From d8739cc07d44bd4c01a30eeb92db6e96f9a0a772 Mon Sep 17 00:00:00 2001 From: Bruno Oliveira Date: Wed, 7 Sep 2016 21:11:28 -0300 Subject: [PATCH] [KEYCLOAK-3346] - Documentation --- SUMMARY.adoc | 1 + ...loak-sssd-freeipa-integration-overview.png | Bin 0 -> 40604 bytes ...loak-sssd-freeipa-integration-overview.png | Bin 0 -> 40604 bytes topics/user-federation/sssd.adoc | 101 ++++++++++++++++++ 4 files changed, 102 insertions(+) create mode 100644 keycloak-images/keycloak-sssd-freeipa-integration-overview.png create mode 100644 rhsso-images/keycloak-sssd-freeipa-integration-overview.png create mode 100644 topics/user-federation/sssd.adoc diff --git a/SUMMARY.adoc b/SUMMARY.adoc index ae858b1d74..dac2d366b2 100644 --- a/SUMMARY.adoc +++ b/SUMMARY.adoc @@ -85,6 +85,7 @@ .. link:topics/sessions/offline.adoc[Offline Access] . link:topics/user-federation.adoc[User Storage Federation] .. link:topics/user-federation/ldap.adoc[LDAP/AD Integration] +.. link:topics/user-federation/sssd.adoc[SSSD and FreeIPA/IdM Integration] .. link:topics/user-federation/custom.adoc[Custom Providers] . link:topics/events.adoc[Auditing and Events] .. link:topics/events/login.adoc[Login Events] diff --git a/keycloak-images/keycloak-sssd-freeipa-integration-overview.png b/keycloak-images/keycloak-sssd-freeipa-integration-overview.png new file mode 100644 index 0000000000000000000000000000000000000000..60e98167ec2678840875db18c7463beaca49bdf4 GIT binary patch literal 40604 zcmY)VWmp_t6EzBxkl-%CAp{E^+#$gU77|gijQAI2m*m4GkO!XAee2oCp)pT0mK#zQT)IE8+v`BA z(QnG%-tggXDO=`w(*@h#cG#mZWay>u2D!QA(Y-eRMo&8_jh*F-@%!`p=)b9l!zU5) z3znj8+;gtWH}f0<7byuQAkpi&6OWxchJu0uBuZZ_Q6x&zDBRY)Bi2agyRv2j>z9T0g-DL(X9%kO2950T_vFSF$p-gChs&Zz{! z{dcoyU?P>6+sh4Wr_=-3nzTZ&|6S)TYbW=*+h_dm1ARLplbrpqxD*O5kth%4pHPsQ zA#DHMXzLNRjf4*Q-@8q{4Pl~jlFXIbJePf>xN?Q1g6Eu-v29jyO*8T`xb;$aX5 zp_ic^rQ83z9zgeqAv*B?dN_2A;J>M~|L*%s{_;jsZ%0d%qbOh9m#@T79QRB&iUI~O zPgX6sOcqM(E``$BUV9`qiza8(L=~_+)?#?q}_XnOT_(<0?*yLx|ba9q; zjj`o#+|=ZE$9iRQetUh5A%R3G&K&jfA$b{bE8!bUMot2Ah`mEx7n8DVF7Cwj8`FC3 z0aW5gQC{-t`hLhzm>8C5Ac}wkOU#YPoXN>2hRtjqknIC=+sEK$D(sAF=|rk3Ie%cm z#PJW8!Pt;|ug6D0;O;EhJx;4b~|n*4duV5?orI191g+H2>+37@WV8o8n6K+G4kZm-vZX?6$@t@ z5xOz|ZO_XefVac#tr8H^8r=H*H!)ki@&B1X0Nqle=)nIzPpSmLA#;Y?s2hRY&Dr4S z?T^qtWjD+3*-}W9RhggG;-C+}5XH(@-7>YnOO!|q(f<2N($wfJJWbmFW4gE0D+K>v zn@0Zstc7{9vQK`}W)l)~Hi*oj2(!fmEh-Gh=kWKfITl1^!NPC%T z?k6c#E#?2b(d&?OPGzhS-og{HmVVuuYxkpx(RT9?Z=h|wbVrrJ{=dg58N?jK+}tqH z{kp)f*$#!Hze25#-yUGtEcE67F`>IPdf>B$HoLY(SpAa6L=#&)`~;F2}#VksV+a+B1a&I>)R&O_>IQl#UO$SEybecsfP z$?RrjTQUe!BL&V~GUJ{QDxP{v?TWzI?pGWsgwc&FEPJ|$UF-ih4=|;!u7k#+o zd9QzZNF&uEn5SfL>4K-V(r$2N;VUO1KOumHRSlP7cD>CQMUty_u=sZx7cYJwiF*N#dU_!Sh^^G$72&s|m zvVhZox2ku45LeoT<8qw06hVu8cMIswbqUOSnMVHx?v$}I?kN2>{;@aL#BRGEeCxTy zJ`DTBTxx~$V|iZOn9K#d|11Wai8A98MOxS1%o+*_v$6n+rbfpPINrFH%W+8B1_sNw zkI0cnuc)wnY!Fr(uiWbplIN>MPRu{^dN$O-&)k}yF~ISQ+!CLxEa1mAJ=T&4N80?X zUZlsW^ukp2apGU@sEG4lOS_pA@j%nvt~Ppj6+YRC`tHA_PTW#<#zowm^4GHdvx{El zdca4B1hsr?+RpsQl<%_eWeIszO~GomBXuw+>sZioj=O+vNe6CRrmu0q`MIK6@T59z zu&9ZWZ+JNQna?I(v0T8uBLKuGeSP6XF^L=a+t(nu@ZfYYQ77CjCUsL7wz91m?$>A$CWSzQjp=6F)i-ds2%uJpx4qeASYWi$ zt%wa)7Mi%C^%>RR<{1{|*FkS&`$nQlI{tHf=9`r&rt#bRr#lCewWwI|THvjrrgGjC zshjtCtDdJOyQlBpu?n;mNUVHb#`iw;dZoTxNLrFoUWEp}mslp6@;yxcfcR;b?KNTZ zsnnMGlYM6D`pH%G#@*GU&L{Ij!Iwd*zr>8FrR&d=j>FeE?hd|Ll~p)hLKvt}67wmZ zza*Z9k4@2g_J=J$kc&HVZa*%1(=wM2_RGS%IUkr-9|dvA5uWzvPLlsR}4M zEvp5aT|c`QZhFrCxM5q3 zu+D@-Cj^wJ@{=+wFV&9I(IMR zgz@-DqW4;0iyP{K53YvEZa+Nfq_*_gXTLW-D)sC0>cK9Wdld8`)|e-5PIPCX1E7-T8SL zNzL9(ulA&r_2@q(spb1^)KorOZyy;Vy-%Y>`4s6^MTi?(Cp$9NM|`N=+TSaM_LhsY zugWMWeRZnLr-I)xYko2wB)oJJTJd^detfv81*wY$?!SNhBHF>3a;ir698Pw|dJ{+r z5^eOGG~^Wx{OWeUmwUG!!ulyeE|iGF|Mb+>csQ9p2#7?1Zn8Kpp|?*>AU+uP$FP)z3i z-Pq_}zd#VPvLT|^3THeR|LRti;RQBi)Vv_CJRXHq!M^*e0}ZH`kXDT)rGNm5cMvWe z4k@X2_wh)A6LgL8dc4vMRtE{gP0DKI1K_!iIz(Oes zp1s)_Nn=$v<|LMpm95m0LnUB&^SN}U(tL_xZ;YV*OYh7=qLVOX0Hr+P;*_=I4g1J+qTj&QbuLq>=-u(PAv)E%3TrU=nB~+@Za_((N4`b`B1evVysa zY1@Z$l^!=spr~EcHCyVDd<7H56#bFwrNiZlkY)i;`oB!s+D{FRM?*^>q2S>D>3DP| zcLRDU3=uJC(g!38@;2`z#P#+4Uni$rQf>g0;`%^G7Z4v$SYx%&eN?+LT)X0B@nb5- z>0sJ&u`crZXkjKOm?w;wYyF@US_2{kpvq3Nuvc)ifOEO~fc3TIGrWljfoP-uSn&be z6Zf7>BBz;k6)^hkgQWQA^EMJpvnKD6AoI%$ zPZiz)`G~ZP483{__}NQTOw4K?v^$#4-O)(tuA>3ir{La7X*@(Kywc=> z#o1=AD@_2jc6=;hI+N<_M9~QkF&Qn>H-NizBU5k_;&1-*GgmD4$G302X>;l-Z9`MN zr`VbGuIhNkmHnwp0<-TLBXi?~!Ye~K9s?w?$oc*%ELn+AiC_H%Ag5CCvipe;up|hd zAFhwsh{Fa`1mc{J=J__|Gpf%LB{8hJ9!gbDu&8_>!;~WdSlLm!HzfSdyQV)epIEND zk1~EMiitK}8-89{6Ffh?xV`6YpWF3qTlH;|iGV;bd>}3DY9>R*F|-~2_7kf~y@UO0 zr)y%CVN1R44)5%_*YF+#&scSgUq>Er23N7wY94IBB z!8dU{MM2>Jgq9Xwl9W%x=&|A}`EE}LdyXiQDY%k8xX0GRmj@)05yv{Ndi}~#EI+B8 zFKl49TM>h+LKphwKo2^xyj$HGWVn}ze_PaxvYsAiV+l|zUk93y>o zCvkcd?jSgajsA$suTU|L(nIF0r=IdnYHch(87@NdH=o1 zH*bMi0tdU(QuXY5UnU?tCBgBTikeQ>Q0q{#Q4?h#>Xpz5RRaNT1Ww^D5A; zQ`AddoT;p0baT8^q*WVUZ82kiILn5Ei#v8uECQ!lW7(H28)q2{ps+jv<7I)cmPhOL z@bVjuo9E@8zCOL`}z~F}#xK1IN&xt9*c7NW6sJ{Li zlj74?w4OC%z)5_1X5TT@Wx9h@7yz8R+BgygHx85GRQ(-_#(KxI*UYbdc%Aln>B5u$ zN&KURb(wLm&A7VjeJxl(h7N17$Oi4_endGtJENwhUEkU1DXv}q3LG@C0F17Vj*jIu zWMD-;RGQNY&?RX@L^mW;dHLw$<#OEIvsG0nxtRT;qZzdoW!BuxQD`AX>IRbcT^mEJli+`5~1^`;d?IYNKfy-hV3m?DhFQu5}eAE4YAt4$*tEunKV>H9dp2iLdy*$w`Qy;3&i_e9>ml*#|{B@UO9;BqTBcZHdZ*Tu)ZZLym zF()f4I{p+egvJ^%;JhjgGznUwvgH+gE$Mqhi;IH7pYlf`SE{s9_uNKRJ}WEhZF=Or%+#!%S-ebk7PB(ot28n7NWrz-<-`l4~wr_j`25jVCRC zcF6c0^)`DWL&*fD!m(-rFEcLYKZqH7;S1J_u z5J-~P*M1dQ%%>~7@rjAN;fuASqptdkor~1`sRkPo3 zhaCxZ0lW1#7Sl!gLy25Kd#mHn1-7im4^Wmo%x5~+;hjAql zhq3GlG~=I|<1Vl;l@%QI&POQp^fPr{LViV>C5Z-{?_x<+#+K_@Fpn_y&K$+Y=<~K4 zF0|4M@H#Vh@h(%(!&D0KB-%zs6anky*#tb*meSL}HG-IaL|Rf|i|B$X9go_O*CmpY zh4AgE&g<8IOc%I)|JEFx7If>k7ZgMlCbn9B5MqwGy?vajIqCmIi1yvC1TFEgu&}QF z_cHPzA5FOOY0eNbyG(^Qn%LO~W81-eee&^+n;n;N#^)D22#!&XN>` zr*CN~tAaw}qlxB;-;K58$f&={vSL7u@D!GOS623pJv(Lf_`(AZsAFM*jrJZpLl^}K zX?-#uH<{Niba$7+Y`Tb#(n`#9p@vL8k+ZnwO+AZa5<@V}9zpiR@n3Q^0=&#uT)CUR zD~?;ghQL}));c`XmJEW3!EN5dQ*Vn?2&8H(W?0^_{u~6(bdhnLPP3a+5Hc7-D{syr zs044lzY>~%<6H(Jj5$|>;aj_}#(lMcZdShvC1R=6LD9zyevNzF5^z|=6iy~035)C? z6>#$%g4+DLI7vFazNVz^jDppg6L}AZ)9@9BeBtl0maaSrU*G=o>*M2A605Gb%2cBK zeW`AZn>mAh2aAHj?xK#x@odI)3cpjZ(Ln60*+E-?oy{;d%YR@3OX_4+asY=kODrHf ze#lrMO;`dLvXg>ua5zO^w%!4eWtgSPY$CRX^2n5IvD;kG!!rsDshHfQPcX*yN(tdu zTs@E2v;RJXsKm5ZThMl5`Pr@{?RmF~0RWpoer0=ms!#5=OPO>9xYMoYr;}$Oi5Xu+ zs}0xo%PyKxohWT)cz}-8$P+hwGWyl{^+X^qMk@b-wPA6L5er!#lSV!xdtwg>4ei6H zPl5Vk0g&iuaSs^fdIYKQv+l#}^NcW%Y5jinyUJ=I9GK(TWuC~zt35|I_keG?fSZ?6 z8g+O7)ex_}Zaxtc!bKtWbx#Q9#;Q2L#ix|3)8rCK0ft2ak?{OtM8x4}o(l~D9+y_G zbz-6cCptHm4oHe>eq@O%%U$GH3!c~Z)4_y)4jb{{WN@49hGZ*%Heg?r@DjPLzE0%G z2L%#}_g7nx@)3`$-F77Ny8bcfi8z}WIWRrmk!q|tda)+}U6)Ldsk}9k&X!XQ;uP?w zIFH)@9&bUl#>(x#Lc2Dz%9pP=X#BDv@A>LaWes}5$%2A|KX7nN(5?~8Urb9q+^trM zsVtA2etCi&_?4Ll=E1IEF@r~#Pnvs21kib1fWp*LLoEq({X_;@`Fs}&vWCl7g&aZ7AyiLbBj&Q=KhMbQyLfo8To zuY~*UK(PE|(MC^1rSTB)bcxPDcNmFAm8nwD#<^ONx>7Ey9g30$I!T>v5A*MsB1){TS{hy;`0*VX z8H}G-V6GDT1IO#(_UYjyfy?3@A}0BN4p=IJoVmQ2`k_5I5k1&o(Q<{q6(VtQKQDkr zDNdID5oIWeE7z6dVQ`eWKytz0c7TxEpusJ_bBo_*#XO?RvZh2?KSD?ru(86-notOJls^`_Y$urPF4TIVN1UD6Z*SW|zuK%61<8?q+$Ut#kr^MA ztxhkP=bzci+Vj=5rPHkS$A`wM+R4aRP|Z0WMTJOnIg(g9d=Zk*>&V62gB@! zQ>zyp)^>KJ0H~m(q{OWP^38j9@4t$JlJEdGTVaF>P#Wpr=cg-%Gfd>`^$F02L!cCw zfioC&8vF|d*9-m0{-c5$9uL7s<~3F$X~mfQf+40xReU#Xoo~sPiGp-7kr0Cq&OKk| zYpuRi(xMkl(+9T$j+H}yrSJ!^U6%yxj^>-x zgJ$Z|QI8f}W-d@fa~IxR5b;>|1k><0k@0>DdNrqk5xocpA^)y5?8@ zlO}dQGt96GGXaNfIRWvH`yo1w&S!%hBkC%@h=o0P2V$8k%^oHcMc9n`@fK2eLH-C3 z)U*SVKjr9#Jqw(V7GP5FQ3Sk!#VMinoehzsRL!rm!pHubKLvePRiw_x%=NZkT(w&? z?WKZ&vXjw{vgcF8z2tzdeZLrhy&<@6JZfJbOwx05J}Yn&7PqPn^ zb82w6MwOMu0x>#2EJYOMKR>d5!8MRXLpgP!U-t_z2bx(&R9mJwj`)fGU3lBmz$DxW znQ8c{U4_F_1V`qt?23ZIskYqs7rfj$a^zQ1DXDu(J3E%Ld%s(?=w_G$-thVH1Y8Jx zb8toRk>86Vk0+=F3q#g`0@rLWA@S?2gG0zA0EV^W0&3iE>D|wZ8SL2qSRg-)40<2R z6-wkRen1AxcPk?rne3dm7cy$#lJ%rhA-^4P;`hsvoiQEny*HL<{;9?^N04EepP%pI zG8@}id~LWAt^F+>F>g%#xxd=-sd3w|ej$x7PW9AbaG1J8d!XbxzMrZDvz#O!V`&40m)`(6P(h_;aIc~0s zV0IuZHPp{!R49l*RTo?KJjpoy@MG$im|K;K&x+pY#Zh80sfg1nRz)63CEpaj|EmQ+ z+f$e<`(#Zt59vm4J|s)c+o`CiP%qPa^|DMaj3*Gu3+CW+o}zAiFgz&o$H*UjJ2_Jm z8Z!_5Y1FT?kI=hB0~^{{%V-=Z+{69lN!a$z5Rs2m>N}s$W0VtltiCymA?i(auv+&1 zB_AQ7n<;txV7JFLYo3r8BXhsaWkd&4khG;=Bme!2hEJvP%H1X?e}9LHSqK-z^Kj!^ zSkQm$N%wM&?K1BtC_7ion=@Mf#L)qQfno1uvQLDU6162udVXSa)fNO3xr#fxW0@a= z+qZ|3>Nmm#%#Xcu2J{+GS|a*K$td^Z?=Q_VCJyS|_dS_htjR}~A9z#ToY$7kFjaWZ zMh5%00Y9<)Gkc|U7irMATF@;Q@gU|mC? zCf`28?KXG+`D**2_K4}zbqifQ!5fQh*~zk0wEdMnYc}K~UYFDN6kfNK!5OEg9he-R z_m0}y=Gy}{HwrC+k2i^r&DJyXZl()lwQnYO&wR12b7u|`p6(C-WKpb+95voLJd~i& zJQWn!udS=V67SbHvsf!VJ*jE<26FCvb#=R4T!GkX!*W6BKyj>u+sEhSJyka`=hF8}y;lD8&8Ts5K(d7;UqxF*9o zA9!1xxrg%fg*0vkD8$iGsm#?C8=O(1fw*71H(gA^+H(70sS%WGGIBm*szoFuN-|DW zr5{EvhNR?F?L+drw^Bl$7L(h<)l`a`9dy!6z0jcRzr=xvZ5*Rr-0qm|ODS}>z)$qa z-?3}71~nCzoV6k&v=hiA-SAAPfw34Zg7vUXEZNW3BV|qanLE8bv+DN#omzNDE(^JRejhl zhFRe}c@W^To-TSuIE)xz#uBM1lmt2KuufE!V-638b2ZU1E(qiI?BfpIocd%-3Eix3 z;mjn+?ya#FvA@Tx+v zG$^!aa2DWzf@IW8HxIVHZ52<9j~|hVrqCgaxEgHB%HIN|km`H?%sk_yie%%$sO0R3 zl@;K~0b4%Qt-c^GlGbOKBVQ_29Q)X^jo<#@SY}2-ekE8gfHB9!n%|sM$U#J;L5Svt zfVnFNn6Wtefy_axG4}$h5{dK4@({;}U`M$@&+Q2KN$mOQ@rW!6D?_0$rEu`6t++1N z_f1O`q4ng`%n6vG90UapoSetyD^YhRMki=CP@)Oxo9XTA%l=)9$lGeVz^GP=ul0cn zB^ctHMxxf$C*=MoOUkA#`vxo7U0ly{f+!_PYOcdMxL?|D0&%U?dG=XAn_sJ}KL-I? z>z?1JgqJNEP;9Nsobns0D;BVik5!$?Us$%Owt9EF5rN8ZTG!C@T7OYTaXu=BX$LT{j{IbpLYLpdR9CS@11k=fo)FXZm&W#-rW#h{Ev5-zi{$~? z7~q{hB=^{cd<`>mDgMMX|>O_}9!E(TTO4^ zq@X!jIYv>bkzo;W0?Vn^SH|&*Zf*$3J2*#VlFjdtMgFncwCjc@MoM0{92uT0DD>xE zoT28qmp9m2cYoJhe?FSGA{B7`**$|Au(7ex(I3NzjD{Bd)00x%PZ>m4)@S(Z zZ1E1x@rb}bV?t$tZ8%l11J@yqk+k6lD%mU$Ee6y|AyJ9prL~C1DugWy>9RI>IzvC1 zzX1}cosn`OYqjz%cC2*jsM8;JK_!-X=Jh?-g$2R%GjfuWHB+oPEjZ zw(@-mRLXtm00HFga4F)I%k5n*TLbR`U&el1OiBmfYk|rNz=-!uRj-$x+4~2{noWtI zS||A-!1IG<7$`vB zp2N}hpK;9gG*p)3u%^yOR=TE(erP)K`hZ~rH2W7Y!=#FyfmcJf)B5f*tZTDv2S-ysCq zkU~&$yT!#G5;f4A7F|eWXk-k5=v;3xdP4l`{QXxK)4BXVgD=sW3eItS^JcD(mj-6b z4N&*@N76)e8BPHTnn@y;%6?JWJwTs;ub!4gw|O|mBHsnrgdg^RTm6Vg)S(;N@|&&% zoqu({8GhM&ZycZfnO}5USE^6Q?%hO8VfON4O5*qPA*$fl_Xxs-e>7Le^U;S>=KtAj zY8AyaJ&QIrIPSH#{)R_JMqW!WNsUAi1T+V96qQq7Ra8oHjco7EX?_{h{x0~Xs-mot zZE@08Z9ie%_nUI3;mvr5E`nz!LLKIQ*u%f&ygj1LWT^CZ3zZ?6;Me2&kobwO3g=G8 zCA@cB-SuK5+M)~VlT~)rp(6zC*g#5KVKgv$aCG_VMHetGm$MILQ&VP@xn=xp=g>vC zh+<&NI5{TvNw-HH_4ls> z z`J9^8p(pwNc;??1U8}jAu`%sJt&Pdvcs9Ve{`vEVH21Zl0x_K0xaH1C-OG?+Ug0j@ zzHexos}m#Ju9+e3k6&NI_3cdwtVqk)SKz{ljGM!xMWc0%eyl$;-T7{!5|}NOlXaXB zQ{_7ez2E7L1q2I$#161qJD{qM*t+uk1d>-?E&qD`8jXtIxirlxA z4wC--UXj+7ut8U!7#lXWga}=Yby2-r-I)We;_Z326|-51`3y9VT=d-7?f>G3vkqIp zB3>+;tm!iecQ`J{K3QJsiCB%zuC0!Y@iWqca167v{>!t9*}Zd)VFAO-b}MPd zq?wea6M>&Dmi%ML5^?^gyB4MF1|FEJoEHcf#;&h@r_e2j`z&aqkRn%kHMY1+tVQ4GQZU1-x+8=hL@Mt-T+YuQ?i;@)w@WdS zEAT8YF81Dmf_3TM@XJD3ue1ki8Z|!)`Fdso7sfpKtv7j>q{Y?>v+dIj%_a0?s0m)E zwIPCfj^Ik{+e1y$>GA=fN9TA=LYOc)Rb%O3M$BbCXfR>?j^*RM15wHL&-Jh2&J3u% zdYqKvF_udWF+knYVMOSr%7`%tQ`&YgKZ)W$3@g*8RD(| zz^j(08|d9$tDCW;=GSP+5%+*2`q7gbwpeFm#<>dCY(30`o*JAK(7(p+OP|dZS0Rx( z%%tw_A>E5ML|q5Hjqe|r1y%>R1Y|?qAA&*WI4)pguZGApVV3}q@NFV<+BR6P`?NnQ z?UnTMox{(CPw$ErI%X(5S`l@hJ5!xdk;=t~Q>o~=du%}go9lf~&&CtW|ASS3Wm$B!d2?zh;5dK^Qwy?i>t>K|bxUalg~bGg2SymQX%b@-{7Wa{Sj${>s`UKN2 zhC<^Lqs1oEbpwpZLEFVgQ6d7OAlaG5x@J%Pl_oVkxTD`LtLIaWW&5=t%BLQ`!Q__F zbIwDhX|Rw_6bm;XU$@g5$#USzbPHJIbetGlSSi-L(a^<{xixZ3#LDn^(UJ5pCy)+V2iI zjH8gfQCX<}&L}Ek@O`$(==QI)*GIEkv0T5bLejKLTsil@@Kq#~WL&*5pkpTSyUa2u zcQ+BExb=qL_};qv7O&AV#UoNI)&?V#Y;J0Ms%mc%KhXbHg!k`j?BalnZp040sz;Mp z*5r}CO5|ig*KmlP9rdhb3adZggaJybyqjSKK>L>{_c`pxz{_Y*XDQndt*s(-|M6Y< zp8rz-iu<2ltqfpXAP|UHqw~@2CPWb+u}ho9Dl%=Cb)K=Qv>HF14kZ*N>JhcDn+yuN zk%4`#U5mplSCq;m2K&1@qs!>L2b)G}OQXyMm_VU}eYk?1W5H2hH$I zJVo_YV%l(TFzrbWo_e092WjQhE7sC$^2 zl#cPDr_Jj^7qcg%mQ=Q^&2G`zxhdH=jrvon@gEbr9Mpe=d8DG7BeAZ0(e|)KmA^_$ zOV=;(Ysx5mJSX4~SlGW>;(X*HzqKYDz@^mRf(#z4_!0QmQvWkRd{5ll*(h()poQNj z(gDloxV_3^#e`lUFbk#p&Ow8kaH8%M(YnnYXkS-_PE!au^R^UhiB`37oXCnV{tVB` zyL~se<9~-6U%`&u-8@hZzG4hilaSydJZ~ZGJln_-6JMSh-mfN`jRkRKXuJ+DJETxk46WX8>kn-C={j27^vpMGA_fY2*4@&baU-dW2O!xgF;Yxs#VGLF9 zy5}_6Z%i(?q8AVQVRJeQb-+xT7B{fvW;dGV{1#18QyLOM0%&^#55P|p4>!+kTLW?Z z8z3Z={Ddk7!suDF6g3rEl0ezRNon?cO4d%0n{M<~33e0@-crts1_< z-@G|;TB3()KN8qLoNNxNxKMKpc-6<&T|2Mj5FPns8Xh{2Zjt(Y)AUT^$9g)_?M=+v z2vS+_%7+6j$usbe=b>mCyUx;Ng<7%|>^bV7-FO(M2PbBz8KQR1ZLy6K=E!=riei*B z>4eQuHz+dmY^boqhAk-f80~F^=~5$KCml|$AYkq-04hcB;jr>WO>vD;IBd^G{8gKre^0`=Xr&JpFCLgQ(jUK&z_w?lNVF&mhyQV? zgYN9UX$N^|;r+?e&qZ{}0n9cf*sX|*^FBnJPE^iujTB|5Be!C+nW)ME!IpOa&WKd- z?!D|U9GTD%mUwTA@x^SkVU3|^*Fs7*f2z1~ID;nvu`v+sZB1^%*%HHc&*wpy;;e8! zrl+A{L>|0cJ+0`&rMQZUb<$xx1d;pHs&iK0go>U%veO}#4|I)27vAHr?ji_i2=nYX zU@*0AqZ4Su{LfJZ?4m{$n>)rAtK zwo0#)Mklg03*j+e8<|m!3Q(a zOltg^z;Cdg{qIgv0bwd&0WqnHJ<9`>)kUi#iE?^O&<^ z^f(*%FIJ1_`iA@4`*t_WvWc(U=n{EsWG=Ru_r`F)|0uOPJ|x1yRdjfQ@v+d-RDedD zwRM(Ek7rPz?}|;Ai{2{SrM$tA9C}Dom3~2=pK}#b>K=|8%>do9!_IJV4T@m6%Y=1| z3um_0Nsh$3ylB`vvYi1;=D1hwx`c{>n)f}B@-J8^A|1pZ+7~_GcM+5<01AHDDz8JVo(QrG zyA5NsFj9k)Zx-SH!?iE6Y{oRtYa;%X#St5|nc54}8~526QXJe@?FsxPjm?=jqLcb$ zji9X~o}XE2CrIu0lB?_ApD;+8myx0Gn9nT6aDXhcIaT!6y4g4fyZNVIN=Yx>WtmY? zQKsWrK|}U3*9YFojtWs}haEx}CVeg-fMXoexPG?)UK$M7HMl!{m0sQbeh<^x(sOw@`~hnRR->1aejI?kUST$ zvAwTQDh!W&K&Eg|!@lAq%xu&GbQZ?`ti~d)284vPimBS)ew$ou4@I5M$gosd&VEg2mVaw-xQI2-L($x}m1XF5 z74}c<#J1roIs;9U5@?zm^>0Y6YLI2R!wm=3c_Z%zB`z)?kl*L3h zr_I{+En&d3sg?K5rlLnTnJFhqs} z2=yEnB~Ql-M!m-`%lY4HhfbT#N_O6<=>Kg6->Q17+7w!7VIq&|=roo&3% zE2t4pdg%rv#v&x_1^5djB&5GTJ>46-YDcQz9>ZvI}hx^nBk z#$8$HbT`}U9b8;o$J3=gc6^W;Ytj1H_M6h^L|i!-AOq5|0r3jJEzZX}`9HI`r0l4P zFBG95Lj!ViMB2-SY2=G&eDg4N6jHx%C7CT`Q;AtOb}g?>%A~Y6jL{d7+z34onuMq7 z?f9$5dJ3k=?m%{@X6z?yBFenB=HuopY4?D0O{24Vo*hD+DkK)-4aa}I-!BhB&-J|d z)T2$&loEciPu8JZ zCvulUhaf%9DlTt2Q7?4j@l0e!KckcdvrW*fLC!ErdVhTTKwa{)VQ?6|9M#v28e)5-_JpJ(kL!^cfB|-9Q}(1EOj4W zK~i;JwKm?cQrkaUR6($XMU@5cZ7(ichbF`j*wp@lsC508`GV6y;q8X(*tL|gb?92^ zPiqT~M{@xkh}V%Z311pnQug?&SjpU+)1BxR&eM#VPb6kmaMqQIOVf)s`1pZNWN{(2 z?{8DDkFtmDb?h&D_2CjD+#%p)jyhYvN>EP+Lq)%-i8%Uii2X((Oeq_*W@DvX<@!TYNv?#dc`4RFMkXV~AzK{YmOO z)Dz|9Z~m#6mJYwi;rJfzq4s3GB;G>`K!Ao;)2DyOiIW-_p2V#*;1d8BRdiGbO z8Wvm2+-&!iiHYLQn|6`)canZENzzw!{P~+aGRw~*+k)3jV?h#H0jH;o&pnp{jRZ_G z%jJPykaujWL7+Ow^Z8_k`g?EdwL8!l9>dY}A7tYL(~*u8)Wt z48VOTe{T(UQbgF%&^LmE&Y1?oPBKO>=_jEP9~wVTODCSJ2Vo9iPMtn&$5+Y>x2Ru{ z#fWKIH{^KH0VbD0esOWp(beS#^je(t(WObhP36z0Plp$MFPwUdA92R(P zv2BKZWSL35vd_G5lPqo2X1ow!HW1L>({RVStlypboh3_G%C8#`2uWDBalq?*NUEgc zkK9#(+O0hub26)gey6EvSd(KAVH?X_GkP?srzUEf z9Ah-R{Y&+T8m9SUvt;xOE7||m0^qBVpWFToa3&0sYNzw84CEqNv%sA^H4jtw?#3Rto;f}bI*szrK3X(DVw7DG-f)1B3~2bT`|ZDUvU5|qtas?0 zfjdWyL-L3o^3(Ho--gsEhar2~NgZ7471>Jp2kiI0Hv~f&pou1nS1fIUKv$ypYpj85 z5l9Fby)VeiJwm{}Hq)%bpYuo{S;@8M-sqz3k1FC!Y2_p$ifep&iV&k`)AmhMNAMnK zd>BfPelY!!J>9OpzFsbcAKx43d-yjY+dx$%545u@VZKl|bCo6+Lp&?18&pmq2bnob zHXGIWwP!HD4N^guK=_AioLa8f-8z_NO8H>Q<$HNAU9q_2!zQCMkF(|1Pn^aE8oxSw z`OX>dOduAXfBz=!?&)sU%bG~aV{8QA+liM3_mNCPS`~HG{ny162*X8e(?xq2VY7rn zc_vdUgp}s3?kCMXfI?daXmlG9c@{+Va-UzOMAlaWx|5Uw@Jm}SfL5~ee#X*S0VXBN z1Zq+dDQ-z(#D|SJ&iG|{pFN>l)no8$c1Xm<1f9*4jADNuIPiHsV>~Y~tyg+H5O^-60B&Dh@cQT9tDbggYc`rx9Q|T+g}) zUa41^Vq05Ve?EJKA!-@|w5Vr<&(~Oy+^m4XU*4vgqOuL+11}z-DDoYXA40i4bEo3J?Z&6 z2d=>UYG$#1Vn`0dH3t7I2u2PHR8{jTFCygs{r_X?E2E5%U3RvJm^9Hc?IyIW!i>26`@q4REj|9jWEANat6nK}E+KKrdFLTD0xe8lC`)m*)w zB$3O|QsgR8ukic(R|O1Jx4x3-MZ6dg;u!9NnP>GG2PKxV7WiOuG@Ejaew>vZLyjpgpytM zz~EID#tRILt)CKP`heuPH&-JQb9X&75jBc67^Nr3;Wyp3ET=klHjQ(6U!viaq;}J4 zYKG8i-Dp_oj?)J#^X>@r>rK2mKJz_VWqvGgd*}1LaCDr>cw?}>U8=8PKM`lG)YJbt zvMUI|I?s9c0)V&QzIoFQL?IMS`w?U*b_>M9@G^m5Ll@Q;yl%s?Vf~(&283d_a~suW z(%x@)@3m#WUtV5z=ILXy87B#?K-nC{U-4ZaueBu)w%bm9u&{E(uDgv+Ebsbes%vDY zJfDqAZi4yEm)j7z-O}A3E7Ky26h>tF8){B+r-Hp213YDG@2d*FOi5iUi^~Vej`o9FyX!6 zXhkBJyoekX13^Tp6Mt51E-_&c;q56jwAzKad~|u=1zA5@-L{#@^Xh|du5Jc59FGMQ z2mtiU&Nwv@myH!rxhSZ5OieIqZ5ID*48(%c)M~zVI1|UGa6_p;>ML!^GnY!;f~BwJ z-z9Jw&n%Rxj~}XBmsb^4bP$4ln^KoVB&o+`zKu5h`u6tiJ82v-Ma5SgPyN23;8}&d zQ0nn}>qGbT$tN+<*RQes*v*kp03n~8=QXDHQSH+?Z5H~$gwOr3BmQ2e?P%4IC){S?&+pV@=CEsdV@|(@!IU$q$d^>2jeiRj}>t074cWyc&f2TeI&aTBL z7Z*-?wNj(;9I0^_72wsc++8eh=O*f|f%s8u@X}KL3XUKdF7wXR^J%DJ-%Q)F=e@g! zpmMMClaHxC4U6&Pg)xFEaePjs5Z^qv?(mF@7qcRvQquM8>88e?9OSA^OpJ%tv@E+* z=|m#EDUrT;_d|eoSzR?XK^Xm`_S5M0@4h4B=8_t&+|czlIW6!}hzsyiRukA8pi5Gq z-($K0=47(TAH;T|U(;3rxfTmea3B(MT7BjXZ^Y#fF^31OeL6;qtI2`z3~f!ft-LPx zoed^w+{WR(N>M8*2%au9BJ9g@UX2#XiZDD^!{EIf>9TLW zIOLBS<%J;Xc&+k+)bldVWB7|ZrgVb&EL^;^sa~xRlGzQ1eX$@XR0|CoM52}8_wzeq zu!pyOm=C`UTu1HN(KJw37|&eXE0a#;6xMP7ITt;gAFC@qY0VqqPriBX-beo~b!fpe zFMF4h^vjXc)`3)!i>0TaZV=t2qK%$M<#=TwvQM7 zx>~*xcU!fbOqqrkbhgU0O3=*R?(O!ux0F?dd#5dx`&D=!8uogxC$ZjsqFLk)n#|aH zQ|dPpku_V#*Vui3!hJF*4>!PVu2XG#t<11mHi&W(8XECENpu8JD^b+0I<1n&G_suT z?JEQ9@1hRy>PZ`B=0)y2271c2lS)FKG~^L-8JfjYn_L>=dHMbVpZPDE&hSB zVs-sE%iq0(m)GPTJb(WD6&BXVBGr!q8B0m z_p%+5aUP@Vr7TYMs*MIgj^O$f<<^4QVlZnan#{DywCVDyU2@L(y|?3)NNSWrYpLJU zG+|;k*y=sj)Q{^t=MmhgdY`fR2Yt(m?LNV!!SDF<6S=j-cpTy-s#P|Nyk1^jcFte! zqq4DtXHqbQZll}oufsrf4*2}VPTYS&6jr*wku%XTo`E9 z{YymSs^cgpSL*A`iQlQ+KS0;Q$UL2V&ph-?0sbfWR=X-3(TnZDb$y-e0zO9^HP($E z6M5TtB7txBd*R1Ob$tzHrrtiy))9GHy_1jt5kZ~ym1*7aM!}Vwlht;A-dxy{!E5SU zXYV!btd=rPF}U#dIrR&j)xI-i`VwNtEfP~~hbKoUD48;B(8@u+#&1uuD53T|BFORw z)#l^@t`%8Ja(wWq=8>&4bmP52D%#^0`OL;K+Z!JRe1%djzi`dUn69VnQ%{K<-7P6P zHO$rx5j`)}4p|kJX5wy`;2*km)>fXaHj0EuzeQwpub-gdf9<=IQ~IIl?kP5a@Zph@ zLqTU*QclkJk?Tmnnl*P*zO{_}!Z2#Sa}8CCj)6~qv+9|>by?le^1ymzg-~gDCygAl z=|od_KpV}HEh1Kxbf%t@iF^{ffBlkk-41f}NdVQJ@9PwVgPaz(A}P!z%G>K(c3Ew{PK7hi&j(iKNkWi{g zR}B7E?DiZJVHHsR)y{2{4QzQs#z$E47WrTJ{CYwD*WZPz%4G2U$l;818xyOQ0B`*K z56q!Ce0{n@iHw8Ny*Yfuw3Xvb_(~L)8^h467vc>%BX8>#5V`%uqU2W_{9^Y;6VTD6 zj9{&zk=9qqK3b)fln(sfMRpfK0>rLF!3=@t+mWRa^KD?Pkb=suj7r zdGEtYld7#zVuk*-6Vzn7RWyXBU&J5VZjL8)Y?!3z3+Hv>nb?4jI`M(+e&;eVh69Aa zM1Y-`lW{Gulv7ae3$^q}JDcqiKWJtaJE;q!=)>=C;R>ynYiMcd=^Bkr@9E;DccSAa zjw$j=NwhqE3@i}%B=JU`y^6ksQ82Z5AxDH^q8-e{nUti)K^BqUP?D0r$t$-0I0)fV zGf#lbt$p3SKDB)Pd5x;KzcAc6@Py*Dcj>Ysy}OH#=aoEtZG0C3Ows58I zd4sWE@Rg_!>q2!K%2siym-w5IZJ7y667EKNxo`6RP08o>el=R_gC(=up{P{dt$#+y zw_?jT^(W%5SckNI>Qjv2vlpqXNI?SOt5JnsEne8$BO}HMJH3H=cTSlv%6eS(7n`Q7 zkRX5~!s2`H^la04YGV5QD-91eahU&~z)Gx{j6F`q6>c==BxPgqTI zfI)+~&F^kI@rn%B8)pkF|L}p4&oye4-=G0-I%)0TNB8T#h@2RMx6ZF;n zqB+qB+pYL6G0V-c$T74bC~@tz!ey1+b^>37;Z{`167-4kR634(_=O?DoSj<6M@c$e z81`~88%?2ip1>b8F8r6xs4ea+zEF<+!?G~#_qvQ$EEyxaVrHLab?-C`=>~;N-}^Kw zwxUmY8#Q-x-maQz28zDqWDT_!E5lOh!8K0wK{P-EBP1 z%(wPF#N1*u#-se-q)lK~#O?fY_w?Zz!pd!_a$2#ChN-e%M=m{yB>P>Tt9kp-G{j)3 zcvW`C5OcaLk&%fhveo;>;bcRqv$OLt3pAjD8CTx%ao)2x z-wwPxE%?P{@@@(4(HZY`_*lZ_tls!#oG&UQrV4~y&i>^SDj;srX1~>FmN%f2FhIC< z+koWdy3Eovv)W<3&E`&1J#|#bnC}E*?WgHB7S;^Jj-hCwpRWq`tj1+0j>)xJ!th(N zfUrV3IWM2x71u=4J)P`q+vbgTo&>AtgJX!ZJI~5Ndyo3WE@{)O!z!mZ7ke50y(ng5 z+>BaRLY@rNkm*&tx>HyEpFv*i*9N@k=hk_aO~dTFOUV=hnk<*K=gmj5`G536UZP=O zn1Bj;V`GEG^+5Z-+GRJosE8g7k6{Jm*>RBx()G_K`!Ls^EgMIAH;5-vQidM?Hgyr! zABjaO@gGVVYV?Y9RD^t!=CB(^S_)t8yOA>DDq4C7#5Y;`P8;p}-jCVT zOV8Z<+o-NLsury3`PkE!gm-rDh*kT_cN3MH9UKigQ#_7n zBVHh$3^0=AXLqpsFh&R6W5k6ElpP_b@SmK#?CEtSl#X{sMKyU-j_X}$-Mf8_4Xydi zU3&ipo{#{?W~(;VM*J*0Cncz*!){LEkk&zO^6XqEk z-eM6%^MATl?9s|QDSx=fthbuNUA>rUhL70t3}_PmBGuV9WJLj`_1yw(|4A6 z#1avO!9qW5>-t!%!rd*r-RjIm)g<41ViH4rC`~tQ_)rqBvF5P`&F)3kAKp>V&D>pj z7Vxz(Z83~#f7o+5+jq8o)HP~!ZL7oU&cgf8L9C={*BohYus>3TkA9mHwE<_xONE1P z{lm8o8!j|8%#Ad@(@@$_$W-qh)rzo_!79vb{WBjb39rx&?g$bOM%-JJFBApxiLI&1PPq{_O{TGY{1f z*pXRZ)x+zyi2NsI5=(1vi64+eoia8k{uEpMv6+s6UOej*8u0^OMpT){)%ZgF*&=g8 zjS3I5hk|#QOSXa|1dAn~ovguz{r%KLP1RqS*3tjw>6*l1=$}&AGQ#R}w z4{VJw^~D)$`1^Pc=0gRvLpT@P2Ua>RoqLl%Bo5h3GAtnvKOV&J7VjB7=A+QHE%?uf zIg4xD%T8O*WYs;g>^LDw0(|wp5c7nzn|YNAXl9D1v?xo$L&o$=t?hrGNAKUBCZpJFeZSkFG++}Jo8mtn>oDI&+i z>;3(u=-+Hr{&*&kz**#V-hHi{CrcqDlmTQ`fL@S>;Z1FcEi1)uiA*v;h&~I~>9rvf zTi39kNQUcZpMDa-UHXAFZG;!L(^^XV@GkkZe*S{)9~f>KUoOO)azwa z?H;{!PL~IKV(Ivlu}*?NU4Sn_U}qK6wPTG=y92lpaZ+6uk4c>uXD{ zYDzt;xtf~+t#gK+8Ye`{kS!_q>NzlwM32mat<)SDAsAh`v$~T9FJB$ zNu2}DyiZ^RnGf;!(cH{W=DAlvBzGQI?n>w1@%8dBajg2ltYkf*io5ZF1Yaq9+Q2g) zXq>CK*|JS;GfMjjEhC}(fs+Nf%Kd06T}UW@moI9=N&&^YH{V=_=`3!pZyUb8y2DHR z1+7lrOPh+$zG04zE9)6pZ2Ai;ke_|3#*}8de9X>&o8B)uHdbzJIQKlUF(aer=J1G9 zbGf2)+=0(!uf3;74Es)#Q@`^WnEn?#5eWY+>KH#W# z#};Z!A(pwmR=}yJurrF-S3t3}W4-6oZJfAt?KfbWYjLruhRp^2zWCHMR_dKiWGTR2 zOql8HeHhfN-Tu=>r^v3a!y@j?b|!@4B|W1F8;}9acS3Oyc|74&s2CX|-Ye%JfIRm0 z@h)Ngh*-s+F5}Heyz{A@ot|kUpI~UYEvi~_*)-%m6U=)BC#3Rj)A)i4QxMu{-mO%%~sVKdFCfP z^CK%jPu`nRcUelo!9EAilsrmWsBAZ`hJ(kQH%}qMh7%DAgr(v!WB@kxd2@5~(FvU^ zO&E+;1TByhNK0F;tx1`E>6=l@FMipO64w!uUx!T^8>v}ha(%kfd_HICpyl$Y!ApVU z{{;P)Qc)a6kIevqkG}G)*P_|$wa{2k6fjw87-}~Z^Wl%~&Fx6zPAPU!n^$K{WV`3N%JTW%wlkdVj~!LE@kQOus) zVflAfz@GAlK7@!C;5@#}Ij%4$Ky~}-$RqO2v#+ItDJ?$Bdi_2!^oX6q6ncJ)NGO*oItiyPZC@W%_yi4HS%W z2~0YFfLMsx--1_;TSJ9SK`$%c)fA}oIw_Y;(36GfF!lh%o<7GpS@_n^_eDJJG-NfJ zJ>gP_$v3y)W2r$N|HHt*zzy7sCy&SxFg0_YY0Nx%o26<-!d@_G;l#`MX4>lACu|>m z+!&<~ge)Gc$r=p-9GC`^H<)8pjySnp*k7pdd0uF}?St27wRmuV9{qyzv<^BcZ?*h< zf`S}RnD0&LQH2-ApJ>+GPP)Hv`}LX~R|g)7hz96#Xi*rY!_W(g0O!ZS-6IkTkWQ3& zUsLQo0y>IV&qB50F+PRBVq>Lchm22T719@Aib69Pbjx`1JJ-V6wDHnCEf-5g-~pW> z1yXiBV1*FX;ivIHkv%2WF~%0Zb)=HoGL*i7kv$Fhz!OrTz%My*axoLPv`dQuQPFtdZf3GgE=q?^d2w_yHzNmyA$gOg=-PG2LI+7d3<6}?`h)rpz z^Hd)7pOJy>O;=x|)xNeWmmb6L#;U4u3RL?=hb*6!F+s{%J>Bm~hF)h&l;Fp+`DDVD ze{^!$V0W83&DgTLR$6cUVA%4?OqF}0Rl6_XNeLYza{#sxRzbNb(4a`t_77UZx7n5~ zwN0-pdD{A7Y2Z$Gd$-wIrhNM&JHX!Pt)lZQj-mFmzAx5eA0%gnSY7CMHuvoiPLXiM za97+}ZZT}p)Fl0r?B2j<2>lDyEb{ttW?jtO ztWIY}Y${ad@V2`%%2%R{3u}r$`paQdJg5%kB$werf=c8;F{^6;k#1H>)9Goqmo zFH&5KFe-6Dob~yyPSEDp76XA z@wg0QCHQ@=94r2uG(Glrv!1QotX^F1T;ILVu7k7vhOZ2nc>aV;S!+3unnDJXS6Zyz z{qpzrND;y@L!oV{Or54TVTF3mFO!aXx4jm(U#)$s=dhgRa#g9w6ze2wxxa>K13f1B zbY52bHPPIzpX|z?EFzE)(&cG0{DlEtEBSW|GT7UiqRZK4=(Rao!9jTv=NEH<)|N{x z^yO&Z4r#-)<8Ooyb|(niVg&ZjY)zJWN%7R$G*gyGl6;apuDG!6Z(l5WUa4tI%oKx@ ztK4o?ScMK`dd2M>pRV!uHS{stR}zU1Z=w|{EUS@&Qg)gvX7c$ zX*`Z@u#&nsjNE8#k4%yp@d(Wl@VyLf|H6{G96XM5r6RMiPOm;Q_Fzkuy{vLPaldNG zP`^AT4`e&yXDKck*GGLm0~d?@?rnOqUFbP`Ji&EaZ~ju~fLrzVP+>?7Lx}pI-zJVm zoB8`y-2`R5I1^}}JCdlVA9pV+gy=y&z_)D0wY#p5gX?Hsgaljh}`xk zTli9N8zPJMS_#RuGmQWrS83OU5(?VtWPp#MN#)mlefe~mji~)5^;Wwl>p_?-%=is{ z`MU2ZrIZ?5L8edyECIwyj!v91J^RF~E%4e8$n#D{_B`$ET~v4(D0V+%gsPQAyPaW& zn)j$Sx#7$;($+;J4;5q9+U@=|#}n{$UEQkZ$f)ES#@<^z zX1;Cj<=B=}xIJ>I{B}*v6VD||8^65N7))sSf(Z%3bi8}6Q6aQk6krLOk2=w;X3D>Z zgoON|ewM&`eke z=ya^2ghXg$-+R@bm1LfJpK_dw>AXemACRKH?^N{B;t1wziZXKj)UhgJwr`AjHoULb z6don0J0u~qh0la$5@9NK_;P8no=XLtatF zVdQH|Z|j~n7bjg2#o7>cj=~#|%bGhU)bK1Zy`RlK0URZ=1F3v|O*->ie!cs#u2K^GJRX^i<2sH&= zK>lgy6Y6V$6Ny>1OgEycicKbwNi0|CJ!wq&M~jFBb2W1i@fP3|xg#BMK6kjxgvmVU zWH%JFP^!m>vM400e;?+$x>nq+e)qdML-^f5U`N^hN*@$&l&?C=VU_=Ajp&~H0yTZe zV>-U%aO0o0A~k}aNLK?aluM&VAo2@yB;AeCrU8mq zZ&u4viBo=z=LEL}-Nuu4`)$;sUvNYHA*Q1RR&2+ocCIEJgBM47D*TT5i{FdFWNY4w z8f(6U4E^rF;l4R!dK;BN!!u1tYij3ICLy^#Redn}yOVE$?#pr&Ojce8;+|fnJ42T) z-?!*WobQy*Y8ccxrV?oF!>olU_X)F2H~29z3V7h%hn^XpPnKE@qd)noEH1JnZvlm! zVSZS+S~K|`gGw#zgRe!{-b^6MlEPeTvIk%@_^8Pp|@ z0;t@)nm*f6Imv$%3po(}IeA=>yjF@k8l?Sv9s+S7fxIH#MXsj<#g!$*#%n%eT>&%ujHk0WC5s3QAs8C-Ba6P5(k~K z?3@LDM#rVup-zR`>}g^YOS1mo&o3sb9M_4g0eU6i>>2=p0RkQs2*xY3qUp;~t(N8O zYjp72H83CkeF*Mrk+-iNLt2vDZRZ=uYVF?GRGpgQeU&Mk51 z)KkpDWI0$OW4Bak6W2==FEQzZOd!bmp5Xo0YYs>T>O}AbN9fPQ#6Ey(F#<>kD}Jmmc_{bI1>n#S+T^6SOc+bKcD*;*5WLWg-5$XYEcy>tn4QM14Q zkIAs!Xi#iHN1o%q9b^UNU8mb(C(t{S)72%55;#u+baZvXoz*rBzAAq+Uws1RNxmWU z#}X4-neVRih{sTZ8vVfC24WL)cWw-y*drAhWKuV^;nl3|?*3T{J;Y z5_(6Ma71jxsvQ4;`b%}oZ)^M#__4$4=6l4@CANH(wTHFa3|yZw2KQHhwyn(T^sgP% zpM8&-s2V;hnYn(qnb}-&- z%631@&1ASgWflZoe%I{<=fxY`&Lyv#tG6Q=0=Z5EYeei8b1{lhvWmPwuaTpG!$QRZ z7s-3T$5c`6al?O<WCuLfyK z2L>lZ^Z8ik8@IE{4C>_{cUZbPk~pnX#wk$rxtw_1|DC|cHn%bdhb2-IO})|*qbL;6 zt~5{GueiB+f2Kn)JPI2q5qYz;^igh}EPEHFYwOAv zA28bpMMC>F+h|1=nC+SsNgT18D%f+a3$GCun2r_O<0;1!80+I(kD9SGz8`f730)wOYz%PL?0sipx45ElUJ9|63k0q+>K-#NTH-7?` zNwWm6MK?;dh(pVkg`j_Eh>D&*Y;VsB$gN32``@s!g$)I;e~^PM3J8R@y$&l%1egvR zvjrW+CZ6?;)u8MqdU?o!S=t6o7LdT1?g0m%!9!caGTV=aP#uJV{DDcTak<2~jMtcs7ETk%Jb1P$&2U=soIjQ}@b&Z$Nyuu>sewoQNS}w;%#BTNx0GQ?F zaWR7{g7m~lNJs#Q<;|NnzlQeR-QBzU`f!Me2d~2L8|;p#Oqu%DHxGlW%J3swA@x%i z9X->v3Qs|?Nq_kn7T58)tqsD!Z>1J<3?ngo(!%QP;N$t==JF;o+I6ieumI!cR|gz*3wJmq>xew~-N5pFGL7LpSPa zsXUkq{qRpc)9q$@)X139SWAqe?xiaBFCpUt0WIGhzU8ztF1GVol+ZzWe1P8_QXD{K z)3S*NPQN@SNluwurLjh5OU*i)m+fF!JyW~y%8z(wk7gNA<$9%DsYREZFd;jczge70 z0DzBT0Pe?VZ1#Q80HF+__~uMK)n>7AtVD|ogIsXv zaQ>lv7K)rvS`v>@q?r?}hoYazz__~Hbo=Qb{XuP(Sfq>K<{z4@_buM-pP4k`hJ<@W zQ!K=AA5;3nC4AK^(YJ%-dja+r`V4c&lwGO3iA!UfLIksSug;%1Wej8hL{luLE>rBl~$)X6WBg)8-z07md6l{!PbhLRt7aiL>W=#(NTSblqhsk(VJTTF? zFmWPEjC`8%@%a7ks_^3KtlO?KNB$o_Td29k2qdr8wz^5?&c#Tc+5J&AKOY-jAq~0gs*Zb zpOOtpsq7jMT#*D6pd}<6!Q>v!TGB{|3>{B??XMg!T=XC}*O3Fck5O0{6G7AEJW}n` z4#bSjCuNMy7mM$GZtcl2tM`fRufFgj^ARAu!N`G)lg~bkm5B@>e)^?# zd|~A2(R}f=o^N^>KJ$2mp#-SLa-6uGyH2282>s1*A6Mj_sM@c+3-^19I52aJEV#-D z`YzfrM|zYTNJM-&YMLW*xh4K)0a%m9_Ncxc{?>4UhLXJx7sIJt!-5_!gqJViG;7~R z)(^8=V#x&d8*IHyYrP$!qkIF@qtmc|NVMa&fX}BKzdwJvP3!Q3#jx~DV2hAY?*8RMY(>tC*rd0>|m@8 z^6{Z<>XZ7j$kd~;{GZn7lGr}P9L~EcU}6CHjzClr0_F+Q{jxH&0IUP{K(5HEFRzJ- zWlS_T)7zyhqb9ED8apVm{}@l4MqWa^Wh=lCX}WJ5``(X2Ae~mA53byRO2d}Lfil=cQs!#*rmk`Eup;kTAk7c1~?#?P&)w8{;{ume-Y1dcQ5RJ<8 zVZHm#4bK!Db^g_9*w{3zU*~Rh<$SnUd#}IE{$p8()7f;k0<)PGwvX0iu?E{zu|~EN zLDo}Xq{9VvoCyGvez5-iJS;SH_2#h6bSR0{>vA<%I#@XqOuEElR{Rp$M5d}ZtDfV- z7h$D3@enN?!+%>bZ!-MLr4qRDCLiyZ`{fyu$Yuq#=+VB*w=Hzi1x#P^_I$Id2Wv!B z-OBX(0)<(h6Z->eeU=D!snf!%n;SNlJ@u(FJ?KlWg?8XB2I5*)05B)Q2B}9ErciiY9oN^{zNGL~<_?{7 zs3C+l4iJzP2SFHO-dimb?({W+K}DaO5=fV=WQDn*J$E%0l~8v9!hNqh`nTtl?8Lqu zA2fV!gAJc<)7K)7{=64RC7fqOp#qKQz|TKAzP8WLr-H8uh;w!PPbx6SdcKz3d|Y(r zXm1J}zC12_1VB}cnxDVq^u-;mPle8lvzy*rC_Y;j3@Ba7J9`cYy4h5>oSk1; zz!VNF%RM0@Hog$(B!ZwH_$WsY=9M6GmYlD(HeYTP`2PL7bg(I$Nw0NiEL-C7x;}mS z6c8ND=61AFX7{LNwG@75$DEh7nPBa46SmiKC#Fn6 z&{Y3RevJ8Po$NzQ%LJOMk?g@@W2M`nF5J2E_aj>iByQzy#|BLYq_r#B#c?qLy+jc~ zfS@(e>g@?K>KCyOv9t=T{P6xfym@uqop`LgYtbtU)V*vCnw`eb()_3nzR4} zp;ch5w>MuGbq1SW-`|%D!(+5_cFxsp@dyliXTU-rDKAg+{(Wdp4pn7U6_58dI{@|u z(#nI}`Yk*A-(uRflT5w@&u}nS1@{9u_RjbNKxA}G%%ip)kS&QDUk#!Ay_;kgAuf_F z9sy>EimQ!9YGv2}fDHsdct9A_H-N!lVZZ?dOu8?xuh;hXBbu7{K>g?jM5q6jGlNVH z3^|gMlZ{MFVp38p5?1naa#mn4ng8YY)bHMfa9YoOZu7bOaAA!0m^vxK7>+UX{!8y_ zNce#FiqYBbBsU*lmDiO+s`Njr#WNDa#}B)@8q1R-t~vwdK%ms&WRV&V&{WqKPW$;^ zNkm3Q2CiUbYbz)?7ne|LYu=kO@F+&aZ4kH@@dN>IWHVe(|)4`Em>CajDvy+p!KvC%S?yk&I2+2S5 zi0YS-QW;pJ8GEig(u`Q!!Ie@vd&AN9xL zB-Nw5IpX!p?j?`f@vro+xc@W`aox?REpY99k!OvDQYK6^rCEMQ^VmpFPcOptXT&U2 zOu5Ac+=j>N5{Nch=6(P3(uAh>36?8UI=_GBkj=_MoT&VhXi>=0w~g&7k$Y_5Sp8U_ z%p_JSt1IRdaJ4RMj8+TCufQA+#Hi9(AhWI?i-f)jOsv*F5XhoFY%UIY z`(Rj}_a(=_Bs*d!Z@FM+)cG+*O*-E{2puv?)fh|QKkl`ZC7rD(SZFm~xE%f9A#^85 zc@?>xu#cp9vbvo5FH!C6T=dm{&wBo+E*h(add0^EhS}&S8irJ?C*> z2l~`2Zl2QecTtE}v+E*bwd{Kb@!z2C=|aDE2mjMz4vI2K ziMboWJihYV{zvu?yx5*fl&$>p>OMqwbH)R zAd;C3$ee|Yz<*`(urgn)PK5J>bHFPH9zs zg<&6{a0tr$DAx4MV*lU1lYZd0W_HR8(92E;XyeovKTd-{MgT|hi5u{HFT2T;svU9= ztoifaA^eLmdfP1MqI%6c=W>-3UmDE4YfYMpc_P9)k=r-C;I%EXu&ZB;TQDqRLBxW;$?JwiPFNiI`f8fFb<%6H^W`%F#QW-U@YX z_dJNxGKOoVSyy_u1o`&NaW=_JU7|Iy4=n~r4soZJmNJOFz2#~=jt>%JQN=B5m;H#l zuh>sGThIMm#?f>0P)ejdahk5P&<6#2wK%F~5fI48q(ncd{J3*w>3Ws=3&++$5#%i^Yvm3U#Z^~-#^1(Mz)_aqO^22HQ+yO+pV zG=#3s^tr%+v)rS(Y0U_p4+d`5xA8tWKwAKpmEV(`0hMtCF(BzUI^_9IjwdLy{Z;vm zy`ss05Bwgp@?=`gY~Sej`b4Zdz3CVri7ZdwMLposEVm@pIFNbYMi^@?-{2MLxnr%D zVph6~C|3Gjz-2T}%@RAgPmv_nk$ffCdkl-kJ;8oV1H@i%3;xCo4aqJnTG|*KwRm29 z@Vc~nG*tvCpS^>_?+S0U!Azs4vjq>_g8M>2myV_(4Qb+n-?E9h*saA7^-SBpa%xlk z8f@|M_{S+v!ri;+#nn9Uc9}8c=$!GW{kEpM&6Fq=nZN&M?3mG}e|9Q)rkoa*8H0LK z=(P)BU#7@TqSVD(eameEKd7Ih`J_gbS^X-}TCR_{3ASpQb~OBsEx^R$eo(xOf+nBj`xQ5TTH zs=H)S%kKRaKOaUKbDpKAaQ5il?zh#=-Ft?*{nYfS?#CldvVlqOJ! zj^RxWc|uxba;&a}rEx<>DhR76`ji{;O@DZt{$V{zI6XQlX>(al6%)<-T3IptuOXPo z)H6I>(tB>r#lVG6F9uqc#vSCTk3N=Qd0hXVY#_-x7Zi(<|B{NOVF$16oqL2iN&1G_cY?4nkay!CW}RQbl)-oRoAJh-+Fn z<&oK^|9`hptKvHZNyDh(r1wDg3AY=mHBsctMZ4z(NnVu|ShN7*K2+4;FZmH6&D0o&10k73hiz&!DvE zGIK3fVu8ZK>vT*4B-{W=Q!X6yxaR-<0m0fw(AvhXXKXBV9lt6LARp_Sn&?UW{_p=x zH~^U4%hBEHZwpQ`At#avloqMEq=r3*1aBWRBz?rw=dQEP(LylcxPkG?3I{jjOBu{I z+!KtWx_^eUt%RU;D&N{{kx}|)HIeLIleVv_rZN)B$VD3rPzB8`E%6v)DvH3m(cQg4 z{e<=ZUQ)|a(oxamqZ|m{pj^)oPw-`IQd~e{V&Zsa2%WUFd@s+;GO$H;2s%~QOajB$ z-_rRLnPX-kkyimAz;0(d>&c{$jQbq>Z1KnLn%Ut}%d^Ery&V=hDtH~3WxXue-iG=n zI?Q@giSK+4z?%NF|BK=%GWE(F4t;#V3XmtEF*_PAVDOSQdJOlE$GKD*somjRkZtQ- zLKAQ$9T2@ypFC}pd;YSf4OMMWO1d*-75LbGsX)dxuhIUp+^ySFFnP*v4GJV3+D z6}+&(unu3aI&p9~Iy!wzA&A!^A1q%cQZ|9>SuBx1ksPr;ZN?5pVC)tzEh6mSyO9tq ze5?MelBT0==i<^cJNeSolq)Sw$IgXS(AD0#Yj_w3li5~#k^i+%en7pCs%uG2BJ#bz zjlp_U>OV(ATOey47b%&f-RhOR=y~7kYo}-TS*xewOWcu`NHsw67?o9}Q0azJ^6b1Q zlu{dzl%b#$NDi-78CQ;#QjqDH?IELu@dDYebsp=}@n*91VC9Rd=HFw!v^q-)Qa&-3E{->ZG@-S^o!_c`A@-*a66 zbsO*`r~>!^P;3m6jGrPRwC~%9{4kbXqQ7wIa#476^nH6>QL||!clW~?!s7edY{um2 zhJ){aIw!{&m5Ju<(^k9_D_bI0W^$T|11NU6O|BYMs*4U&e(JX?5E6i~8^07VFLQLL zht@!3w&pUE^a^GrGLdy~^g!m)Wy|V#Cat+BnZmZtSuQ4xUgld5bLkGeyoS;q3X{r? z_x3t^dujbm;w2krcs^%|&WzfWXJlo8eyQ8oLbM^P+OQOx4Gv`^nM zot(Ry!^Ik0gfI^&6NC2`PhY-MDQaOoa{FLof$~hz^Fu|!k370aL&qa7@M&PJm6~o<%iMgi zyRdxciY<%{kaUx_ym}_&D1g-l!9U=~eG(eRzr2K7{mC4b9m8l7a$XvSRBO$$pzwp` z|C#tGV9r6D?8)BRZYnpuo>*Ec>#?oykVR}}eqF^{gZk!808H^xA1GX4jM~~d!sDZS z2l^?CP+%`l?s}y#JMM45dQ%9Cjc)0lr>b_B3a1^)-eRQwZ2UEAXKf?`>@h@nd=<9U z{B3(5Bs9s%$;)iV3mubmv*!VuR-&v|G!A_d{>8BHTMkl-P0Cg$XpCcPbNivV<<0zv zj{d9rx)w_=e>6jNW_sfE0cH#>aps0SwG4&=zHr%rM1>ygDH_YfqI&#ht*YeS%Z|`%ypk^-W7X4B0lg*( zGWRVwBQSrlDNfRRcdLlv0`4FGbsyw#T0skz#=__OKxmZ|l1ztf=Hh}`Lr-oMMd+E^ zIYgspm3*zf;=NA4z@LqcjMug7x$24^2#-k)xL?pQIz{g$Ev+!6=;-FsIyJ=sC@6pZ z`qjf;XpID1D#pgfz|yeA!hsJ!ImR^ntW@gQs2D{Q_fLzYmK0gIHP&$LW^ zjKZk?v*>Sk^6jYoH|M{tPcADi6RCDa- zo4FKdT4)SWt84-`lqRUMOieT&a^RHvm9;@6axz191OHw@*YlFD62GkGG(O>huC`-M zX)(U01YaW|x;NMV8f`9{+u)Ovc@IvJBY5`M6o@ zsNsX>qj{sjNsf2s`TDh8jiG|=n+xXd&Ncl(el73>Q|njunYp=?l6qQYN33i81s~$$ zyRX4M>ABGQjRcH1&bi8UJIZOgbqrkh^Bo}sH@^6}wr9_u(64S{!X}k)OG%6^^JsE9Nfh!4IG_!p@JVvHr*eFete=qE< zYTFrK%ka1WuHKLozHCafgWIPF*$l!g)>nJUH%oRJog~SVQJ%uP!A?(iczZss*!Miz zD@2Q5Tgz1wD%igcE0(8cua@QV^nhJyp;p8AwU+rqVINy4R4w}SuD>XTv_PoUisgr? zrSH5)TB@hV4u$3-Ei3Ld!vfSNofhdcN-7v?73uAy?2si%=Mttu`#BRVzgkq42KaH$ zxW1ij`VA|tr4zqxwJS%T=;zx{xPids*4&^ufm$M|_SY6BhEzpjl^>`mYxY&oUKq>w zpz)V{kF_e&aFq?ey>oJQ??=)F8T#R+>h!Z`yA$DZ1gCnYzYiZzyMMf1L`-Wzg~v%) z$z7MO&u9`;R3CIKxxEWsKxR3Na?7)x=0vk&Wp|j>PQ&#Y6e_5~eF7a`376GQDJV+M z%L|;Fn}f$dpFTD)aH?n!9eVDa^K3eKk$cJFGOhj$3#8X;chvA2KzTEK`r05(3u2BR zNUHlYARi#A`Y3q2!6;5~h!TV0`T35LHm9Iq5rAOL0#Ck#TWje%p1%<{2-4xXMMW@UQ;W5#}Lc+pZ$EOFU zC}3Pk8%e;sut|VG2r4!N2&8v~E`~GAzuE?8pld(NNzc13>D8Huef;<_ z`at$*nkfLDlbf4bQxl(;Cv<{R=H=xDfEe#`^|R;RbfQilSs*<9D}+l#>um$Ta#1#~ znX>N);~E5Y(ntq~&W(M21A}%z0}9%>2^fT1TJF-&(q2<=7YDYyYRW$Gh@6!Stk7oj zPgz+YhLKUx(V@R{=MKd=-vb{h&mC*~x-Iq9J(r|Rnxo-_veyAof}24aMYY8@UasuQ z4dBz4zfP`!lw>$Kfzp8=9UW~~T|GNJCgtRt&6!4EPPJ22PYVC&J{2`=JpFLvQoy%~ z2@NYN?q>7NI{k!xzsa?%s;XE}aHSs1+6*$MtTK)>RM9`UR8i=BW4$>Rtr4dKwYKfE zAu{}y`=+}>FrW#XJaLp^XKYBCtxQez1-k=o;3Ss%i9UJdqz>>=$Qb<3`?so?n3z-& z{QKo`S1g->YkK-F3op<3?fZAQIBW1YX8?Ro{?=1B^Exw!%0oYkovu?6C{!^W%^(?o z+4-DIlg8lB-5|O75VSI9QBzWat*DS{nH9%se5k0X2%}p}8nK4mmtkL*TBBPA|5rN| zYQZ{{#Z@UeiCa&`&Wj zx-Om%>g730*ppo#8{Ci7_dY+U00&9C29PCfPk?GTYN@Ct5XiLQY+$ z{I|DB4e^Ly(Z=#QNmf04uFf#zSIcwmIe0B0*Arc22^=xEYBzWWl{OVo2j4mW{k6xW zKmBANlYmEzDGN3DWvTia8^xMfKXX2j^I`7lRyhA2?Exu-U z9GP+}S<9ugv*4CzxMkHRBVBOk*yy;8>%jKVB9!WV)s$Lr66zMB+Cyocrk4E<|I*8T zZsEhV-?ttczAv&9N@*l8+Y^7fUO1QZ#afEv#c5!9{xmAq{2Qa1w9`f@m*cCrTCD<= zHwwq5oQTGxbaF@hlePuhBCFXGF+Fb!s$~cS%aaEAJ3Z7V%|7xI6iu&1;^lw0I!K;M z{%W+6ck`#;t{3f#=MYJ5z;KWq2nf5(?{743;96b6>bt)lM@#Z?!rJ?l&#$8B``=}8$y~mZ<+>`%3A%KfZ?oS)^tW{H`pn!w z5(RgVf}!2RS6HSOoAhH!YgFDRuA^a9EthM}h89c@)_-mN!`Dw=ur;fL`&C^C?A z)6pKZJ|le9CqFP%$JUAZ>8_>mre+Db#TK^S{0bcn0Dj zVjx0Jqzl-Hn`CJ?RR&3vHMKSnWj9D#-rgvjFB0Fg8b!{xcd3g$UhS! zwQY@I!DLFar;?Klm$@JW zRMC#`@+>f_E8vJH{<-)3v@uyE5kFqNL6|CgQ?0Os4%k2)c9ujZbyqsAeX}baA-^97 zv$~s)pN8eiAMhvpNQ_Nb$&`vK@&*f1=9sr0O>HffH`K==iafD_fo@LEWaqgLvkuR8 zLvR;k2P~e*(teJ|r+Af5?p7#yOIPAN_$!HfAq~}yFg9W6u+{fgF=+I-;jHubx(%n! ziUI`_hCy5-2A>k!mxye=2~weAuXnm6-`_(^gxN_>Y~^`>kaswha`S#I)Z8lX?yTzJ z?Sb~$cH*NuWTquPhoFsW;#s)N;2~&;AtS?fU;2urJmXjVZNc$p54@kJpfq{x%PdI**-cEV#-DXqmUmEaFL=S^?V%{aokaV zZ@!Tn71uwnWv`DZUSm9-|1I)-%C^xmyt57V)ceq1ICjXX{vOz%>ZV_e9B4?Qin&EG z(^WBQhx(HI?n_MZdb8TW+d%p+#y=o?o&D88ua)Z2it zVPqhG;J+~keZoVu`oZGLh0#E#H-R~f`9y~A%XEFbPWc_HL&z!Ns?vRPW?pI~IZ!V2 z46iRIM6`-_OLZ3Hn9OV_tmKA5PXj$kz5&cqIQ(cwfu*-3N&X8b3e+z^uvfC8IUywq zAtwPC4I$tHV$EV!edT_vL@cDOWuk}E`TorUca|tn%0M8R&q;5km*gm7A7_zzlHDX` zN$wdRH0mmQKkQs1#wht*qsH=xm?kDF*B{L21E6={kA74)746GI2)x~#IT7_rnxa3= z;2Dh%wZcgECt@%ex65}hn9Qs6*YcWDG6MbRbX+fn-`x>m5gwriZJKz&?mvCX!5PLs zl&Qh8ySrOvdruplaZiBc^*&WXUZ4^-vs#Yq4iHtVad#oA@ae`yE#2mcvL-$h(FPq5 zdDT~?Stcc2>b1`a9JfzP&J+NghcPC&{@q`{TQK}?bpYDBcGk;qw%=e!&BZo$>GED;D9o*~`HK zVf2fY-pS1cPXWPefrEH0SEL}JE#NY{&oKuZ+qoyGQT#zm-G=$sA4+G+f!^oXa4f>4 zX&|(`_$uLX#1f})8uYlKJf*(2;$exKn3|f}l?A-Mp5Eu^lm`Nr0vrJ(k#34CiBxs# zC@@aJg@Kp5gQo@t!A6p17yE}5)otX5xE*c&nUmODU+1!L10<9!|0(oW@$gu{Gp2q1 zOjbLUy!0sI5sYmS)bk}O`S^{z9AL7R(Q@jh78R`zjvGhQ8|vDpXmj_t zCHcR|x-3&<+fKKl4+LJ9XS04a0kz?;+jxQI{Bd2d4LeWYw*>CU%eNwKb<#f+<* zlMMUTAE^X-;KWbaciLBW4!R{#mAvI71;Ae?%l_0M<3HTJ`PXUYK{eFZCpl&$Im*yY zSliJJ5C77ZVTVpez3){d+b3gO|8;IVh$>v(kx5_SeOK>zOnj!Y-U7?YBVgGz#JYR; zeV(z}Bkg%69KlfeOibggZIM|8xhzk z+b3d(n0gL{4$}hDzUTwNDn-RDK8j_AV9m0DP66t|<7oM#kumY0BNm+Q!(hCjz#4)d z)8jRShW13Dry;=Cg~NFkkEVuylNwUUL`3hO$$;W2o`Jh zhDp$W!>W;oIzYg^n6YQ-iXb5Pdp8Jm!yo&(Qx!Y++k${KBjM&Wd4Q;j5-+`N;NPbn z#mTRf!eeegq2Z6N9H{XKF4Vqa`w^27vr)lYLvh#!>ku2u1oEIsbD2sSTmcF%P}b4{ zD80YE#%QDw3^ejrpUjL)s({Xdo-f6`Q6qhO6blsW|M>#OWTgN9#sr4vnG`zA4ZWBh zbF)O86sTY{dh~lB!Y*Xb@X?$5J(ZWA25E$K4cyXny*S)nY|%PVxZZn%saNb|;G?Og3opED{_a15 C$@ew@ literal 0 HcmV?d00001 diff --git a/rhsso-images/keycloak-sssd-freeipa-integration-overview.png b/rhsso-images/keycloak-sssd-freeipa-integration-overview.png new file mode 100644 index 0000000000000000000000000000000000000000..60e98167ec2678840875db18c7463beaca49bdf4 GIT binary patch literal 40604 zcmY)VWmp_t6EzBxkl-%CAp{E^+#$gU77|gijQAI2m*m4GkO!XAee2oCp)pT0mK#zQT)IE8+v`BA z(QnG%-tggXDO=`w(*@h#cG#mZWay>u2D!QA(Y-eRMo&8_jh*F-@%!`p=)b9l!zU5) z3znj8+;gtWH}f0<7byuQAkpi&6OWxchJu0uBuZZ_Q6x&zDBRY)Bi2agyRv2j>z9T0g-DL(X9%kO2950T_vFSF$p-gChs&Zz{! z{dcoyU?P>6+sh4Wr_=-3nzTZ&|6S)TYbW=*+h_dm1ARLplbrpqxD*O5kth%4pHPsQ zA#DHMXzLNRjf4*Q-@8q{4Pl~jlFXIbJePf>xN?Q1g6Eu-v29jyO*8T`xb;$aX5 zp_ic^rQ83z9zgeqAv*B?dN_2A;J>M~|L*%s{_;jsZ%0d%qbOh9m#@T79QRB&iUI~O zPgX6sOcqM(E``$BUV9`qiza8(L=~_+)?#?q}_XnOT_(<0?*yLx|ba9q; zjj`o#+|=ZE$9iRQetUh5A%R3G&K&jfA$b{bE8!bUMot2Ah`mEx7n8DVF7Cwj8`FC3 z0aW5gQC{-t`hLhzm>8C5Ac}wkOU#YPoXN>2hRtjqknIC=+sEK$D(sAF=|rk3Ie%cm z#PJW8!Pt;|ug6D0;O;EhJx;4b~|n*4duV5?orI191g+H2>+37@WV8o8n6K+G4kZm-vZX?6$@t@ z5xOz|ZO_XefVac#tr8H^8r=H*H!)ki@&B1X0Nqle=)nIzPpSmLA#;Y?s2hRY&Dr4S z?T^qtWjD+3*-}W9RhggG;-C+}5XH(@-7>YnOO!|q(f<2N($wfJJWbmFW4gE0D+K>v zn@0Zstc7{9vQK`}W)l)~Hi*oj2(!fmEh-Gh=kWKfITl1^!NPC%T z?k6c#E#?2b(d&?OPGzhS-og{HmVVuuYxkpx(RT9?Z=h|wbVrrJ{=dg58N?jK+}tqH z{kp)f*$#!Hze25#-yUGtEcE67F`>IPdf>B$HoLY(SpAa6L=#&)`~;F2}#VksV+a+B1a&I>)R&O_>IQl#UO$SEybecsfP z$?RrjTQUe!BL&V~GUJ{QDxP{v?TWzI?pGWsgwc&FEPJ|$UF-ih4=|;!u7k#+o zd9QzZNF&uEn5SfL>4K-V(r$2N;VUO1KOumHRSlP7cD>CQMUty_u=sZx7cYJwiF*N#dU_!Sh^^G$72&s|m zvVhZox2ku45LeoT<8qw06hVu8cMIswbqUOSnMVHx?v$}I?kN2>{;@aL#BRGEeCxTy zJ`DTBTxx~$V|iZOn9K#d|11Wai8A98MOxS1%o+*_v$6n+rbfpPINrFH%W+8B1_sNw zkI0cnuc)wnY!Fr(uiWbplIN>MPRu{^dN$O-&)k}yF~ISQ+!CLxEa1mAJ=T&4N80?X zUZlsW^ukp2apGU@sEG4lOS_pA@j%nvt~Ppj6+YRC`tHA_PTW#<#zowm^4GHdvx{El zdca4B1hsr?+RpsQl<%_eWeIszO~GomBXuw+>sZioj=O+vNe6CRrmu0q`MIK6@T59z zu&9ZWZ+JNQna?I(v0T8uBLKuGeSP6XF^L=a+t(nu@ZfYYQ77CjCUsL7wz91m?$>A$CWSzQjp=6F)i-ds2%uJpx4qeASYWi$ zt%wa)7Mi%C^%>RR<{1{|*FkS&`$nQlI{tHf=9`r&rt#bRr#lCewWwI|THvjrrgGjC zshjtCtDdJOyQlBpu?n;mNUVHb#`iw;dZoTxNLrFoUWEp}mslp6@;yxcfcR;b?KNTZ zsnnMGlYM6D`pH%G#@*GU&L{Ij!Iwd*zr>8FrR&d=j>FeE?hd|Ll~p)hLKvt}67wmZ zza*Z9k4@2g_J=J$kc&HVZa*%1(=wM2_RGS%IUkr-9|dvA5uWzvPLlsR}4M zEvp5aT|c`QZhFrCxM5q3 zu+D@-Cj^wJ@{=+wFV&9I(IMR zgz@-DqW4;0iyP{K53YvEZa+Nfq_*_gXTLW-D)sC0>cK9Wdld8`)|e-5PIPCX1E7-T8SL zNzL9(ulA&r_2@q(spb1^)KorOZyy;Vy-%Y>`4s6^MTi?(Cp$9NM|`N=+TSaM_LhsY zugWMWeRZnLr-I)xYko2wB)oJJTJd^detfv81*wY$?!SNhBHF>3a;ir698Pw|dJ{+r z5^eOGG~^Wx{OWeUmwUG!!ulyeE|iGF|Mb+>csQ9p2#7?1Zn8Kpp|?*>AU+uP$FP)z3i z-Pq_}zd#VPvLT|^3THeR|LRti;RQBi)Vv_CJRXHq!M^*e0}ZH`kXDT)rGNm5cMvWe z4k@X2_wh)A6LgL8dc4vMRtE{gP0DKI1K_!iIz(Oes zp1s)_Nn=$v<|LMpm95m0LnUB&^SN}U(tL_xZ;YV*OYh7=qLVOX0Hr+P;*_=I4g1J+qTj&QbuLq>=-u(PAv)E%3TrU=nB~+@Za_((N4`b`B1evVysa zY1@Z$l^!=spr~EcHCyVDd<7H56#bFwrNiZlkY)i;`oB!s+D{FRM?*^>q2S>D>3DP| zcLRDU3=uJC(g!38@;2`z#P#+4Uni$rQf>g0;`%^G7Z4v$SYx%&eN?+LT)X0B@nb5- z>0sJ&u`crZXkjKOm?w;wYyF@US_2{kpvq3Nuvc)ifOEO~fc3TIGrWljfoP-uSn&be z6Zf7>BBz;k6)^hkgQWQA^EMJpvnKD6AoI%$ zPZiz)`G~ZP483{__}NQTOw4K?v^$#4-O)(tuA>3ir{La7X*@(Kywc=> z#o1=AD@_2jc6=;hI+N<_M9~QkF&Qn>H-NizBU5k_;&1-*GgmD4$G302X>;l-Z9`MN zr`VbGuIhNkmHnwp0<-TLBXi?~!Ye~K9s?w?$oc*%ELn+AiC_H%Ag5CCvipe;up|hd zAFhwsh{Fa`1mc{J=J__|Gpf%LB{8hJ9!gbDu&8_>!;~WdSlLm!HzfSdyQV)epIEND zk1~EMiitK}8-89{6Ffh?xV`6YpWF3qTlH;|iGV;bd>}3DY9>R*F|-~2_7kf~y@UO0 zr)y%CVN1R44)5%_*YF+#&scSgUq>Er23N7wY94IBB z!8dU{MM2>Jgq9Xwl9W%x=&|A}`EE}LdyXiQDY%k8xX0GRmj@)05yv{Ndi}~#EI+B8 zFKl49TM>h+LKphwKo2^xyj$HGWVn}ze_PaxvYsAiV+l|zUk93y>o zCvkcd?jSgajsA$suTU|L(nIF0r=IdnYHch(87@NdH=o1 zH*bMi0tdU(QuXY5UnU?tCBgBTikeQ>Q0q{#Q4?h#>Xpz5RRaNT1Ww^D5A; zQ`AddoT;p0baT8^q*WVUZ82kiILn5Ei#v8uECQ!lW7(H28)q2{ps+jv<7I)cmPhOL z@bVjuo9E@8zCOL`}z~F}#xK1IN&xt9*c7NW6sJ{Li zlj74?w4OC%z)5_1X5TT@Wx9h@7yz8R+BgygHx85GRQ(-_#(KxI*UYbdc%Aln>B5u$ zN&KURb(wLm&A7VjeJxl(h7N17$Oi4_endGtJENwhUEkU1DXv}q3LG@C0F17Vj*jIu zWMD-;RGQNY&?RX@L^mW;dHLw$<#OEIvsG0nxtRT;qZzdoW!BuxQD`AX>IRbcT^mEJli+`5~1^`;d?IYNKfy-hV3m?DhFQu5}eAE4YAt4$*tEunKV>H9dp2iLdy*$w`Qy;3&i_e9>ml*#|{B@UO9;BqTBcZHdZ*Tu)ZZLym zF()f4I{p+egvJ^%;JhjgGznUwvgH+gE$Mqhi;IH7pYlf`SE{s9_uNKRJ}WEhZF=Or%+#!%S-ebk7PB(ot28n7NWrz-<-`l4~wr_j`25jVCRC zcF6c0^)`DWL&*fD!m(-rFEcLYKZqH7;S1J_u z5J-~P*M1dQ%%>~7@rjAN;fuASqptdkor~1`sRkPo3 zhaCxZ0lW1#7Sl!gLy25Kd#mHn1-7im4^Wmo%x5~+;hjAql zhq3GlG~=I|<1Vl;l@%QI&POQp^fPr{LViV>C5Z-{?_x<+#+K_@Fpn_y&K$+Y=<~K4 zF0|4M@H#Vh@h(%(!&D0KB-%zs6anky*#tb*meSL}HG-IaL|Rf|i|B$X9go_O*CmpY zh4AgE&g<8IOc%I)|JEFx7If>k7ZgMlCbn9B5MqwGy?vajIqCmIi1yvC1TFEgu&}QF z_cHPzA5FOOY0eNbyG(^Qn%LO~W81-eee&^+n;n;N#^)D22#!&XN>` zr*CN~tAaw}qlxB;-;K58$f&={vSL7u@D!GOS623pJv(Lf_`(AZsAFM*jrJZpLl^}K zX?-#uH<{Niba$7+Y`Tb#(n`#9p@vL8k+ZnwO+AZa5<@V}9zpiR@n3Q^0=&#uT)CUR zD~?;ghQL}));c`XmJEW3!EN5dQ*Vn?2&8H(W?0^_{u~6(bdhnLPP3a+5Hc7-D{syr zs044lzY>~%<6H(Jj5$|>;aj_}#(lMcZdShvC1R=6LD9zyevNzF5^z|=6iy~035)C? z6>#$%g4+DLI7vFazNVz^jDppg6L}AZ)9@9BeBtl0maaSrU*G=o>*M2A605Gb%2cBK zeW`AZn>mAh2aAHj?xK#x@odI)3cpjZ(Ln60*+E-?oy{;d%YR@3OX_4+asY=kODrHf ze#lrMO;`dLvXg>ua5zO^w%!4eWtgSPY$CRX^2n5IvD;kG!!rsDshHfQPcX*yN(tdu zTs@E2v;RJXsKm5ZThMl5`Pr@{?RmF~0RWpoer0=ms!#5=OPO>9xYMoYr;}$Oi5Xu+ zs}0xo%PyKxohWT)cz}-8$P+hwGWyl{^+X^qMk@b-wPA6L5er!#lSV!xdtwg>4ei6H zPl5Vk0g&iuaSs^fdIYKQv+l#}^NcW%Y5jinyUJ=I9GK(TWuC~zt35|I_keG?fSZ?6 z8g+O7)ex_}Zaxtc!bKtWbx#Q9#;Q2L#ix|3)8rCK0ft2ak?{OtM8x4}o(l~D9+y_G zbz-6cCptHm4oHe>eq@O%%U$GH3!c~Z)4_y)4jb{{WN@49hGZ*%Heg?r@DjPLzE0%G z2L%#}_g7nx@)3`$-F77Ny8bcfi8z}WIWRrmk!q|tda)+}U6)Ldsk}9k&X!XQ;uP?w zIFH)@9&bUl#>(x#Lc2Dz%9pP=X#BDv@A>LaWes}5$%2A|KX7nN(5?~8Urb9q+^trM zsVtA2etCi&_?4Ll=E1IEF@r~#Pnvs21kib1fWp*LLoEq({X_;@`Fs}&vWCl7g&aZ7AyiLbBj&Q=KhMbQyLfo8To zuY~*UK(PE|(MC^1rSTB)bcxPDcNmFAm8nwD#<^ONx>7Ey9g30$I!T>v5A*MsB1){TS{hy;`0*VX z8H}G-V6GDT1IO#(_UYjyfy?3@A}0BN4p=IJoVmQ2`k_5I5k1&o(Q<{q6(VtQKQDkr zDNdID5oIWeE7z6dVQ`eWKytz0c7TxEpusJ_bBo_*#XO?RvZh2?KSD?ru(86-notOJls^`_Y$urPF4TIVN1UD6Z*SW|zuK%61<8?q+$Ut#kr^MA ztxhkP=bzci+Vj=5rPHkS$A`wM+R4aRP|Z0WMTJOnIg(g9d=Zk*>&V62gB@! zQ>zyp)^>KJ0H~m(q{OWP^38j9@4t$JlJEdGTVaF>P#Wpr=cg-%Gfd>`^$F02L!cCw zfioC&8vF|d*9-m0{-c5$9uL7s<~3F$X~mfQf+40xReU#Xoo~sPiGp-7kr0Cq&OKk| zYpuRi(xMkl(+9T$j+H}yrSJ!^U6%yxj^>-x zgJ$Z|QI8f}W-d@fa~IxR5b;>|1k><0k@0>DdNrqk5xocpA^)y5?8@ zlO}dQGt96GGXaNfIRWvH`yo1w&S!%hBkC%@h=o0P2V$8k%^oHcMc9n`@fK2eLH-C3 z)U*SVKjr9#Jqw(V7GP5FQ3Sk!#VMinoehzsRL!rm!pHubKLvePRiw_x%=NZkT(w&? z?WKZ&vXjw{vgcF8z2tzdeZLrhy&<@6JZfJbOwx05J}Yn&7PqPn^ zb82w6MwOMu0x>#2EJYOMKR>d5!8MRXLpgP!U-t_z2bx(&R9mJwj`)fGU3lBmz$DxW znQ8c{U4_F_1V`qt?23ZIskYqs7rfj$a^zQ1DXDu(J3E%Ld%s(?=w_G$-thVH1Y8Jx zb8toRk>86Vk0+=F3q#g`0@rLWA@S?2gG0zA0EV^W0&3iE>D|wZ8SL2qSRg-)40<2R z6-wkRen1AxcPk?rne3dm7cy$#lJ%rhA-^4P;`hsvoiQEny*HL<{;9?^N04EepP%pI zG8@}id~LWAt^F+>F>g%#xxd=-sd3w|ej$x7PW9AbaG1J8d!XbxzMrZDvz#O!V`&40m)`(6P(h_;aIc~0s zV0IuZHPp{!R49l*RTo?KJjpoy@MG$im|K;K&x+pY#Zh80sfg1nRz)63CEpaj|EmQ+ z+f$e<`(#Zt59vm4J|s)c+o`CiP%qPa^|DMaj3*Gu3+CW+o}zAiFgz&o$H*UjJ2_Jm z8Z!_5Y1FT?kI=hB0~^{{%V-=Z+{69lN!a$z5Rs2m>N}s$W0VtltiCymA?i(auv+&1 zB_AQ7n<;txV7JFLYo3r8BXhsaWkd&4khG;=Bme!2hEJvP%H1X?e}9LHSqK-z^Kj!^ zSkQm$N%wM&?K1BtC_7ion=@Mf#L)qQfno1uvQLDU6162udVXSa)fNO3xr#fxW0@a= z+qZ|3>Nmm#%#Xcu2J{+GS|a*K$td^Z?=Q_VCJyS|_dS_htjR}~A9z#ToY$7kFjaWZ zMh5%00Y9<)Gkc|U7irMATF@;Q@gU|mC? zCf`28?KXG+`D**2_K4}zbqifQ!5fQh*~zk0wEdMnYc}K~UYFDN6kfNK!5OEg9he-R z_m0}y=Gy}{HwrC+k2i^r&DJyXZl()lwQnYO&wR12b7u|`p6(C-WKpb+95voLJd~i& zJQWn!udS=V67SbHvsf!VJ*jE<26FCvb#=R4T!GkX!*W6BKyj>u+sEhSJyka`=hF8}y;lD8&8Ts5K(d7;UqxF*9o zA9!1xxrg%fg*0vkD8$iGsm#?C8=O(1fw*71H(gA^+H(70sS%WGGIBm*szoFuN-|DW zr5{EvhNR?F?L+drw^Bl$7L(h<)l`a`9dy!6z0jcRzr=xvZ5*Rr-0qm|ODS}>z)$qa z-?3}71~nCzoV6k&v=hiA-SAAPfw34Zg7vUXEZNW3BV|qanLE8bv+DN#omzNDE(^JRejhl zhFRe}c@W^To-TSuIE)xz#uBM1lmt2KuufE!V-638b2ZU1E(qiI?BfpIocd%-3Eix3 z;mjn+?ya#FvA@Tx+v zG$^!aa2DWzf@IW8HxIVHZ52<9j~|hVrqCgaxEgHB%HIN|km`H?%sk_yie%%$sO0R3 zl@;K~0b4%Qt-c^GlGbOKBVQ_29Q)X^jo<#@SY}2-ekE8gfHB9!n%|sM$U#J;L5Svt zfVnFNn6Wtefy_axG4}$h5{dK4@({;}U`M$@&+Q2KN$mOQ@rW!6D?_0$rEu`6t++1N z_f1O`q4ng`%n6vG90UapoSetyD^YhRMki=CP@)Oxo9XTA%l=)9$lGeVz^GP=ul0cn zB^ctHMxxf$C*=MoOUkA#`vxo7U0ly{f+!_PYOcdMxL?|D0&%U?dG=XAn_sJ}KL-I? z>z?1JgqJNEP;9Nsobns0D;BVik5!$?Us$%Owt9EF5rN8ZTG!C@T7OYTaXu=BX$LT{j{IbpLYLpdR9CS@11k=fo)FXZm&W#-rW#h{Ev5-zi{$~? z7~q{hB=^{cd<`>mDgMMX|>O_}9!E(TTO4^ zq@X!jIYv>bkzo;W0?Vn^SH|&*Zf*$3J2*#VlFjdtMgFncwCjc@MoM0{92uT0DD>xE zoT28qmp9m2cYoJhe?FSGA{B7`**$|Au(7ex(I3NzjD{Bd)00x%PZ>m4)@S(Z zZ1E1x@rb}bV?t$tZ8%l11J@yqk+k6lD%mU$Ee6y|AyJ9prL~C1DugWy>9RI>IzvC1 zzX1}cosn`OYqjz%cC2*jsM8;JK_!-X=Jh?-g$2R%GjfuWHB+oPEjZ zw(@-mRLXtm00HFga4F)I%k5n*TLbR`U&el1OiBmfYk|rNz=-!uRj-$x+4~2{noWtI zS||A-!1IG<7$`vB zp2N}hpK;9gG*p)3u%^yOR=TE(erP)K`hZ~rH2W7Y!=#FyfmcJf)B5f*tZTDv2S-ysCq zkU~&$yT!#G5;f4A7F|eWXk-k5=v;3xdP4l`{QXxK)4BXVgD=sW3eItS^JcD(mj-6b z4N&*@N76)e8BPHTnn@y;%6?JWJwTs;ub!4gw|O|mBHsnrgdg^RTm6Vg)S(;N@|&&% zoqu({8GhM&ZycZfnO}5USE^6Q?%hO8VfON4O5*qPA*$fl_Xxs-e>7Le^U;S>=KtAj zY8AyaJ&QIrIPSH#{)R_JMqW!WNsUAi1T+V96qQq7Ra8oHjco7EX?_{h{x0~Xs-mot zZE@08Z9ie%_nUI3;mvr5E`nz!LLKIQ*u%f&ygj1LWT^CZ3zZ?6;Me2&kobwO3g=G8 zCA@cB-SuK5+M)~VlT~)rp(6zC*g#5KVKgv$aCG_VMHetGm$MILQ&VP@xn=xp=g>vC zh+<&NI5{TvNw-HH_4ls> z z`J9^8p(pwNc;??1U8}jAu`%sJt&Pdvcs9Ve{`vEVH21Zl0x_K0xaH1C-OG?+Ug0j@ zzHexos}m#Ju9+e3k6&NI_3cdwtVqk)SKz{ljGM!xMWc0%eyl$;-T7{!5|}NOlXaXB zQ{_7ez2E7L1q2I$#161qJD{qM*t+uk1d>-?E&qD`8jXtIxirlxA z4wC--UXj+7ut8U!7#lXWga}=Yby2-r-I)We;_Z326|-51`3y9VT=d-7?f>G3vkqIp zB3>+;tm!iecQ`J{K3QJsiCB%zuC0!Y@iWqca167v{>!t9*}Zd)VFAO-b}MPd zq?wea6M>&Dmi%ML5^?^gyB4MF1|FEJoEHcf#;&h@r_e2j`z&aqkRn%kHMY1+tVQ4GQZU1-x+8=hL@Mt-T+YuQ?i;@)w@WdS zEAT8YF81Dmf_3TM@XJD3ue1ki8Z|!)`Fdso7sfpKtv7j>q{Y?>v+dIj%_a0?s0m)E zwIPCfj^Ik{+e1y$>GA=fN9TA=LYOc)Rb%O3M$BbCXfR>?j^*RM15wHL&-Jh2&J3u% zdYqKvF_udWF+knYVMOSr%7`%tQ`&YgKZ)W$3@g*8RD(| zz^j(08|d9$tDCW;=GSP+5%+*2`q7gbwpeFm#<>dCY(30`o*JAK(7(p+OP|dZS0Rx( z%%tw_A>E5ML|q5Hjqe|r1y%>R1Y|?qAA&*WI4)pguZGApVV3}q@NFV<+BR6P`?NnQ z?UnTMox{(CPw$ErI%X(5S`l@hJ5!xdk;=t~Q>o~=du%}go9lf~&&CtW|ASS3Wm$B!d2?zh;5dK^Qwy?i>t>K|bxUalg~bGg2SymQX%b@-{7Wa{Sj${>s`UKN2 zhC<^Lqs1oEbpwpZLEFVgQ6d7OAlaG5x@J%Pl_oVkxTD`LtLIaWW&5=t%BLQ`!Q__F zbIwDhX|Rw_6bm;XU$@g5$#USzbPHJIbetGlSSi-L(a^<{xixZ3#LDn^(UJ5pCy)+V2iI zjH8gfQCX<}&L}Ek@O`$(==QI)*GIEkv0T5bLejKLTsil@@Kq#~WL&*5pkpTSyUa2u zcQ+BExb=qL_};qv7O&AV#UoNI)&?V#Y;J0Ms%mc%KhXbHg!k`j?BalnZp040sz;Mp z*5r}CO5|ig*KmlP9rdhb3adZggaJybyqjSKK>L>{_c`pxz{_Y*XDQndt*s(-|M6Y< zp8rz-iu<2ltqfpXAP|UHqw~@2CPWb+u}ho9Dl%=Cb)K=Qv>HF14kZ*N>JhcDn+yuN zk%4`#U5mplSCq;m2K&1@qs!>L2b)G}OQXyMm_VU}eYk?1W5H2hH$I zJVo_YV%l(TFzrbWo_e092WjQhE7sC$^2 zl#cPDr_Jj^7qcg%mQ=Q^&2G`zxhdH=jrvon@gEbr9Mpe=d8DG7BeAZ0(e|)KmA^_$ zOV=;(Ysx5mJSX4~SlGW>;(X*HzqKYDz@^mRf(#z4_!0QmQvWkRd{5ll*(h()poQNj z(gDloxV_3^#e`lUFbk#p&Ow8kaH8%M(YnnYXkS-_PE!au^R^UhiB`37oXCnV{tVB` zyL~se<9~-6U%`&u-8@hZzG4hilaSydJZ~ZGJln_-6JMSh-mfN`jRkRKXuJ+DJETxk46WX8>kn-C={j27^vpMGA_fY2*4@&baU-dW2O!xgF;Yxs#VGLF9 zy5}_6Z%i(?q8AVQVRJeQb-+xT7B{fvW;dGV{1#18QyLOM0%&^#55P|p4>!+kTLW?Z z8z3Z={Ddk7!suDF6g3rEl0ezRNon?cO4d%0n{M<~33e0@-crts1_< z-@G|;TB3()KN8qLoNNxNxKMKpc-6<&T|2Mj5FPns8Xh{2Zjt(Y)AUT^$9g)_?M=+v z2vS+_%7+6j$usbe=b>mCyUx;Ng<7%|>^bV7-FO(M2PbBz8KQR1ZLy6K=E!=riei*B z>4eQuHz+dmY^boqhAk-f80~F^=~5$KCml|$AYkq-04hcB;jr>WO>vD;IBd^G{8gKre^0`=Xr&JpFCLgQ(jUK&z_w?lNVF&mhyQV? zgYN9UX$N^|;r+?e&qZ{}0n9cf*sX|*^FBnJPE^iujTB|5Be!C+nW)ME!IpOa&WKd- z?!D|U9GTD%mUwTA@x^SkVU3|^*Fs7*f2z1~ID;nvu`v+sZB1^%*%HHc&*wpy;;e8! zrl+A{L>|0cJ+0`&rMQZUb<$xx1d;pHs&iK0go>U%veO}#4|I)27vAHr?ji_i2=nYX zU@*0AqZ4Su{LfJZ?4m{$n>)rAtK zwo0#)Mklg03*j+e8<|m!3Q(a zOltg^z;Cdg{qIgv0bwd&0WqnHJ<9`>)kUi#iE?^O&<^ z^f(*%FIJ1_`iA@4`*t_WvWc(U=n{EsWG=Ru_r`F)|0uOPJ|x1yRdjfQ@v+d-RDedD zwRM(Ek7rPz?}|;Ai{2{SrM$tA9C}Dom3~2=pK}#b>K=|8%>do9!_IJV4T@m6%Y=1| z3um_0Nsh$3ylB`vvYi1;=D1hwx`c{>n)f}B@-J8^A|1pZ+7~_GcM+5<01AHDDz8JVo(QrG zyA5NsFj9k)Zx-SH!?iE6Y{oRtYa;%X#St5|nc54}8~526QXJe@?FsxPjm?=jqLcb$ zji9X~o}XE2CrIu0lB?_ApD;+8myx0Gn9nT6aDXhcIaT!6y4g4fyZNVIN=Yx>WtmY? zQKsWrK|}U3*9YFojtWs}haEx}CVeg-fMXoexPG?)UK$M7HMl!{m0sQbeh<^x(sOw@`~hnRR->1aejI?kUST$ zvAwTQDh!W&K&Eg|!@lAq%xu&GbQZ?`ti~d)284vPimBS)ew$ou4@I5M$gosd&VEg2mVaw-xQI2-L($x}m1XF5 z74}c<#J1roIs;9U5@?zm^>0Y6YLI2R!wm=3c_Z%zB`z)?kl*L3h zr_I{+En&d3sg?K5rlLnTnJFhqs} z2=yEnB~Ql-M!m-`%lY4HhfbT#N_O6<=>Kg6->Q17+7w!7VIq&|=roo&3% zE2t4pdg%rv#v&x_1^5djB&5GTJ>46-YDcQz9>ZvI}hx^nBk z#$8$HbT`}U9b8;o$J3=gc6^W;Ytj1H_M6h^L|i!-AOq5|0r3jJEzZX}`9HI`r0l4P zFBG95Lj!ViMB2-SY2=G&eDg4N6jHx%C7CT`Q;AtOb}g?>%A~Y6jL{d7+z34onuMq7 z?f9$5dJ3k=?m%{@X6z?yBFenB=HuopY4?D0O{24Vo*hD+DkK)-4aa}I-!BhB&-J|d z)T2$&loEciPu8JZ zCvulUhaf%9DlTt2Q7?4j@l0e!KckcdvrW*fLC!ErdVhTTKwa{)VQ?6|9M#v28e)5-_JpJ(kL!^cfB|-9Q}(1EOj4W zK~i;JwKm?cQrkaUR6($XMU@5cZ7(ichbF`j*wp@lsC508`GV6y;q8X(*tL|gb?92^ zPiqT~M{@xkh}V%Z311pnQug?&SjpU+)1BxR&eM#VPb6kmaMqQIOVf)s`1pZNWN{(2 z?{8DDkFtmDb?h&D_2CjD+#%p)jyhYvN>EP+Lq)%-i8%Uii2X((Oeq_*W@DvX<@!TYNv?#dc`4RFMkXV~AzK{YmOO z)Dz|9Z~m#6mJYwi;rJfzq4s3GB;G>`K!Ao;)2DyOiIW-_p2V#*;1d8BRdiGbO z8Wvm2+-&!iiHYLQn|6`)canZENzzw!{P~+aGRw~*+k)3jV?h#H0jH;o&pnp{jRZ_G z%jJPykaujWL7+Ow^Z8_k`g?EdwL8!l9>dY}A7tYL(~*u8)Wt z48VOTe{T(UQbgF%&^LmE&Y1?oPBKO>=_jEP9~wVTODCSJ2Vo9iPMtn&$5+Y>x2Ru{ z#fWKIH{^KH0VbD0esOWp(beS#^je(t(WObhP36z0Plp$MFPwUdA92R(P zv2BKZWSL35vd_G5lPqo2X1ow!HW1L>({RVStlypboh3_G%C8#`2uWDBalq?*NUEgc zkK9#(+O0hub26)gey6EvSd(KAVH?X_GkP?srzUEf z9Ah-R{Y&+T8m9SUvt;xOE7||m0^qBVpWFToa3&0sYNzw84CEqNv%sA^H4jtw?#3Rto;f}bI*szrK3X(DVw7DG-f)1B3~2bT`|ZDUvU5|qtas?0 zfjdWyL-L3o^3(Ho--gsEhar2~NgZ7471>Jp2kiI0Hv~f&pou1nS1fIUKv$ypYpj85 z5l9Fby)VeiJwm{}Hq)%bpYuo{S;@8M-sqz3k1FC!Y2_p$ifep&iV&k`)AmhMNAMnK zd>BfPelY!!J>9OpzFsbcAKx43d-yjY+dx$%545u@VZKl|bCo6+Lp&?18&pmq2bnob zHXGIWwP!HD4N^guK=_AioLa8f-8z_NO8H>Q<$HNAU9q_2!zQCMkF(|1Pn^aE8oxSw z`OX>dOduAXfBz=!?&)sU%bG~aV{8QA+liM3_mNCPS`~HG{ny162*X8e(?xq2VY7rn zc_vdUgp}s3?kCMXfI?daXmlG9c@{+Va-UzOMAlaWx|5Uw@Jm}SfL5~ee#X*S0VXBN z1Zq+dDQ-z(#D|SJ&iG|{pFN>l)no8$c1Xm<1f9*4jADNuIPiHsV>~Y~tyg+H5O^-60B&Dh@cQT9tDbggYc`rx9Q|T+g}) zUa41^Vq05Ve?EJKA!-@|w5Vr<&(~Oy+^m4XU*4vgqOuL+11}z-DDoYXA40i4bEo3J?Z&6 z2d=>UYG$#1Vn`0dH3t7I2u2PHR8{jTFCygs{r_X?E2E5%U3RvJm^9Hc?IyIW!i>26`@q4REj|9jWEANat6nK}E+KKrdFLTD0xe8lC`)m*)w zB$3O|QsgR8ukic(R|O1Jx4x3-MZ6dg;u!9NnP>GG2PKxV7WiOuG@Ejaew>vZLyjpgpytM zz~EID#tRILt)CKP`heuPH&-JQb9X&75jBc67^Nr3;Wyp3ET=klHjQ(6U!viaq;}J4 zYKG8i-Dp_oj?)J#^X>@r>rK2mKJz_VWqvGgd*}1LaCDr>cw?}>U8=8PKM`lG)YJbt zvMUI|I?s9c0)V&QzIoFQL?IMS`w?U*b_>M9@G^m5Ll@Q;yl%s?Vf~(&283d_a~suW z(%x@)@3m#WUtV5z=ILXy87B#?K-nC{U-4ZaueBu)w%bm9u&{E(uDgv+Ebsbes%vDY zJfDqAZi4yEm)j7z-O}A3E7Ky26h>tF8){B+r-Hp213YDG@2d*FOi5iUi^~Vej`o9FyX!6 zXhkBJyoekX13^Tp6Mt51E-_&c;q56jwAzKad~|u=1zA5@-L{#@^Xh|du5Jc59FGMQ z2mtiU&Nwv@myH!rxhSZ5OieIqZ5ID*48(%c)M~zVI1|UGa6_p;>ML!^GnY!;f~BwJ z-z9Jw&n%Rxj~}XBmsb^4bP$4ln^KoVB&o+`zKu5h`u6tiJ82v-Ma5SgPyN23;8}&d zQ0nn}>qGbT$tN+<*RQes*v*kp03n~8=QXDHQSH+?Z5H~$gwOr3BmQ2e?P%4IC){S?&+pV@=CEsdV@|(@!IU$q$d^>2jeiRj}>t074cWyc&f2TeI&aTBL z7Z*-?wNj(;9I0^_72wsc++8eh=O*f|f%s8u@X}KL3XUKdF7wXR^J%DJ-%Q)F=e@g! zpmMMClaHxC4U6&Pg)xFEaePjs5Z^qv?(mF@7qcRvQquM8>88e?9OSA^OpJ%tv@E+* z=|m#EDUrT;_d|eoSzR?XK^Xm`_S5M0@4h4B=8_t&+|czlIW6!}hzsyiRukA8pi5Gq z-($K0=47(TAH;T|U(;3rxfTmea3B(MT7BjXZ^Y#fF^31OeL6;qtI2`z3~f!ft-LPx zoed^w+{WR(N>M8*2%au9BJ9g@UX2#XiZDD^!{EIf>9TLW zIOLBS<%J;Xc&+k+)bldVWB7|ZrgVb&EL^;^sa~xRlGzQ1eX$@XR0|CoM52}8_wzeq zu!pyOm=C`UTu1HN(KJw37|&eXE0a#;6xMP7ITt;gAFC@qY0VqqPriBX-beo~b!fpe zFMF4h^vjXc)`3)!i>0TaZV=t2qK%$M<#=TwvQM7 zx>~*xcU!fbOqqrkbhgU0O3=*R?(O!ux0F?dd#5dx`&D=!8uogxC$ZjsqFLk)n#|aH zQ|dPpku_V#*Vui3!hJF*4>!PVu2XG#t<11mHi&W(8XECENpu8JD^b+0I<1n&G_suT z?JEQ9@1hRy>PZ`B=0)y2271c2lS)FKG~^L-8JfjYn_L>=dHMbVpZPDE&hSB zVs-sE%iq0(m)GPTJb(WD6&BXVBGr!q8B0m z_p%+5aUP@Vr7TYMs*MIgj^O$f<<^4QVlZnan#{DywCVDyU2@L(y|?3)NNSWrYpLJU zG+|;k*y=sj)Q{^t=MmhgdY`fR2Yt(m?LNV!!SDF<6S=j-cpTy-s#P|Nyk1^jcFte! zqq4DtXHqbQZll}oufsrf4*2}VPTYS&6jr*wku%XTo`E9 z{YymSs^cgpSL*A`iQlQ+KS0;Q$UL2V&ph-?0sbfWR=X-3(TnZDb$y-e0zO9^HP($E z6M5TtB7txBd*R1Ob$tzHrrtiy))9GHy_1jt5kZ~ym1*7aM!}Vwlht;A-dxy{!E5SU zXYV!btd=rPF}U#dIrR&j)xI-i`VwNtEfP~~hbKoUD48;B(8@u+#&1uuD53T|BFORw z)#l^@t`%8Ja(wWq=8>&4bmP52D%#^0`OL;K+Z!JRe1%djzi`dUn69VnQ%{K<-7P6P zHO$rx5j`)}4p|kJX5wy`;2*km)>fXaHj0EuzeQwpub-gdf9<=IQ~IIl?kP5a@Zph@ zLqTU*QclkJk?Tmnnl*P*zO{_}!Z2#Sa}8CCj)6~qv+9|>by?le^1ymzg-~gDCygAl z=|od_KpV}HEh1Kxbf%t@iF^{ffBlkk-41f}NdVQJ@9PwVgPaz(A}P!z%G>K(c3Ew{PK7hi&j(iKNkWi{g zR}B7E?DiZJVHHsR)y{2{4QzQs#z$E47WrTJ{CYwD*WZPz%4G2U$l;818xyOQ0B`*K z56q!Ce0{n@iHw8Ny*Yfuw3Xvb_(~L)8^h467vc>%BX8>#5V`%uqU2W_{9^Y;6VTD6 zj9{&zk=9qqK3b)fln(sfMRpfK0>rLF!3=@t+mWRa^KD?Pkb=suj7r zdGEtYld7#zVuk*-6Vzn7RWyXBU&J5VZjL8)Y?!3z3+Hv>nb?4jI`M(+e&;eVh69Aa zM1Y-`lW{Gulv7ae3$^q}JDcqiKWJtaJE;q!=)>=C;R>ynYiMcd=^Bkr@9E;DccSAa zjw$j=NwhqE3@i}%B=JU`y^6ksQ82Z5AxDH^q8-e{nUti)K^BqUP?D0r$t$-0I0)fV zGf#lbt$p3SKDB)Pd5x;KzcAc6@Py*Dcj>Ysy}OH#=aoEtZG0C3Ows58I zd4sWE@Rg_!>q2!K%2siym-w5IZJ7y667EKNxo`6RP08o>el=R_gC(=up{P{dt$#+y zw_?jT^(W%5SckNI>Qjv2vlpqXNI?SOt5JnsEne8$BO}HMJH3H=cTSlv%6eS(7n`Q7 zkRX5~!s2`H^la04YGV5QD-91eahU&~z)Gx{j6F`q6>c==BxPgqTI zfI)+~&F^kI@rn%B8)pkF|L}p4&oye4-=G0-I%)0TNB8T#h@2RMx6ZF;n zqB+qB+pYL6G0V-c$T74bC~@tz!ey1+b^>37;Z{`167-4kR634(_=O?DoSj<6M@c$e z81`~88%?2ip1>b8F8r6xs4ea+zEF<+!?G~#_qvQ$EEyxaVrHLab?-C`=>~;N-}^Kw zwxUmY8#Q-x-maQz28zDqWDT_!E5lOh!8K0wK{P-EBP1 z%(wPF#N1*u#-se-q)lK~#O?fY_w?Zz!pd!_a$2#ChN-e%M=m{yB>P>Tt9kp-G{j)3 zcvW`C5OcaLk&%fhveo;>;bcRqv$OLt3pAjD8CTx%ao)2x z-wwPxE%?P{@@@(4(HZY`_*lZ_tls!#oG&UQrV4~y&i>^SDj;srX1~>FmN%f2FhIC< z+koWdy3Eovv)W<3&E`&1J#|#bnC}E*?WgHB7S;^Jj-hCwpRWq`tj1+0j>)xJ!th(N zfUrV3IWM2x71u=4J)P`q+vbgTo&>AtgJX!ZJI~5Ndyo3WE@{)O!z!mZ7ke50y(ng5 z+>BaRLY@rNkm*&tx>HyEpFv*i*9N@k=hk_aO~dTFOUV=hnk<*K=gmj5`G536UZP=O zn1Bj;V`GEG^+5Z-+GRJosE8g7k6{Jm*>RBx()G_K`!Ls^EgMIAH;5-vQidM?Hgyr! zABjaO@gGVVYV?Y9RD^t!=CB(^S_)t8yOA>DDq4C7#5Y;`P8;p}-jCVT zOV8Z<+o-NLsury3`PkE!gm-rDh*kT_cN3MH9UKigQ#_7n zBVHh$3^0=AXLqpsFh&R6W5k6ElpP_b@SmK#?CEtSl#X{sMKyU-j_X}$-Mf8_4Xydi zU3&ipo{#{?W~(;VM*J*0Cncz*!){LEkk&zO^6XqEk z-eM6%^MATl?9s|QDSx=fthbuNUA>rUhL70t3}_PmBGuV9WJLj`_1yw(|4A6 z#1avO!9qW5>-t!%!rd*r-RjIm)g<41ViH4rC`~tQ_)rqBvF5P`&F)3kAKp>V&D>pj z7Vxz(Z83~#f7o+5+jq8o)HP~!ZL7oU&cgf8L9C={*BohYus>3TkA9mHwE<_xONE1P z{lm8o8!j|8%#Ad@(@@$_$W-qh)rzo_!79vb{WBjb39rx&?g$bOM%-JJFBApxiLI&1PPq{_O{TGY{1f z*pXRZ)x+zyi2NsI5=(1vi64+eoia8k{uEpMv6+s6UOej*8u0^OMpT){)%ZgF*&=g8 zjS3I5hk|#QOSXa|1dAn~ovguz{r%KLP1RqS*3tjw>6*l1=$}&AGQ#R}w z4{VJw^~D)$`1^Pc=0gRvLpT@P2Ua>RoqLl%Bo5h3GAtnvKOV&J7VjB7=A+QHE%?uf zIg4xD%T8O*WYs;g>^LDw0(|wp5c7nzn|YNAXl9D1v?xo$L&o$=t?hrGNAKUBCZpJFeZSkFG++}Jo8mtn>oDI&+i z>;3(u=-+Hr{&*&kz**#V-hHi{CrcqDlmTQ`fL@S>;Z1FcEi1)uiA*v;h&~I~>9rvf zTi39kNQUcZpMDa-UHXAFZG;!L(^^XV@GkkZe*S{)9~f>KUoOO)azwa z?H;{!PL~IKV(Ivlu}*?NU4Sn_U}qK6wPTG=y92lpaZ+6uk4c>uXD{ zYDzt;xtf~+t#gK+8Ye`{kS!_q>NzlwM32mat<)SDAsAh`v$~T9FJB$ zNu2}DyiZ^RnGf;!(cH{W=DAlvBzGQI?n>w1@%8dBajg2ltYkf*io5ZF1Yaq9+Q2g) zXq>CK*|JS;GfMjjEhC}(fs+Nf%Kd06T}UW@moI9=N&&^YH{V=_=`3!pZyUb8y2DHR z1+7lrOPh+$zG04zE9)6pZ2Ai;ke_|3#*}8de9X>&o8B)uHdbzJIQKlUF(aer=J1G9 zbGf2)+=0(!uf3;74Es)#Q@`^WnEn?#5eWY+>KH#W# z#};Z!A(pwmR=}yJurrF-S3t3}W4-6oZJfAt?KfbWYjLruhRp^2zWCHMR_dKiWGTR2 zOql8HeHhfN-Tu=>r^v3a!y@j?b|!@4B|W1F8;}9acS3Oyc|74&s2CX|-Ye%JfIRm0 z@h)Ngh*-s+F5}Heyz{A@ot|kUpI~UYEvi~_*)-%m6U=)BC#3Rj)A)i4QxMu{-mO%%~sVKdFCfP z^CK%jPu`nRcUelo!9EAilsrmWsBAZ`hJ(kQH%}qMh7%DAgr(v!WB@kxd2@5~(FvU^ zO&E+;1TByhNK0F;tx1`E>6=l@FMipO64w!uUx!T^8>v}ha(%kfd_HICpyl$Y!ApVU z{{;P)Qc)a6kIevqkG}G)*P_|$wa{2k6fjw87-}~Z^Wl%~&Fx6zPAPU!n^$K{WV`3N%JTW%wlkdVj~!LE@kQOus) zVflAfz@GAlK7@!C;5@#}Ij%4$Ky~}-$RqO2v#+ItDJ?$Bdi_2!^oX6q6ncJ)NGO*oItiyPZC@W%_yi4HS%W z2~0YFfLMsx--1_;TSJ9SK`$%c)fA}oIw_Y;(36GfF!lh%o<7GpS@_n^_eDJJG-NfJ zJ>gP_$v3y)W2r$N|HHt*zzy7sCy&SxFg0_YY0Nx%o26<-!d@_G;l#`MX4>lACu|>m z+!&<~ge)Gc$r=p-9GC`^H<)8pjySnp*k7pdd0uF}?St27wRmuV9{qyzv<^BcZ?*h< zf`S}RnD0&LQH2-ApJ>+GPP)Hv`}LX~R|g)7hz96#Xi*rY!_W(g0O!ZS-6IkTkWQ3& zUsLQo0y>IV&qB50F+PRBVq>Lchm22T719@Aib69Pbjx`1JJ-V6wDHnCEf-5g-~pW> z1yXiBV1*FX;ivIHkv%2WF~%0Zb)=HoGL*i7kv$Fhz!OrTz%My*axoLPv`dQuQPFtdZf3GgE=q?^d2w_yHzNmyA$gOg=-PG2LI+7d3<6}?`h)rpz z^Hd)7pOJy>O;=x|)xNeWmmb6L#;U4u3RL?=hb*6!F+s{%J>Bm~hF)h&l;Fp+`DDVD ze{^!$V0W83&DgTLR$6cUVA%4?OqF}0Rl6_XNeLYza{#sxRzbNb(4a`t_77UZx7n5~ zwN0-pdD{A7Y2Z$Gd$-wIrhNM&JHX!Pt)lZQj-mFmzAx5eA0%gnSY7CMHuvoiPLXiM za97+}ZZT}p)Fl0r?B2j<2>lDyEb{ttW?jtO ztWIY}Y${ad@V2`%%2%R{3u}r$`paQdJg5%kB$werf=c8;F{^6;k#1H>)9Goqmo zFH&5KFe-6Dob~yyPSEDp76XA z@wg0QCHQ@=94r2uG(Glrv!1QotX^F1T;ILVu7k7vhOZ2nc>aV;S!+3unnDJXS6Zyz z{qpzrND;y@L!oV{Or54TVTF3mFO!aXx4jm(U#)$s=dhgRa#g9w6ze2wxxa>K13f1B zbY52bHPPIzpX|z?EFzE)(&cG0{DlEtEBSW|GT7UiqRZK4=(Rao!9jTv=NEH<)|N{x z^yO&Z4r#-)<8Ooyb|(niVg&ZjY)zJWN%7R$G*gyGl6;apuDG!6Z(l5WUa4tI%oKx@ ztK4o?ScMK`dd2M>pRV!uHS{stR}zU1Z=w|{EUS@&Qg)gvX7c$ zX*`Z@u#&nsjNE8#k4%yp@d(Wl@VyLf|H6{G96XM5r6RMiPOm;Q_Fzkuy{vLPaldNG zP`^AT4`e&yXDKck*GGLm0~d?@?rnOqUFbP`Ji&EaZ~ju~fLrzVP+>?7Lx}pI-zJVm zoB8`y-2`R5I1^}}JCdlVA9pV+gy=y&z_)D0wY#p5gX?Hsgaljh}`xk zTli9N8zPJMS_#RuGmQWrS83OU5(?VtWPp#MN#)mlefe~mji~)5^;Wwl>p_?-%=is{ z`MU2ZrIZ?5L8edyECIwyj!v91J^RF~E%4e8$n#D{_B`$ET~v4(D0V+%gsPQAyPaW& zn)j$Sx#7$;($+;J4;5q9+U@=|#}n{$UEQkZ$f)ES#@<^z zX1;Cj<=B=}xIJ>I{B}*v6VD||8^65N7))sSf(Z%3bi8}6Q6aQk6krLOk2=w;X3D>Z zgoON|ewM&`eke z=ya^2ghXg$-+R@bm1LfJpK_dw>AXemACRKH?^N{B;t1wziZXKj)UhgJwr`AjHoULb z6don0J0u~qh0la$5@9NK_;P8no=XLtatF zVdQH|Z|j~n7bjg2#o7>cj=~#|%bGhU)bK1Zy`RlK0URZ=1F3v|O*->ie!cs#u2K^GJRX^i<2sH&= zK>lgy6Y6V$6Ny>1OgEycicKbwNi0|CJ!wq&M~jFBb2W1i@fP3|xg#BMK6kjxgvmVU zWH%JFP^!m>vM400e;?+$x>nq+e)qdML-^f5U`N^hN*@$&l&?C=VU_=Ajp&~H0yTZe zV>-U%aO0o0A~k}aNLK?aluM&VAo2@yB;AeCrU8mq zZ&u4viBo=z=LEL}-Nuu4`)$;sUvNYHA*Q1RR&2+ocCIEJgBM47D*TT5i{FdFWNY4w z8f(6U4E^rF;l4R!dK;BN!!u1tYij3ICLy^#Redn}yOVE$?#pr&Ojce8;+|fnJ42T) z-?!*WobQy*Y8ccxrV?oF!>olU_X)F2H~29z3V7h%hn^XpPnKE@qd)noEH1JnZvlm! zVSZS+S~K|`gGw#zgRe!{-b^6MlEPeTvIk%@_^8Pp|@ z0;t@)nm*f6Imv$%3po(}IeA=>yjF@k8l?Sv9s+S7fxIH#MXsj<#g!$*#%n%eT>&%ujHk0WC5s3QAs8C-Ba6P5(k~K z?3@LDM#rVup-zR`>}g^YOS1mo&o3sb9M_4g0eU6i>>2=p0RkQs2*xY3qUp;~t(N8O zYjp72H83CkeF*Mrk+-iNLt2vDZRZ=uYVF?GRGpgQeU&Mk51 z)KkpDWI0$OW4Bak6W2==FEQzZOd!bmp5Xo0YYs>T>O}AbN9fPQ#6Ey(F#<>kD}Jmmc_{bI1>n#S+T^6SOc+bKcD*;*5WLWg-5$XYEcy>tn4QM14Q zkIAs!Xi#iHN1o%q9b^UNU8mb(C(t{S)72%55;#u+baZvXoz*rBzAAq+Uws1RNxmWU z#}X4-neVRih{sTZ8vVfC24WL)cWw-y*drAhWKuV^;nl3|?*3T{J;Y z5_(6Ma71jxsvQ4;`b%}oZ)^M#__4$4=6l4@CANH(wTHFa3|yZw2KQHhwyn(T^sgP% zpM8&-s2V;hnYn(qnb}-&- z%631@&1ASgWflZoe%I{<=fxY`&Lyv#tG6Q=0=Z5EYeei8b1{lhvWmPwuaTpG!$QRZ z7s-3T$5c`6al?O<WCuLfyK z2L>lZ^Z8ik8@IE{4C>_{cUZbPk~pnX#wk$rxtw_1|DC|cHn%bdhb2-IO})|*qbL;6 zt~5{GueiB+f2Kn)JPI2q5qYz;^igh}EPEHFYwOAv zA28bpMMC>F+h|1=nC+SsNgT18D%f+a3$GCun2r_O<0;1!80+I(kD9SGz8`f730)wOYz%PL?0sipx45ElUJ9|63k0q+>K-#NTH-7?` zNwWm6MK?;dh(pVkg`j_Eh>D&*Y;VsB$gN32``@s!g$)I;e~^PM3J8R@y$&l%1egvR zvjrW+CZ6?;)u8MqdU?o!S=t6o7LdT1?g0m%!9!caGTV=aP#uJV{DDcTak<2~jMtcs7ETk%Jb1P$&2U=soIjQ}@b&Z$Nyuu>sewoQNS}w;%#BTNx0GQ?F zaWR7{g7m~lNJs#Q<;|NnzlQeR-QBzU`f!Me2d~2L8|;p#Oqu%DHxGlW%J3swA@x%i z9X->v3Qs|?Nq_kn7T58)tqsD!Z>1J<3?ngo(!%QP;N$t==JF;o+I6ieumI!cR|gz*3wJmq>xew~-N5pFGL7LpSPa zsXUkq{qRpc)9q$@)X139SWAqe?xiaBFCpUt0WIGhzU8ztF1GVol+ZzWe1P8_QXD{K z)3S*NPQN@SNluwurLjh5OU*i)m+fF!JyW~y%8z(wk7gNA<$9%DsYREZFd;jczge70 z0DzBT0Pe?VZ1#Q80HF+__~uMK)n>7AtVD|ogIsXv zaQ>lv7K)rvS`v>@q?r?}hoYazz__~Hbo=Qb{XuP(Sfq>K<{z4@_buM-pP4k`hJ<@W zQ!K=AA5;3nC4AK^(YJ%-dja+r`V4c&lwGO3iA!UfLIksSug;%1Wej8hL{luLE>rBl~$)X6WBg)8-z07md6l{!PbhLRt7aiL>W=#(NTSblqhsk(VJTTF? zFmWPEjC`8%@%a7ks_^3KtlO?KNB$o_Td29k2qdr8wz^5?&c#Tc+5J&AKOY-jAq~0gs*Zb zpOOtpsq7jMT#*D6pd}<6!Q>v!TGB{|3>{B??XMg!T=XC}*O3Fck5O0{6G7AEJW}n` z4#bSjCuNMy7mM$GZtcl2tM`fRufFgj^ARAu!N`G)lg~bkm5B@>e)^?# zd|~A2(R}f=o^N^>KJ$2mp#-SLa-6uGyH2282>s1*A6Mj_sM@c+3-^19I52aJEV#-D z`YzfrM|zYTNJM-&YMLW*xh4K)0a%m9_Ncxc{?>4UhLXJx7sIJt!-5_!gqJViG;7~R z)(^8=V#x&d8*IHyYrP$!qkIF@qtmc|NVMa&fX}BKzdwJvP3!Q3#jx~DV2hAY?*8RMY(>tC*rd0>|m@8 z^6{Z<>XZ7j$kd~;{GZn7lGr}P9L~EcU}6CHjzClr0_F+Q{jxH&0IUP{K(5HEFRzJ- zWlS_T)7zyhqb9ED8apVm{}@l4MqWa^Wh=lCX}WJ5``(X2Ae~mA53byRO2d}Lfil=cQs!#*rmk`Eup;kTAk7c1~?#?P&)w8{;{ume-Y1dcQ5RJ<8 zVZHm#4bK!Db^g_9*w{3zU*~Rh<$SnUd#}IE{$p8()7f;k0<)PGwvX0iu?E{zu|~EN zLDo}Xq{9VvoCyGvez5-iJS;SH_2#h6bSR0{>vA<%I#@XqOuEElR{Rp$M5d}ZtDfV- z7h$D3@enN?!+%>bZ!-MLr4qRDCLiyZ`{fyu$Yuq#=+VB*w=Hzi1x#P^_I$Id2Wv!B z-OBX(0)<(h6Z->eeU=D!snf!%n;SNlJ@u(FJ?KlWg?8XB2I5*)05B)Q2B}9ErciiY9oN^{zNGL~<_?{7 zs3C+l4iJzP2SFHO-dimb?({W+K}DaO5=fV=WQDn*J$E%0l~8v9!hNqh`nTtl?8Lqu zA2fV!gAJc<)7K)7{=64RC7fqOp#qKQz|TKAzP8WLr-H8uh;w!PPbx6SdcKz3d|Y(r zXm1J}zC12_1VB}cnxDVq^u-;mPle8lvzy*rC_Y;j3@Ba7J9`cYy4h5>oSk1; zz!VNF%RM0@Hog$(B!ZwH_$WsY=9M6GmYlD(HeYTP`2PL7bg(I$Nw0NiEL-C7x;}mS z6c8ND=61AFX7{LNwG@75$DEh7nPBa46SmiKC#Fn6 z&{Y3RevJ8Po$NzQ%LJOMk?g@@W2M`nF5J2E_aj>iByQzy#|BLYq_r#B#c?qLy+jc~ zfS@(e>g@?K>KCyOv9t=T{P6xfym@uqop`LgYtbtU)V*vCnw`eb()_3nzR4} zp;ch5w>MuGbq1SW-`|%D!(+5_cFxsp@dyliXTU-rDKAg+{(Wdp4pn7U6_58dI{@|u z(#nI}`Yk*A-(uRflT5w@&u}nS1@{9u_RjbNKxA}G%%ip)kS&QDUk#!Ay_;kgAuf_F z9sy>EimQ!9YGv2}fDHsdct9A_H-N!lVZZ?dOu8?xuh;hXBbu7{K>g?jM5q6jGlNVH z3^|gMlZ{MFVp38p5?1naa#mn4ng8YY)bHMfa9YoOZu7bOaAA!0m^vxK7>+UX{!8y_ zNce#FiqYBbBsU*lmDiO+s`Njr#WNDa#}B)@8q1R-t~vwdK%ms&WRV&V&{WqKPW$;^ zNkm3Q2CiUbYbz)?7ne|LYu=kO@F+&aZ4kH@@dN>IWHVe(|)4`Em>CajDvy+p!KvC%S?yk&I2+2S5 zi0YS-QW;pJ8GEig(u`Q!!Ie@vd&AN9xL zB-Nw5IpX!p?j?`f@vro+xc@W`aox?REpY99k!OvDQYK6^rCEMQ^VmpFPcOptXT&U2 zOu5Ac+=j>N5{Nch=6(P3(uAh>36?8UI=_GBkj=_MoT&VhXi>=0w~g&7k$Y_5Sp8U_ z%p_JSt1IRdaJ4RMj8+TCufQA+#Hi9(AhWI?i-f)jOsv*F5XhoFY%UIY z`(Rj}_a(=_Bs*d!Z@FM+)cG+*O*-E{2puv?)fh|QKkl`ZC7rD(SZFm~xE%f9A#^85 zc@?>xu#cp9vbvo5FH!C6T=dm{&wBo+E*h(add0^EhS}&S8irJ?C*> z2l~`2Zl2QecTtE}v+E*bwd{Kb@!z2C=|aDE2mjMz4vI2K ziMboWJihYV{zvu?yx5*fl&$>p>OMqwbH)R zAd;C3$ee|Yz<*`(urgn)PK5J>bHFPH9zs zg<&6{a0tr$DAx4MV*lU1lYZd0W_HR8(92E;XyeovKTd-{MgT|hi5u{HFT2T;svU9= ztoifaA^eLmdfP1MqI%6c=W>-3UmDE4YfYMpc_P9)k=r-C;I%EXu&ZB;TQDqRLBxW;$?JwiPFNiI`f8fFb<%6H^W`%F#QW-U@YX z_dJNxGKOoVSyy_u1o`&NaW=_JU7|Iy4=n~r4soZJmNJOFz2#~=jt>%JQN=B5m;H#l zuh>sGThIMm#?f>0P)ejdahk5P&<6#2wK%F~5fI48q(ncd{J3*w>3Ws=3&++$5#%i^Yvm3U#Z^~-#^1(Mz)_aqO^22HQ+yO+pV zG=#3s^tr%+v)rS(Y0U_p4+d`5xA8tWKwAKpmEV(`0hMtCF(BzUI^_9IjwdLy{Z;vm zy`ss05Bwgp@?=`gY~Sej`b4Zdz3CVri7ZdwMLposEVm@pIFNbYMi^@?-{2MLxnr%D zVph6~C|3Gjz-2T}%@RAgPmv_nk$ffCdkl-kJ;8oV1H@i%3;xCo4aqJnTG|*KwRm29 z@Vc~nG*tvCpS^>_?+S0U!Azs4vjq>_g8M>2myV_(4Qb+n-?E9h*saA7^-SBpa%xlk z8f@|M_{S+v!ri;+#nn9Uc9}8c=$!GW{kEpM&6Fq=nZN&M?3mG}e|9Q)rkoa*8H0LK z=(P)BU#7@TqSVD(eameEKd7Ih`J_gbS^X-}TCR_{3ASpQb~OBsEx^R$eo(xOf+nBj`xQ5TTH zs=H)S%kKRaKOaUKbDpKAaQ5il?zh#=-Ft?*{nYfS?#CldvVlqOJ! zj^RxWc|uxba;&a}rEx<>DhR76`ji{;O@DZt{$V{zI6XQlX>(al6%)<-T3IptuOXPo z)H6I>(tB>r#lVG6F9uqc#vSCTk3N=Qd0hXVY#_-x7Zi(<|B{NOVF$16oqL2iN&1G_cY?4nkay!CW}RQbl)-oRoAJh-+Fn z<&oK^|9`hptKvHZNyDh(r1wDg3AY=mHBsctMZ4z(NnVu|ShN7*K2+4;FZmH6&D0o&10k73hiz&!DvE zGIK3fVu8ZK>vT*4B-{W=Q!X6yxaR-<0m0fw(AvhXXKXBV9lt6LARp_Sn&?UW{_p=x zH~^U4%hBEHZwpQ`At#avloqMEq=r3*1aBWRBz?rw=dQEP(LylcxPkG?3I{jjOBu{I z+!KtWx_^eUt%RU;D&N{{kx}|)HIeLIleVv_rZN)B$VD3rPzB8`E%6v)DvH3m(cQg4 z{e<=ZUQ)|a(oxamqZ|m{pj^)oPw-`IQd~e{V&Zsa2%WUFd@s+;GO$H;2s%~QOajB$ z-_rRLnPX-kkyimAz;0(d>&c{$jQbq>Z1KnLn%Ut}%d^Ery&V=hDtH~3WxXue-iG=n zI?Q@giSK+4z?%NF|BK=%GWE(F4t;#V3XmtEF*_PAVDOSQdJOlE$GKD*somjRkZtQ- zLKAQ$9T2@ypFC}pd;YSf4OMMWO1d*-75LbGsX)dxuhIUp+^ySFFnP*v4GJV3+D z6}+&(unu3aI&p9~Iy!wzA&A!^A1q%cQZ|9>SuBx1ksPr;ZN?5pVC)tzEh6mSyO9tq ze5?MelBT0==i<^cJNeSolq)Sw$IgXS(AD0#Yj_w3li5~#k^i+%en7pCs%uG2BJ#bz zjlp_U>OV(ATOey47b%&f-RhOR=y~7kYo}-TS*xewOWcu`NHsw67?o9}Q0azJ^6b1Q zlu{dzl%b#$NDi-78CQ;#QjqDH?IELu@dDYebsp=}@n*91VC9Rd=HFw!v^q-)Qa&-3E{->ZG@-S^o!_c`A@-*a66 zbsO*`r~>!^P;3m6jGrPRwC~%9{4kbXqQ7wIa#476^nH6>QL||!clW~?!s7edY{um2 zhJ){aIw!{&m5Ju<(^k9_D_bI0W^$T|11NU6O|BYMs*4U&e(JX?5E6i~8^07VFLQLL zht@!3w&pUE^a^GrGLdy~^g!m)Wy|V#Cat+BnZmZtSuQ4xUgld5bLkGeyoS;q3X{r? z_x3t^dujbm;w2krcs^%|&WzfWXJlo8eyQ8oLbM^P+OQOx4Gv`^nM zot(Ry!^Ik0gfI^&6NC2`PhY-MDQaOoa{FLof$~hz^Fu|!k370aL&qa7@M&PJm6~o<%iMgi zyRdxciY<%{kaUx_ym}_&D1g-l!9U=~eG(eRzr2K7{mC4b9m8l7a$XvSRBO$$pzwp` z|C#tGV9r6D?8)BRZYnpuo>*Ec>#?oykVR}}eqF^{gZk!808H^xA1GX4jM~~d!sDZS z2l^?CP+%`l?s}y#JMM45dQ%9Cjc)0lr>b_B3a1^)-eRQwZ2UEAXKf?`>@h@nd=<9U z{B3(5Bs9s%$;)iV3mubmv*!VuR-&v|G!A_d{>8BHTMkl-P0Cg$XpCcPbNivV<<0zv zj{d9rx)w_=e>6jNW_sfE0cH#>aps0SwG4&=zHr%rM1>ygDH_YfqI&#ht*YeS%Z|`%ypk^-W7X4B0lg*( zGWRVwBQSrlDNfRRcdLlv0`4FGbsyw#T0skz#=__OKxmZ|l1ztf=Hh}`Lr-oMMd+E^ zIYgspm3*zf;=NA4z@LqcjMug7x$24^2#-k)xL?pQIz{g$Ev+!6=;-FsIyJ=sC@6pZ z`qjf;XpID1D#pgfz|yeA!hsJ!ImR^ntW@gQs2D{Q_fLzYmK0gIHP&$LW^ zjKZk?v*>Sk^6jYoH|M{tPcADi6RCDa- zo4FKdT4)SWt84-`lqRUMOieT&a^RHvm9;@6axz191OHw@*YlFD62GkGG(O>huC`-M zX)(U01YaW|x;NMV8f`9{+u)Ovc@IvJBY5`M6o@ zsNsX>qj{sjNsf2s`TDh8jiG|=n+xXd&Ncl(el73>Q|njunYp=?l6qQYN33i81s~$$ zyRX4M>ABGQjRcH1&bi8UJIZOgbqrkh^Bo}sH@^6}wr9_u(64S{!X}k)OG%6^^JsE9Nfh!4IG_!p@JVvHr*eFete=qE< zYTFrK%ka1WuHKLozHCafgWIPF*$l!g)>nJUH%oRJog~SVQJ%uP!A?(iczZss*!Miz zD@2Q5Tgz1wD%igcE0(8cua@QV^nhJyp;p8AwU+rqVINy4R4w}SuD>XTv_PoUisgr? zrSH5)TB@hV4u$3-Ei3Ld!vfSNofhdcN-7v?73uAy?2si%=Mttu`#BRVzgkq42KaH$ zxW1ij`VA|tr4zqxwJS%T=;zx{xPids*4&^ufm$M|_SY6BhEzpjl^>`mYxY&oUKq>w zpz)V{kF_e&aFq?ey>oJQ??=)F8T#R+>h!Z`yA$DZ1gCnYzYiZzyMMf1L`-Wzg~v%) z$z7MO&u9`;R3CIKxxEWsKxR3Na?7)x=0vk&Wp|j>PQ&#Y6e_5~eF7a`376GQDJV+M z%L|;Fn}f$dpFTD)aH?n!9eVDa^K3eKk$cJFGOhj$3#8X;chvA2KzTEK`r05(3u2BR zNUHlYARi#A`Y3q2!6;5~h!TV0`T35LHm9Iq5rAOL0#Ck#TWje%p1%<{2-4xXMMW@UQ;W5#}Lc+pZ$EOFU zC}3Pk8%e;sut|VG2r4!N2&8v~E`~GAzuE?8pld(NNzc13>D8Huef;<_ z`at$*nkfLDlbf4bQxl(;Cv<{R=H=xDfEe#`^|R;RbfQilSs*<9D}+l#>um$Ta#1#~ znX>N);~E5Y(ntq~&W(M21A}%z0}9%>2^fT1TJF-&(q2<=7YDYyYRW$Gh@6!Stk7oj zPgz+YhLKUx(V@R{=MKd=-vb{h&mC*~x-Iq9J(r|Rnxo-_veyAof}24aMYY8@UasuQ z4dBz4zfP`!lw>$Kfzp8=9UW~~T|GNJCgtRt&6!4EPPJ22PYVC&J{2`=JpFLvQoy%~ z2@NYN?q>7NI{k!xzsa?%s;XE}aHSs1+6*$MtTK)>RM9`UR8i=BW4$>Rtr4dKwYKfE zAu{}y`=+}>FrW#XJaLp^XKYBCtxQez1-k=o;3Ss%i9UJdqz>>=$Qb<3`?so?n3z-& z{QKo`S1g->YkK-F3op<3?fZAQIBW1YX8?Ro{?=1B^Exw!%0oYkovu?6C{!^W%^(?o z+4-DIlg8lB-5|O75VSI9QBzWat*DS{nH9%se5k0X2%}p}8nK4mmtkL*TBBPA|5rN| zYQZ{{#Z@UeiCa&`&Wj zx-Om%>g730*ppo#8{Ci7_dY+U00&9C29PCfPk?GTYN@Ct5XiLQY+$ z{I|DB4e^Ly(Z=#QNmf04uFf#zSIcwmIe0B0*Arc22^=xEYBzWWl{OVo2j4mW{k6xW zKmBANlYmEzDGN3DWvTia8^xMfKXX2j^I`7lRyhA2?Exu-U z9GP+}S<9ugv*4CzxMkHRBVBOk*yy;8>%jKVB9!WV)s$Lr66zMB+Cyocrk4E<|I*8T zZsEhV-?ttczAv&9N@*l8+Y^7fUO1QZ#afEv#c5!9{xmAq{2Qa1w9`f@m*cCrTCD<= zHwwq5oQTGxbaF@hlePuhBCFXGF+Fb!s$~cS%aaEAJ3Z7V%|7xI6iu&1;^lw0I!K;M z{%W+6ck`#;t{3f#=MYJ5z;KWq2nf5(?{743;96b6>bt)lM@#Z?!rJ?l&#$8B``=}8$y~mZ<+>`%3A%KfZ?oS)^tW{H`pn!w z5(RgVf}!2RS6HSOoAhH!YgFDRuA^a9EthM}h89c@)_-mN!`Dw=ur;fL`&C^C?A z)6pKZJ|le9CqFP%$JUAZ>8_>mre+Db#TK^S{0bcn0Dj zVjx0Jqzl-Hn`CJ?RR&3vHMKSnWj9D#-rgvjFB0Fg8b!{xcd3g$UhS! zwQY@I!DLFar;?Klm$@JW zRMC#`@+>f_E8vJH{<-)3v@uyE5kFqNL6|CgQ?0Os4%k2)c9ujZbyqsAeX}baA-^97 zv$~s)pN8eiAMhvpNQ_Nb$&`vK@&*f1=9sr0O>HffH`K==iafD_fo@LEWaqgLvkuR8 zLvR;k2P~e*(teJ|r+Af5?p7#yOIPAN_$!HfAq~}yFg9W6u+{fgF=+I-;jHubx(%n! ziUI`_hCy5-2A>k!mxye=2~weAuXnm6-`_(^gxN_>Y~^`>kaswha`S#I)Z8lX?yTzJ z?Sb~$cH*NuWTquPhoFsW;#s)N;2~&;AtS?fU;2urJmXjVZNc$p54@kJpfq{x%PdI**-cEV#-DXqmUmEaFL=S^?V%{aokaV zZ@!Tn71uwnWv`DZUSm9-|1I)-%C^xmyt57V)ceq1ICjXX{vOz%>ZV_e9B4?Qin&EG z(^WBQhx(HI?n_MZdb8TW+d%p+#y=o?o&D88ua)Z2it zVPqhG;J+~keZoVu`oZGLh0#E#H-R~f`9y~A%XEFbPWc_HL&z!Ns?vRPW?pI~IZ!V2 z46iRIM6`-_OLZ3Hn9OV_tmKA5PXj$kz5&cqIQ(cwfu*-3N&X8b3e+z^uvfC8IUywq zAtwPC4I$tHV$EV!edT_vL@cDOWuk}E`TorUca|tn%0M8R&q;5km*gm7A7_zzlHDX` zN$wdRH0mmQKkQs1#wht*qsH=xm?kDF*B{L21E6={kA74)746GI2)x~#IT7_rnxa3= z;2Dh%wZcgECt@%ex65}hn9Qs6*YcWDG6MbRbX+fn-`x>m5gwriZJKz&?mvCX!5PLs zl&Qh8ySrOvdruplaZiBc^*&WXUZ4^-vs#Yq4iHtVad#oA@ae`yE#2mcvL-$h(FPq5 zdDT~?Stcc2>b1`a9JfzP&J+NghcPC&{@q`{TQK}?bpYDBcGk;qw%=e!&BZo$>GED;D9o*~`HK zVf2fY-pS1cPXWPefrEH0SEL}JE#NY{&oKuZ+qoyGQT#zm-G=$sA4+G+f!^oXa4f>4 zX&|(`_$uLX#1f})8uYlKJf*(2;$exKn3|f}l?A-Mp5Eu^lm`Nr0vrJ(k#34CiBxs# zC@@aJg@Kp5gQo@t!A6p17yE}5)otX5xE*c&nUmODU+1!L10<9!|0(oW@$gu{Gp2q1 zOjbLUy!0sI5sYmS)bk}O`S^{z9AL7R(Q@jh78R`zjvGhQ8|vDpXmj_t zCHcR|x-3&<+fKKl4+LJ9XS04a0kz?;+jxQI{Bd2d4LeWYw*>CU%eNwKb<#f+<* zlMMUTAE^X-;KWbaciLBW4!R{#mAvI71;Ae?%l_0M<3HTJ`PXUYK{eFZCpl&$Im*yY zSliJJ5C77ZVTVpez3){d+b3gO|8;IVh$>v(kx5_SeOK>zOnj!Y-U7?YBVgGz#JYR; zeV(z}Bkg%69KlfeOibggZIM|8xhzk z+b3d(n0gL{4$}hDzUTwNDn-RDK8j_AV9m0DP66t|<7oM#kumY0BNm+Q!(hCjz#4)d z)8jRShW13Dry;=Cg~NFkkEVuylNwUUL`3hO$$;W2o`Jh zhDp$W!>W;oIzYg^n6YQ-iXb5Pdp8Jm!yo&(Qx!Y++k${KBjM&Wd4Q;j5-+`N;NPbn z#mTRf!eeegq2Z6N9H{XKF4Vqa`w^27vr)lYLvh#!>ku2u1oEIsbD2sSTmcF%P}b4{ zD80YE#%QDw3^ejrpUjL)s({Xdo-f6`Q6qhO6blsW|M>#OWTgN9#sr4vnG`zA4ZWBh zbF)O86sTY{dh~lB!Y*Xb@X?$5J(ZWA25E$K4cyXny*S)nY|%PVxZZn%saNb|;G?Og3opED{_a15 C$@ew@ literal 0 HcmV?d00001 diff --git a/topics/user-federation/sssd.adoc b/topics/user-federation/sssd.adoc new file mode 100644 index 0000000000..7394656a36 --- /dev/null +++ b/topics/user-federation/sssd.adoc @@ -0,0 +1,101 @@ +[[_sssd]] + +=== SSSD and FreeIPA/IdM integration + +{{book.project.name}} also comes with a built-in https://fedorahosted.org/sssd/wiki[SSSD] (_System Security +Services Daemon_) +plugin. SSSD is part of the latest Fedora or Red Hat Enterprise Linux and provides access to multiple identity and authentication providers. Plus, some benefits like failover, offline support, and more. https://fedorahosted.org/sssd/wiki/Documentation[Have a look at the docs] for +all the configuration options and more detailed explanation. + +Besides all the features mentioned, SSSD also has a very smooth integration with http://www.freeipa.org/page/Main_Page[FreeIPA/IdM] server providing authentication and +access control. On {{book.project.name}}, we benefit from this integration authenticating against http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM] services and retrieving user's data from SSSD. + +image:../../{{book.images}}/keycloak-sssd-freeipa-integration-overview.png[] + +Most of the communication between {{book.project.name}} and SSSD happens through read-only D-Bus interfaces. For this reason, the only way to provision and update users is changing it at FreeIPA/IdM admin's interface. By default, it is set up only to import username, e-mail, first name, and last name — just like the LDAP federation provider. + +Because it's easy to forget some configuration detail, let's go through some steps, to make sure that everything is alright. + +==== FreeIPA/IdM server + +As a matter of simplicity, in this guide a https://www.freeipa.org/page/Docker[FreeIPA Docker image] already available will be used. If you would like to setup a server by your own, please https://www.freeipa.org/page/Quick_Start_Guide[refer to the docs]. + +Running a FreeIPA server with Docker takes a single command: + + docker run --name freeipa-server-container -it \ + -h server.freeipa.local -e PASSWORD=YOUR_PASSWORD \ + -v /sys/fs/cgroup:/sys/fs/cgroup:ro \ + -v /var/lib/ipa-data:/data:Z adelton/freeipa-server + +The parameter `-h` with `server.freeipa.local` represents the FreeIPA/IdM server hostname. Please, make sure to change `YOUR_PASSWORD` to one of your choice. + +After container startup, change `/etc/hosts` with: + + x.x.x.x server.freeipa.local + +This is more convenient, otherwise would be necessary to setup a DNS server. + +In order to have the SSSD federation provider up and running on {{book.project.name}} we have to enroll our Linux machine into the IPA domain. + + ipa-client-install --mkhomedir -p admin -w password + +To make sure that everything is working like expected, on the client machine, try to run: + + kinit admin + +You should be prompted for the password. After that, you may be able to add users to the IPA server: + + $ ipa user-add john --first=John --last=Smith --email=john@smith.com --phone=042424242 --street="Testing street" \ --city="Testing city" --state="Testing State" --postalcode=0000000000 + +==== SSSD and D-Bus + +As mentioned before, the federation provider gets the data from SSSD via D-BUS and authentication happens using http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM]. All you have to is to run the provisioning script available at {{book.project.name}} distribution. + + $ bin/federation-sssd-setup.sh + +This script do the proper changes to `/etc/sssd/sssd.conf`: + + [domain/your-hostname.local] + ... + ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname, telephoneNumber:telephoneNumber + ... + [sssd] + services = nss, sudo, pam, ssh, ifp + ... + [ifp] + allowed_uids = root, yourOSUsername + user_attributes = +mail, +telephoneNumber, +givenname, +sn + +Also, a `keycloak` file will be included under `/etc/pam.d/`: + + auth required pam_sss.so + account required pam_sss.so + + +Check if everything is working as expected by running `dbus-send`: + + sudo dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe /org/freedesktop/sssd/infopipe org.freedesktop.sssd.infopipe.GetUserGroups string:john + +You should be able to see user's group. If this command returned a timeout or an error, it means that the federation provider also won't be able to retrieve anything on {{book.project.name}}. + +Most of the time it happens because the machine was not enrolled to FreeIPA/IdM server or you are not allowed to access SSSD service. + +If you don't have permission, please make sure that the user running {{book.project.name}}, was included at `/etc/sssd/sssd.conf` section: + + [ifp] + allowed_uids = root, your_username + +==== Enabling SSSD Federation Provider + +{{book.project.name}} uses DBus-Java under the covers to communicate at a low level with D-Bus which depends on http://www.matthew.ath.cx/projects/java/[Unix Sockets Library]. There's a RPM for this library https://github.com/keycloak/libunix-dbus-java/releases[here]. Before installing it, make sure to check the RPM signature: + + $ rpm -K libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm + libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm: + Header V4 RSA/SHA256 Signature, key ID 84dc9914: OK + Header SHA1 digest: OK (d17bb7ebaa7a5304c1856ee4357c8ba4ec9c0b89) + V4 RSA/SHA256 Signature, key ID 84dc9914: OK + MD5 digest: OK (770c2e68d052cb4a4473e1e9fd8818cf) + +After the installation, all you have to do is to configure a federated SSSD store, go to the Admin Console. Click on the User Federation left menu option. When you get to this page there is an Add Provider select box. You should see `sssd` within this list. Selecting `sssd` will bring you to the `sssd` configuration page and save it. + +Now you should be able to authenticate against {{book.project.name}} using FreeIPA/IdM credentials.