR" e&%H= {O0x^o><?d   P &DJTp ~   / 8Tw \?(89 :;G,HHIdXtYр\Ѩ]^(bdӌeӑfӔlӖtӰuvwՈxդyCsssd-krb51.11.268.el7_0.6The Kerberos authentication back end for the SSSDProvides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.T[V sl7-kojislave01.fnal.gov/Scientific LinuxScientific LinuxGPLv3+Scientific LinuxApplications/Systemhttp://fedorahosted.org/sssd/linuxx86_64K|,A큤T[UT[VRqT[UT[UT[UT[U06b0d9550d393fe84ffe9d616a99ba2df9884370bdd87bd8588190b5aea9027c8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b9030403a05c952da4a8bb95654466042bdf87b04c23d33bedbc9b77deca11341ab9a4208ffbead1d354742af9ea4c2b2a7be7e329958febf772e52542bf97ba667908fa6d4869eba16c86e2073d53ed2229099d7fa98b77402dde44b0a25a7bbe5a7942aa77def10aa3dcd15f6ed6b80722cfbaad9568d64da13eebfc2c505b1989rootrootrootrootrootrootrootrootrootrootrootrootrootrootsssd-1.11.2-68.el7_0.6.src.rpmlibsss_krb5.so()(64bit)sssd-krb5sssd-krb5(x86-64)@@@@@@@@@@@@@   @ libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcom_err.so.2()(64bit)libdhash.so.1()(64bit)libdl.so.2()(64bit)libk5crypto.so.3()(64bit)libkeyutils.so.1()(64bit)libkrb5.so.3()(64bit)libkrb5.so.3(krb5_3_MIT)(64bit)libsss_krb5_common.so()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rtld(GNU_HASH)sssd-commonsssd-krb5-commonrpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-11.11.2-68.el7_0.61.11.2-68.el7_0.65.2-1sssd1.10.0-8.beta24.11.1T=@S|@S|@S|@Sr @Sr @Sr @Sr @S;S;S2@S2@S,)S!S L@SSS@S@S@S@S@S @S @S @S @S @S @S @S @SSSRb@Rb@Rb@R@R@R@R@RURURUR߲RRRx@Rx@Rx@RΏ@RΏ@RΏ@R=R=RkRRRR@R@R@R@R@Rv@Rv@Rv@Rv@Rv@Rv@Rv@Rv@Rv@RpREs@REs@R7Q@Q@Q@Q@Q@QQLQکQQQo@Q)@Q@QQ@Q@QbQyQV@Q'@QQQnQZ@Q0@QQQ@Q@QQ @QQh@PP@P@P@Pz@Pz@PqnPl(PaPaPS@PH@PDPM>M2@MMzMx@Mj - 1.11.2-68.6Jakub Hrozek - 1.11.2-68.5Jakub Hrozek - 1.11.2-68.4Jakub Hrozek - 1.11.2-68.3Jakub Hrozek - 1.11.2-68.2Jakub Hrozek - 1.11.2-68.1Jakub Hrozek - 1.11.2-67Jakub Hrozek - 1.11.2-66Jakub Hrozek - 1.11.2-65Jakub Hrozek - 1.11.2-64Sumit Bose - 1.11.2-63Sumit Bose - 1.11.2-62Jakub Hrozek - 1.11.2-61Jakub Hrozek - 1.11.2-60Jakub Hrozek - 1.11.2-59Jakub Hrozek - 1.11.2-58Jakub Hrozek - 1.11.2-57Jakub Hrozek - 1.11.2-56Jakub Hrozek - 1.11.2-55Jakub Hrozek - 1.11.2-54Jakub Hrozek - 1.11.2-53Jakub Hrozek - 1.11.2-52Jakub Hrozek - 1.11.2-51Jakub Hrozek - 1.11.2-50Jakub Hrozek - 1.11.2-49Jakub Hrozek - 1.11.2-48Jakub Hrozek - 1.11.2-47Jakub Hrozek - 1.11.2-46Jakub Hrozek - 1.11.2-45Jakub Hrozek - 1.11.2-44Jakub Hrozek - 1.11.2-43Jakub Hrozek - 1.11.2-42Jakub Hrozek - 1.11.2-41Jakub Hrozek - 1.11.2-40Jakub Hrozek - 1.11.2-39Jakub Hrozek - 1.11.2-38Jakub Hrozek - 1.11.2-37Jakub Hrozek - 1.11.2-36Jakub Hrozek - 1.11.2-35Jakub Hrozek - 1.11.2-34Daniel Mach - 1.11.2-33Jakub Hrozek - 1.11.2-32Jakub Hrozek - 1.11.2-31Jakub Hrozek - 1.11.2-30Jakub Hrozek - 1.11.2-29Jakub Hrozek - 1.11.2-28Jakub Hrozek - 1.11.2-27Jakub Hrozek - 1.11.2-26Jakub Hrozek - 1.11.2-25Jakub Hrozek - 1.11.2-24Jakub Hrozek - 1.11.2-23Jakub Hrozek - 1.11.2-22Jakub Hrozek - 1.11.2-21Jakub Hrozek - 1.11.2-20Daniel Mach - 1.11.2-19Jakub Hrozek - 1.11.2-18Jakub Hrozek - 1.11.2-17Jakub Hrozek - 1.11.2-16Jakub Hrozek - 1.11.2-15Jakub Hrozek - 1.11.2-14Jakub Hrozek - 1.11.2-13Jakub Hrozek - 1.11.2-12Jakub Hrozek - 1.11.2-11Jakub Hrozek - 1.11.2-10Jakub Hrozek - 1.11.2-9Jakub Hrozek - 1.11.2-8Jakub Hrozek - 1.11.2-7Jakub Hrozek - 1.11.2-6Jakub Hrozek - 1.11.2-5Jakub Hrozek - 1.11.2-4Jakub Hrozek - 1.11.2-3Jakub Hrozek - 1.11.2-2Jakub Hrozek - 1.11.2-1Jakub Hrozek - 1.11.1-2Jakub Hrozek - 1.11.1-1Jakub Hrozek - 1.11.0-1Jakub Hrozek - 1.11.0.1beta2Jakub Hrozek - 1.10.1-5Jakub Hrozek - 1.10.1-4Jakub Hrozek - 1.10.1-3Jakub Hrozek - 1.10.1-2Jakub Hrozek - 1.10.1-1Jakub Hrozek - 1.10.0-18Jakub Hrozek - 1.10.0-17Stephen Gallagher - 1.10.0-16Stephen Gallagher - 1.10.0-15Stephen Gallagher - 1.10.0-14Jakub Hrozek - 1.10.0-13Dan Horák - 1.10.0-12.beta2Jakub Hrozek - 1.10.0-11.beta2Jakub Hrozek - 1.10.0-10.beta2Jakub Hrozek - 1.10.0-9.beta2Jakub Hrozek - 1.10.0-8.beta2Jakub Hrozek - 1.10.0-7.beta1Jakub Hrozek - 1.10.0-6.beta1Jakub Hrozek - 1.10.0-5.beta1Jakub Hrozek - 1.10.0-4.beta1Jakub Hrozek - 1.10.0-3.beta1Jakub Hrozek - 1.10.0-2.alpha1Jakub Hrozek - 1.10.0-1.alpha1Stephen Gallagher - 1.9.4-9Jakub Hrozek - 1.9.4-8Jakub Hrozek - 1.9.4-7Jakub Hrozek - 1.9.4-6Jakub Hrozek - 1.9.4-5Jakub Hrozek - 1.9.4-4Jakub Hrozek - 1.9.4-3Jakub Hrozek - 1.9.4-2Jakub Hrozek - 1.9.4-1Jakub Hrozek - 1.9.3-1Jakub Hrozek - 1.9.2-5Jakub Hrozek - 1.9.2-4Jakub Hrozek - 1.9.2-3Jakub Hrozek - 1.9.2-2Jakub Hrozek - 1.9.2-1Jakub Hrozek - 1.9.1-1Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-24Jakub Hrozek - 1.9.0-23Jakub Hrozek - 1.9.0-22.rc1Jakub Hrozek - 1.9.0-21.beta7Jakub Hrozek - 1.9.0-20.beta6Jakub Hrozek - 1.9.0-19.beta6Jakub Hrozek - 1.9.0-18.beta6Jakub Hrozek - 1.9.0-17.beta6Jakub Hrozek - 1.9.0-16.beta6Jakub Hrozek - 1.9.0-14.beta6Jakub Hrozek - 1.9.0-13.beta6Fedora Release Engineering - 1.9.0-13.beta5Jakub Hrozek - 1.9.0-12.beta5Stephen Gallagher - 1.9.0-11.beta4Jakub Hrozek - 1.9.0-10.beta4Jakub Hrozek - 1.9.0-9.beta4Stephen Gallagher - 1.9.0-8.beta3Stephen Gallagher - 1.9.0-7.beta2Stephen Gallagher - 1.9.0-6.beta2Stephen Gallagher - 1.9.0-5.beta2Stephen Gallagher - 1.9.0-4.beta1Stephen Gallagher - 1.9.0-3.beta1Stephen Gallagher - 1.9.0-2.beta1Stephen Gallagher - 1.9.0-1.beta1Stephen Gallagher - 1.8.3-11Stephen Gallagher - 1.8.2-10Stephen Gallagher - 1.8.1-9Stephen Gallagher - 1.8.1-8Stephen Gallagher - 1.8.1-7Stephen Gallagher - 1.8.0-6Stephen Gallagher - 1.8.0-5.beta3Stephen Gallagher - 1.8.0-4.beta3Petr Pisar - 1.8.0-3.beta2Stephen Gallagher - 1.8.0-1.beta2Stephen Gallagher - 1.8.0-1.beta1Stephen Gallagher - 1.7.0-5Stephen Gallagher - 1.7.0-4Stephen Gallagher - 1.7.0-3Fedora Release Engineering - 1.7.0-2Stephen Gallagher - 1.7.0-1Stephen Gallagher - 1.6.4-1Stephen Gallagher - 1.6.3-5Stephen Gallagher - 1.6.3-4Jakub Hrozek - 1.6.3-3Stephen Gallagher - 1.6.3-2Stephen Gallagher - 1.6.3-1Fedora Release Engineering - 1.6.2-5Stephen Gallagher - 1.6.2-4Stephen Gallagher - 1.6.2-3Stephen Gallagher - 1.6.2-2Stephen Gallagher - 1.6.2-1Stephen Gallagher - 1.6.1-1Stephen Gallagher - 1.6.0-2Stephen Gallagher - 1.6.0-1Stephen Gallagher - 1.5.11-2Stephen Gallagher - 1.5.10-1Stephen Gallagher - 1.5.9-1Stephen Gallagher - 1.5.8-1Stephen Gallagher - 1.5.7-3Stephen Gallagher - 1.5.7-2Stephen Gallagher - 1.5.7-1Stephen Gallagher - 1.5.6.1-1Stephen Gallagher - 1.5.6-1Stephen Gallagher - 1.5.5-5Stephen Gallagher - 1.5.5-4Stephen Gallagher - 1.5.5-3Stephen Gallagher - 1.5.5-2Stephen Gallagher - 1.5.5-1Stephen Gallagher - 1.5.4-1Stephen Gallagher - 1.5.3-2Stephen Gallagher - 1.5.3-1Stephen Gallagher - 1.5.2-1Simo Sorce - 1.5.1-9Stephen Gallagher - 1.5.1-8Stephen Gallagher - 1.5.1-7Stephen Gallagher - 1.5.1-6Stephen Gallagher - 1.5.1-5Fedora Release Engineering - 1.5.1-4Stephen Gallagher - 1.5.1-3Stephen Gallagher - 1.5.1-2Stephen Gallagher - 1.5.1-1Stephen Gallagher - 1.5.0-2Stephen Gallagher - 1.5.0-1Stephen Gallagher - 1.4.1-3Stephen Gallagher - 1.4.1-2Stephen Gallagher - 1.4.1-1Stephen Gallagher - 1.4.0-2Stephen Gallagher - 1.4.0-1Stephen Gallagher - 1.3.0-35Stephen Gallagher - 1.3.0-34Stephen Gallagher - 1.3.0-33Stephen Gallagher - 1.3.0-32Stephen Gallagher - 1.3.0-31Stephen Gallagher - 1.3.0-30David Malcolm - 1.2.91-21Stephen Gallagher - 1.2.91-20Stephen Gallagher - 1.2.1-15Stephen Gallagher - 1.2.0-12Stephen Gallagher - 1.1.92-11Stephen Gallagher - 1.1.91-10Simo Sorce - 1.1.1-3Stephen Gallagher - 1.1.1-1Stephen Gallagher - 1.1.0-2Stephen Gallagher - 1.1.0-1.pre20100317git0ea7f19Stephen Gallagehr - 1.0.5-2Stephen Gallagher - 1.0.5-1Stephen Gallagher - 1.0.4-1Stephen Gallagher - 1.0.3-1Stephen Gallagher - 1.0.2-1Stephen Gallagher - 1.0.1-1Stephen Gallagher - 1.0.0-2Stephen Gallagher - 1.0.0-1Stephen Gallagher - 0.99.1-1Stephen Gallagher - 0.99.0-1Stephen Gallagher - 0.7.1-1Stephen Gallagher - 0.7.0-2Stephen Gallagher - 0.7.0-1Stephen Gallagher - 0.6.1-2Stephen Gallagher - 0.6.1-1Stephen Gallagher - 0.6.0-1Sumit Bose - 0.6.0-0Simo Sorce - 0.5.0-0Jakub Hrozek - 0.4.1-4Fedora Release Engineering - 0.4.1-3Simo Sorce - 0.4.1-2Simo Sorce - 0.4.1-1Simo Sorce - 0.4.1-0Simo Sorce - 0.3.2-2Jakub Hrozek - 0.3.2-1Simo Sorce - 0.3.1-2Simo Sorce - 0.3.1-1Simo Sorce - 0.3.0-2Simo Sorce - 0.3.0-1Simo Sorce - 0.2.1-1Simo Sorce - 0.2.0-1Jakub Hrozek - 0.1.0-5.20090309git691c9b3Jakub Hrozek - 0.1.0-4Sumit Bose - 0.1.0-3Jakub Hrozek - 0.1.0-2Stephen Gallagher - 0.1.0-1- Resolves: rhbz#1152200 - Error processing universal groups with cross-domain membership in SSSD server mode- Rebuild for a proper dist tag, yet again, now using the correct build options - Related: rhbz#1098608 - Expanding home directory fails when the request comes from the PAC responder- Rebuild for a proper dist tag - Related: rhbz#1098608 - Expanding home directory fails when the request comes from the PAC responder- Squash in upstream review comments about the PAC patch - Related: rhbz#1098608 - Expanding home directory fails when the request comes from the PAC responder- Backport a patch to allow krb5-utils-test to run as root - Related: rhbz#1098608 - Expanding home directory fails when the request comes from the PAC responder- Resolves: rhbz#1098608 - Expanding home directory fails when the request comes from the PAC responder- Fix a DEBUG message, backport two related fixes - Related: rhbz#1097323 - segfault in sssd_be when second domain tree users are queried while joined to child domain- Resolves: rhbz#1097323 - segfault in sssd_be when second domain tree users are queried while joined to child domain- Resolves: rhbz#1082191 - RHEL7 IPA selinuxusermap hbac rule not always matching- Resolves: rhbz#1077328 - other subdomains are unavailable when joined to a subdomain in the ad forest- Resolves: rhbz#1078877 - Valgrind: Invalid read of int while processing netgroup- Resolves: rhbz#1075092 - Password change w/ OTP generates error on success- Resolves: rhbz#1078840 - Error during password change- Resolves: rhbz#1075663 - SSSD should create the SELinux mapping file with format expected by pam_selinux- Related: rhbz#1075621 - Add another Kerberos error code to trigger IPA password migration- Related: rhbz#1073635 - IPA SELinux code looks for the host in the wrong sysdb subdir when a trusted user logs in- Related: rhbz#1066096 - not retrieving homedirs of AD users with posix attributes- Related: rhbz#1072995 - AD group inconsistency when using AD provider in sssd-1.11-40- Resolves: rhbz#1073631 - sssd fails to handle expired passwords when OTP is used- Resolves: rhbz#1072067 - SSSD Does not cache SELinux map from FreeIPA correctly- Resolves: rhbz#1071903 - ipa-server-mode: Use lower-case user name component in home dir path- Resolves: rhbz#1068725 - Evaluate usage of sudo LDAP provider together with the AD provider- Fix idmap documentation - Bump idmap version info - Related: rhbz#1067361 - Check IPA idranges before saving them to the cache- Pull some follow up man page fixes from upstream - Related: rhbz#1060389 - Document that `sssd` cache needs to be cleared manually, if ID mapping configuration changes - Related: rhbz#1064908 - MAN: Remove misleading memberof example from ldap_access_filter example- Resolves: rhbz#1060389 - Document that `sssd` cache needs to be cleared manually, if ID mapping configuration changes- Resolves: rhbz#1064908 - MAN: Remove misleading memberof example from ldap_access_filter example- Resolves: rhbz#1068723 - Setting int option to 0 yields the default value- Resolves: rhbz#1067361 - Check IPA idranges before saving them to the cache- Resolves: rhbz#1067476 - SSSD pam module accepts usernames with leading spaces- Resolves: rhbz#1033069 - Configuring two different provider types might start two parallel enumeration tasks- Resolves: rhbz#1068640 - 'IPA: Don't call tevent_req_post outside _send' should be added to RHEL7- Resolves: rhbz#1063977 - SSSD needs to enable FAST by default- Resolves: rhbz#1064582 - sss_cache does not reset the SYSDB_INITGR_EXPIRE attribute when expiring users- Resolves: rhbz#1033081 - Implement heuristics to detect if POSIX attributes have been replicated to the Global Catalog or not- Resolves: rhbz#872177 - [RFE] subdomain homedir template should be configurable/use flatname by default- Resolves: rhbz#1059753 - Warn with a user-friendly error message when permissions on sssd.conf are incorrect- Resolves: rhbz#1037653 - Enabling ldap_id_mapping doesn't exclude uidNumber in filter- Resolves: rhbz#1059253 - Man page states default_shell option supersedes other shell options but in fact override_shell does. - Use the right domain for AD site resolution - Related: rhbz#743503 - [RFE] sssd should support DNS sites- Resolves: rhbz#1028039 - AD Enumeration reads data from LDAP while regular lookups connect to GC- Resolves: rhbz#877438 - sudoNotBefore/sudoNotAfter not supported by sssd sudoers plugin- Mass rebuild 2014-01-24- Resolves: rhbz#1054639 - sssd_be aborts a request if it doesn't match any configured idmap domain- Resolves: rhbz#1054899 - explicitly suggest krb5_auth_timeout in a loud DEBUG message in case Kerberos authentication times out- Resolves: rhbz#1037653 - Enabling ldap_id_mapping doesn't exclude uidNumber in filter- Resolves: rhbz#1051360 - [FJ7.0 Bug]: [REG] sssd_be crashes when ldap_search_base cannot be parsed. - Fix a typo in the man page - Related: rhbz#1034920 - RHEL7 sssd not setting IPA AD trusted user homedir- Resolves: rhbz#1054639 - sssd_be aborts a request if it doesn't match any configured idmap domain - Fix return value when searching for AD domain flat names - Resolves: rhbz#1048102 - Access denied for users from gc domain when using format DOMAIN\user- Resolves: rhbz#1034920 - RHEL7 sssd not setting IPA AD trusted user homedir- Resolves: rhbz#1048102 - Access denied for users from gc domain when using format DOMAIN\user- Resolves: rhbz#1053106 - sssd ad trusted sub domain do not inherit fallbacks and overrides settings- Resolves: rhbz#1051016 - FAST does not work in SSSD 1.11.2 in Fedora 20- Resolves: rhbz#1033133 - "System Error" when invalid ad_access_filter is used- Resolves: rhbz#1032983 - sssd_be crashes when ad_access_filter uses FOREST keyword. - Fix two memory leaks in the PAC responder (Related: rhbz#991065)- Resolves: rhbz#1048184 - Group lookup does not return member with multiple names after user lookup- Resolves: rhbz#1049533 - Group membership lookup issue- Mass rebuild 2013-12-27- Resolves: rhbz#894068 - sss_cache doesn't support subdomains- Re-initialize subdomains after provider startup - Related: rhbz#1038637 - If SSSD starts offline, subdomains list is never read- The AD provider is able to resolve group memberships for groups with Global and Universal scope - Related: rhbz#1033096 - tokenGroups do not work reliable with Global Catalog- Resolves: rhbz#1033096 - tokenGroups do not work reliable with Global Catalog - Resolves: rhbz#1030483 - Individual group search returned multiple results in GC lookups- Resolves: rhbz#1040969 - sssd_nss grows memory footprint when netgroups are requested- Resolves: rhbz#1023409 - Valgrind sssd "Syscall param socketcall.sendto(msg) points to uninitialised byte(s)"- Resolves: rhbz#1037936 - sssd_be crashes occasionally- Resolves: rhbz#1038637 - If SSSD starts offline, subdomains list is never read- Resolves: rhbz#1029631 - sssd_be crashes on manually adding a cleartext password to ldap_default_authtok- Resolves: rhbz#1036758 - SSSD: Allow for custom attributes in RDN when using id_provider = proxy- Resolves: rhbz#1034050 - Errors in domain log when saving user to sysdb- Resolves: rhbz#1036157 - sssd can't retrieve auto.master when using the "default_domain_suffix" option in- Resolves: rhbz#1028057 - Improve detection of the right domain when processing group with members from several domains- Resolves: rhbz#1033084 - sssd_be segfaults if empty grop is resolved using ad_matching_rule- Resolves: rhbz#1031562 - Incorrect mention of access_filter in sssd-ad manpage- Resolves: rhbz#991549 - sssd fails to retrieve netgroups with multiple CN attributes- Skip netgroups that don't provide well-formed triplets - Related: rhbz#991549 - sssd fails to retrieve netgroups with multiple CN attributes- New upstream release 1.11.2 - Remove upstreamed patches - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.2 - Resolves: rhbz#991065- Resolves: rhbz#1019882 - RHEL7 ipa ad trusted user lookups failed with sssd_be crash - Resolves: rhbz#1002597 - ad: unable to resolve membership when user is from different domain than group- New upstream release 1.11.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1 - Resolves: rhbz#991065 - Rebase SSSD to 1.11.0- New upstream release 1.11.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0 - Resolves: rhbz#991065- New upstream release 1.11 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0beta2 - Related: rhbz#991065- Resolves: #906427 - Do not use lib64 in specfile for the nss and pam libraries- Resolves: #983587 - sss_debuglevel did not increase verbosity in sssd_pac.log- Resolves: #983580 - Netgroups should ignore the 'use_fully_qualified_names' setting- Apply several important fixes from upstream 1.10 branch - Related: #966757 - SSSD failover doesn't work if the first DNS server in resolv.conf is unavailable- New upstream release 1.10.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.1- Remove libcmocka dependency- sssd-tools should require sssd-common, not sssd- Move sssd_pac to the sssd-ipa and sssd-ad subpackages - Trim out RHEL5-specific macros since we don't build on RHEL 5 - Trim out macros for Fedora older than F18 - Update libldb requirement to 1.1.16 - Trim RPM changelog down to the last year- Move sssd_pac to the sssd-krb5 subpackage- Fix Obsoletes: to account for dist tag - Convert post and pre scripts to run on the sssd-common subpackage - Remove old conversion from SYSV- New upstream release 1.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0- the cmocka toolkit exists only on selected arches- Apply a number of patches from upstream to fix issues found post-beta, in particular: -- segfault with a high DEBUG level -- Fix IPA password migration (upstream #1873) -- Fix fail over when retrying SRV resolution (upstream #1886)- Only BuildRequire libcmocka on Fedora- Fix typo in Requires that prevented an upgrade (#973916) - Use a hardcoded version in Conflicts, not less-than-current- New upstream release 1.10 beta2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2 - BuildRequire libcmocka-devel in order to run all upstream tests during build - BuildRequire libnl3 instead of libnl1 - No longer BuildRequire initscripts, we no longer use /sbin/service - Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any older krb5-libs version- Enable hardened build for RHEL7- Apply a couple of patches from upstream git that resolve crashes when ID mapping object was not initialized properly but needed later- Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during realm join - Resolves: rhbz#961278 - Login failure: Enterprise Principal enabled by default for AD Provider - Resolves: rhbz#961251 - sssd does not create user's krb5 ccache dir/file parent directory when logging in- Explicitly Require libini_config >= 1.0.0.1 to work around a SONAME bug in ding-libs - Fix SSH integration with fully-qualified domains - Add the ability to dynamically discover the NetBIOS name- New upstream release 1.10 beta1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta1- Add a patch to fix krb5 ccache creation issue with krb5 1.11- New upstream release 1.10 alpha1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0alpha1- Split internal helper libraries into a shared object - Significantly reduce disk-space usage- Fix the Kerberos password expiration warning (#912223)- Do not write out dots in the domain-realm mapping file (#905650)- Include upstream patch to build with krb5-1.11- Rebuild against new libldb- Fix build with new automake versions- Recreate Kerberos ccache directory if it's missing - Resolves: rhbz#853558 - [sssd[krb5_child[PID]]]: Credential cache directory /run/user/UID/ccdir does not exist- Fix changelog dates to make F19 rpmbuild happy- New upstream release 1.9.4- New upstream release 1.9.3- Resolve groups from AD correctly- Check the validity of naming context- Move the sss_cache tool to the main package- Include the 1.9.2 tarball- New upstream release 1.9.2- New upstream release 1.9.1- require the latest libldb- Use mcpath insted of mcachepath macro to be consistent with upsteam spec file- New upstream release 1.9.0- New upstream release 1.9.0 rc1- New upstream release 1.9.0 beta7 - obsoletes patches #1-#3- Rebuild against libldb 1.12- Rebuild against libldb 1.11- Change the default ccache location to DIR:/run/user/${UID}/krb5cc and patch man page accordingly - Resolves: rhbz#851304- Rebuild against libldb 1.10- Only create the SELinux login file if there are SELinux mappings on the IPA server- Don't discard HBAC rule processing result if SELinux is on Resolves: rhbz#846792 (CVE-2012-3462)- New upstream release 1.9.0 beta 6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta6 - A new option, override_shell was added. If this option is set, all users managed by SSSD will have their shell set to its value. - Fixes for the support for setting default SELinux user context from FreeIPA. - Fixed a regression introduced in beta 5 that broke LDAP SASL binds - The SSSD supports the concept of a Primary Server and a Back Up Server in failover - A new command-line tool sss_seed is available to help prime the cache with a user record when deploying a new machine - SSSD is now able to discover and save the domain-realm mappings between an IPA server and a trusted Active Directory server. - Packaging changes to fix ldconfig usage in subpackages (#843995) - Rebuild against libldb 1.1.9- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- New upstream release 1.9.0 beta 5 - Obsoletes the patch for missing DP_OPTION_TERMINATOR in AD provider options - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta5 - Many fixes for the support for setting default SELinux user context from FreeIPA, most notably fixed the specificity evaluation - Fixed an incorrect default in the krb5_canonicalize option of the AD provider which was preventing password change operation - The shadowLastChange attribute value is now correctly updated with the number of days since the Epoch, not seconds- Fix broken ARM build - Add missing DP_OPTION_TERMINATOR in AD provider options- Own several directories create during make install (#839782)- New upstream release 1.9.0 beta 4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta4 - Add a new AD provider to improve integration with Active Directory 2008 R2 or later servers - SUDO integration was completely rewritten. The new implementation works with multiple domains and uses an improved refresh mechanism to download only the necessary rules - The IPA authentication provider now supports subdomains - Fixed regression for setups that were setting default_tkt_enctypes manually by reverting a previous workaround.- New upstream release 1.9.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta3 - Add a new PAC responder for dealing with cross-realm Kerberos trusts - Terminate idle connections to the NSS and PAM responders- Switch unicode library from libunistring to Glib - Drop unnecessary explicit Requires on keyutils - Guarantee that versioned Requires include the correct architecture- Fix accidental disabling of the DIR cache support- New upstream release 1.9.0 beta 2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta2 - Add support for the Kerberos DIR cache for storing multiple TGTs automatically - Major performance enhancement when storing large groups in the cache - Major performance enhancement when performing initgroups() against Active Directory - SSSDConfig data file default locations can now be set during configure for easier packaging- Fix regression in endianness patch- Rebuild SSSD against ding-libs 0.3.0beta1 - Fix endianness bug in service map protocol- Fix several regressions since 1.5.x - Ensure that the RPM creates the /var/lib/sss/mc directory - Add support for Netscape password warning expiration control - Rebuild against libldb 1.1.6- New upstream release 1.9.0 beta 1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1 - Add native support for autofs to the IPA provider - Support for ID-mapping when connecting to Active Directory - Support for handling very large (> 1500 users) groups in Active Directory - Support for sub-domains (will be used for dealing with trust relationships) - Add a new fast in-memory cache to speed up lookups of cached data on repeated requests- New upstream release 1.8.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3 - Numerous manpage and translation updates - LDAP: Handle situations where the RootDSE isn't available anonymously - LDAP: Fix regression for users using non-standard LDAP attributes for user information- New upstream release 1.8.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.2 - Several fixes to case-insensitive domain functions - Fix for GSSAPI binds when the keytab contains unrelated principals - Fixed several segfaults - Workarounds added for LDAP servers with unreadable RootDSE - SSH knownhostproxy will no longer enter an infinite loop preventing login - The provided SYSV init script now starts SSSD earlier at startup and stops it later during shutdown - Assorted minor fixes for issues discovered by static analysis tools- Don't duplicate libsss_autofs.so in two packages - Set explicit package contents instead of globbing- Fix uninitialized value bug causing crashes throughout the code - Resolves: rhbz#804783 - [abrt] Segfault during LDAP 'services' lookup- New upstream release 1.8.1 - Resolve issue where we could enter an infinite loop trying to connect to an auth server - Fix serious issue with complex (3+ levels) nested groups - Fix netgroup support for case-insensitivity and aliases - Fix serious issue with lookup bundling resulting in requests never completing - IPA provider will now check the value of nsAccountLock during pam_acct_mgmt in addition to pam_authenticate - Fix several regressions in the proxy provider - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work- New upstream release 1.8.0 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental) - Include the IPA AutoFS provider - Fixed several memory-corruption bugs - Fixed a regression in group enumeration since 1.7.0 - Fixed a regression in the proxy provider - Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD - Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is logged at each login - Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process /usr/sbin/sssd was killed by signal 11 (SIGSEGV) - Resolves: rhbz#743133 - Performance regression with Kerberos authentication against AD - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - Resolves: rhbz#786957 - sssd and kerberos should change the default location for create the Credential Cashes to /run/usr/USERNAME/krb5cc- Change default kerberos credential cache location to /run/user/- New upstream release 1.8.0 beta 3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3 - Fixed a regression in group enumeration since 1.7.0 - Fixed several memory-corruption bugs - Finalized the ABI for the autofs support - Fixed a regression in the proxy provider- Rebuild against PCRE 8.30- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2 - Fix two minor manpage bugs - Include the IPA AutoFS provider- New upstream release - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1 - Support for the service map in NSS - Support for setting default SELinux user context from FreeIPA - Support for retrieving SSH user and host keys from LDAP (Experimental) - Support for caching autofs LDAP requests (Experimental) - Support for caching SUDO rules (Experimental)- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features - fix netgroups and sudo as well- Fixes a serious memory hierarchy bug causing unpredictable behavior in the LDAP provider.- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for new LDAP features- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- New upstream release 1.7.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0 - Support for case-insensitive domains - Support for multiple search bases in the LDAP provider - Support for the native FreeIPA netgroup implementation - Reliability improvements to the process monitor - New DEBUG facility with more consistent log levels - New tool to change debug log levels without restarting SSSD - SSSD will now disconnect from LDAP server when idle - FreeIPA HBAC rules can choose to ignore srchost options for significant performance gains - Assorted performance improvements in the LDAP provider- New upstream release 1.6.4 - Rolls up previous patches applied to the 1.6.3 tarball - Fixes a rare issue causing crashes in the failover logic - Fixes an issue where SSSD would return the wrong PAM error code for users that it does not recognize.- Rebuild against libldb 1.1.4- Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the username in getpwnam() - Resolves: rhbz#758425 - LDAP failover not working if server refuses connections- Rebuild for libldb 1.1.3- Resolves: rhbz#752495 - Crash when apply settings- New upstream release 1.6.3 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3 - Fixes a major cache performance issue introduced in 1.6.2 - Fixes a potential infinite-loop with certain LDAP layouts- Rebuilt for glibc bug#747377- Change selinux policy requirement to Conflicts: with the old version, rather than Requires: the supported version.- Add explicit requirement on selinux-policy version to address new SBUS symlinks.- Remove %files reference to sss_debuglevel copied from wrong upstreeam spec file.- Improved handling of users and groups with multi-valued name attributes (aliases) - Performance enhancements Initgroups on RFC2307bis/FreeIPA HBAC rule processing - Improved process-hang detection and restarting - Enabled the midpoint cache refresh by default (fewer cache misses on commonly-used entries) - Cleaned up the example configuration - New tool to change debug level on the fly- New upstream release 1.6.1 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.1 - Fixes a serious issue with LDAP connections when the communication is dropped (e.g. VPN disconnection, waking from sleep) - SSSD is now less strict when dealing with users/groups with multiple names when a definitive primary name cannot be determined - The LDAP provider will no longer attempt to canonicalize by default when using SASL. An option to re-enable this has been provided. - Fixes for non-standard LDAP attribute names (e.g. those used by Active Directory) - Three HBAC regressions have been fixed. - Fix for an infinite loop in the deref code- Build with _hardened_build macro- New upstream release 1.6.0 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.0 - Add host access control support for LDAP (similar to pam_host_attr) - Finer-grained control on principals used with Kerberos (such as for FAST or - validation) - Added a new tool sss_cache to allow selective expiring of cached entries - Added support for LDAP DEREF and ASQ controls - Added access control features for Novell Directory Server - FreeIPA dynamic DNS update now checks first to see if an update is needed - Complete rewrite of the HBAC library - New libraries: libipa_hbac and libipa_hbac-python- New upstream release 1.5.11 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.11 - Fix a serious regression that prevented SSSD from working with ldaps:// URIs - IPA Provider: Fix a bug with dynamic DNS that resulted in the wrong IPv6 - address being saved to the AAAA record- New upstream release 1.5.10 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.10 - Fixed a regression introduced in 1.5.9 that could result in blocking calls - to LDAP- New upstream release 1.5.9 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.9 - Support for overriding home directory, shell and primary GID locally - Properly honor TTL values from SRV record lookups - Support non-POSIX groups in nested group chains (for RFC2307bis LDAP - servers) - Properly escape IPv6 addresses in the failover code - Do not crash if inotify fails (e.g. resource exhaustion) - Don't add multiple TGT renewal callbacks (too many log messages)- New upstream release 1.5.8 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.8 - Support for the LDAP paging control - Support for multiple DNS servers for name resolution - Fixes for several group membership bugs - Fixes for rare crash bugs- Resolves: rhbz#706740 - Orphaned links on rc0.d-rc6.d - Make sure to properly convert to systemd if upgrading from newer - updates for Fedora 14- Fix segfault in TGT renewal- Resolves: rhbz#700891 - CVE-2011-1758 sssd: automatic TGT renewal overwrites - cached password with predicatable filename- Re-add manpage translations- New upstream release 1.5.6 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.6 - Fixed a serious memory leak in the memberOf plugin - Fixed a regression with the negative cache that caused it to be essentially - nonfunctional - Fixed an issue where the user's full name would sometimes be removed from - the cache - Fixed an issue with password changes in the kerberos provider not working - with kpasswd- Resolves: rhbz#697057 - kpasswd fails when using sssd and - kadmin server != kdc server - Upgrades from SysV should now maintain enabled/disabled status- Fix %postun- Fix systemd conversion. Upgrades from SysV to systemd weren't properly - enabling the systemd service. - Fix a serious memory leak in the memberOf plugin - Fix an issue where the user's full name would sometimes be removed - from the cache- Install systemd unit file instead of sysv init script- New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist- New upstream release 1.5.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.4 - Fixes for Active Directory when not all users and groups have POSIX attributes - Fixes for handling users and groups that have name aliases (aliases are ignored) - Fix group memberships after initgroups in the IPA provider- Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication- New upstream release 1.5.3 - Support for libldb >= 1.0.0- New upstream release 1.5.2 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2 - Fixes for support of FreeIPA v2 - Fixes for failover if DNS entries change - Improved sss_obfuscate tool with better interactive mode - Fix several crash bugs - Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this - Delete users from the local cache if initgroups calls return 'no such user' - (previously only worked for getpwnam/getpwuid) - Use new Transifex.net translations - Better support for automatic TGT renewal (now survives restart) - Netgroup fixes- Rebuild sssd against libldb 1.0.2 so the memberof module loads again. - Related: rhbz#677425- Resolves: rhbz#677768 - name service caches names, so id command shows - recently deleted users- Ensure that SSSD builds against libldb-1.0.0 on F15 and later - Remove .la for memberOf- Fix memberOf install path- Add support for libldb 1.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix nested group member filter sanitization for RFC2307bis - Put translated tool manpages into the sssd-tools subpackage- Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during - rpmbuild- New upstream release 1.5.1 - Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins - Vast performance improvements when enumerate = true - All PAM actions will now perform a forced initgroups lookup instead of just - a user information lookup - This guarantees that all group information is available to other - providers, such as the simple provider. - For backwards-compatibility, DNS lookups will also fall back to trying the - SSSD domain name as a DNS discovery domain. - Support for more password expiration policies in LDAP - 389 Directory Server - FreeIPA - ActiveDirectory - Support for ldap_tls_{cert,key,cipher_suite} config options -Assorted bugfixes- CVE-2010-4341 - DoS in sssd PAM responder can prevent logins- New upstream release 1.5.0 - Fixed issues with LDAP search filters that needed to be escaped - Add Kerberos FAST support on platforms that support it - Reduced verbosity of PAM_TEXT_INFO messages for cached credentials - Added a Kerberos access provider to honor .k5login - Addressed several thread-safety issues in the sss_client code - Improved support for delayed online Kerberos auth - Significantly reduced time between connecting to the network/VPN and - acquiring a TGT - Added feature for automatic Kerberos ticket renewal - Provides the kerberos ticket for long-lived processes or cron jobs - even when the user logs out - Added several new features to the LDAP access provider - Support for 'shadow' access control - Support for authorizedService access control - Ability to mix-and-match LDAP access control features - Added an option for a separate password-change LDAP server for those - platforms where LDAP referrals are not supported - Added support for manpage translations- Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade- Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf- New upstream release 1.4.1 - Add support for netgroups to the proxy provider - Fixes a minor bug with UIDs/GIDs >= 2^31 - Fixes a segfault in the kerberos provider - Fixes a segfault in the NSS responder if a data provider crashes - Correctly use sdap_netgroup_search_base- Fix incorrect tarball URL- New upstream release 1.4.0 - Added support for netgroups to the LDAP provider - Performance improvements made to group processing of RFC2307 LDAP servers - Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin - Build-system improvements to support Gentoo - Split out several libraries into the ding-libs tarball - Manpage reviewed and updated- Fix pre and post script requirements- Resolves: rhbz#606887 - sssd stops on upgrade- Resolves: rhbz#626205 - Unable to unlock screen- Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but - doesn't require it- Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib- Resolves: CVE-2010-2940 - sssd allows null password entry to authenticate - against LDAP- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- New upstream version 1.2.91 (1.3.0rc1) - Improved LDAP failover - Synchronous sysdb API (provides performance enhancements) - Better online reconnection detection- New stable upstream version 1.2.1 - Resolves: rhbz#595529 - spec file should eschew %define in favor of - %global - Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd service - to fail while restart. - Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel - keyring - Resolves: rhbz#599724 - sssd is broken on Rawhide- New stable upstream version 1.2.0 - Support ServiceGroups for FreeIPA v2 HBAC rules - Fix long-standing issue with auth_provider = proxy - Better logging for TLS issues in LDAP- New LDAP access provider allows for filtering user access by LDAP attribute - Reduced default timeout for detecting offline status with LDAP - GSSAPI ticket lifetime made configurable - Better offline->online transition support in Kerberos- Release new upstream version 1.1.91 - Enhancements when using SSSD with FreeIPA v2 - Support for deferred kinit - Support for DNS SRV records for failover- Bump up release number to avoid library sub-packages version issues with previous releases.- New upstream release 1.1.1 - Fixed the IPA provider (which was segfaulting at start) - Fixed a bug in the SSSDConfig API causing some options to revert to - their defaults - This impacted the Authconfig UI - Ensure that SASL binds to LDAP auto-retry when interrupted by a signal- Release SSSD 1.1.0 final - Fix two potential segfaults - Fix memory leak in monitor - Better error message for unusable confdb- Release candidate for SSSD 1.1 - Add simple access provider - Create subpackages for libcollection, libini_config, libdhash and librefarray - Support IPv6 - Support LDAP referrals - Fix cache issues - Better feedback from PAM when offline- Rebuild against new libtevent- Fix licenses in sources and on RPMs- Fix regression on 64-bit platforms- Fixes link error on platforms that do not do implicit linking - Fixes double-free segfault in PAM - Fixes double-free error in async resolver - Fixes support for TCP-based DNS lookups in async resolver - Fixes memory alignment issues on ARM processors - Manpage fixes- Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online - Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests - Several segfault bugfixes- Fix CVE-2010-0014- Patch SSSDConfig API to address - https://bugzilla.redhat.com/show_bug.cgi?id=549482- New upstream stable release 1.0.0- New upstream bugfix release 0.99.1- New upstream release 0.99.0- Fix segfault in sssd_pam when cache_credentials was enabled - Update the sample configuration - Fix upgrade issues caused by data provider service removal- Fix upgrade issues from old (pre-0.5.0) releases of SSSD- New upstream release 0.7.0- Fix missing file permissions for sssd-clients- Add SSSDConfig API - Update polish translation for 0.6.0 - Fix long timeout on ldap operation - Make dp requests more robust- Ensure that the configuration upgrade script always writes the config file with 0600 permissions - Eliminate an infinite loop in group enumerations- New upstream release 0.6.0- New upstream release 0.5.0- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in without a password. (Patch by Stephen Gallagher)- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Fix a couple of segfaults that may happen on reload- add missing configure check that broke stopping the daemon - also fix default config to add a missing required option- latest upstream release. - also add a patch that fixes debugging output (potential segfault)- release out of the official 0.3.2 tarball- bugfix release 0.3.2 - includes previous release patches - change permissions of the /etc/sssd/sssd.conf to 0600- Add last minute bug fixes, found in testing the package- Version 0.3.1 - includes previous release patches- Try to fix build adding automake as an explicit BuildRequire - Add also a couple of last minute patches from upstream- Version 0.3.0 - Provides file based configuration and lots of improvements- Version 0.2.1- Version 0.2.0- package git snapshot- fixed items found during review - added initscript- added sss_client- Small cleanup and fixes in the spec file- Initial release (based on version 0.1.0 upstream code)frjauk1.11.2-68.el7_0.61.11.2-68.el7_0.6libsss_krb5.sosssd-krb5-1.11.2COPYINGsssd-krb5.5.gzsssd-krb5.5.gzsssd-krb5.5.gzsssd-krb5.5.gz/usr/lib64/sssd//usr/share/doc//usr/share/doc/sssd-krb5-1.11.2//usr/share/man/fr/man5//usr/share/man/ja/man5//usr/share/man/man5//usr/share/man/uk/man5/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0x687ae893521e984ac7c7cb5876a23b9ed7fabf8a, strippeddirectoryPascal source, ASCII texttroff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, from Unix, max compression)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, from Unix, max compression)PR RRRRRR R RRR RRR?@7zXZ !#,ʿ؊] b2u y-iSqJ&|AHEƐr &ƖVBPL HZv;\xʏq;?e% +jGIpuh PGdKci b[$=6Iࢸ?D[*LHncq"ۗehiQ̜_ĵi 2}4T!!tGާpH;D{RB7=4jc턢q "nﭲK{L $Iգk`ug~OSkee*7)D )l.ZV#:ǀgAuiJpψGzU~c$ZW0.,^;],|3&yuu:tL I@n0u4^}5g;Mk`$e8J 3Wa,S{cV: 90o޼jP+4jHIRZK)t{CZfqeI$B*+-:YXKvt'ޗTl&M䍬D,hCP#`O`)E΅!Ρ鱈bS)"~b[q{A˿@6Jv,Jĸx ^K-7x4òP(+gnI +8['RrՓ}~6QYlu熰֍I16"x/ j#]'"xav *Z|9 K݅e-0‰;zț i5iTv*QٽY[^W%q.~t֐W4$ZkGej\؉)kL^s 3dtYlYRX7Yp* $(H223l(٤ v_)^Ar*DwUV^ğRs-$.TH2x"Lt 0Prf0u?1:LPTڦ{g`KRcaߕXaW-vf5u;K=;-ۀR"읣[85UuZd\>Rk<lM#pۖdȑʾ?"S>pw8_8+۪4kIŁ G B/ !:%.ҺQn|r(J]E*lgOajXM (>0If]X {ϫG*4R0e;MbV6H]VfDD aX V6xz9@-br8MPˋ5 ܂ p%l3EJPOD]^\HN(]m'ָ]<U[s4P">Ks8YecT<%qom& -"%Lfد4Sc]n%W~k"O߷q>uiJA[xnS?7J0YLaWtgk|t\GNk232‘':Gx\[6TUDB z((FOCŅ ͒W.mVUUTU2=53dcEml\Ƚ hAKbw, x1_I罊Dۤyg[ܻВDV($0Y_$QP3qA_IU./\>BNO"5ŝkó$]aɥM`dztWC+ueT Hw LL\r;:igofPϩ{KnSõ0Q4p[nL>$ )MUDJ5!Br6ie\s@2@C62pq d#M:-䗵CzsR\jR@ 7άS{AK`{K@Ah V8kL\Pۍx?J(4L9M}7ec+mnL1` co" wa=A}2maپ?EƿP7ZetNzv^])\nU˷ g B! R ksʕW-i@F~c6R[}RHN}<9 =HabUߴҞ{M;jͺhR$SQYN@\K :,eW6YUk/>IoFI ]RZN[ƭ 6 3 YI'X*d*;pjPI\yKzq љc|w'\.mɁDR5,JыJԂs^ \"{4;si|I2Qp܀.#cmC@l!dVN`/_.KPaNy/S{,"y^%}@hU"Z4Ďvlsߩࠅ\Yw0&o~Cc CXSQ^5J"tGՖlTsk \ONaܠ ]4O8Ԇ-har3W )ffnny(WyS\Q;GF +Q3^9X0I{g*!ڛY|׀4EG=QϨp`-Nد5lH9yr6VWN|I&Ѷ~'n*qGftpFBKls.\|nc-|lRh6j<| >U@2s]ɩ"f ,0RgvQ4[3Aꋫjݏ{UT&$k$&tuTt}>XI j Xf@&*5uIC@ti-Q. kˆئxb_@m]bog&*UY\mCX?Ap/[V1V;JrXŢHIΛv]l*mH>mvx{?%@١b%ԕl]7X TlEt|A#CߢȷV.H- vIB'6@Zu7E8pW1L9A fox0el|b"AԜѳξt:7k&]_8?M+%\ TۧÐR-i̕SO+ Y4asڡ!YGނ)xr~+*-9ȣx3g<𦲳Q7SE[yx-)覆5S͐1Aŝ?f O sT{ZGߣYgqexyߓwun[+x[+9*eqN.!\`W,}C$ L!=e V_9":џeW=Cr.W0qY>R.c ?ƁgK2!MFzZ%! )Ŵ ~r&5AMIu:cxyW?-}E0l)wV&ծ (.i1|\һ%VE2_,)1,xnPR%z*0ҳS^D32טÄ5~}9TQN\y5*%"LE,nɩ㌧LS5W-RM*o*@oVs}4 If:&tHٿ@ͻ1i`?)قULBO&E&\Lz+{*wEաΞQI۫pdk!A֨~7W>Tpxފ $B6^ 2֌u*ѵ,s"v| v k_J0X8<B8\I琔?2]&ý?0Û\A!PճH؜P>0ٴNМKdIFݷނ+rݲ~No`Go}ce0ἵcGB]-Kl d."ˑר mk,8oe6e*f.iM*B_EEdǣELXP=id(}AN6xQ(W $ lZI&S ;1WXekg;ܸ̓9uS@& 5*6}C^3J[}B4}#Á]/[ ٹ6Qqt}A=7}Ǐ#\ᔯ:tي٥I+M^iC^sPD%evbyAQ^Z!N*xRs@pU*\v;%krÅZ;f|޺A_ H4I~1'Ŗ^7qb' ; ' F% xj,EQ&G7r3>aPII7?:cskO@P8; ~hv8lPyj/ULoog%t_BKkg@(R. cqVGc){˫!3-*&ƖOk呂CH .0 Ltn ku]";#,D7_lI&ŭsS aѵFȣ))ĊO(t soro8;;-ph>&H7x@̔jjUi<&n̆Pۗr%Ƥ5Ж5 ܾN{ffCy>4c)Yn{!ar MuN֫.z\Jo; )r pY(u^֦i)"XK!Yڇ~۵PB(D$Xآ"G?d_GjS\l4SAz],dER"L$!l`lsÈ ʧ(Q\r4q%vsOq F)7ekф2l$0PP"ڊ?{"D jmmX =~/C6&%é\HMՄzu HgP(V8nEqhN*%3:/$'^J̍dpno)>Ezv]}XƮ<fPVFv9C"nJz.^A*|{Z3?jhFRhd#\nyI~s9wU?O9VL4oFҞ6~<2q^tM!I[8str]{GPeLʝ yA}^Kaiژڕ+uxb_WvICW2_{Swa6'&W[LOwT&htռH SLYE7薄X裵oĈHA>4m|HW1f"s=ً)Rtdu Ka$]j ȢlGLg&"o砯޻['8?/g5 MMxX/t+ӈ,"ٍc@1m@4 Kp~oe,dńhTBIlo.(" !,?IjyMǾ=(Cpoo"vc-KSȭ` 5KQhmf? /~6w)p,rnd& mJ /)ޑI)d(tb6=9G$v̫yƷYT\LL6jLBhYYd*OeJv]J.gٿj)lQTdEzPsÀso= Y;i'K!yɇX$ ˅?adDYQ\5b]0y}zU+yy^*%7nzhiYꌇqrWTs=1Fq o3/ѡ}y@wK^I/ [._;B/$[_ v5mgTF0٘UjzhxK.7; ^e Wnks9.k5U~NS^+S9G`BrK! }3j=-߻^FegMGR+ vc]6!y5Y\s ݣت̵Yˡ=ucTe Nm%߶=q[h|&dFb 6AI-,It(ZtnF[F?.C=OPx7b-{+QD=lJ⮁Яrr~M,}{h'P *Kыw2@D_|0d@ N y1FLl,v*ZS z2` n<.|oAe)_Lh5]n~6pݬu,)/KhvvCS_:4u7s켸6 ]SmDMM?Qͧn‡JݧtLb}PDTZSP7n!&z3dWVR*Pculpٻ#'fظ#e)(TJc xARPN&&F9N-}{l2|ϐ¸~v;@RZM@oN2 UDlɟi+(u.Ti;~AnY@AyE-Ԉ >d 2au9qQ3y@͜|Cȵ>aT Pݕ\rljSAwh+$ڣ>tjwK=ݔP/4k4w0}nmk~2͡λ 4j.h? *'_zjMgjMPҾ6G)Y,#❚J )<dx R.wR5^@db yIoI$v P N @Lζ\Šj?p9냾! ]jp~0G ά5[w oʄL?XUs@u_'jE gR/\D噅H hKxxDfYcavi/4nyYfT=/! N {]L 9ئ{EJG*k/"q{G! J'ƺ\(+AjnC\Y͹5rX>e|XܞQ7;???eiq9fA65'S[Q XN]U ,; ɌbZvHhd7[?_%!iA,GoV7}c F(?IfXh33, G8Y^ZQJj:7%5$Tmokdh248{s-q3{f AůG-y%C=n@i#ODV}D=lט{Bڸ ^3ц@ɟ}߈{9@B(۴NFE3gsΔGAÄ^-032Ws1yFga?^KsxRZ!aVM9-VUs4°PQ^r%DIbp*1R0kV B]vWevER X+˙&i/1ҝ/hy=-<"D{l8mWb#Ouk75y?\Z7^E_'&'a@{lH;ٍj/" 9\~QE։>L#`E`o!' 랣qZ[T[WG,]ꄞJREH;'?dz%5rAI?W KjEҋбڭؐ#";7_Βol6IƱ'4!/*=HzhԘ~I#H=qO,/Q͹y}{bЕ: ۠j[[~ D$tmA^ӣ'Q:;Vp7Bbz|LX~jjr=;CsWؽq7A*Hma f/=4U\jji[:ʌGq7LU?gþ<8h34#nApUtl69>OHc"++gE[q:W;췀3"^v:t(8lF Kԝq:8)Dye6g޺:9M1ϘLQ9r= ^aS5gM˩ 1XH3PI^zG8XٴV&Dߪ]Cj^|"J.lYwZ<)!+")뒺Lv4h@+<.&?sx6n !"{qٗW٢Qzc /DYKf2=|;LiK_$f R \9RY`5yyB|SY/l,\['P|~ƴ`O4{_|jwYoIOŤ=qfcRᅺۇ_ClÒ[38 ߪy`px;P\; HHX8!dMI׷FAXM#Ҭid/ƀTHr*^L=h E4ϢW̬dL.⏟=>ӖLK TGu `ƜlBv˴`@O`T.~y@ªED L">Ԍzw 쁑'NUYZ5YvI_zhfָg[=xѣ/a'S>G괺)JHQ'%6?+(>?~-eFԏ%tM?*zhf"ͳ73mbߌZ8Wsw QNv9 W5SoV@{x]iC*XBZcNf%~QD $BKlN:(jǑ[< gD͂:rOJW٭5Gz4=^ *ǓØIQ̜ߙ́%& G{#d+ @ D8Z{>￲irH1 &g-٨9Ҥq+5.|hR,1 Wug@QxD݀~^U9w`{l[J)9sJkXjs ZV@Δ.&Z3?˙jT FfʈY8t&\|+H#3;CwaNS 7XzAaOS;oM㒿e!0 zcr1BAU }#)8v`ƚ01qIץgEʝ BQ5H(/j+wbw+•P4ۏULJAB3 Sz3gG*hSsw9 HeQJ!*SJp`S $ws=1!p.vw\i6;k Z| ԶLY؏Y-5B_f@ Y}jQqaR'7H8j=^Ӄw*j{X#js 6lK yM&HcSaئicK5FnW.#NHZu  uC.DDخ#F阬悎7D[Ld3x99֎ubb8 P [\ie?,SNCIW$, !HcrY _ L?%Ci4%pnuĹ`ƍG;ۖZi:E/*y3 3 Tm>v,b؉`?LD:M W3oMv>.%"mH>ycS們5}W .0FyJIPJO90%M< r3uզΧPU#~ 琠1ݲh F Goi?fF#9Mk^¦`BBvG3zxK7Yα|h+wj>ٱ啇7GT-(5aDVg_\UM^BXzk(?-cm]/ɑRvB@HkXx,ރ-:zs/ҲBٻɵ$F%ٸk,S>t8+2bX79mv}5 zq52 ~?B6d?BƸn ڮ|+J? u5|#dntwc' V6)R.*'@; &K}Q;2)i=67\,v01= ԖCs=sP7_+u ;* ׷:>"g to$KҮ޻j5j5{u(eGukK%,)1Yh8’ km-c ց.TkcSA`Zg ȉȥ}OT"_ ٩F)a Dgͯʪ촄li3xs[&u-PJ-/{em[A17,¦J6MRK\JŽ.&9?Zo|: !df݇|Lk.Hh}*xL|zߔMyo'2M ?AoS48-j|H~~\ /{%ܟrOK^_ߐfX}PNw+-VXrhS kaGeQx5*=JNxb،J="fCYXgbZeGfA"2@_]΋yV>MavQ uT ,xآb./˂ݞ,3P!UG} zaw8`v$ "Jtk`]jSKI;webҨ\[{OPGBa*a"BdQb8Rs( *|h{SC~LGbJWnɭd- X(ohNh4M>X3/&mÊr\<~JEe8.l{gLc+X\{ z4D^ffTz߈7`\Zb?'K!+W~NN4"A&B4OgCh LV(i##ܐ7ig,82>/X-pIbZm~ȕ؁Uw Y,_kc6旇&Zbɥw*I$)9G~h>O:vsy=+7/Z%?lkjZHmɅ vE$7w\dX;S5$Y-T YYVS6dz&-Rߣw`,C_(Tkx(JV;j7ݘGEaqqL[ٶ҂&/ #2z܆G*/J;Ϡo#q tX;abjuThaH',k֎9M\Ϳ}IH񲺸 E3[9tbi=KK:fAH͞Y1Ia0%~+9sKK,XO'ri>)<R`lHR¦|]ϵ+^;z*Jt> 8fITo 9K.b %`R]n1W=nD <*^GO7}@j`\piȳgn',}tC|!0V+qOꈹ2ɶ\ACsPypk!9@}*>*bVy2R$sƆ ˴xY{oo&؀GK[~hѭ[/d'[>Y,Sie6:T :kF/j_e\ Ɏ _1> [e>xJ;{vYXVi&g$#lqNʘw@lTe&2=^8-u^oK*yl% v`=eAZzc%JEJx㦔´:o"&$#OMtIoaa?l,|5"L )p;^E]EY+˸2ӹ.MUL է55%XkjZM}qO0~Jd3 ph-L0#0id ƚ y}RH]{P( }i 8;/3U1B=֤t;z oKId&LH >-b;%pOF ?}ls7!Ҷ-3(0 wohFMz@HD*!Li͢D/EHё  ,1f˄oUDdF+s(Ķ͇4%Ef;AtE،]I p՜:YWnT/@s-3(ا:+g a'!Ⱦ ֈܤ_I8,.%-Cm\VjM^g)Tw"503z> V'9ih$GqxŔtGh`^,&ҘGpB^Ablr WOb a>Mq8ICn4SZ6 8Sn +4:Mi!h ݥبh&*ѥ?i'JceN# VQ%8{uUN~Ƚ9r@wQ>CQm|Cspwgd֐nc*!@ &O$l>%'rn"Kp^XhSR(S#"|1Kt嘕X<7X0BmAU汜'˭Hz0&) jJZ׈4:RfFnZfqN(M/cV^#M|?ަJcu \6~S2H/:Fr!nj,BosQ?فvcVS3*<ߟ5L ׎UYձh@8-J U/Ig!t=)]2] ړP.j~@ZUPu÷{Y&px:xb-2y27(ޫz]P]?5T'1j5*S?P@!Ao_͂"ݣX3r|XH?_W`ZH[5l9+h﹯_x\R|#mn uGOf5hB5< bf/\0$ o~ୠ sNrHg)רUt}[p*U<1K_%H 4_kꃾraW3}@&i^Ё(FS{h@zfJdlTѳ`Drr0"U,vdc7~mUTy 8I"yX^PRd  ~]m0E bWsSaPV01i*M@| ь2w|*b( /UN2ԡga99)G ]95*: Y`![t YM;Oױ̨`/j"~qBW u T߾\o# gVʺscpx֚wpE:b$xr*\׮<M|"lF 榿*TS"s:4j[Ҝpv.PPOU#"(?NQKy>'e0r:v{TfYbaF҇Uyp|u7–O'T. gع ^Ta b%pEv!o`l1( su1I F`NLY>k2ڒXA·S7\9h١s$&6RTң&ᮔ`7F&uómìRFng hjAGXN>D֞ ["VcSաgQzS/a4Uv.d˒'a:|fSaU/iu%x`0s0W#LE1TUr$F, |=Sq&J.Q+ NfmkLd4Ty:c쓶':ƹx[{O :Y%R9Xފ`#L÷bQLZw<Q4>^N|rM`L_tz E6zD\|}QJKUKo\]0'DG>c`b^ v2*j)\R6N3!Ew,Q#DxLu<oƱIZ< qP6c\hkN&8A1ITQ qۨ|۸7lZ B} ) / Q|tw{zpHaxU"1% zoIvQՂWY B?bBit"2 73жH 5^37:ah`MZ?a?ϡc9 ʎEOHlXi!4yA&RHBxw-YETFNUjdS';8IGtVb)o=ʟ;?) \+3鿰 jF V>q5.:E+F8z`E۸hvmxDpoSͧ/{o{ۄS_8`5ɯT"!Oʤ 22{8NJt~::gѓgiv<(0) FGHITO!Ӓo,]Uo⧳lpG6) GG]Fe z@Kz1P y}S"DlءtAoF^g[gPd?_qWTkp30SMit:sBmL$Vz/gs%x)9"(7*O`k:<ǘ:+U |վ.}Y =#F(.+a5$iKH|ZhCCO٫AUN& b%/p8@îN6)Ɓ7k|l߫yE5Djo/ϷˎՑNsH={4n  ~B2BHFOLSH$G'eI`V&FM>@Qtl WŹvsi_U[&r2te <{N5 ;0 qG'e '2?HG#.r;Z Sa;h.kKZcjC͘JQ\F,T;}-eE#ȰRb}9/(8 jUju[V#2R'7_?4Ul_'S)~rz>>H t 5NC "Y97` lݯ )#?1)115bd+̕U`pMB=Zy pro?T0sͳ٘fkcLz F>]򌁱~#1z>4=YNT(!^m(= ,mnWbqT<.r %`x[ԓrcԺ7}=ŋ8~ m*|kwyoYRtddY|w6X#۪Ys=GzLK tfWi$plOit7r}Z.ݣ-ofΰA| 5\_Eʣ%TqNH![q̍15+tK " > i̢H嶇I]tшwD][GvyPf%_Ûz"̘I0-;KWAbCoq(vګءQ~YC!xVLNeݩ*{ɑўاv\v[' 5He]3dLxXx:vׇȕ[֚75vaYiXJtT4Svwtm}'%={C]ɠXw͔.1/p0M>_"'2a[93^Kc$R.r;x&(9MuK!=JXardNei^uVM5֞hE7:m՜oWBkSg VԿ;ә"%zs8% 6M*PEEI,Gj&YsD9>l5I#GOTi5H ; slɦ/֎R  7y9/Bh" :OE{jW`h_2f >5ZgM2*E 5+{u q ьM ͇\df~1`%e!&?Uk;3[hFO)ϡR-GVgWO>+)gZV/Y@ G#^o#m$C$e& Vb6h3lv B򄤗Mru&deeUX*ێ\&'LK9?Ԥ_J'Й۔P~*8{! ҽMT߲eTz'̿bqOR0-B$^y,>Wuݦκڡ̛=tloP1y,Mb*$iw ES VAr^N0)pm(L} ksr$gY%݉-AH ? %{Cw21LJ(kʧ[rҷ/π߶xc^S-zY9bmswi%.OSVw- .:xV,n-k؅).W9ևa86HL$g xyRDvcɾE=TS]2sv짻-GteDliO͌nTkP)yg)d!po ݆ц|9E;feA@{VF=>.ӣ^ I7V+4ᕏwB@ES\Fk1b-*dxS=}/v}{%RY|8:Hg=T(sƉ8*:zj7GkwNĢ781@tE_se&N1&yEDzIJ]MPၵچ&Bҙ$txYx{F\IsH⟕ >0L{;T-@ 998Hd}orF (];|W[k[,y/PG {C$7k+= (F)ՁmGhR^5jYabiLY2`߄?jZNtUH;F~`wz}gYo '2oHa!ȉks1@ap2^7` .͡/h #t H1}eBzt:Yup`yT$V^eB꼺3[[#e$C{W g{"ttwC(xxJKQO"ߩsadl̢^|FIGNGh%'JxߘJPSu9ٕ 4!w5xof[X|y mg_ |Wd<=֗󙀿!pI{-" ols4`.q TZFф-"=fEbA _`kBؘ@|?F]ϟfv(4gɺ@iC/jŀC5 ;¬k~՘TI$-@ !oWa0`2r5g/˰2UlHirmPj]#6-*OٽV<8k|=cLK /nK o"6ݰ/* LX\F{vK_uߗ3ǵ$+$ rhأ~zm'^(7=uo6'Jpн6uu+%K/'K`@wS-J55;qu9Js"q?o`XRfiVoY\ O5Wb?ެx{ƌPP/c 0\ rӖ|]dOGVJ YuK&vX;ny+S#3[gҹ`xI*(YpG5A:033LGx@z-dS%4䖂y69fN2"b0b x Ùl]'V[ycͳm$| m[7/]Փ4=on؋ LLSOmIIU륺4qƣp޾ܘT XeAwۺS䴿B F)ύ\r {Dӝebx'Yn Ãi4 l cʿM0oA}fg7?.%tO>#oB3PzrdSJY5QOESb~ZMQz6hKwW &9/_'`CrwÞWɈZD+3f#~wt-U㵐8k "4q1gRb wÔkw4Vki0p(]De!^:'4301w-:@yddPr}._Io'h<:ԻOxWI9』cɴ=z  y܄j[MՁ)$r5 2f۞𢉖Րk UD[l/Bw5) +$׺0ق=Ҫ(|4LsEËD*rŗҷ^}Nrai|p3 m~}υnbs!5}8&v€ϻ@nb%ξ^T V3,ry?N| nƏDRk9^]qWPr]ݿVN.I"V)?Vw ~g;Kԁ/]Z,AOA1nIdO[_ODx ȗAj<(.?)ػ ~!Y ӧ譽ܚƸ&}]\ t<>`S \sa+{j\gZQ9Fbwf(Q,XǫjRT3h8'װQ4B}u0P\fzW`"g9zCZ` 6Xр7YLVq{h4ĦHA{T f}; ?OJEyQPuw34Ew| soв 2~LpW9Sr 0L]6V IND=~*N<'Bu)$ǺmU%/5hwH0ې|;ٌ&dQs_D饔\$]x, g5D<ώE{)V+s a':k*>/xڵ/Ί n;8Z;)TM!Ë#^VBϱ0~CP@v(B|Ð(L>*_U1 x[i@n64 Qw.Yh}VӪDhrJj5\:l|`c Ok #OAid/z0McQ78ry^]+%^`wxvzH\@t>@Gޑ~l><޿nl04s P6!10i;H ;x[!"B@?xky6k!2X"fz8@bpw59,Se  >zcZou$zDg7EVsȤ 9#jȋEoB|js[2n^`vRiC8;[\I:+~jKE>Oi!ü"x*'mE[7dZ p7-38zm/ :, 4\S WYwRz5ľØ}.7]/*OJ4JII*U7RmOVh7Aeed}҄}yp޵:bp/pK<\ \R<^!-C'`|+@vWbzТ'U$BQ"\,][oL?aNR}FzH)ৰbߝBc}b0j|MVu*L8՞75\ݒM?n(6vdۼ "dܿ2QM%Gȣr#n޶]e,ӮOOX/$ "کZ<;#)eڡKon-ZQ B38޾?NXO68͈x[zх0 S,D,ՊI mM rƭJkZxz{L(Gրy"Exm.gP#oyъgz5{;"?A"#8E+^v,}%nEB@ջ[3rАbDο#54F0)DŽK`X$^̊dZ?AJԡtٌ5Y~/%tztA>fg+I; h ] ʯbW`֝l!fe ]HO(1.:SZ&RVOU$(6mkB`h[:V׋-KMRKgCݽ ]k/|%$j̫=WkexdHW+ Dvh%yg)G K)SY!8{d+v5#B`(LR?胾  ' _MM_}##\B }SV\!N{-QjCp9h+y u E>E'b܏ cz;L$c S3 5=nq+@Y]ZŐSqY/CqU^NқiÿK$]g,R_qj9|@6`gBׯpB#bx +BGgB@6%T&)PxGy[\V6ZFA x>#?Qow;#bģ&]c:AtkUTk{S6DL]NLlgƈh;/z64(f|;lb{v$q*ػ8JԱ4CR,y^v̍͑qoo~"*⏍`βilyJjl"xšy),vEKw*xU7;J7'O,O-d; ? fcz(o#"iѬswdZ mGWDֺ\$ jjV"Wdzvޯ&1^=B1ۿ|H\ x{ֲO+DijCAWL?5(v"3)DqPI%;W|7'ұR6*s{YUu/x \ŅlmeTف'*NY-hQ\}8 S.&Ի  Xl$Me!ԗ냯#ܓ87 JylV2!gQ" e>WUpp.^sHBB>eN?$D-e{>jݺBO b! )GL:zA|p@L-8 7Pl?=IƹY1\Z[q.$jk4Y[D/>hT#=8Ai5QJ\3F30oQ?U4ȀJs9X|y jr֑f([e?;g~zDx4@ nM}ĕU/u.EO-#j:,-v6ixi!4u$Kפ9oq\]Doˡέ Y)5 _9 zt9f'oa:*DTmWTJHՁc-T,Xa("uhB*v8?M bwR0V)}nZkU7+`9P0P\ .S'pUN)yXLV`^M) J\?o~( )*Z dXAb2 0p|cc}Leֽò VX ']P5rV c,8`BH5X\sT(ICt6%0oߕjQ_!MZ1C<+97ɞ]zir d> =AZ(p:9)Vb`zߺ0)Zr[ Kh/K&+w6^C`02&Z~;iyY Gjno08Ǘ"AFj*]!z3$NkS̬|^.ȝ& 3Ȱ&!dO m%bW ( .wCuf&Xlmd+oT]H%?l˕O(aSsp?_:^%ŐAn YK_ GO޼&S75B? /k[QI'L,V;"9P%ro8递Q^x4:/oW;_P_ݣhH]T{M CIu5'$q)X"~hFyThm|ےBeE `+`1~!63PK46'~vK:$C$OO8m?'_DY3qvg#|Ç2&œ 1FZ%%"ɼ #(;RvuIXR~ۖn.LQol=' 'G[ƴNzߙ q⭛ˇRcJLYUw?1/ ͱ&]p;J@3a>VG"lqDӹq܏``R;lQ)lA (mft뢞7_,XҶE,{')SfIڝ¾KpIvec\3ar_7d?ñjp'=^/foL58O k>rD=f65g_ ӣVdXrO̙F~;'p{YBϰF0ns&ox Q]F&9bu-ݕ(6Ԃ"eb#5pa \,pVWQ1H.S-%9JEylXi^J|4`iA@ge {?M#[&:T#B+gJTy8[/[[6?e 5zr ̞Á Pa:?& .Mq;C if'CŽC!b'~G8/֧z@Kjehd!UlګRG8_̴ݑg7l _eęU2bGFg T/xr#`Id/w;㇫4{g-qoLrvh@ ,hhoDFr*f [R,_٧QuVwL + (V6kbXMV̀fN l3E%P:Ѷs24;b&̼2uH/Wy47:2E6mXCpHXeS <7Qwƌ1|Dջ/o$<6cRp+f%E;"XSP_iفvtnk7Us<MK7`ЯN7mibOwע%Wb[=ccjgyq[?ƒ&M8zЏufOO=rG"'U aR,Dž]@H*K%9 qNf-'A0Ni/KΆgwlT$YSw5jbÌmj .}F|{46];_$D\ǖd).HիUq?ۿhr]5'S>IT]Qζ|=bhK(|7 UIm 2#/6ѭ5?7hca= JVhw?Ck3%rxRUanTw6sZqQcZ &]9i:0]1MX" [K$0@/~@drQwB^n5RJ Io %6L>(X Ykw I,pbl-[l BK,kibmI4a ׽آ:D))řG 1b}4r9v=ԟ=O"9D6PdHQ4}c<[88Hr3ya8|s}wB}]TUҜՎS n' tX[E'Qin4Q:(T%4@jħE)-NR" HZ@_IF;&*N'M Dއ%V#ܽL])DW!x}#䖍7Cdjne5 "<) #.ԷOdE[R|(Ljª_/^ r<6٫`d1M:e.;cW5 J Ոo뻪Ԕp81r #*qM"K7銧F<]Z< 3#ծkL<=5舢\ CelY;{I>IЮAع-P|?Vxnk7VUU[Jєq}gttaVStp!}0ʀ§8#感{$!Xp]mRѼ[xT/${;scDGž.>7:D:c%5ZNLiIV2V<]WiIԷ7ٗ9N @cU/zNfuORw3 |Za}xJۓV K-uhEz mP48£Sp`!t5X_WG+Q6]Rrc*Wi``cl 6e۔t1T\°r UX%ZsJ<8ӎt8HGBr˸" mOEiLxW@Η!;k#Tƫ]2k!ȣn.w 静V.%'#-i7z-70,ּUKp!<?Y(DФ"΅=nvcTwH Aكz &*Bc>Y6GY9!pȌINl99|ZeeIwUũ{iF5W" џVg-=nF|UܣFjPvYj\ d+K\a?@԰"_@KArxUph)&y==U=<&M5D0]bF9f hF($gc9 @WR6m+ mAX]Z^d_~n/ }-$u{ KvD59zlf[-Y;-{p&B\ g7U}qvxD0Ҵx>ZXp>x(aUL,rёZ. "OqXo5UTog7fm^H6+ɹJ~O^:".`\BʎOJYv.pe鈺j97w> L [{T C? SH=}{^uVpZܵAc:~ G_7MEhڪCWA[L[%CEd@,bñOHp]C:sl"<?~,c5AùU!ѷfpg7~r5bmR?xk@;6:$C供@Y/:΄Ny!MUgZK:\.~[nh&2@&~,[#`NiAc3 qHr f0fۿ{h jX$ S]f%$p'w갖] mSn'`Tb)&`L$>DtYebDGTbkqyd;dt :'Mި&<`D],\o1U8ȢBO"pk \e>Q҅KBBp-~-2oiպT䬺@[52)Uzslqrj绅oADkoRg;hF3왫|[+I/c>"?ª{1}+Rof#|!wC2|1ELp̴@3Gs%ڎ*o*};DM^ryM672nT9VcycC;9u.Wfi[+A3fu /ɣ+BY=kw*}Rx>h>*H W%6vNEHrvV#7k?S66ce>PC]烜^)/n1mq XOCV#!WA`EXY0`!T;e RlEB mY~)E3bjQe7|Ϛ?cް"S]_Pa=o/D\mUc 䇠)q]^:^\Lot+8HiyaL^fNf?x , C)쎗ef9c_ Wxѝ3e9b\;B.hULgi|H(l:nR( J:􏼡W}vi^;뽧t3dl2j']P~ C*JF ?(_dAym#ENLЌ_l^>$5;OM!**94. gAb%Z|W^EX̆b|\j-T2,ǰ'W O@ܠʑ~GްqO* M8lGԵhPٓUfFL&8% 6< Mj 7Ip|w:;I^80J;&+K\%xU"ڊsEˆwt8"' S 1:Dtu#9[|}i8`v!;9 bpJ{=)Wς.5::SIN-np&%=,8YIvsJ_14H}P;jzO/a.p?Qͻ\}1!Ȥ:'H@B?TVa_ $*.{/@Y-r*ynGOZQ%S\\nh!s *8t +>|ypPai|+3)ܜ1,-lƛ'}=IՆ#,i5عy/~MT;h] eA„6;mw@mupE%99=)b逎91*XK:H{/ħv28fsvRvIFJ#(mAqmjw>Y{;7ȃ0xt[ 7'Wӯ0H9VqFwonԕ3Zc> oT"sp]>Jɀ &I8Ʊt \k lw˞>*F.v*CgEb L/Ƹvu-zԭ m+d%h~1NV!EӮgȎ&xEu nx/3Vw?y^Ų+2yЍ)c vK#sS_0F-͖9KH+ϛJaZ.W˰+}%3]Hݣg/1߂(Krzn[*L"Y0* YRGKky; dA3v h?>  /8%@j&:ԴF!0/; !XylǴϋc)4srL>x;V=>eqH:byYmX YM9l݂?fNtl1J AZĎ ~rܴ2XMjōdD" Id,j魕4w[xwl4Y_PoG?ӵ9i!.a.T@lS` g])9&=yKȆg 7!FZN4cߺǘwkG.-V:I|٬հ$XŹ2BulXpExlybl'e͋@tƨd͹p<(K9w8 OvWXnS%8JpE1Na,(P"ZB ApYb&F̝.:_MQ1e '’k|nT2(v pA6X3Bz5H̍"[R Ah-.f7Λķ81+ 2m kҳI~q{ub{Q,ZhQ{"Z V VSw:"^B`U-=ҷe 9Bg"h ]4]`ffv0cGK;>8_ 몄q /aNx7Edӄ A픊D^Yqt͠\B&4f gו '*>x~#Vj Ql/ b@M͋~jM& 4&/Y":p L !ZAY7}eCzC%Ψ2g"tTKÍ~5-p2Ƨ8n'gxi0W5P 2x6G$2G({>B!RFˣXc,1Z٫K%6i4Oɜs6i(L^Z%"E tÿypfQ:}^1L,~OL<}(P*l`m;شcZ|V|Q $6O{)k9Av:&䚨Eh<<4:9` 9{TL=Jv(cL,vp !*!j0Q .vSoKA[Y(C6I{+l3ɟ,'?h/;Щ?m kӑ+#!nKbjrVr>$""q7``C7mJ.jaCkj_;_sR9ThGgQFâXƥ=M"3~nm$:+ {w)2KpA hc(B&+\PiiV\Ԋv`V(n`ijypꂓNs[xtsgyU]dQI˷L}vo6BI!kUݣ]x$&hWqIQbX.?xP0-\ X: [o>-wFWDѳ/Z3.1̣^YdEѿ8R.;8YvH+FI5XFIq65k~¯7lĸ^A5r܎P#eMLڿ0`mn]%>Ql4jnFSf#Xҧh .9m왬幎 踩GW@B9lNRm,=}PZ|oQ*$8oe #D;[M2V&nxC>/_ <^8Wdp6sTgN WU^| Zq< BQ\pn̑ܦ)$98XҔU.|_4ݴ>ArҜ{08G*"VKRey5Yt  !N) u׭@ӷu ^Ԓ||K-=ܗn))REh:oUnQqNLsD/gMcsYRbW7/8~" i!\sQi;KW!9O` lq\*;,1VH,RR$2hto" (g ͔cLpG זyP9ʦB#&$`gsqxtUqrFLp[8Z0 Im^B.^ͯ},ވ+m>6Ӂ[ow`Foߎ*0񀋋}+D^6w#Sz Dmpꢵa>yglkK-AG \RTm?u؛&{^rry7.߻<4oDܹb^7 /N'cM.?% K}=K^^˩Ir+QmM&3н<,`G8ZdJs/gzJpȤV?$o֣QV`7E  OT\jXdjuoxu#7u߲]M ~FP-,.>uak^Q'E`j#MʞwIX~cz0-okGk+AV)"ph\ hgw%N_jg^/[a/䌑 OYlޠ*`Sz F:=u FֺplHx⊄IQi#=H$urr &t[Z|+sϬ񻑡:3!Zm}<"x)T}O{!},uϬM5خVYֆw;1ںqܶT3=`%O;BP&onj& liҒaOh[^2%ݲk07;"x1r22vśj 1 jᩙ9gkܩ9rRNpZ;ZmZJ7Ѣ] FN{0堨sȃheoM@'EКʬ|'U9T(&&p a|9mb(y# YL ?^H9}y4̠z ZZ "E[*'83 *7x+~09˒Ŭ֬g[ Mu@n`JHx sA]%DȤF^{ԚnAͦ\\#q~gMUbXŚfE5pdt`~BYx˷ PBdrU"k.NJ+a*e\` %JN&=L51iGw $N@n!aU+ԍ' =FdYɜ[tL;oB~$l[{In2j]jX%H $9ͻO(ac:nj3*Aۦ־%](c:8ӝ{$²(u7sFcc9/XѕNE#uU`iO}'坒jf^tH#cxX8JݐklaҰ(=.rXh ն#WA|Gxͳ~-5YՔsopB֦fv)M~8-$Qd\ F&ʅjIWUuUeho (irߐlRgusB#4V glIT|E/ճ zt"/ p`]R- 飶54Y#B#KVNdlbLeT3¯~9)' v/uO J OUOrM"o`>ks,L*=!Dlz r!E"k3mDxT{CL n=H 64nժ #7/RAp/1. Clq)7kDSW53 )h"+Q-B/U!Z(*XL\gնPIr-Q@mr?B(Z^'M-B)Q\T61?)nQ 3Q^ p8'p!Y K5;m4Uq(ƈ'a&<19dyI-؏?^),?휸O%!\gÂ2{^cKa?, ;%+&WZ~\4 ҿ&D0slm̤,ɤPbx 2㴞.Ep\_D}w՗-,##[v(&?Y :X8nO9 U!HV2 q@8»w^뗯lW+$ڻooFDѿo]G㦚:znSE'qڴBM2c_5bSF͉@Zu*^g sfasSM8K4@z,-[<)@4gtTpc>? ?UVhgh6˧TDCdO'+7W~.ru5h"%a(:89p5,E FD(/쒇@x.rlnPUҢQ)zވڸ\kS(_9$w-yt7TLG'cy+e@{mYex~Nj(oFߏIF6mq RwTS}!` "bXu{ b-1'ªMGë-9ܯ} i{s ^Ƃ]v)Hgo}YpЎn| 5f߳}-㔺<~GZ ,evrk"W~ F67 7\>.VK`hֿL?/ #l _Y`zXOp>:Mu$Q_5*?/If Q6|(=_^71T0K^\8BM}6y]~#,)뚞Z45肓mj:Qg b&Sydb-se@c/dpv[N˃; XLN2 |ttI_}`ɪsGhRi[؃SߓFg3z2ueV-k1ba^u?Y`۱D~/pI U`Avo"-Jx?01| fX_c8uG:0xs|P ټǙ8PZhcM QTȀ*b~|F+9 a?Ç.ȷn4Χ{ [a0 ,S SGɟiwf,\? vS/VAJd[T O[WCwΚ;kY;.WP }R~"aߌ3?]W[4ĹP^DDz[?8DP껓՞4t烡dJ7rfUD"Be}N՚Pa}K#ii n0/(D<`AĀ${ġ?mAIoΧ)5WaʥF1<:ܶT\0aPBcEvop'RRđ;IU.hQ,B1 K pb_^#MmṖ; *Ǎ"ϟK~`wvub$L1Isfodё~ ϕA}TDh4t\3ҪQ*Pɉ΁[8VWhH濽((rr7, PaU 8xOn_|}ؔKW&2)ok05U1 +V!Ӽp@1љS91DpFT lT)]Y: Qb s1 ߂bcpaoMÊ* K;?q h̥Iv}[\`8Ɖ}1۞~y/ǘ4azҁlą4fj򘈊I5)-5X@]d-86;S1J졭@{LYrM]̶% P̷tџVü8wkPT/;ZzNz(6!y`eD4VҲ?U=ѽkd6`a/is`fA~\]Q]s'ftRIM7VL1X}eQ2i1rzB<&Wo%YqbQL,k~̢7YUG$dJ¶ 9K,u<`} B!`J[` #"QُTu "SNhd^nOھRNr7\Ufƽ76k}0{mw;Y6GZUU4#'vN<DTj@Zev.xb!KٝףvޅbQ871,oN?n{V md59I)yܾrZe]қ"4qr{'SXGU0U{Pq'! nBbMheseB]opYYh35Yfl ns.nP䥍 Í"cъ%5oc> tM-D)qz|Q$rm:8`lj#yQgA{^>M7{ׄ"2:kYi{{p>գY]Br@NIx'Qp3H`*8BQǴ%l:?H}T\$NS|Elq/ELkuˣ]k^E}FnmuSp51^}CU!AWHN*\_9Z{ʊJ, >(`Tl pg@6cqO'{Y*JuTr18s#Il I}=y#-jڽTZ_;}rʀ|wY (pS LbYT L,5(ΠEf eŢR$+EN4fߤCі§g]V5<8M[.D ;hy {KRĹx mEE9X_ i܇0m-ms3jHfl롩j[KXofٵN\6RѨ/ <43џiZz FB8Ð8+Tp~[֏qsP $VqvHAv>ଃꐞbXfpM-oKl- =A)9Urn5OTTӞ7mC `$g;`CJMVm&l2Qw.2t$#NPWD}հaŝ*zIL(oeJ:p̛(X}~vC9# /CG"3DqbKGGGAB X&Rq= Ak<-(EXZUw2[84ʄ<DUug z kH|ehkq4s^[M0/NGknik3vY1^[%Uh/뚨޼#K]׵LA3z9Ja ,GiZ&͸Z"JnULz|',uH~ V l?w@'6FBz VJIt^54b^Hvq=rvs'yv]S9-ݩ'N2$;f >5j)ae|}˦<"2_5'$jm[W !j@7y5)heg89^0e|LN0[Fu{ BSX32׵|lG=GUj{Z~aI#Co`9%Qi~\{Ų1㻶v<&h]ޤ.Uz߶ YZ