From f4f131890d62dc910cd459210e6e7402e9d7f7d1 Mon Sep 17 00:00:00 2001 From: r00t Date: Sun, 20 May 2018 10:14:48 -0400 Subject: [PATCH] i cannot believe i just wiped out an entire night's worth of work. --- TODO | 1 + bdisk/GPG.py | 45 ++ bdisk/confgen.py | 211 +++++++- bdisk/confparse.py | 5 +- docs/examples/multi_profile.xml | 35 +- docs/examples/simple_profile.xml | 55 +++ docs/examples/single_profile.xml | 29 +- docs/manual/BODY.adoc | 6 + docs/manual/BOOT.adoc | 5 + docs/manual/DEV.adoc | 5 + docs/manual/FAQ.adoc | 5 + docs/manual/FOOT.adoc | 8 + docs/manual/FURTHER.adoc | 8 + docs/manual/HEAD.adoc | 51 ++ docs/manual/TODO | 10 + docs/manual/USER.adoc | 22 + docs/manual/dev/FUNCTIONS.adoc | 24 + docs/manual/dev/functions/BCHROOT.adoc | 29 ++ docs/manual/dev/functions/BGPG.adoc | 41 ++ docs/manual/dev/functions/BSSL.adoc | 64 +++ docs/manual/dev/functions/BSYNC.adoc | 26 + docs/manual/dev/functions/BUILD.adoc | 43 ++ docs/manual/dev/functions/HOST.adoc | 42 ++ docs/manual/dev/functions/IPXE.adoc | 22 + docs/manual/dev/functions/PREP.adoc | 52 ++ docs/manual/faq/ALTERNATIVES.adoc | 83 ++++ docs/manual/faq/GETVERSION.adoc | 3 + docs/manual/faq/INDEX.adoc | 5 + docs/manual/faq/ISOBIG.adoc | 5 + docs/manual/faq/LONGTIME.adoc | 70 +++ docs/manual/faq/WHYARCH.adoc | 5 + docs/manual/further/BUGS.adoc | 18 + docs/manual/further/CONTACT.adoc | 10 + docs/manual/further/PASSWORDS.adoc | 95 ++++ docs/manual/images/fig1.1.png | Bin 0 -> 276969 bytes docs/manual/netboot/HOWTO.adoc | 128 +++++ docs/manual/user/ADVANCED.adoc | 14 + docs/manual/user/BUILDING.adoc | 13 + docs/manual/user/BUILDINI.adoc | 598 +++++++++++++++++++++++ docs/manual/user/GETTING_STARTED.adoc | 91 ++++ docs/manual/user/IMPORTANT_CONCEPTS.adoc | 51 ++ docs/manual/user/PROJECT_LAYOUT.adoc | 81 +++ docs/manual/user/advanced/AUTOLOGIN.adoc | 10 + docs/manual/user/advanced/BUILDING.adoc | 3 + docs/manual/user/advanced/DESKTOP.adoc | 30 ++ docs/manual/user/advanced/SOFTWARE.adoc | 20 + docs/manual/user/advanced/SSH.adoc | 74 +++ docs/manual/user/advanced/VPN.adoc | 13 + docs/manual/user/fslayout/BDISK.adoc | 13 + docs/manual/user/fslayout/DOCS.adoc | 15 + docs/manual/user/fslayout/EXAMPLES.adoc | 3 + docs/manual/user/fslayout/EXTRA.adoc | 21 + docs/manual/user/fslayout/OVERLAY.adoc | 13 + docs/manual/user/fslayout/PREBUILD.adoc | 13 + docs/manual/user/fslayout/TEMPLATES.adoc | 48 ++ 55 files changed, 2371 insertions(+), 19 deletions(-) create mode 100644 docs/examples/simple_profile.xml create mode 100644 docs/manual/BODY.adoc create mode 100644 docs/manual/BOOT.adoc create mode 100644 docs/manual/DEV.adoc create mode 100644 docs/manual/FAQ.adoc create mode 100644 docs/manual/FOOT.adoc create mode 100644 docs/manual/FURTHER.adoc create mode 100644 docs/manual/HEAD.adoc create mode 100644 docs/manual/TODO create mode 100644 docs/manual/USER.adoc create mode 100644 docs/manual/dev/FUNCTIONS.adoc create mode 100644 docs/manual/dev/functions/BCHROOT.adoc create mode 100644 docs/manual/dev/functions/BGPG.adoc create mode 100644 docs/manual/dev/functions/BSSL.adoc create mode 100644 docs/manual/dev/functions/BSYNC.adoc create mode 100644 docs/manual/dev/functions/BUILD.adoc create mode 100644 docs/manual/dev/functions/HOST.adoc create mode 100644 docs/manual/dev/functions/IPXE.adoc create mode 100644 docs/manual/dev/functions/PREP.adoc create mode 100644 docs/manual/faq/ALTERNATIVES.adoc create mode 100644 docs/manual/faq/GETVERSION.adoc create mode 100644 docs/manual/faq/INDEX.adoc create mode 100644 docs/manual/faq/ISOBIG.adoc create mode 100644 docs/manual/faq/LONGTIME.adoc create mode 100644 docs/manual/faq/WHYARCH.adoc create mode 100644 docs/manual/further/BUGS.adoc create mode 100644 docs/manual/further/CONTACT.adoc create mode 100644 docs/manual/further/PASSWORDS.adoc create mode 100644 docs/manual/images/fig1.1.png create mode 100644 docs/manual/netboot/HOWTO.adoc create mode 100644 docs/manual/user/ADVANCED.adoc create mode 100644 docs/manual/user/BUILDING.adoc create mode 100644 docs/manual/user/BUILDINI.adoc create mode 100644 docs/manual/user/GETTING_STARTED.adoc create mode 100644 docs/manual/user/IMPORTANT_CONCEPTS.adoc create mode 100644 docs/manual/user/PROJECT_LAYOUT.adoc create mode 100644 docs/manual/user/advanced/AUTOLOGIN.adoc create mode 100644 docs/manual/user/advanced/BUILDING.adoc create mode 100644 docs/manual/user/advanced/DESKTOP.adoc create mode 100644 docs/manual/user/advanced/SOFTWARE.adoc create mode 100644 docs/manual/user/advanced/SSH.adoc create mode 100644 docs/manual/user/advanced/VPN.adoc create mode 100644 docs/manual/user/fslayout/BDISK.adoc create mode 100644 docs/manual/user/fslayout/DOCS.adoc create mode 100644 docs/manual/user/fslayout/EXAMPLES.adoc create mode 100644 docs/manual/user/fslayout/EXTRA.adoc create mode 100644 docs/manual/user/fslayout/OVERLAY.adoc create mode 100644 docs/manual/user/fslayout/PREBUILD.adoc create mode 100644 docs/manual/user/fslayout/TEMPLATES.adoc diff --git a/TODO b/TODO index fbb2a43..ec0678d 100644 --- a/TODO +++ b/TODO @@ -8,6 +8,7 @@ - locking - for docs, 3.x (as of 3.10) was 2.4M. - GUI? at least for generating config... +- Need ability to write/parse mtree specs (or a similar equivalent) for applying ownerships/permissions to overlay files - SSL key gen: import OpenSSL diff --git a/bdisk/GPG.py b/bdisk/GPG.py index a0852be..202b62e 100644 --- a/bdisk/GPG.py +++ b/bdisk/GPG.py @@ -5,6 +5,51 @@ import gpg.errors # http://files.au.adversary.org/crypto/GPGMEpythonHOWTOen.html # https://www.gnupg.org/documentation/manuals/gpgme.pdf +# Support ECC? https://www.gnupg.org/faq/whats-new-in-2.1.html#ecc +# section 4.1, 4.2, 7.5.1, 7.5.5 in gpgme manual +# Please select what kind of key you want: +# (1) RSA and RSA (default) - 1024-4096 bits +# (2) DSA and Elgamal - 768-3072 +# (3) DSA (sign only) - 768-3072 +# (4) RSA (sign only) - 1024-4096 +# (7) DSA (set your own capabilities) - 768-3072 +# (8) RSA (set your own capabilities) - 1024-4096 +# (9) ECC and ECC - (see below) +# (10) ECC (sign only) - (see below) +# (11) ECC (set your own capabilities) - (see below) +# Your selection? 9 +# Please select which elliptic curve you want: +# (2) NIST P-256 +# (3) NIST P-384 +# (4) NIST P-521 +# (5) Brainpool P-256 +# (6) Brainpool P-384 +# (7) Brainpool P-512 +# Your selection? 10 +# Please select which elliptic curve you want: +# (1) Curve 25519 +# (3) NIST P-256 +# (4) NIST P-384 +# (5) NIST P-521 +# (6) Brainpool P-256 +# (7) Brainpool P-384 +# (8) Brainpool P-512 +# (9) secp256k1 +# gpgme key creation: +#g = gpg.Context() +#mainkey = g.create_key('test key via python ', algorithm = 'rsa4096', expires = False, +# #certify = True, +# certify = False, +# sign = False, +# authenticate = False, +# encrypt = False) +#key = g.get_key(mainkey.fpr, secret = True) +#subkey = g.create_subkey(key, algorithm = 'rsa4096', expires = False, +# sign = True, +# #certify = False, +# encrypt = False, +# authenticate = False) + class GPGHandler(object): def __init__(self, gnupg_homedir = None, key_id = None, keyservers = None): diff --git a/bdisk/confgen.py b/bdisk/confgen.py index 46f2aab..7a7f7f2 100755 --- a/bdisk/confgen.py +++ b/bdisk/confgen.py @@ -153,6 +153,8 @@ class ConfGenerator(object): self.get_iso() self.get_ipxe() self.get_pki() + self.get_gpg() + self.get_sync() except KeyboardInterrupt: exit('\n\nCaught KeyboardInterrupt; quitting...') return() @@ -296,8 +298,6 @@ class ConfGenerator(object): '\nWhat is YOUR name?\nName: ')).strip() meta_items['dev']['email'] = (input('\nWhat is your email address?' '\nemail: ')).strip() - # TODO: this always returns invalid?? and doesn't seem to trigger - # the redo if not valid.email(meta_items['dev']['email']): print('Invalid; skipping...') meta_items['dev']['email'] = None @@ -598,7 +598,10 @@ class ConfGenerator(object): build.attrib['its_full_of_stars'] = 'yes' print('\n++ BUILD || PATHS ++') # Thankfully, we can simplify a lot of this. - _dir_strings = {'cache': ('the caching directory (used for temporary ' + _dir_strings = {'base': ('the base directory (used for files that are ' + 'required for basic guest environment ' + 'support)'), + 'cache': ('the caching directory (used for temporary ' 'files, temporary downloads, etc.)'), 'chroot': ('the chroot directory (where we store ' 'the root filesystems that are converted ' @@ -795,6 +798,208 @@ class ConfGenerator(object): self.profile.append(pki) return() + def get_gpg(self): + _sigchk = False + _xpaths = ['//iso/@sign', '//ipxe/@sign'] + for x in _xpaths: + _x = self.profile.xpath(x) + for a in _x: + if a == 'yes': + _sigchk = True + break + if _sigchk: + break + if not _sigchk: + # An empty gpg element signifies a blank configuration. + lxml.etree.SubElement(self.profile, 'gpg') + return() + gpg = lxml.etree.Element('gpg') + print('\n++ GPG ++') + _gpg = None + while not _gpg: + print('\n++ GPG || KEY ID ++') + _gpg = (input('\nYou have specified GPG signing for one or more ' + 'components. If you have a key already, please ' + 'enter the key ID here; otherwise if left blank, ' + 'BDisk will generate one for you.\n' + 'Key ID: ')).upper().strip() + if _gpg == '': + _gpg = 'none' + else: + if not valid.gpgkeyID(_gpg): + print('That is not a valid GPG key ID. Retrying.') + continue + gpg.attrib['keyid'] = _gpg + print('\n++ GPG || GPG HOME DIRECTORY ++') + _gpghome = None + while not _gpghome: + _gpghome = (input('\nWhat directory should be used for the GnuPG ' + 'home directory? If left blank, BDisk will use ' + 'the system default (first checking for an ' + 'environment variable called GNUPGHOME, and ' + 'then trying the built-in ~/.gnupg directory).' + '\nGPG Home Directory: ')) + if _gpghome.strip() != '': + gpg.attrib['gnupghome'] == _gpghome + else: + _gpghome = 'none' + print('\n++ GPG || KEYSERVER PUSHING ++') + _gpgpublish = prompt.confirm_or_no(prompt = ( + '\nWould you like to push the key to the SKS keyserver pool ' + '(making it much easier for end-users to look it up)?\n'), + usage = ('{0} for yes, {1} for no...\n')) + gpg.attrib['publish'] = ('yes' if _gpgpublish else 'no') + print('\n++ GPG || PASSWORD HANDLING ++') + _gpgpass_prompt = prompt.confirm_or_no(prompt = ( + '\nWould you like BDisk to prompt you for a passphrase? If not, ' + 'you\'ll either have to include the passphrase in plaintext in ' + 'the configuration (HIGHLY unrecommended) or use a blank ' + 'passphrase (also HIGHLY unrecommended).\n'), + usage = ('{0} for yes, {1} for no...\n')) + gpg.attrib['prompt_passphrase'] = ('yes' if _gpgpass_prompt else 'no') + _pass = None + if not _gpgpass_prompt: + while not _pass: + print('\n++ GPG || PASSPHRASE ++') + _pass = getpass.getpass(( + '\nYou have specified not to use passphrase prompting for ' + 'GPG. As such, you will need to provide the passphrase. ' + 'If left blank, BDisk will assume one is not/should not ' + 'be set.\nPassphrase (will NOT echo back; type ' + 'carefully!): ')) + if _pass.strip() == '': + _pass = 'none' + elif not valid.password(_pass): + print('As a safety precaution, we are refusing to use ' + 'this password. It should entirely consist of the ' + '95 printable ASCII characters. Consult the ' + 'manual\'s section on passwords for more ' + 'information.\nLet\'s try this again, shall we?') + _pass = None + continue + else: + gpg.attrib['passphrase'] = _pass + if gpg.attrib['keyid'] == 'none': + _more_subkeys = True + while _more_subkeys: + _subkey = prompt.gpg_keygen_attribs() + subkey = lxml.etree.SubElement(gpg, 'key') + for a in _subkey['attribs']: + subkey.attrib[a] = _subkey['attribs'][a] + for e in _subkey['params']: + param = lxml.etree.SubElement(subkey, e) + param.text = _subkey['params'][e] + _more_subkeys = prompt.confirm_or_no(prompt = ( + '\nDo you want to add another subkey?\n'), + usage = ('{0} for yes, {1} for no...\n')) + self.profile.append(gpg) + return() + + def get_sync(self): + print('\n++ SYNC ++') + print('This section will allow you to configure REMOTE paths to copy ' + 'the finished products to. These are COPIES, meaning they will ' + 'exist in the destination paths you specified earlier but will ' + 'also be copied to these destinations. The difference is these ' + 'can be on a remote host and will be copied via rsync.') + _sync_chk = prompt.confirm_or_no(prompt = ( + '\nWould you like to enable remote syncing?\n'), + usage = ('{0} for yes, {1} for no...\n')) + if not _sync_chk: + elem = lxml.etree.SubElement(self.profile, 'sync') + rsync = lxml.etree.SubElement(elem, 'rsync') + rsync.attrib['enabled'] = 'no' + return() + sync = lxml.etree.Element('sync') + _syncs = {'ipxe': ('the iPXE base'), + 'tftp': ('the TFTP root'), + 'iso': ('the ISO images destination'), + 'gpg': ('the exported GPG public key')} + for s in _syncs: + print('\n++ SYNC || {0} ++'.format(s.upper())) + _item_sync_chk = prompt.confirm_or_no(prompt = ( + '\nWould you like to sync {0}?\n'.format(_syncs[s])), + usage = ('{0} for yes, {1} for no...\n')) + elem = lxml.etree.SubElement(sync, s) + elem.attrib['enabled'] = ('yes' if _item_sync_chk else 'no') + if not _item_sync_chk: + continue + if s == 'gpg': + _choices = ['ASCII', 'binary'] + _export_type = (input( + ('\nWhat type of export dump would you like to use ' + 'for the GPG public key? (You can use the first ' + 'letter only as an abbreviation; the default is ' + 'ASCII.)\n' + 'Choices:\n\n\t{0}\n\nExport type: ').format( + '\n\t'.join(_choices) + ))).strip().lower() + if _export_type.startswith('a'): + _export_type == 'asc' + elif _export_type.startswith('b'): + _export_type == 'bin' + else: + print('Using the default.') + _export_type == 'asc' + elem.attrib['format'] = _export_type + _path = None + while not _path: + _path = input( + ('\nWhere (remote path) would you like {0} to be synced?\n' + 'Path: ').format(_syncs[s])) + if _path.strip() == '': + print('Please specify a path. Retrying...') + _path = None + continue + elem.text = _path + rsync = lxml.etree.SubElement(sync, 'rsync') + print('\n++ SYNC || RSYNC ++') + _rsync = prompt.confirm_or_no(prompt = ( + '\nEnable rsync? If disabled, no syncing would be done even if ' + 'enabled by a specific item above.\n'), + usage = ('{0} for yes, {1} for no...\n')) + if not _rsync: + self.profile.append(sync) + return() + _host = (input( + '\nWhat host should we use for rsync?\nHost: ') + ).strip().lower() + if ':' in _host: + _h = _host.split(':') + _host = _h[0] + _port = _h[1] + else: + _port = None + host = lxml.etree.SubElement(rsync, 'host') + host.text = _host + while not _port: + _port = (input( + '\nWhat port should we use? (Default: 22)\nPort: ') + ).strip() + if _port == '': + _port = '22' + if not valid.integer(_port): + print('Invalid port number; try again.') + _port = None + continue + port = lxml.etree.SubElement(rsync, 'port') + port.text = _port + _user = (input( + '\nWhat user should we use for {0}?\nUser: '.format(_host) + )).strip() + while not valid.username(_user): + print('Invalid username.') + _user = (input('\nUsername: ')).strip() + user = lxml.etree.SubElement(rsync, 'user') + user.text = _user + _pubkey = input('\nWhat path should we use for the SSH private key? ' + 'Default: ~/.ssh/id_rsa\n' + 'Key path: ') + pubkey = lxml.etree.SubElement(rsync, 'pubkey') + pubkey.text = _pubkey + self.profile.append(sync) + return() + def main(): cg = ConfGenerator() cg.main() diff --git a/bdisk/confparse.py b/bdisk/confparse.py index def5ab7..2cc271e 100644 --- a/bdisk/confparse.py +++ b/bdisk/confparse.py @@ -37,8 +37,9 @@ class Conf(object): You can provide any combination of these (e.g. "profile={'id': 2, 'name' = 'some_profile'}"). """ - self.raw = _detect_cfg(cfg) - self.profile = profile + #self.raw = _detect_cfg(cfg) # no longer needed; in utils + self.xml_suppl = utils.xml_supplicant(cfg, profile = profile) + self.profile = self.xml_suppl self.xml = None self.profile = None # Mad props to https://stackoverflow.com/a/12728199/733214 diff --git a/docs/examples/multi_profile.xml b/docs/examples/multi_profile.xml index c8325f6..1b10071 100644 --- a/docs/examples/multi_profile.xml +++ b/docs/examples/multi_profile.xml @@ -70,6 +70,7 @@ + {variable%bdisk_root}/base {variable%bdisk_root}/cache {variable%bdisk_root}/chroots {variable%bdisk_root}/overlay @@ -134,11 +135,21 @@ - + + + + + {xpath%../../../../meta/dev/author/text()} + {xpath%../../../../meta/dev/email/text()} + for {xpath%../../../../meta/names/pname/text()} [autogenerated] | {xpath%../../../../meta/uri/text()} | {xpath%../../../../meta/desc/text()} + + - /srv/http/{xpath%../../meta/names/uxname/text()} - /tftproot/{xpath%../../meta/names/uxname/text()} - /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()} + /tftproot/{xpath%../../meta/names/uxname/text()} + /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()}/pubkey.asc root mirror.domain.tld @@ -200,6 +211,7 @@ + {variable%bdisk_root}/base {variable%bdisk_root}/cache {variable%bdisk_root}/chroots {variable%bdisk_root}/overlay @@ -250,11 +262,18 @@ - + + + {xpath%../../../../meta/dev/author/text()} + {xpath%../../../../meta/dev/email/text()} + for {xpath%../../../../meta/names/pname/text()} [autogenerated] | {xpath%../../../../meta/uri/text()} | {xpath%../../../../meta/desc/text()} + + - /srv/http/{xpath%../../meta/names/uxname/text()} - /tftproot/{xpath%../../meta/names/uxname/text()} - /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()} + /tftproot/{xpath%../../meta/names/uxname/text()} + /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()}/pubkey.asc root mirror.domain.tld diff --git a/docs/examples/simple_profile.xml b/docs/examples/simple_profile.xml new file mode 100644 index 0000000..159076f --- /dev/null +++ b/docs/examples/simple_profile.xml @@ -0,0 +1,55 @@ + + + + + + BDISK + BDisk + BDisk + + A rescue/restore live environment. + + A. Dev Eloper + dev@domain.tld + https://domain.tld/~dev + + https://domain.tld/projname + 1.0.0 + 5 + + + + + testpassword + + + + http://archlinux.mirror.domain.tld + /iso/latest + archlinux-bootstrap-2018.05.01-x86_64.tar.gz + + + + + + + /tmp/bdisk/base + /tmp/bdisk/cache + /tmp/bdisk/chroots + /tmp/bdisk/overlay + /tmp/bdisk/templates + /mnt/bdisk + /tmp/bdisk/distros + /tmp/bdisk/results + /tmp/bdisk/iso_overlay + /tmp/bdisk/http + /tmp/bdisk/tftp + /tmp/bdisk/pki + + archlinux + + + + + + diff --git a/docs/examples/single_profile.xml b/docs/examples/single_profile.xml index fb8c217..8e56487 100644 --- a/docs/examples/single_profile.xml +++ b/docs/examples/single_profile.xml @@ -61,7 +61,8 @@ http://archlinux.mirror.domain.tld /iso/latest {regex%tarball_x86_64} - sha1sums.txt + sha1sums.txt {regex%sig_x86_64} @@ -70,7 +71,8 @@ http://archlinux32.mirror.domain.tld /iso/latest {regex%tarball_i686} - cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e + cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e {regex%sig_i686} @@ -78,6 +80,7 @@ + {variable%bdisk_root}/base {variable%bdisk_root}/cache {variable%bdisk_root}/chroots {variable%bdisk_root}/overlay @@ -146,11 +149,25 @@ - + + + + + {xpath%../../../../meta/dev/author/text()} + {xpath%../../../../meta/dev/email/text()} + for {xpath%../../../../meta/names/pname/text()} [autogenerated] | {xpath%../../../../meta/uri/text()} | {xpath%../../../../meta/desc/text()} + + - /srv/http/{xpath%../../meta/names/uxname/text()} - /tftproot/{xpath%../../meta/names/uxname/text()} - /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()} + /tftproot/{xpath%../../meta/names/uxname/text()} + /srv/http/isos/{xpath%../../meta/names/uxname/text()} + /srv/http/{xpath%../../meta/names/uxname/text()}/pubkey.asc root mirror.domain.tld diff --git a/docs/manual/BODY.adoc b/docs/manual/BODY.adoc new file mode 100644 index 0000000..a40408e --- /dev/null +++ b/docs/manual/BODY.adoc @@ -0,0 +1,6 @@ +include::USER.adoc[] +include::DEV.adoc[] +include::BOOT.adoc[] +include::FURTHER.adoc[] +include::FAQ.adoc[] +//include::FOOT.adoc[] diff --git a/docs/manual/BOOT.adoc b/docs/manual/BOOT.adoc new file mode 100644 index 0000000..980038a --- /dev/null +++ b/docs/manual/BOOT.adoc @@ -0,0 +1,5 @@ += Netboot + +It's possible to netboot my personal build of BDisk (or any environment built with BDisk, but this serves as an example for your own setup). I mostly keep this up for emergencies in case I need it, but it's good to show you that yes, you can boot a 2GB+ squashed and compressed filesystem from a <50MB image file. + +include::netboot/HOWTO.adoc[] diff --git a/docs/manual/DEV.adoc b/docs/manual/DEV.adoc new file mode 100644 index 0000000..ea48e81 --- /dev/null +++ b/docs/manual/DEV.adoc @@ -0,0 +1,5 @@ += Developer Manual + +BDisk can be sourced for other projects, as it's written in a modular manner. Version 4.x aims to be installable as a standard Python module. This developer manual intends to provide information you may need to change parts of BDisk (or change how it behaves) -- it *is* opensource, after all! + +include::dev/FUNCTIONS.adoc[] diff --git a/docs/manual/FAQ.adoc b/docs/manual/FAQ.adoc new file mode 100644 index 0000000..4e27265 --- /dev/null +++ b/docs/manual/FAQ.adoc @@ -0,0 +1,5 @@ += FAQ + +Here you will find some answers to Frequently Asked Questions I've received about this project. Please be sure to check this list before <> or sending a patch! + +include::faq/INDEX.adoc[] diff --git a/docs/manual/FOOT.adoc b/docs/manual/FOOT.adoc new file mode 100644 index 0000000..13ce12f --- /dev/null +++ b/docs/manual/FOOT.adoc @@ -0,0 +1,8 @@ +//[appendix] +//= User Manual +//[appendix] +//= Developer Manual +//[appendix] +//= Netboot +//[appendix] +//= Bug Reports/Feature Requests \ No newline at end of file diff --git a/docs/manual/FURTHER.adoc b/docs/manual/FURTHER.adoc new file mode 100644 index 0000000..d2f69be --- /dev/null +++ b/docs/manual/FURTHER.adoc @@ -0,0 +1,8 @@ += Further Reading/Resources + +Here you will find further info, other resources, and such relating to BDisk. + +include::further/PASSWORDS.adoc[] +include::further/BUGS.adoc[] +include::further/CONTACT.adoc[] + diff --git a/docs/manual/HEAD.adoc b/docs/manual/HEAD.adoc new file mode 100644 index 0000000..8caa0d3 --- /dev/null +++ b/docs/manual/HEAD.adoc @@ -0,0 +1,51 @@ += BDisk User and Developer Manual +Brent Saner +v2.0, 2018-05 +:doctype: book +:data-uri: +:imagesdir: images +:sectlinks: +:toc: preamble +:toc2: left +:idprefix: +:sectnums: +:toclevels: 2 +// So there's currently a "bug" in that the TOC will display with continued numbering across parts. +// I essentially want the opposite of https://github.com/asciidoctor/asciidoctor/issues/979 TODO + +[dedication] += Thanks +See CREDITS in the project source for a list of thanks. + + +[preface] += Preface +=== About the Author +I am a GNU/Linux Systems/Network Administrator/Engineer- I wear a lot of hats. I have a lot of side projects to keep me busy when I’m not working at _${dayjob}_, mostly to assist in other side projects and become more efficient and proficient at those tasks. “Shaving the yak,” footnote:[See http://catb.org/jargon/html/Y/yak-shaving.html] indeed. + +A lot of research went into how low-level boot operations take place when writing BDisk, both in BIOS and UEFI footnote:[*Unified Extensible Firmware Interface.* UEFI is not BIOS, and BIOS is not UEFI.] (and corresponding concepts such as Secureboot, etc.) which is no easy task to understand and very commonly misunderstood. (For instance, a common misconception is that UEFI necessarily implies Secureboot. This is quite far from the truth and UEFI by itself is quite a useful replacement for BIOS). I invite you to do research into the specifications yourself; it's rather fascinating. + + +=== What is BDisk? +BDisk refers to both a live distribution I use in my own uses (for rescue situations, recovery, etc.) but foremost and most importantly, it also refers to the tool I use for building that distribution. In other words, it's both a complete GNU/Linux distribution you can run entirely from USB/CD/DVD/etc. (without needing to install it to your hard drive)... and also the name of a tool to create a custom GNU/Linux install. The latter is what this project and documentation refer to when the word “BDisk” is used. + +This documentation was started when I rewrote BDisk in Python 3.x; versions 0.x-2.x of BDisk were written in Bash, and horribly inelegant and rigid. It was a valiant effort, and *mostly* worked. Until it stopped working. To my knowledge, it is (or was) in use by https://ninjaos.org[NinjaOS^] as well as a project for education purposes in Indonesia, though I imagine it's in use other places as well. Ideally it should help those wishing to offer specialized GNU/Linux live media or install CDs. + +Version 4.x is an entire rewrite to be much more modular and implement a much more flexible structure based on feature requests that have accumulated over time. footnote:[I should take the time to note that I am still quite new to Python so expect there to be plenty of optimizations to be made and general WTF-ery from seasoned Python developers. If you encounter any bugs or improvements, please <>! It'd be much appreciated.] + +One of my main goals was to make BDisk as easy to use as possible. This is surprisingly hard to do- it’s quite challenging to try to approach software you’ve written with the mindset of someone other than you. + +It’s my hope that by releasing this utility (and documenting it), you can use it and save some time for yourself as well (and hopefully get the chance to learn a bit more in the process!). + +It of course is not the <> out there, but most others only focus on remastering an existing ISO, or creating an installer ISO -- not creating a custom live-centric environment. + +=== Copyright/Licensing +The BDisk code is https://www.gnu.org/licenses/gpl-3.0.en.html[GPLv3-licensed^]. This means that you can use it for business reasons, personal reasons, modify it, etc. Please be sure to familiarize yourself with the full set of terms. You can find the full license in `docs/LICENSE`. + +image::https://www.gnu.org/graphics/gplv3-127x51.png[GPLv3,align="center"] + +This document, and all other associated author-generated documentation, are released under the http://creativecommons.org/licenses/by-sa/4.0/[Creative Commons CC-BY-SA 4.0^] copyright. It's essentially the GPL for non-software, so similar terms apply. + +image::https://i.creativecommons.org/l/by-sa/4.0/88x31.png[CC-BY-SA_4.0,align="center"] + +include::BODY.adoc[] \ No newline at end of file diff --git a/docs/manual/TODO b/docs/manual/TODO new file mode 100644 index 0000000..46f2589 --- /dev/null +++ b/docs/manual/TODO @@ -0,0 +1,10 @@ +- dev/{FUNCTIONS.adoc,functions/} + need to update with new subpackages/functions etc. + +- script macOS tool for imaging to USB? + +- in faq/LONGTIME.adoc, in ==== Configuring the local mirror and ==== Configuring BDisk, mirrorlist should be part of the archlinux plugin - NOT a distributed hardcoded file. (can we then get rid of entirely?) + +- in faq/ISOBIG.adoc and the doc section it references, make sure we reference that the package lists are now in the environment plugin! + +- change all references to build.ini to something like "BDisk configuration file" \ No newline at end of file diff --git a/docs/manual/USER.adoc b/docs/manual/USER.adoc new file mode 100644 index 0000000..9a11e35 --- /dev/null +++ b/docs/manual/USER.adoc @@ -0,0 +1,22 @@ += User Manual + +BDisk was ultimately designed to make your life easier. "Why would I possibly need yet another LiveCD/LiveUSB?" Well, that's sort of the point- by customizing a live distribution of GNU/Linux to _your_ particular needs/desires/whimsy, you can do away with the multiple other images you keep around. It's designed to let you create a fully customized distribution/live environment. + +Using BDisk, you can: + +* Install GNU/Linux (https://wiki.archlinux.org/index.php/installation_guide[Arch^], https://watchmysys.com/blog/2015/02/installing-centos-7-with-a-chroot/[CentOS^], https://www.debian.org/releases/stable/amd64/apds03.html.en[Debian^], https://wiki.gentoo.org/wiki/Handbook:AMD64#Installing_Gentoo[Gentoo^], https://help.ubuntu.com/lts/installation-guide/powerpc/apds04.html[Ubuntu^]...). BDisk's flagship and guaranteed guest distro may be Arch-based, but many if not most other distros offer ways to install from any GNU/Linux live distribution. Plus, with the 4.x rewrite, it is possible to add support for any modern GNU/Linux guest distro. +** This means one could easily create an http://aif.square-r00t.net/[automated Arch install ISO^], or Gentoo installer, etc. +* Perform disk maintenance (https://raid.wiki.kernel.org/index.php/RAID_setup[mdadm^], fdisk / http://www.rodsbooks.com/gdisk/[gdisk^], http://gparted.org/[gparted^], https://www.thomas-krenn.com/en/wiki/StorCLI[storcli^], etc.). Need to replace that disk in your RAID and you don't have hotswap? Not a problem! +* Rescue, recover, wipe (http://www.sleuthkit.org/sleuthkit/[scalpel^], http://www.andybev.com/index.php/Nwipe[nwipe^], http://foremost.sourceforge.net/[foremost^], etc.). Chances are this is why you booted a live distro in the first place, yes? +* Boot over the Internet (or LAN). Burning a new image to CD/DVD/USB is a pain. BDisk has built-in support for http://ipxe.org/[iPXE^] (and traditional PXE setups). Update the filesystem image once, deploy it everywhere. +* And much, much more. +** Seriously. + +This manual will give you the information you need to build your very own live GNU/Linux distribution. + +include::user/GETTING_STARTED.adoc[] +include::user/IMPORTANT_CONCEPTS.adoc[] +include::user/PROJECT_LAYOUT.adoc[] +include::user/BUILDINI.adoc[] +include::user/ADVANCED.adoc[] +include::user/BUILDING.adoc[] diff --git a/docs/manual/dev/FUNCTIONS.adoc b/docs/manual/dev/FUNCTIONS.adoc new file mode 100644 index 0000000..e75c5ca --- /dev/null +++ b/docs/manual/dev/FUNCTIONS.adoc @@ -0,0 +1,24 @@ +== Layout of BDisk functions +These functions exist in <<_bdisk_,`bdisk/`>>. + +include::functions/BCHROOT.adoc[] + +=== `bdisk.py` +This file is a sort of "wrapper" -- it pulls all the other files in this directory together into a single usable Python script. In other words, to build a BDisk distribution, you would simply run `bdisk/bdisk.py` -- that's it! See <>. + +It contains no functions, it just contains minimal logic to tie all the other functions together. + +include::functions/BGPG.adoc[] + +include::functions/BSSL.adoc[] + +include::functions/BSYNC.adoc[] + +include::functions/BUILD.adoc[] + +include::functions/HOST.adoc[] + +include::functions/IPXE.adoc[] + +include::functions/PREP.adoc[] + diff --git a/docs/manual/dev/functions/BCHROOT.adoc b/docs/manual/dev/functions/BCHROOT.adoc new file mode 100644 index 0000000..da87a28 --- /dev/null +++ b/docs/manual/dev/functions/BCHROOT.adoc @@ -0,0 +1,29 @@ +=== `bchroot.py` +This file controls creation of the chroots -- the directories in which BDisk builds the actual system that is booted into. + +==== chroot(_chrootdir_, _chroot_hostname_, _cmd_ = '`/root/pre-build.sh`') +This function manages mounting the mountpoints for the chroot(s) in preparation for the images of the live media. It also runs <>. Returns `chrootdir` (same as the paramater provided). + +===== chrootdir +The directory where the filesystem tree for the chroot lies. Absolute path only. + +===== chroot_hostname +The hostname to use for the guest. + +NOTE: This paramater may be removed in future versions. + +===== cmd +The command to run inside the chroot once all the mountpoints are set up. + +==== chrootUnmount(_chrootdir_) +Unmount the mounts set up in <>. + +===== chrootdir +See <>. + +==== chrootTrim(_build_) +This function performs some cleanup and optimizations to the chroot(s). + +===== build +A dictionary of <>'s values (with some additional keys/values added). See <>. + diff --git a/docs/manual/dev/functions/BGPG.adoc b/docs/manual/dev/functions/BGPG.adoc new file mode 100644 index 0000000..d5ae2cc --- /dev/null +++ b/docs/manual/dev/functions/BGPG.adoc @@ -0,0 +1,41 @@ +=== `bGPG.py` +This contains functions having to do with GPG -- signing files, verifying other signatures, generating a key (if one wasn't specified), using a key (if one was specified), etc. + +==== genGPG(_conf_) +This function controls generating (or "importing" an existing) GnuPG key for use with other operations. Returns `gpg`, a <> object. + +===== conf +A dictionary of the <> (with some additional keys/values added). See (TODO: link to host.py's config parser). + +==== killStaleAgent(_conf_) +This function kills off any stale GnuPG agents running. Not doing so can cause some strange behaviour both during the build process and on the host. + +===== conf +See <>. + +==== signIMG(_path_, _conf_) +This function signs a given file with the keys BDisk was either configured to use or automatically generated. + +===== path +The full, absolute path to the file to be signed. An https://www.gnupg.org/gph/en/manual/r1290.html[ASCII-armored^] https://www.gnupg.org/gph/en/manual/x135.html[detached^] signature (plaintext) will be generated at `_path_.asc`, and a binary detached signature will be generated at `_path_.sig`. + +===== conf +See <>. + +==== gpgVerify(_sigfile_, _datafile_, _conf_) +This function verifies a detatched signature against a file containing data. Returns *True* if the file verifies, or *False* if not. + +===== sigfile +The detached signature file. Can be ASCII-armored or binary format. Full/absolute path only. + +===== datafile +The file containing the data to be verified. Full/absolute path only. + +===== conf +See <>. + +==== delTempKeys(_conf_) +Delete automatically-generated keys (if we generated them) as well as the automatically imported verification key (<>). + +===== conf +See <>. diff --git a/docs/manual/dev/functions/BSSL.adoc b/docs/manual/dev/functions/BSSL.adoc new file mode 100644 index 0000000..fdfbbe2 --- /dev/null +++ b/docs/manual/dev/functions/BSSL.adoc @@ -0,0 +1,64 @@ +=== `bSSL.py` +Functions having to do with OpenSSL are stored here. This is used primarily for "mini" builds (via iPXE), they let you boot your BDisk distribution over the Internet. If an SSL key, CA certificate, etc. weren't defined and you want to build a mini image, this file contains functions that will build an SSL PKI (public key infrastructure) for you automatically. + +==== verifyCert(_cert_, _key_, _CA_ = None) +This function will verify a certificate's validity/pairing with a key, optionally against a given CA certificate. Returns *True* on successful verification, or *False* and an exit (for sanity purposes). + +===== cert +The certificate to be validated. Must be a PyOpenSSL certificate object. + +===== key +The key to validate against <>. Must be a PyOpenSSL key object. + +===== CA +The CA, or certificate authority, certificate to verify against. + +NOTE: This currently does not work, as PyOpenSSL does not currently support verifying against a specified CA certificate. + +==== sslCAKey(_conf_) +This function imports a CA key (<>) into a PyOpenSSL object (or generates one if necessary). Returns a PyOpenSSL key object. + +===== conf +See <>. + +==== sslCA(_conf_, _key_ = None) +This function imports a CA certificate (<>) into a PyOpenSSL object (or generates one if necessary). Returns a PyOpenSSL certificate object. + +===== conf +See <>. + +===== key +A PyOpenSSL key object that should be used to generate the CA certificate (or is paired to the CA certificate if specified). + +==== sslCKey(_conf_) +This function imports a client key (<>) into a PyOpenSSL object (or generates one if necessary). Returns a PyOpenSSL key object. + +===== conf +See <>. + +==== ssslCSR(_conf_, _key_ = None) +This function generates a CSR (certificate signing request). + +===== conf +See <>. + +===== key +A PyOpenSSL key object that should be used to generate the CSR. It should be a key that is paired to the client certificate. + +==== sslSign(_conf_, _ca_, _key_, _csr_) +This function signs a CSR using a specified CA. + +===== conf +See <>. + +===== ca +A PyOpenSSL certificate object for the CA certificate. This certificate (object) should have signing capabilities. + +===== key +A PyOpenSSL key object paired to <>. + +===== csr +A PyOpenSSL CSR object. See <>. + +==== sslPKI(_conf_) +Ties all the above together into one convenient function. Returns a PyOpenSSL certificate object of the signed client certificate. \ No newline at end of file diff --git a/docs/manual/dev/functions/BSYNC.adoc b/docs/manual/dev/functions/BSYNC.adoc new file mode 100644 index 0000000..78f4cf6 --- /dev/null +++ b/docs/manual/dev/functions/BSYNC.adoc @@ -0,0 +1,26 @@ +=== `bsync.py` +This file has functions relating to copying your BDisk build to various resources. For instance, if you want your ISO available to download then this file would be used to copy your finished build to an HTTP server/root you specify. + +==== http(_conf_) +This function prepares a *local* HTTP directory, or webroot. See <>. + +===== conf +See <>. + +==== tftp(_conf_) +This function prepares a *local* TFTP directory (for traditional PXE). See <>. + +===== conf +See <>. + +==== git(_conf_) +This function commits (and pushes) any changes you might have made to your project (<>) automatically. + +===== conf +See <>. + +==== rsync(_conf_) +This function syncs your builds, HTTP directory (if enabled), TFTP directory (if enabled), etc. to a remote host. See <>. + +===== conf +See <>. diff --git a/docs/manual/dev/functions/BUILD.adoc b/docs/manual/dev/functions/BUILD.adoc new file mode 100644 index 0000000..cc3cb3d --- /dev/null +++ b/docs/manual/dev/functions/BUILD.adoc @@ -0,0 +1,43 @@ +=== `build.py` +This is responsible for building the "full" ISO, building UEFI support, etc. + +==== genImg(_conf_) +This function builds the http://tldp.org/HOWTO/SquashFS-HOWTO/creatingandusing.html[squashed filesystem^] images and, <>, signs them. + +===== conf +See <>. + +==== genUEFI(_build_, _bdisk_) +This function builds UEFI support for the ISO files. Returns the path of an embedded EFI bootable binary/ESP image. + +===== build +The <> of the configuration. + +===== bdisk +The <> of the configuration. + +==== genISO(_conf_) +Builds the full ISO image(s). Returns a dictionary of information about the built ISO file (see <>). + +===== conf +See <>. + +==== displayStats(_iso_) +Parses the output of e.g. <> and displays in a summary useful to the end-user. + +===== iso +A dictionary of information about the ISO file. This is typically: + + {'iso': + {'name':<'Main' for the full ISO, 'Mini' for the mini ISO, etc.>}, + {: + 'sha':, + 'file':, + 'size':, + 'type':, + 'fmt': + } + } + +==== cleanUp() +Currently a no-op; this function is reserved for future usage to cleanup the build process automatically. \ No newline at end of file diff --git a/docs/manual/dev/functions/HOST.adoc b/docs/manual/dev/functions/HOST.adoc new file mode 100644 index 0000000..a7198ec --- /dev/null +++ b/docs/manual/dev/functions/HOST.adoc @@ -0,0 +1,42 @@ +=== `host.py` +These functions are used to perform "meta" tasks such as get information about the build host, find <>, and parse your configuration options. + +==== getOS() +Returns the distribution of the build host. + +==== getBits() +Returns the "bitness" of the build host (e.g. `32bit` or `64bit`) + +==== getHostname() +Returns the hostname of the build host. + +==== getConfig(_conf_file_ = '/etc/bdisk/build.ini') +Returns a list of: + +. the default configuration file +. the user-specified configuration file + +===== conf_file +This is a full/absolute path that is searched first. If it exists and is a file, it is assumed to be the "canonical" <>. + +==== parseConfig(_confs_) +This function parses the configuration file(s) and returns a list of: + +. A ConfigParser object +. The configuration as a dictionary + +It performs some additional things, such as: + +* Converts "boolean" operations to true Python booleans +* Tries to automatically detect the version if one isn't provided +* Establishes the build number (this is a number that should be local to the build host) +* Forms a list of the <> to build +* Validates: +** The bootstrap tarball mirror +** The rsync destination (if <>) +** The iPXE remote URI (if <>) +** That <> is correctly set +* Makes prerequisite directories + +===== confs +A list of configuration files. See <>. \ No newline at end of file diff --git a/docs/manual/dev/functions/IPXE.adoc b/docs/manual/dev/functions/IPXE.adoc new file mode 100644 index 0000000..ee72faa --- /dev/null +++ b/docs/manual/dev/functions/IPXE.adoc @@ -0,0 +1,22 @@ +=== `ipxe.py` +This file handles building the "mini" ISO via iPXE. + +==== buildIPXE(_conf_) +This function builds the iPXE core files. + +===== conf +See <>. + +==== genISO(_conf_) +This function builds the mini ISO (if <>). Returns a dictionary of information about the built ISO file (see <>). + +===== conf +See <>. + +==== tftpbootEnv(_conf_) +This function configures a TFTP boot/root directory for traditional PXE setups. + +NOTE: This function currently is a no-op; it will be implemented in future versions. + +===== conf +See <>. diff --git a/docs/manual/dev/functions/PREP.adoc b/docs/manual/dev/functions/PREP.adoc new file mode 100644 index 0000000..be71025 --- /dev/null +++ b/docs/manual/dev/functions/PREP.adoc @@ -0,0 +1,52 @@ +=== `prep.py` +This contains functions that download the base tarball releases, preps them for <>, builds necessary directory structures, and performs the overlay preparations. + +==== dirChk(_conf_) +This function creates extra directories if needed. + +===== conf +See <>. + +==== downloadTarball(_conf_) +This function downloads the tarball (<>) from the <>, and performs verifications (SHA1 and GPG signature <>). Returns the full/absolute path to the downloaded tarball. + +===== conf +See <>. + +==== unpackTarball(_tarball_path_, _build_, _keep_ = False) +This function extracts the tarball downloaded via <>. + +===== tarball_path +The full/absolute path to the downloaded tarball. + +===== build +See <>. + +===== keep +`True` or `False`. Whether we should keep the downloaded tarball after unpacking/extracting. If your upstream tarball changes often enough, it's recommended to set this to `False`. However, setting it to `True` can speed up the build process if you're on a slower Internet connection. + +==== buildChroot(_conf_, _keep_ = False) +This incorporates <> and <> into one function, as well as applying the <> directory (and the <>). + +===== conf +See <>. + +===== keep +See <>. + +==== prepChroot(_conf_) +Returns a modified/updated <>. This function: + +. Prepares some variables that <> needs inside the chroot(s) +. Builds <> +. Updates the build number +. Imports the <> + +===== conf +See <>. + +==== postChroot(_conf_) +This function applies the <> directory (and the <>). + +===== conf +See <>. diff --git a/docs/manual/faq/ALTERNATIVES.adoc b/docs/manual/faq/ALTERNATIVES.adoc new file mode 100644 index 0000000..c67a2f1 --- /dev/null +++ b/docs/manual/faq/ALTERNATIVES.adoc @@ -0,0 +1,83 @@ +== I don't like BDisk. Are there any other alternatives? +First, I'm sorry to hear that BDisk doesn't suit your needs. If you want any features you think are missing or encounter any <>, please report them! + +But yes; there are plenty of alternatives! I encourage you to search for yourself, but I've tried to be as impartial as I can for the below. + +NOTE: Only *currently maintained projects* are listed here. + +=== https://wiki.archlinux.org/index.php/archboot[Archboot^] +Written in Bash +[frame="topbot",options="header,footer"] +|====================== +|Pros|Cons +|Highly featureful|Arch-only live media +|Includes an assisted Arch install script|Inaccessible to non-Arch users +|Can create tarballs too|Not very customizable by default +|Supports hybrid ISOs|Infrequent stable releases +|Supports PXE-booting infrastructure|Requires a systemd build host +|Supports SecureBoot|Not a secure setup by default +|Supports GRUB2's "ISO-loopback" mode|Builds a much larger image +|Official Arch project|Some graphical bugs +||Much more disk space is necessary for the tool itself +||*Only* runs in RAM, so not ideal for RAM-constrained systems +||Based on/requires an Arch build host +||Requires an x86_64 build host +||Has a large amount of dependencies +||Manual intervention required for build process +||Minimal documentation +|| +|====================== + +=== https://wiki.archlinux.org/index.php/archiso[Archiso^] +Written in Bash. +[frame="topbot",options="header,footer"] +|====================== +|Pros|Cons +|Used to build the official Arch ISO|Requires an x86_64 build host +|Supports custom local on-disk repositories|Not very featureful as far as customization goes +|Supports arbitrary file placement in finished image|Requires an Arch build host +|Supports hybrid ISOs|Has odd quirks with package selection +|Supports Secureboot|Manual intervention required for build process +|Official Arch project|Does not start networking by default +|Can run in RAM or from media|Very minimal environment +||Arch-only live meda +||Documentation is lacking +|| +|====================== + +=== Debian's https://wiki.debian.org/Simple-CDD[Simple-CDD^] +Written in Bash (some Python). +[frame="topbot",options="header,footer"] +|====================== +|Pros|Cons +|Supports custom packages to be installed|Very limited -- no customization beyond package listing +|Lightweight; quick to set up|Takes a long time for preparation; requires a clone of many .deb packages first. +||Doesn't seem to work as according to https://wiki.debian.org/Simple-CDD/Howto[the documentation^] +||Documentation is sparse +||Full featureset unknown due to ISO not building on Debian Jessie (8.0) +|| +|====================== + +=== Fedora's https://fedoraproject.org/wiki/Livemedia-creator-_How_to_create_and_use_a_Live_CD[Livemedia-creator^] +Written in Bash. +[frame="topbot",options="header,footer"] +|====================== +|Pros|Cons +|Somewhat customizable|Requires manual initialization of chroot(s) via https://github.com/rpm-software-management/mock/wiki[mock^] +|Uses kickstart configurations|*Requires* a kickstart configuration in order to be useful +|Simple/easy to use|Full featureset unknown; documentation is sparse +||Limited configuration/customization +|| +|====================== + +=== https://github.com/rhinstaller/livecd-tools[LiveCD Tools^] +Written in Python 2, some Bash. +[frame="topbot",options="header,footer"] +|====================== +|Pros|Cons +|Can use kickstarts|*Requires* a kickstart configuration +|Simple/easy to use to use|Limited configuration/customization +|Automatically builds chroots|Full featureset unknown; documentation is sparse +|| +|====================== + diff --git a/docs/manual/faq/GETVERSION.adoc b/docs/manual/faq/GETVERSION.adoc new file mode 100644 index 0000000..5bf2441 --- /dev/null +++ b/docs/manual/faq/GETVERSION.adoc @@ -0,0 +1,3 @@ +== How do I get the version/build of an ISO? +This can be found in a multitude of places. The full-size ISO file should have the version right in the filename. If you want more detailed information (or perhaps you renamed the file), you can mount the ISO as loopback in GNU/Linux, *BSD, or Mac OS X/macOS and check `/path/to/mounted/iso/VERSION_INFO.txt`. Lastly, within the runtime itself (especially handy if booting via iPXE), you can check `/root/VERSION_INFO.txt` to get information about the build of the currently running live environment. + diff --git a/docs/manual/faq/INDEX.adoc b/docs/manual/faq/INDEX.adoc new file mode 100644 index 0000000..93dd466 --- /dev/null +++ b/docs/manual/faq/INDEX.adoc @@ -0,0 +1,5 @@ +include::WHYARCH.adoc[] +include::LONGTIME.adoc[] +include::ISOBIG.adoc[] +include::GETVERSION.adoc[] +include::ALTERNATIVES.adoc[] diff --git a/docs/manual/faq/ISOBIG.adoc b/docs/manual/faq/ISOBIG.adoc new file mode 100644 index 0000000..f24d0cf --- /dev/null +++ b/docs/manual/faq/ISOBIG.adoc @@ -0,0 +1,5 @@ +== Why is the ISO so large? +This actually entirely depends on what <> (and if you're building a <>). The default list is quite large. + +If you build a minimal ISO (i.e. only the necessary components required for booting and nothing else, single-arch), the ISO is only about 570MB (but work is being done to make this even smaller). + diff --git a/docs/manual/faq/LONGTIME.adoc b/docs/manual/faq/LONGTIME.adoc new file mode 100644 index 0000000..8145871 --- /dev/null +++ b/docs/manual/faq/LONGTIME.adoc @@ -0,0 +1,70 @@ +== Why does building take so long? +This typically occurs when you're building from within a LiveCD/LiveUSB situation, in a VM/container/etc., or on a headless server. If this is the case, you may run into what appears to be "stalling", especially while keys are generating for the chroots. Thankfully, there is an easy fix. You can install http://www.issihosts.com/haveged/[haveged^] and run it (this can be done safely while a build is executing). This will show an immediate and non-negligible improvement for the above contexts. If you have extra processing power to throw at the build process (or are using a dedicated build box) as well, I recommend enabling <>. BDisk will then be more aggressive with its resource consumption. + +=== Running a local mirror +Keep in mind also that the more packages you opt to install, the longer the build process will take. This process will also use quite a fair bit of bandwidth. If you plan on building regular images (e.g. nightly builds, etc.) or are undergoing some custom change testing, I recommend running a private repository mirror on-site. For Arch-based builds, this will not store AUR packages, as those will still be fetched and built (documentation on working around this is TODO) but setting up a local mirror is quite quick and easy. We'll of course use Arch as an example since that's the default guest environment (though I have a https://git.square-r00t.net/OpTools/tree/centos/repoclone[script^] for CentOS as well). + +First, you'll need at least 90Gb of free disk space. Let's say our repository clone will be at `/srv/repo/arch/`. + +You'll also need to find an Arch mirror, ideally one close to you that is up-to-date. The https://www.archlinux.org/mirrorlist/[mirrorlist generator^] and https://www.archlinux.org/mirrors/[mirror list^] will assist you here greatly. + +NOTE: You'll need to find a mirror that supports _rsync_. + +TIP: You can use ANY distro to run a repository mirror, as long as it has _rsync_ installed! + +==== Set up the sync + +I have https://git.square-r00t.net/OpTools/tree/arch/repoclone.py[written a script^] that does the heavy-lifting! https://git.square-r00t.net/OpTools/plain/arch/repoclone.py[Download it^] and mark it as executable (`chmod +x repoclone.py`). Make sure you read the --help option and edit `~/.config/optools/repoclone/arch.ini`. + +Assuming you want to run the sync script every 6 hours, this is the cron entry you would use (`crontab -e`): + + 0 */6 * * * /path/to/repoclone.py + +The first sync can take quite a while, but subsequent runs shouldn't take more than five minutes or so (depending on how many updates are available). + +==== Configuring the local mirror +You'll need a way to serve this local mirror in a way pacman can understand. Luckily, it's fairly easy. I recommend using https://www.nginx.com/[nginx^] as it's available by default in many operating systems. You can of course use others such as https://www.lighttpd.net/[lighttpd^], https://httpd.apache.org/[apache/httpd^], etc. For the example configuration here, we're going to use an nginx configuration file. + +``` +server { + listen [::]:80; + access_log /var/log/nginx/repo.access.log main; + error_log /var/log/nginx/repo.error.log; + #error_log /var/log/nginx/repo.error.log debug; + + autoindex on; + + root /srv/repo/arch; + } +``` + +The configuration may vary according to your distribution's provided nginx default configuration, but you'll want this configuration to be served as the default (or set an appropriate `https://nginx.org/en/docs/http/server_names.html[server_name]` directive which you would then use in `/etc/pacman.d/mirrorlist`). + +==== Configuring BDisk + +You'll then want to configure BDisk's chroots to use your local mirror first. However, if you want to use a LAN resource mirror, when doing so you run into an issue -- in the built image, install operations will take longer than they need to because the local mirror likely won't be available! This is a small issue as it's unexpected that you'll need to install software within the live environment, but I've run into cases where it was a necessity once or twice. + +There is an https://devblog.square-r00t.net/articles/libvirt-spoof-domains-dns-records-redirect-to-another-ip[easy workaround^] if you're using libvirt to build -- you can simply tell your build VM to resolve to the IP address of the box that is running the mirror for the same FQDN that the "preferred" "real" mirror on the Internet and set that mirror at the top of `/etc/pacman.d/mirrorlist`. However, that's not always feasible- most notably if you're building on a physical box and it's the same host as the repository clone. In that case you can set the specific local resolution -- e.g. `http://127.0.0.1/` -- at the top of `/etc/pacman.d/mirrorlist` and then set a mirrorlist WITHOUT that entry in `/etc/pacman.d/mirrorlist`. For more information on using these type of overrides, see <>. + +If you're using the libvirt workaround, remember to configure nginx (or whatever you're using) with a virtual host and location block that matches the "real", upstream mirror. In our example below, we use *http://arch.mirror.square-r00t.net* as the mirror. + +``` +server { + listen [::]:80; + access_log /var/log/nginx/repo.access.log main; + error_log /var/log/nginx/repo.error.log; + #error_log /var/log/nginx/repo.error.log debug; + + server_name arch.mirror.square-r00t.net; + + autoindex on; + + root /srv/repo/arch; + + location /archlinux { + autoindex on; + rewrite ^/archlinux(/.*)$ /$1; + } + } +``` + diff --git a/docs/manual/faq/WHYARCH.adoc b/docs/manual/faq/WHYARCH.adoc new file mode 100644 index 0000000..381632d --- /dev/null +++ b/docs/manual/faq/WHYARCH.adoc @@ -0,0 +1,5 @@ +== Why Arch Linux as the Recommended Guest? +Because it's a very easy-to-use, simple, https://wiki.archlinux.org/[well-documented^] distro. It's no-frills and incredibly flexible/customizable, and can be made rather slim (and is out of the box, in fact). It's also very friendly to run as a chroot inside any other distro or as a chroot host to any other distro. + +Plus they release monthly tarball snapshots that are fairly small and create quick bootstrap environments. + diff --git a/docs/manual/further/BUGS.adoc b/docs/manual/further/BUGS.adoc new file mode 100644 index 0000000..7f788f2 --- /dev/null +++ b/docs/manual/further/BUGS.adoc @@ -0,0 +1,18 @@ +== Bug Reports/Feature Requests +NOTE: It is possible to submit a bug or feature request without registering in my bugtracker. One of my pet peeves is needing to create an account/register on a bugtracker simply to report a bug! The following links only require an email address to file a bug (which is necessary in case I need any further clarification from you or to keep you updated on the status of the bug/feature request -- so please be sure to use a valid email address). + +=== Bugs +If you encounter any bugs in *BDisk*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=1[here^]. + +If you encounter any bugs (inaccurate information, typos, misformatting, etc.) in *this documentation*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=8&task_type=1[here^]. + +=== Feature Requests +If you have any features you'd like to see or you think would help *BDisk* become even more useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=2[here^]. + +If you have any suggestions on how to improve *this documentation* or feel it's missing information that could be useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=8&task_type=2[here^]. + +=== Patches +I gladly welcome https://www.gnu.org/software/diffutils/manual/html_node/Unified-Format.html[patches^], but I deplore using GitHub (even though I https://github.com/johnnybubonic/BDisk[have a mirror there^]). For this reason, please follow the same https://www.kernel.org/doc/Documentation/SubmittingPatches[patch/pull request process^] for the Linux kernel and email it to bts@square-r00t.net. + +Alternatively, you may attach a patch to a <>/<>. + diff --git a/docs/manual/further/CONTACT.adoc b/docs/manual/further/CONTACT.adoc new file mode 100644 index 0000000..b68a3f6 --- /dev/null +++ b/docs/manual/further/CONTACT.adoc @@ -0,0 +1,10 @@ +== Contact the Author +If you have any questions, comments, or concerns, you can use the following information to get in touch with me. + +I am available via mailto:bts@square-r00t.net[email]. If you use GPG, you can find my pubkey and other related info https://devblog.square-r00t.net/about/my-gpg-public-key-verification-of-identity[here^] (and on most keyservers). + +I occasionally write howto articles, brief tips, and other information in my https://devblog.square-r00t.net[dev blog]. + +I am on IRC as *r00t^2*, and am usually in the irc://irc.freenode.org/#sysadministrivia[Sysadministrivia channel on Freenode]. Which reminds me, I run a podcast called https://sysadministrivia.com[Sysadministrivia^]. + +I am on Twitter as https://twitter.com/brentsaner[@brentsaner^], though I don't tweet very often. (I usually tweet from my https://twitter.com/SysAdm_Podcast[podcast's twitter^].) diff --git a/docs/manual/further/PASSWORDS.adoc b/docs/manual/further/PASSWORDS.adoc new file mode 100644 index 0000000..590ba41 --- /dev/null +++ b/docs/manual/further/PASSWORDS.adoc @@ -0,0 +1,95 @@ +== Passwords +NOTE: If you're specifying passwords, be sure to use a https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html[strong password^]! + +=== `build.ini` Password Value Examples +Passwords work a little interestingly in BDisk. These aspects all apply to both <> and <> (if you enable a regular user). + +CAUTION: DO *NOT* USE A PLAINTEXT PASSWORD IN THE `build.ini`! This is _by design_; plaintext passwords are much more insecure. If you use a plaintext password, it *will not work*. + +WARNING: Remember to <> before placing it in your `build.ini`! + +.Password Value Scheme +[frame="topbot",options="header,footer"] +|====================== +|If you have...|BDisk will... +|the string `BLANK`|give the user a blank password, allowing you to just hit `` to log in +|nothing set|lock the account (e.g. no non-SSH login is possible) +|a properly hashed, salted, and escaped string|set the account to the password used to generate that hash. +|| +|====================== + +.Password Value Examples +[frame="topbot",options="header,footer"] +|====================== +|If the value is...|Then BDisk... +|`root_password = BLANK`|will let you log into the TTY as the root user by just hitting the `` key. +|`root_password =`|will not allow the root user to log into the TTY at all. +|`root_password = `|will let you log into the root user on a TTY with the password `test`. +|| +|====================== + + +NOTE: I specify "TTY login" because SSH login may still be possible. By default, SSH will allow password logins for non-root users (root user SSH password login is prohibited by default; only pubkey login for root is allowed.) -- this can be overridden, however, by customization. + +=== Generating a Password Salt/Hash +First, if you are not familiar with a http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES[salted hash^] that GNU/Linux uses, you may want to learn about it. + +That said, there are utilities in `extra/bin/` that should generate a salted hash for you. Currently only `hashgen.py` is distributed, but additions/examples for other languages are welcome. + +.... + $ ./hashgen.py + + What password would you like to hash/salt? + (NOTE: will NOT echo back!) + + + Your salted hash is: + $6$t92Uvm1ETLocDb1D$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/ + +.... + +The password `test` was used above. In `crypt(3)`-salted hashes, there are specific sections separated by USD dollar symbols (`$`). The first section (containing `6`) marks the *hash algorithm* -- in this case, _SHA512_. (The http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES[crypt man page^] mentions all supported hash types and their corresponding ID.) The next section, `t92Uvm1ETLocDb1D`, is the *salt*. The last section is the *hash*. How salted hashes work is an original piece of data is given (in our case, the word `test`). This data is then sent through a one-way cryptographic process that generates a new string that makes it difficult to know what the original data was. THEN a salt is added- a random string- and the process repeats. In our format, this is done _5000_ times in a row. When you log in with your password, the salt is fetched and the same process is done again- predictably, the data that process goes through should then match the salted hash string stored in the password system (in this case, the https://linux.die.net/man/5/shadow[`/etc/shadow`] file). + +There are other ways to generate the salted hash as well. These include: + +==== Debian's `mkpasswd` Utility +Part of the https://packages.debian.org/jessie/whois[whois^] package, available in the AUR as https://aur.archlinux.org/packages/debian-whois-mkpasswd/[debian-whois-mkpasswd^]. + + mkpasswd --method=sha-512 + +==== Perl +The following Perl one-liner will generate a salted hash string (using the salt `aBcDeFgHiJ`): + + perl -e 'print crypt("PASSWORD","\$6\$aBcDeFgHiJ\$") . "\n"' + +==== `grub-crypt` +Legacy GRUB ("GRUB v1") includes `grub-crypt`, which will let you generate a salted hash: + + /sbin/grub-crypt --sha-512 + +=== Escaping the Salted Hash +One last thing, and this is *very* important -- failure to perform this step will cause all sorts of strange Python errors -- is to escape the salted hash. Thankfully, however, this is a lot easier than it sounds. + +So we have our salted hash: `$6$t92Uvm1ETLocDb1D$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/`. In order to get it into a usable format, we need to make sure the configuration parsing won't try to read sections of it as variables. To do this, we do something called *escaping*. + +All you need to do is take the salted hash and replace every `$` you see -- there should be exactly three -- with `$$`. That's it! Count them to be sure; you should now have *6* `$` symbols present instead of three. Once you've escaped the salted hash, you're ready to roll. + +=== Cheating/The Easy Way +Feeling overwhelmed? There's an easy way to do all of this. + +First, while logged into your local computer, change your password to what you want ether `root_password` or `password` to be: + + passwd + +NOTE: Remember, changing your password won't echo the password back on the screen for security reasons! + +Then get your shadow entry. This has to be done with sudo, as only the root user has access to the hashed passwords on the system. The following command will combine all steps necessary; the string it returns will be a string you can use directly in your `build.ini`. + + sudo grep "^${SUDO_USER}:" /etc/shadow | awk -F':' '{print $2}' | sed -e 's/\$/$$/' + +Don't forget to change your password back to what it was before! + + passwd + +That's it! + diff --git a/docs/manual/images/fig1.1.png b/docs/manual/images/fig1.1.png new file mode 100644 index 0000000000000000000000000000000000000000..827612d7cb49c7dc3ba2ab0574f73ba66239085a GIT binary patch literal 276969 zcmeGEWmwf|`vnYdkZz=rQb3VL5drBGm68-`1Zh!1RJsKOC8cGfba$tKN=tW1cQ-ue zzW+0G&;1_n=jYS2hdE{rgkN0O8S7kYUA|XQk|)HY#X}$vgbMd%9wQLgh6n^^Ee;lZ zry!448vcW2{7_y7ae?~hOHEohd^55&O8fJosGpwCA+f5WF)>B26;)Y@T zw3J=W)X1l#e3kz{s~tvnX$V7Y%+`5*!j}?H)`rZKrmz?Hxhy7j;J<&)oMDRg|E-Oa znI~b1;$yy)k)~^sPaFNvx9&qFQO!`*HPhp{UUvZc!C?}^zpwR zIw18u+N$#XFIo7P26H91-lmk|B5@?crn1vLO40+o?_l~9(KkkNXk8l-crg*&5qH<# z4naUfG~<48;GQxv37JDgM4BgmIKJWL-`Uw2P?~gcx{#io{fFwoKTooA`O;9*$L=X6 ztXw_m{5&4ZI3@)WLafiXZb20H#8*0RU8_Bu30gWM4LAM#=sJ9r>vI43^M~o~T`GJk zZl7W6#GTsrNF0SQrnXzba?I8OS5}?wJyuiu6ch74JDc;*+?-_8(L(e;@3pAfY~b-e zzR}Wpp2nYyd zE~X<*|12z|Ad%>ik&$-738&Zoo4*WKQQ5rsDTNKscC6fUWJD)huZnWC)W(}dL7}(I z&ku{ApMPqoz(l+78LoisSb$fBE^+)nPZeNBh$}CL-t|uo)?~c+k7OzrR28E0ROdex5)oS*34( zdD&8Af5?Q5n>(?$cBwMN(-VzfKwzdb;ojl2KO+eahOyY-?ABBhvH15y(RcX{OON$K z|8=XYf8UDpNukdr$p}LW3yYybQ+&-_-S>6pdwGi+8=*tFE5dL+s%V50JBFl3+niV1 zTw@>w2MM09ik{wwjoK3;+p>GhN3p5X;mTs3Kc7jxc_Wl3|4+cl>;(U~%5)7WuV87( zKH;*X7+}1cR9;zG`MJNq{-+_YVMpwp!=#HNMv?QwS-zwc3tG6byOEvUM+3HhibRh{ z6RPSm2*HOhOWwPI>Fv9B;mFYI;kZ>!YmEarPfctO-qsv$xA7dA{~IXm9tE9)N^Kqe=98eIR^U2eS?@aT7>r*>Pc6#GqmK8f&|Ucez9 z!EUtLk|pukGwjE<(1 zCWyJd?HtU(^q82?AFFi4x3RHVTwL@RT#;oW@j$YDG^N4vM$^o4bZ{LV8`C8xCuh2S z+rIPM@4t)7n(`*x&B7Bwo<|ipO4vW^IkP9Vcan_h-7S@Dx0s&UeTR##9X&-dhnKDp z4~Y|S4MPD>oB->G*=?C3ny_JlVKeVl2dI=xF^}xGE2=v>sLS6{#3E&E$XIa0n!O_C z+Khg7B=nv4C12gutMHQ0(&`g1HOC1YymI2(G`&(^VzpUX-2U_VYi@mlh2P(H&RK*V z7D;k-D=znxzS%Leo~VBFIPc>Bw-yq(r)37Bg7$f5yd;yHpcp^DPjd2A2M32KNGv-+ zx}i$P6(6gIN*V?Rj3Er7flte9o5#eq&j|?$56@3FRJFAO67Ide_ByO}RlQ=|R$W6Q zxw7(YBa_Xu*kROKLhiSQGRj+6+$^;o_G)ZwRHzB;kt$`AGZRH4fKQ*t)G+$`ovqry)txT9q+TKyT_s7u!N*G8$S zsU;pf_?2xCiujV8jE1_AiOH-_7cQ1J4wm<(v&bUt!9mNk-502tsJgo9bP^vjTVIcW z-=*rmfzYmU;!1Qsf8*EmPk!>Rgb8@`!(QcLp{uxx`Hb26U}2LkZ}`tR`8UZV5s%!* z$ztRf%A^O2s2T21ZhJ-Ux;PWLJCWx{ch z4ZKTueHnOrdqz_ucg*=R)nuRetvWPn>JmH>@F2vPs(440czk>_^ezdJPtTahjmd(m ztaG1m44?PH!-^d*rhL|TN%pd8ToAT2Ha2$i_d}izHtY19oaSU{e`BmVG7C$~M#l3^ z?CQ-%eCO?-H)e$ysJM0O>n_eVZtgvofiOScO%peQOdl$>x$@mVzLzox^WFYxgTeVW zmAMJ~uS=c?B052ji^I?h50PfPbrm+BOV~s*zIlb5v(Lp(hU2lk57x(%QWXJR$4Du7AYJYPO)$?M; zve6Ga3tcINg|Cz@4ejqcot|yD`;V@Lm{Vb(K{htEe7JHX@B2?ho|pNJm9N7aAfZL& zl9RJ3AaIRe5C<|VH}ilo7Ry{mrhnx}#CMaWrnSZ&D}I-rD3W|BAD@1ZnrQKq8 za=_-x-wS!E)0@*x-H!ARqc~%Z_9S}YPp>jUXm_+dm%h*XFv@Ukq(o$Kb``dd zuW6lvLzBg^uC1-jq_nJkyKgg^#~_i{#Zfqcje|ql%`3+%V z;qKvKnjK;OQArmVph7SkC4H1)qZ@4eZ6_I)=45aRbJuBX?t z!&X;Uzb_=Yhoq*arrR$s_M{wkyl}g{bf8JjYW5io@#f8&p%N>q!oou1+JTLOSpaJ3 zxw%A151Z6tJHMkI>$XdzDb31YUhDDRicyJXk&Y78+ja##=DP9KtO`gz(uid*BcLVe9P$liC_=;zEDIsBVtO{G%Rn$vV zblOpsOhxhbzG#UdNyCIb!FUZmy+=+tb!s-JX2b7nT3iE6$@&obdknO+rlzLTYh{xy zwXP?28xu7FHfw8Z<~BC6`uY=JCr(CR)X6F+lnOw?CEVer6@pJ$rESa&t z?-yUG&DTziXHCR7ySoxJS{4FPyw!dyKSpv$nolA#ni|rXa8lF=LS?>H=1wMsI6IFI z1?)XD@u{gqGC?8L8%#cS`S|Gi4RnQQC zO&Sb8hu1zJ#;w7D?lJn6WB=KcmR!B6P1K}?<10mq%A@NPn#V3;@nWvRnW8stVCU7H zA75%3EEvds;$2%S7B6IPCYN;4##0xZX?;7c<8Y40{e5t7u)@X-)TY$zQHnvt1~BzO z@u{q&T^Y!Ew+mZ-uBZu3d-x;2Ye9F2jL`kN@VQcs=9A zVQcv+>RNfV$Lzm;{hDuHP*POZF$RTW*3p7f; z!9y-??v}V0wLh<1`DcmQlEbcf^rL%j#^yoedF>?SKBSWe!)Mgh(Y0y+4y>MMUQBJ% z{wyE-iV^Gnxy(jcNC|wb=*K#)L zhbL+K^+PoiUTPH;6%W+i3tAcCwzuN$lW8nFf-dOb!wx#_}3Zwu(HB;Kx`YAgJCqY=B zkJbV|C?5)XM1HkH+{>kPvhH6o$GKPCnKiQ&?3bV1Ac=7TU>d!<)mNnwDWRcpI64ZU z%3H2GZP}xsiP1>`0E|^!+zheu!ou_U*luyk>^-{r*rGy1c$M&4T4VL4->!fG+lx~x zLn!K<92_Kii~Tk8^=n;(GHsxfv9Ytq9v@ioPQ^S=d|$D@^h~$X;btZm%=v9mTyguK zQAqlRa$+z};qmct_wV1gGU^pbFsk=QtWc%)+J5qiFcH15&*bU+T{|Mi!Lzfo!_}fL zjsVE(&^9;bh#Em2Hlt0B&#dl!VSdZo}EfK zVHi&>ZW7$QsX$eaS4f~HC)d6dQ6hnux#WcdQE69Un9!WT%slx~JVKcTQVgGx^Yeg} zy@@)dztq+8@pbIn_lr(dJv}|7C}3D z|3_gk^l%y9Dv06m+(UaoI_I^L!TcAKwE;_?YV>);j{cBUpY4wV{K6)p^O)RVeEkC- zifvbR?gybKVJr=?J{qT6Gkb4U)zrLWV`-n6nHev1CID1OpmI%O!$`_O2n;yXyj~w` z2xEO1X7)(u>C*!Di}Q3#JxP*$*Apkr2(rIhlj>sybLj4GooNlruKcP;6!Tf#4!Mkh zVwH1H);Y8ruslTkEM((?}hd86RW0>WM3&2 z5eAHtW5fFjxc>PHeAizNLbaWLgX7Z zpj(fXlWJ&asGfIG%A3W~6OVl+)4CQGfdS^+Cizk!c$xFgwVC z0zRax3)?;9*RL3`3^NU)m{$a>KX2=NO-M*6cR9Mnty@l_`X*;ZSSe8i7oot|sHDCm z{Ipj(IyzdK#3vxoRGwD7A~V9kz`)C|ic}pP?*Jg!Nmm)M7MT5TcjEJ1 zjgEhoV7E7H2v1v4+T4yL*%NJ%?2#%v6r$8`4G<~bO=v~}gWF`yb~tf~L{_S#)m&VB z(nfl!B(&5XGfu7X%hBek#)`PY6a`+f+AAU<6jpl8fDLKfqn3Pr7NGa+Qm@b|%V#gS zyNXTnb5mX0Umf-)7CU5ucn`Mn>M&~p-l|+|j_${=UyVCm;-Nr)&TP0}+{41gW-d(< zcEoFLZdRZldvik@f1G+DF0>`_DGV`^0OtEjuiUjobqN^i*?4&5A!6WdKgPxiuguyl z_uY&ae0eQ%e92)Zr)(myZSQYtv9Zl_Z-1ZQ!tKXom4(}7S=^g9Z|0BE(-Aztd!Ga3 z5Sz5L%Gi2(hMPQ$y6wZmyn+cY^IYhaNiZbBAR9b|c!&Yv`5Yf3t8y}N2#KWjoT=-7 zXYcfgLS>?i}RDBTNAywhMt=`HC3-ST3||H zJk(nSAfz)Z(HotR@Bs?x%*9#V1(gQwyTeVR)BUnK#Sw|IHK*1!-Pmj@0~b;*So*G- zPhuKcS}6c2B%CvMJ~35QSJQDvbL5^0LH1M{XX7VDM*5abyj}6^&G@S<^!&-l44j{r z6Qomm_UxGii3|~5$HN9g5=bJbNkpwp?t>`Q&PT|~_#|q<^rc!OhoMF&c3|smBLoML z*4GEOvvJ~of6>l?K}+IR+>O<;nJtN}qc1DM+P!jHQ2{{;*$4p!ir2lk;b~U_l%kPr zDjF2O`3J=Hf%pRI&L3)B%UG>Z6IMiY^v)M051^4nw!V{<+f7T!ynFrn?(*_-zTI@= z*VWhAQ>69Tej!d(^g!WopKpb_L&DD{cQMk^(&mIp{nKH*vr?pVQF?o_RIQc?mWJ)@P6?UZ;*%!Xe8pOS7Ua zmSCFS{Vubkk$uN_mb6~!IU`w)r%+XN%F^Uo-{hqDG&C*B&8Y`p=Gvm=G4l~BPoKs` zpk-%f@-@jzl6?I1i7#s-AvQMf;yCZ35g29_4GqlD*4s;i0s!eVGH@r|PPh`^tqTFa z_r1owrltm_rWTlx-WdM1na%H!K8CzMR3b>Qz2{5pzOY{-f6QQ4&0+rHg}kOFWxE+Z zw#|fY8hLS9S))0BgJnr)oZAf%fPQG^p7lP{{xA+t*|i_9E zx>pi$k$WY2d<-xj;Kt$`&d@O8xi2!8VPlGCZ9A&@hu8e}_J`vFkc%=&m$IFZT8$;noi z`#G7i=pH#>Z-F&8k)uE1<*(-Oq>_JJENlQ0Rw2h!7C+-Bw*9{yMGE#f<`&C`;;nf; zbroZT8AV3bYjR`Ou7k{rsebytXY1|n2&Zi-C;C_bt-jZ*8-qY!GWI0#ze$+3ZHgC$ z0o%mg0CfwDTxD(wFubq| z=9ZRH($Y=Rt$CT5cmRv626GbzPNJitjE4(Nhw9wj`|kWX+?s{=>=HZSB)0ooe2C@O z(C`nsBiO(1f?N^CKx^v#+Qs;)5u2Ob>)ZpO`H>~ydT%^dJ~fe{;?h$7p9TL*Lwsjs z7-%H2)bX7s6ooQ7y4eUP7xO#xy~F;%3tO(Nttn=1;bEW)+D+AeU}mJmim!}Ir@o)0lP6D5WqG+j3k~7w>RRr& zLJ32XUsP1o=e(2oxEJ{@N81*Yk(w}f0_zq%RQAH4kG4NeDFLoHRO@>0?-xUs8zz&A zqRSVE#VjmlXQc>z+PoRysNuW+<-ucBA9Mar8w9?@N7Jt&`_!vJl+EjLOg7Av7Le-Fblj2P}>3K;%=vcfk8o^ zl9IZ-Z9raJr4;oCDe6M@|Q@uRIR$Z`eV!OnI5CoQ9lQW+17=nA)OR$&aW zgCt4chpuPbpQ+(|wl|oP$*rN$+~AF!!hU4#R58B(S)Sh?z^mU%_>3(JMdbIp-aE zbo$wawXCyMQxkxOVl;Bn$4}_! z=&0tV2fTKB+?DG(jP~4)PEIpG{HU(Q#KbsH`%=kWYyfjECz_U*N1Wt-E<{`^y-(osRYQz?xMpqaD!yK39mADx{o@bF~zZ?}V}cxH;a z#7uDhtM4lSK`^8(H}Hfa%sTKsQeHz2AU$4@c4T6>BVc8V95kz76A2Y0^t2m`KXbo|~D?z>-VCfZ10H`rPS?!G%|+TI=zKoFl0!3;fqbFz&`EOuI)|-TiQue#;Eo;DxVX;<}nQ1w4_6BD5 zl#wyp1E1dFPG4sEkS|$T9GPcF3rV3gVl}(JAKq714z(12ySrGNY8G-sLt}dHZ3@F| z)7;VOpP%7S_CqUdwq}}fHzq-Z+G@aN{POJ^>-_%q_A3xfohE``XU8$m&@-f^rJ*9l zvu!SL1SaM?bRy0qnVH*OO8*A~`7sZg2*nN$Gajk66};`9?R%|pc={t+VIc45hDF;$ znySkkH8&ESuVr$9IJJ^jm$+S<3k+MzQV<6RhlyV-s&Cm&RMV7o(OHcQY6E=&;vs#1 zEhv)N`ZdDyRzO+0?H46UM$H8{$*Mv%@>Hlhu!cg}2t*i?A(~q+_Mr786G{DalmE-* zzKqYKFiU_K^Z8?~uM~=_o+5TXyd-vhXaWjbvx`3TIvC7Lgq}Pfo89_uDh`1bWEn&e z(W#D-AzcsjzJB{AYg6@R=Q{k(tdHiee`X}op9y1*DzkS2p zs5zLBPC7yHmnCVbsWWpxl}}mOzj~E#(n>@p^oj*pQ&sgJ#Td$`^HhgNss#=PI;c6Q zrVUC42;69OlZ-n@VJshV`|riMKGvXct7DXwmIi@V9td9AD_44kh7P;gXF;o51s1L| zmEjzuhS1-?A6pOQqY8EJNGl|t@dS0jv!7v4mh2xqz(cLV>DmkTpv(t#P`XiQY6`Hw zM}y&%!e0XrKW?R%`^oyjiQU?WV?<57#!@|5kLzqFagyw^et`5hOQ0b8X* z>ztRqMH`mrpjxG@#xUA+)fiCw6n7lAAB|VPAp;RHz|sIlkBBt!Qf*EY>3t5el)O3y zwznjmpdI4kDCvTxM3b|*71qB1UhgZ*@VGvb4Vj%y0199Op!S7lHG>(b)O2^hC?3#- z9&sB)5rG?L#oC)px9(+?}4bY##3Lr>F#QC(8 z0PqU!S3G2Xa~N)A>(OgQ9z-ZOgURw zUY66)pa9i~N#Qck&07G08qA7hUHrVfTwqX|S{=4uTwZR(=c)GC-o`xjdj2WXa&d9B z@x9vQ%&=k?(3hE+(^VVFDJ40COBNQP?F)n$UgdAsXmv(MNO3S=@jre_^wi*BY&{B! z?(QA+*3x(3Gj{9@pVUmwsiChjctc~hb9T+!eu3x9w;aMMeGnGYl$$mVOj=8G1YP$< z*6;8maInXocNusLTen!{O&C1rT4QMJw;F`2Vb@I($Mpwdntn^yE_B`%3e222{t#zw zY3ujy$EEO|08IQ}`Nc@DEPtiT?rS%YpY`9&Q3N0ZfcH^e*$blNYJ@ptdgo~7cM`D7 zsHE~IW|RZ?q`QAJaK=X?8;DN6!2(Bc3V=pe+*k-RCu$!q&JXIC!CEo8)vsk>1fWA? zbLRV!gE0^-&NJ_Cd;}0g?h2qeBO?QtR}_Cm$)&^pe5JaR0t6iTdrnjDZzO)+IXFWJ z1yE2@j1Cz;GsnioZ4K6)Q`8;z=RrI;zxqoMZRYJQVaU^~3PH((;Gls?m5N8d5llO{ zED9}1*`R#4GvV@aX~Ea)bfC|20NlftaJKjgqjk1+0Uabb@P#x9O65r8WrQ8@2`KXt z0FNK-?LL!?5)U8Z6JT9J&E|!LkLiTASqF0UyrG!{AO(-#2;aN6xz&n|;>p)W%TR6< zxH@1drv3HtD+PTcfLfsvK=A<0Nt20(C)CQYvrti4+}Axx&~sowz{P%>JaK%NfS?df zBdzNT1W9fL`RY*Vo%P6^_s9BKV9YQu5ND6(^n?1sOD&`I`tGwQa;ipXv~jWBql5m% zed>tmxw?^i!ay1ve6hM}SZ54`iczS~}wLC50hUyfMh(C^+}Xdxjz7dA!1;1Ec2 zUaxpA@2!s5boR5G`=tREB!w^)V01y%?ODUb#5~+;6&|Y^^au=muvi%~FrbMFy(}$p zq2uc2pr**T+|l@z42d?}tj)gh@nZpQt`}z(;5Mv=cqPFgMSP51ZahC@oQ4jKYX6J& zppl|x?TLC(e{xnIn=Y}Syij-V(tW3Rkv;l$GcqVIpO#-u`z|D1a&Xo6doc@+xZGS@ zPEG@lK-PzHqd`G|2*jHTAy}!74z3h5YpbVMo;~s7Xnr3RHPC}7Ey}|8lt9S(`l@cs z=8wvE;Z}_^lATlTv;T<5gHy=Jt-Kq)~?$>?`y$4dUNItZ^e9!i@TR{9_mw0PfyQxAg%?& z$>!w6*`&ftqR6PI>kezZMTo_9maY1?VaTlmj4?v zWADAyJ(#xhac3mZT97SWf!*Klb8nz$AX%dg>YLT((C-@)* z$_7z38Nb&xTRc}ry#4+THg$g93J-}*k6V@yZN!=8**ozvA>7Vi+g+++iq2lhYqFKvuf|auxwOSR~sjM$*sVTMFC2LtlC3- zO-=(m1oR3yH+^mZJa#4XwCWn3EDGTE@N2e~Gm|?m??Q&2DDMjO^!I;g4x*F_`>qh& zbhd_MYcv*MCc)XHi(wI3>Jme;+`YW6I4Gkw)hSbbU;!ETa#ju{WdLx8?b|$ZA;B;z zUbaK-QGAeN*38ovw(|K^;p898uyt!^N|a%?W-02rS(vvequ6%*f!@t~Ae04mB>bG8PSsa3u5ntx%D& zdND-nr2lYTOtCQ;ZPmq)XJlv;Qup!wmZR9jgJuwa*#qH`Z@kHC}#0;3p+%4ZjVNS5nvAj?Ft2 zgC2KiKR8=Azv9fvmVk<2JAO{uT6=!i$$Hd_{5jq$`$GS;tG0f&A-q@~+*f`m z{m=?OSniUG7-JwF{&f+zJ-*0%lOz*<+N*)rPQ@<1wiqH8Hbr9S_@+fav+)f&E`ocD zw(eg?3y@Dph}3pzMC1a?3*Z@MXqeGE&gCf_w=E4Q|;_z_q%1UALSb@2&`qnWq2R;9;1>eCH8vP~*;giq1 zs!84coDZQZ)*qKxLFwNlAAb9t|9b~l2dX2o_@&`-|LBr_`1D?^jt-!UkBL!~v-ZSw ztv`g4*=9R&nV3Zh6+1eJ>1G!#YQm>QV%)==@Ql$A{9Hz?^Od>MG;}_~E@`sapS8io znfA3kuh2>oN8IdfG9vM35WTHL4qF>;ZzcDK86yQv)BdHGIGP8eVY z)OUaAZv?TaDd1_$$+3aHM(;ZQGyDcPU;X;}_zzvcR(ZyZAt~YHMC3r9uiZ|9fd)+~ zf7AwsWbIOGA>dAW0bqcEZw4x80{{=m?kOi?@Rwi$D2I-p^!@plHx4Xa4O?Qa(OG%* zF*6>$(=tp`@+NAx;letW%jQXecsr_&$DCv9SF@kgSQd+l^AKz0>7nLkRZSf{iGWi& zlT1Cu>+m4;HSY-XbvQSVT(wnnup~(~hqmVg-L}bVVVm1+)B%rmDP!umCe75Yd+UKHa@RI9Nu@b9ZCv!Ydzkoh&(}4cWdJG3< za7P=u=Glh&y%ijX*V0-M+6E%=K~zmN3ndr-xHbaJGgB|_ot`Ca?WLcIrjMHyp|}Mw zcO8HeIt8q1ur@R>diW(KG9ZNc75zEe(laXj8X6>_Xo3X}WuAnXM*jk%Gm3LVrBF{w z>y(2q2(wt=3tC;Zu0EQNL;20Y^E7pE0)rluPoY#}CuEnz&N|z`jd$5AxQlT_3YS%1 zr!m0HhK}&>eNVVDaE*)0u~=DXc-kVsQBU4hsnfiw$;iKV>HE|a6ATsC4+*9PQhEYR zA9B20*$)-8Ul)O+1l#sIh6SHLMMVX!Jx!GD*t=4$?urR!E3=}jJa=#C2D8b;XY?>f z=kGi_Pl#(g*{Dm(*XLj$9)Vf(#GmoY%?Is8O(m~bU+FueAvvW<7HnId^>4_Z^rTRi zyU|x>%IzzXFa=zD9K|EQ-kCu1p~a$3`680T{GN-T?oHtkwziK6N`FKS=;(r|x(;s> zj@Ja0Hu;k-uiz_hi0n&z1lwzHJpH|om6rX%lN{Z>-nnXNQ&zSiM27xZcD;!%muart z-OfY*r*OP|MiRV``EzbBymy~{w%>Q`UeDxyz1PVeTnW{#Y}9l-0^n5#K*=_C#bXx?){fx8*50WBI!6Sc{TI zva<+I#kfQ^AGs_z^YUo_QEX*!TYo8ELpndOMsVPe5cqA9*YdGTcupe*HvG-O7RleA zmzxPT?R55@p0!FM$w9JGv9(?QryfiSe3!KK24`#M*UdddZP_g($vv?#8~%G?{^#ZU zH_wVgUNdY~%XQTHXw?TYqpe~X#pkktdH6nM+nDR8revNLWl@oHjD#1Hhjs`KF#MlA zswC3WXiCn=mHwe^+Z$z?0Za4lLqZI2dAe+pSCIJzDLf*P#VMrA^-5T5B*T-$$6%uU&`Wgx zj;tpoK}&q?o3D(>hRyna-Ku95e~^~%6Y}WAwy&wk#KLr><;0#K==?|=kcFO=_@#aQ zAPIL^T=V7Qvgxe+cI<+)zb{3Ias4#ts|mxo>Sfvc*U4nO(K5TJ&a^0}>!0o&nW-lW z7ZSUAebgb54S+w4!LRx+qe$A*t|(A6O^D4;b=d&Tszj=E_&UJ}e;p&ZrL=c;7P1X~ zb(4UV6>^2~DmaCTwHsHKlqB|!z7P;f-ik}Bna^E5klu4{R1<8yra+>Yy4lzJ-#v*? zA^5te%3Fb_&9K6M_p&}3$2~ewrOA}!v*5uU9GHei@mX(RhYgEZsSPe?;@u&U$STbY`egb;lLI5=W#aY&ko;JyGIuB zj(XVqgbn9z7?qXR2@JtQ{;W*eMMC^v1<;oFBT~Mh30*j)$EUVd|8oZ=(SS$_+tnfK zkT?AcKFX4uqt??T1GdC@SA-iXvnKqo7L!S=zkSR9^QZn}6qagOV;N`r$5giIse&BB z#N)SzI!|xt);Wlg5n_RtW4cV|hKmw7KWd|*He;*25NdKQUpYehldodDeK&1oEB7VE zWCl;$8_h2w!a{54zlS4w+J6?J!7vfVV$W+n(aTSP)%3l!u-Vv?^GbJrKdyfhnk0#k zxq>oSBYhhTCG_cK)^k}tx)waCLvH`AhSg0sxlDdXMeqNl^rmnTpv$u2dNl*$=2!1? zd&;nV;|c=IlBvb~KZtR>{+2KT0?eI+=$v+U9i#^xwR1EP=-9sVtg^Tb3p-%G-SF(< zU}N)XHg4$tcqKOV)l^tK6VCmI59Ps}Ec4P0b6(-))1YT1sKWp@f~P^IEY5pl6_*Si z;vM|4_CtPRC znPhndj=vEnpSz{Ixvw5zBNV*M3sBytpJucD-v0y`nCT`Jw z0M!%l;CA;yYT9!qQBiMixgvHUbnPOV`7vFeTD-FJ{sbu`n7z4Y(BpM+gl& ze@f<;-PK*Y=N9kRWXnbEv%DoiLno78b;YX(r^gT>m-+mT4S%~PxG;(QhlmfYh`ie{ zXYKZ~%y~Bn{+haA_IkinH0%X-f|pDI0W)mysNuL#@pSO0MwT|RUyAG-_oUH$IMlr* z*&3K4Jki{O!dY<8nG|?aQyX<2qjOOQ6B)LK?AT46eOY+q%htwgYStK^K-lvPPucs? zzp8@FE{;MbMmw0p2Y*H8M@7_sj>7V!2rFuwdexw>iDj?P04Ee=-t5~uL!IU0A}kHN zti8R>^h3ArZ|?Iy3(p{`5a~su%Y9$qY5B3n;8iCFpR`g!43Ft0?*%WWz-bGoJ6t0D z+$8oneQ!>_jatKjQtfx|z}ySPPGZaXi@(&?Nw$}rdxusEX-hG`_A7g%pI!ctQb?Aq zRp!6Nboeh)Ug=fjRXlVk<@;bJeDKgaFNd%;iqbhQwsEBx3*G)VVUM|wxq$S}2{_(J z_z8gopZ$-M(~yJ1+qw)q>qPM5P_Y`5?L{UoA!JY`Fm=^>=)nU+E_SepJQ(V0%E`$Q znf-6-1O%`FYp$<*5Uq}u&4dHqIA(2EmW=M9Z z#SlblU=|S)f}QqDiu>|1=-{XHzc-p+|2Oydo3sR|NPwg{Y4lY=9UQ`%+E|uKhr&Pl z;Um1mf;T0OPZ}2k(K8dpWDXp33lJyPF)5%ZEZG1-A=KOwHHvU-#tXUKQNc4KI6A<_o zoWx$Wx8=T-+#GNivN3;Wg_~(7EZXok4($NgEnkFJ0L}Y zaVS%(`nMMV&5Mc2wF&DhrvZ^`xsAXQz`WkZP-?3p*gP;O8}e@A{QD8FAypMf>n#J( zn^AsBrb;{~K@W{F+jKETmLi(Za~bZA0NQXQv?7MUPj}z!HcQGUivJwr-n|&ED#|PE z6q&q8%6W1hU4iMk5thjn?+*)CBQt(SX6|Mz3p@5WDkU8!#2F;T)vjD5pGVX#FWbL$ z%yYPKTUyWjI>Qo~Og8%7CLe9IJ%uD3k^JOD*YG9@))i*nrjwGWD87-|6!|ON&)t)- z;V(jf51TLvTDB2&n5m=iNC&%;qQY<_h3V`|8iBa%cXajhw`okZG&L`2+s|_5`!!z+ zYGV!Ry*V>Dy9C|@HQ|H-tGt@)d4o@X+Z^oeSvWYTgFVmE#zya83}}pR&LX*B`uVwW z!1!bKuiGIIf}KP%2#z3GN`DharGBnwR8*0Ha;A<|@Bjz9cCWU|!#)MP`uQid>xyQU zwSHcbf1JlB|9)M${^LhL;czzax^u58 zh-6RbT1-%XD+KC8r;nY2K42M{ll_P?O-)CC!Xf4nXR12OwdZUsajnd=PnxY2MB`5G zkOkco;!9rr^=qJYW#{Me7D>Ia0o>!rMNEi}i1t$0*R8FWd%L^Y`rS4H6}sH4mvKJ? z2eVy%zX-mxr+y(kMeB=;>6hR8uyb$_D}H`M9ZK_m_ea<{(+401jLX_IRj-bY#s4lU zisKGXj0-m^%gQcL-46^Djd8z|)OIuJ!A*(}>|%oHtCU9hMnymMRj=NYE;CL_5Oxfd zljzyrE`-y-tO`(P!B-I0Y^=&2`5X9k@}OqmOTWPxqG$)bzix@hztiR^h*PE4X{aI) z`n=8b)z7cD?Co_JsJnk{=HF^-`}O=5>u_C67e`egvTwII>iC$Pkw(?&rRqF!*$e8z zp|!%w@vN)76!{4KWH@adlbQhsZBWa-ZT$?9){8m;^~1P;jWWo>Dg4S)ry}mZZ#*>8 zknZ6q_y-5ebTk#&*S-+>M1No=MgAA-acaoR!W1-rkk59jEwB@{sP-fNJM1$@}+8pt`bA2Jb08c^YWq#WF?Z6((dr`elh3I zbP(o(M*;Img2)Z|C^5CKsemV2Kw5_haw(Q;ooHPb%FB6Otu++_tuPWj}Ib~IN zdocd`uFWWjk6>-fC@Il^NMA_|YMqTuOdMEU&4#W2y;Pj7nN_Wy2XP4Y)UqW3@srit z-+C=-;5fl8MKw52r=zW{0$Bs@v%aArwqE`_qM|wP-{Znr752D}U(-EoZ`F0@;ZVWKfRN*I z1PE!b9rS-&l8A_l=jn3aC>zZImjJx7?a{=r!qezwIF$B(pP~1cZetXPl6(}Uj;KLO zRmeykIlMiSO1(L^^D8HtjZYxeg`Kr(lIPuU&cQvW&2CT=eTS(9l9UGQ|emuK%4EDN+`z+6> z{X`f-tp(y9XGBm^QBedntLy2VNugP@03GwXjAaSDZ<#qcTt~GJUC()zfl`BA|I}>! zsdp)&Ye5b2q_NQpRX@NL4}W6>mvr+>-(9vYCk#cczW}lq5 zWk1!_Oa+z_et{#pEd$QNj_ZEEM;K#L@EJ@YEDGGw58-ZG&brEpA`p<>pm5*KF6u4i z-s8LU*OqKvgTiPvWLdjat$RpF#-UqTN@KyMxrtrum>uPo@ z^U4UxfblS|Nd6J0%bnXabB}M%X=+BiZ;l9QewO-pl*qzbJLi_QfKXP}9Fae+;Z=*0 zw|OueJHOPck7%3Y7Zt5pfA^Gzo*s^oCqd|gEk8fkxG>^`d+(?& z9sDbI?%vHpB8~NaRF;>ggMNWpoy+g7X@tdL^^;ZZ!=tQ)CE4Kd@e{YL=|snxqHJ%fX3kOWXh9|(*thax|HA{BKz)iyCPv9z}4WM~?3 zboxE;P0Z}?5~lC7#zY@nl=+}`-)RooUv#uqmPXkVvFJzaNgeD}#Vk!`;YJ17#QOLb zxjANcI{KMPNm|T`vKm&3Ec0`;b-9Jm(JCyh<}x!r?O~#G(YeCbKkrJ^qgsS^a_7z+ z3p+a%c(WC-@^Pjf9lfFPONP_adH8=I#yb;5v%vFhE8m)5Sa?kV&%fzPqf%CXYI1XT1HtKk^Z5kOJz45d5VCK}IPqV@D&6^6yCkIF+MI|NMiul&q9?({U@=A=T ze?7ZJ%g7krY}^B9wdbDP4u$VoT3Gb_`W1Nn#*H9p=8ZnHlakT3Ut(9TyH@?0m&&(* zVYWhd>!RvO8JzB#^kW}vX_13KZ#L%ZXm3w1D0r!7FuGFucYpmtPNa^o+Ic%?Yp(Lv zP5;P2XQ@JHPA#K9+50Zd<)L;ntxJ8PBG;QNBb%2ZvMO~<6%`@0c@H=O!Obo}U%3DM zJsB+>ow^8v)~%R`l_$*(MiU*-ZNT$MxT2w{35Q>@sjX`R8cUf!1wiL3%{CtkwuoI` zTIxAG1RXURPH+__FXu;`Oa$#rzIPGJ8yjpSlw+u+uF8_vi3wNMEOy zPYvtq?M-QJmVG0_pjYwAv{m}gy2IqVm*+f|Zf^SEn|<)@@l)>bVKeGi@blB}eCq{b z9xa1uFfLasT|n`AIFI8PywtH6Q^yOnnxv=pYr0p`*UiQs53?`ws6VC}u@N7o{p*E1 z9t*0VWfMsI^|Mz^=H2Rzu!w!2q=>>IMdj(b*9vrStzzH3qXs;vl(yRNB|iD%n4{w> zpb6%;?vJVmPah83+G_YWB|o}e#QlTa<*a(osd4Vr5*SNqsi{?<_yd7bpwm6~3Yw;4 zn^6G1WZLN3gp=UNZ_l}*iSjtzuHpKQiXK!20M-pcT|2W>=!7jG@3H~ z?;D<(-809AE@EwJnuV4=nJ2^cb?)4aH7zwFF+ne(>`pWXR)LwA0l_oH-iWKN;xDYP zJ{taW$<<^{q`*%#{@y^o_A|hzJ4fmRW1Pw+DPz;Tk$FSv!U=Bc_Hh~vwLjk8o8EHn z8y?Pp=mXzrM^_gI?FV+spe5LmLYsf1W<(WRiJzV#7 zU$@5gthb*QK%pA0i@DC5t9ihu>9}j#MRVoo19DNd<-L|c8(tfc|4tiC3$oUF5oluc z$AbM18ZBgcRdOJ%_K1>60>Y{f2?^y~+(#I^j--AJZ=L#pa1f8F82_nP-wgSJs*zm8i^?;eClJy1-wx-4lKfXq&HP0d@ACnH(UhMjw|keOUoEX` zY4A=q{ZImYCEu(Rm=ox#~=rUa?c(-j1ffX06 z*VIBTEIbhdX}?12g>03B;BY<%Z%f0UZ$FYj&QQ45gQb~pqLQgrS){%-c6dU_vX6B>R`SXGgqGRNx5vcgegT(*CIwB$N>0G(#&qW2sWB;r{ zr|k#E0CE8?S``f*6$zG;ZbkJWv&|F5MxHD@6iGqbUK$uW(Hqf!8G4iG9;@u7H`^id za(w&w>qlS7o0%nje{=FWrQQ3QXb%q$)+Y-sxgc8oV7h|12%vF`e`9_iP`xEH~& zr$;GuTe2>=3_vGfYQYg~^O7u)i27s;WP-l(I4`3o5J!OTs~GAKMl4s+_ zjRK;gi61^3g>CDNn9FOKrgoRuyJt^LZPex7>4nGB5j;FRu{k+8%JmD9_s*ON3k!p> zmPczTe{RLCRM>vI!C2j-#yI$OSs9t=oE$ZHSOxZ7s&rqI;^UE(eI2!lOHWS^U%`Dm zhqXdOB;jPNtWqh9ul$`jAv9FDdNswseYhf#2;O>o^>A^`_PCkWYuV@unyefsrTk|- z&&2F|N3t1JPoUiVg#0~Xf3V{opFJ>Tds;fG7MtlCj>xaRzTQN+zctG$+p7N=B3wdy z0NG>jv>i7uZ$-}}%8qh7ckbkMqy(qCWXpGaeIzAFW=nc3UPT_kS!rl!=r=7LyhH1G z@Euqm5Z*ev=a667HY@l1Z~1qvR&gGH&|X9I2x>K+aH#h93+aemn<(%&E-IR@op*&@ zp3=Es<+mD`pk=pG4eabxA`N2m@-)1WD8z`G{~l4n8^W0rCJ1paTuw<3hkV<+lU9+x zR;v1^V-gZ%(Qk#Yt8ro?c^{Q0(i)js|JuPin6FFOrY0r{kx@|sLPF6OSPys>vlR2~ zqVn_#?N?mU%g{_u(E9ang2BF58k?*KNPEL+(!-jomHbz{5 z<6xEI`&$n>Rp{cNz2Ad?4CcETA@f@~q>Anmp|bs3c-$eg20y%wnwpc=>&Pn^Sl%PM zw!}cxp`~$EuOT5ZQStnF&o5uT?D8)4l9V!2)KfErJxZGTcP&c2C()7xezx?g%G^=)kAQkvY>-RlgffD#gjZ;FF=UOT(d-AZl#HM1YnA1vj!wD4P>;;t)femg>cPWIjr4qhJ@bcxOH z@!3cK72JUpviG~(do5LvKIz}OB^7!_zg7=n%$L$q!klR_2bAbkn|rz%B(}fgKY23L z!(%6sV$Z&&%{TtMgTt+~q5ADz!ztsNs}?`?5g^DWirz_E1CEi0^@a+vvI!oZ8;Nkt zV7Kvslmj_!JV}jF#wQN?Rn&yupod+3UZs?XbOOJ^_*(a{>-v8dXXNBMYU9H}m0x=% ztGC-8QH)dY4RsV<8yRN)4L_&y%0H^lka3w){F=4{(2Eu=Y4muN_fPwVgF_$p;ltF|H@AUIK>0~tODhSi zRZUyhxzSLeIV5!uuw+cD@KSH21L$=8csTru4BNqrL<|So_<$|(b*ZA;oL(2~-SB+V zh^J$FUE6s6b!+zU$S*q?-c{X7&AwZ3NkE`pxMq8M(eTE7W5d-c1_u)}a->LG_mROt zzkd1hIV-jVnC3-b!J!t%>K>w1t3xw=Voc0KICx}S)~m}W!2r|rNO5lN>e}HnUD^2h-Lu&D?#ai;3V}30fkqGS(+r-7jN{gYdN5>5>~9f8V~eYUcU1NCOw-aoMz0tLJ-JPn zcX@RtD^`+afs>xz*LesL}A`BhdY zt;HO}Yf|{Rxl4QR2-W?xzt;b=MNnNW1;ysh=M^`PmQW9(`{z#g=goW9Bh&z(WvH*e zzv&YvtOCFc#pN(x=f!0k6$cG5hu`r80>X9d=+OhU#}SH#;$T(W>QNFVj>kr=BOLo1 zO?6F84BRK$N5EvE# zVd3{5j#gQDC&a}Ov2i`f&Iot`5oxSUi>>+LZX?VOV_q2$AaHE-4>b@vgDZ=T1p%y1 z6Ga>G$$_NDN`yZ5E%V0<0(a7Togqszot6hBRq3dbZv;UvWhpl$2bV^96<8-$BrQYJ1T2n>a5A^ zE9Zk$n?rX*7773LiXyJis^fCaz!SM(LxrX0)RJ*QffKX^`5pC#fORt$ z%-%}zt?!>6oWo(l(h7)j=5A?ho||S7q5nGE;MHX4OCPfR7SQA(PaT%UkwYy4#U$ zE57knn@UqmL785VfxhTbdh(b%|HAnJZ1pK#?Hs z=WD~frQ73Q`6%16mf8&GRaIivrc#5C1Xqe%WJ5`gf$nUCvBzoqin@T-&<*=9{CYhqgWoZA-Fj?Ke&)ZzI&BsG=kvowaOp zsO-H{K6uACI~ey)B_V)OV;bN@D^H_`Zbw0Bmt@(4aL7s#c`<4-C_(tPnFdz$UfaL@ ziqJkqv?^v(pK+PX=|Bt1#qr$fXSj^1C>JeHNFr4lLK0~Yftm)9Idn4XJ36YPhvLWV zaO3Pi%|U=bb4#;IF0)D-vt69f=tq3P>(~9{-U>$m903AtsHb-h zfIeDHukz9Re^hM{LsbW;Eb2UeC%QNIqLINNN8O!qN?15HKRJX+G4jma-Nmj9mq{mkUf|MfJ!9vP%gaAN8jq#!;zN8GEy4s7<;C0 zjmxo;v7ANxo>K4AM$PM&&4QUu5B#`0Hx?H&`QRtOlyg~^W8_tV%92Y;?xo-Rb6)h@ zO)srd+Q6C7JO_YY3MZCU=Hetn`{07F-Uh zbtq92Q4rt_kp;fm>Kt z!=WS~C8Fqeo9-G4%qWk^uw7s76x+UOS4Ph7wBfNaMOGS>xoi}kT5XQ+Mf6>nnzNod z3HN>1QZ6gt0|YOCl8g|X0`SR3_kT)9qSLm9bRTW{4=tnr6hQ%NP|GqPzgfSI41R~x zuWVQUD|Mr|$642YSEbpcj)@;Xc{1kRyLZ<8x@oF_KTy>|1@j;Q__GBBjs_b6#0e2v zevTqfuO<97?qMxjyL)YNW+AOfyH?1hzJ!_y-UsXR)Wqf8=mq^)?b{Wb!-BI4SSPfGi0hpQ_f8<%Yxdc9xxrvU%SnEcYqGfUKB zKODqX9+f-w;$jImwkKLKj;b-;1%}5gx){cBpKN75K~TPr$FFv<`gX8O)@tjw%BuP< zbAq4n>O%f!f${o`E^VuL@}`=at2j{=e3W?*wt;R9=l8IH%3DMQKI(GtShMFVKr>iL zdziHPpFcU^%V8oQj7^|uTFwg*ke|dB%(Od<4}MPN&p$6EHG>Pr;d5aC^>=&p$^SNK z0q%reFfd?Vbd2+Euz`N9{rp5I(`nlf2nGX@R769E+B=-h2AFeeL>MrFgb%RE(LmFh zJ&KkoufGn@nku{K>t7&@iE4tH;(q3{I7hJBcwGezjkkZpa;S&*_4U=YwQ*lWjETfo zcajI%F1v|aV{fmD4oiC|@W}(&ghd4%fk4JOoaWwA7FXkx2#(yv&psEGC)up|S zl5#}otaHt9HmlQQ2_0YqI0${P<1l6)Mkhaemzh)Df=t zJleTs1Nq|G+NjuZ5k`e`cJ6LPAyTEKbv4d56+w&rbhQ4Jx2#uNPrAp(+T@xQ^T{iy z#30dlE7mA}ZkXv*gC0$7ZLP1OjA>ZjPaA{*&NE@m zF_3tNG)JB$adpvXjY?pNt4`dsGwLry(b+CfQ-zBbRrTojco}T_mJRoh%38HOe{8fn zzvIV`58CSn?{oQ;4WLmPC1#(BH2cQ4r9D7K*x%KHlwl3@neh2>6e3LCXs_N)x#2}s zzre?`?G!C4%F54K3GXOmp`)??3cc`0_{D09CqZTX(6$jZ2FeFrA;{c1`eQ^1> zS6f?#sOt0DSFie3^?NlwMTJDbYBoMU(w*Vtmg$dw!MTrJGzw~x~!bw=hY60k&^Uzf!wmxi8F0wJz{dnyB2 z+~T^@^vQWa#o|OQn_0W-!H$-fsF_YzH#J2Q!J630;N_!~lK6Cogc4VrkR{%BnPUz< zxzB7Fc5{Ev4X@t5Rbcb;`M7t+Bocw0vRziX z3)ns|Ol5pexLY7|KKYe;IE!w@DrxDra}a`7f*1Doq*b5$(r44fepQqv6oOitX(=~& zv6x$1&qfyiplhh;wJfn}8Xsk@H~Owv+$$(3cx)dZVJhNNbErF@O%RJn)@gZ?8{EM1 zlu=fbY8bkm77!sIt3FmF*9ELfXcV?$`+EtVhA0Z9cS zoZ_Qb7s)pHou~40(kUc!c5Zqh7fCwdIS7F3vdeN0^KNh6;eN5TEJMTCyH4t!lVrI= z!_{%NFK=lo#+|#ov~f0yH@|N5REOaqpSt0sHhDh!=Qla%DgR2?+DsesHfk)+Tn>&~ zYL2#wD-kE`VY~gxc`!s4r^E^r8;j3#@bW4dU7F6GJ~q1|yI;(a0^W7xunSvUNo-C> zTW!DAO4No8o;Q`bh7+~>*hbUZZ07ncGWQL$JY?9r7u6Z!+RSyhXo1!P^d~ktx+!o) zNlD3UapjZxM??x0dJR;yucRY>TNAoQ2)lgP*w{XT8gxfEugmi`OI~&u{r6q z_>s^b0K|(RKXI$CgM*Sw7UJrvw(sKC=_6-6x9pDnF|_ZE+7bC1v~G2Dj7%Y@$6gK= ztw%@*tv!PGwtn3`SxNumSo1K~+QHVTT$KL!=||TiD~ts+ltx07ksEcYIJ@pJB8;`-bz^b#9q78 z@3_zFKtcWdYW80^?WvTO1sM&V3_?&Kq2(Q`g8clfm)5dQ?aIm(J-zyDlM6ozR$2-~ zmbk2joz|uT*Q|?AtgO1O{x(~)DW2oi%nkRVD+tycfI3k%#t@{8PUekRkTrE6E;@E6 zH1#^2FiQPU*i$#lUk&5-*6;;5c1&g#3#hU z=q{y?!dW^&0lGwccb;YviusQf(h#qsREGp8OWm|q+hnVPrdmqNs4$p^_V)ImtX!wO z(MYvs*VMPAH8F21%U#jn4$FZWX4O20v64PoF8O@~OW499g??Yts13|LoI60#p)1~V z@8qJq#@j|+uHH>ha~^H1V)(wux9zUem47xwD7b$%6>+h(SaQZ5HpfxEuPq{4nF0Ba zN0|?)3ljISQ;#vXU{CGfOllRU?6a+%!W8~bMl%J^I5^}W;69FuI^YCUkPVQWB0V99 zWs;KjomZ!WkL^iOEcQg8hmz_b#z17-P4{IRsu)t<%-sbw{#1o;G^F2+p{jecA=x}Q`20thxDjLwLhqX8bEMq9Fi zJV^g<&;Ygh=Gw>OdGgWiGHiY=JW96CCTX|3hATZ7e~m=zGQE!Aht<#5{wmkydP z9;W&&;5qykMQo%lZmX!w^~H|0r8V|_RB?E5_)~(y#O8<8sGIXt`h9zK2kS)A%J$M; z>(q%4Ci1{SQ5YVAWA_bz^yrawRnoTIC;SjAU^>sQpKuB)zPPjLl-E#nl};~^*x!y+ z8TEUZ3Tf2@RZ+tgS=DVbbEzG+rVM_)y2?WY=l}R+%IY8*SY}^gp)vMIsolS2GKJ}bcKBtc-?l4{O4*mv3lNSIRA(IOA5hi0`8pC;6L7jq_)h_P%JNYgP9!9Vwh-^Md@p%fcJpRN z%cX{@txG?RdAf?06z&$4Jz(}i5(88}@H&ZNA($j6)vavBp0g8)@g`E~>JggBq zQfVy3zYSban61hiYgyt(3S89>Oe@>6w|wiinEaqsySf*#!TFDe(-GvJ2&(Vw?2MfD zrQWuUacG!>Se%ikN^@k{+VsMA6D9k z6MykV7a`g%z4u-G+hJ>)YFT{!Z?Zgn^lrxYQ}?bAf-(a=WSC=5VcT^yMNO;lFy4g8dv}E_#l!JBu3ra8vwOpiH8?e zz$sxhz%>E6pd^TAOXx^pVPSevmpE#BhZ3MfSIc5`sa|X@+pOU6oFRm8Sq-$c#W5PL z9AX!Lmk{DRD1y`n{ITgg(%oO9&grvVTHNAX?0-Z27pSX~w1fCX1Ine~o7a1pbsg}ZTapI5%gWX~e@v<36-Ub*4V?GCv zLf?;~&qWMj#1OvEPIO7aJrg8)5ACnFQeiz4w#M7+{f>$mVP|2$W@XJ%5qw!|gLv2L z!LW@g2viCHSfElE0oCm3=_&cmnH$W>!Epy$yKVS{pr8?wVb~~82T?2vL8c4SiEtEI zFA_cc*{T3Vb|ldRw-8x0idZZ;ZJO~Xa)Gk&&;J}=%?fl{f=Ey74@^ZMNR+@ckr4t7 zR!L~Eo_1R^7wv7EsS1ntU%69&Y(oNp2tfp`uD-%=UU@6^sBEfonR@2$ze0KQR-dBo z{WIdG8-(JiI^=Ja3cEsHjVOu`aZ7S?2(lTJh%q1w)^!N31D>!hayWnb`zcVNkf0H^ zA7L~KZ1rFVB5d{bc)qa=wHOqb0XiK-ahZru!Mllxxd@Q=XHD)y-cRFmob;5)*W^I> z0TuUrx|pJpQpNZjft3?X85NbQCxVc!_%seHVEy}iA!gM*bor4@dw zh+hHm6#RFr9rl81RQ-t&VGMC_iSz=W?C7f}|MV*i4Z(sG4BGAW2>t$Dj2uaN<$Z71o`>J zc~9Nyp3Gcb9beOoG#CmjSnhpSwPs(}7kF-PRcL;Bx(bXbf~koS1AG7Wyq)WTKjFYK z4R&uittA>92usE;pEo!SjG?C|Y|94J?tUmG`{lo=MVkjm+HOVVvVr`v*AE_)lxDj= zWuGT}%X+(~>H!~rgTDH@I!pa6;o-WPWM22jYr@VWR&p)~Hs6)>4RAL47buH`6sN8J z=Kc7)VS@}_1Chr82@`(?3T+sYz{SOh^p)`ZeDUdND^>L;HTt&Nv|b9J<#X^RHCgT< zC|AMN^YbrhY5QWnik(H7>r>ZGPY%Zyn{HURf?-eRX_jl=wQif62ysObVsXH1_uJuc zqiS3Yirt}v?`tFGLi${UfhM^!@=;3SMh%U-#5Om-(iL1!&5GL7moIEtZ7tL+LnvIT zshz*CeHoIqaHO@{n}S!Rc6RQ^3am{~uZ6&Xojt&E5eFWaT9`$06v7x9L5u z#mG-C07Avv)?WGR{Ybn;y_UnRS#n^;;j#DE%arDa2T1!;hnZwu@881x_a#6pq*ZO1 z7WZ?yllwt#A~Fk5vrs3-Qvex)_kpDb&hgB7(_gQe3@|c6Xc5zW&+jJVqS{r=HzVjW zEqI*bw+0F>Li-|F{(f^3sW8zzZpWV=NF@IYWt;>@L0@5?>WtQ(zjy74Kvg2VC2ZaQ zDG%#^+~k)f&q;pUvrkcyeVAcQWqmaiBUAsa&T;6nhFyV-Y=N1* zVc#Vsr3lWp!I^5m7dJngaoham3|~;umn9E9m2^EjKW>$r8E3w0ORByphnlxfttmvf zjpg<8^lNHpiByU7^O5~0WKDG6?qZSo-==~&yA+Pp7QC+z+Hz>3goG0!n% z0uqm3do30BUZsE~nZfi%TU&Yn>`<38&r*M0cJso83umC>0R5gF%*<8gs-fVy&_9*x z=!fGzz`}BG_n#(lG5Ya>wfy~}>$pB&z?7hmku7@aeUn1oXU~#$CL4Vjyz>bU;}eom zwS=A>1}2JMyGFz5$-WLe>YBPbilE9q!79TvojZ4SA*~~n<%!XH&|X*kxrKSg)5F6t zcqa|be8}a0+LguV?ep4s4K|YYKHY%n5Jz7bSEg5He(SMddi0RQcHf*yVh#((4m-i zRZ;PabhjPr0sH-U$>{WSTDTsPD}q#vPTIWp=@&s4OG_G5k{^0`>FVupM@CxAyRdin zZg*f_(e;L(KYuRlGQWY}!KXyT8vk+WvkpH7(J1fu({)W|>t|Io^ZWNvi_+-}XFnd0 zDNNkqE^!Y!n_Fp;3ndz(y>=!SZIEGRVv>SJCt|G|sm&80t89YAGo*e$&(8}XmV%ZS z{vI+;EPiE#mOnAw0;0m06f@Bhb)#j<#^fLAX{VX#zqm*w{o7yd!KlF z>pD9#L3tSCjq>@;AP-0R=q$}gv=|UVSm3NmK%B}ZTa~4Tv2wQr`!OEkcVdvuy`7@xoA}A+J@0L_$j# z=Ro(DI5h4}*kMi@uy@DKEY)FM6-Oq4z1z?etj$M{rPxpNC`6va2XjxLrx~J4LL&#H z4aMW?bwF*#VYzzs>ceNxq@WJ(>*t4GTc4)N=wsQ{T0mBK^Jo`DP^%5olADb|j)ySY zdGK5ik>5wYv=o5!j1%J4ds4FhX>wm=q2IfgW+t4F>_j^YA&pYl)TCU!;RI9>k!<{S zdgkq23gO)S%6*t_27T{2r*_OiM520tHc&VKMmQPyxdUQfsc=PFk-+oy?;5i%9p2Tu}=ml!?*vLEYMbqq0JyifR!t4d~mg zW9eocV;OIOgHSl`hcGm@)C;R{h24#*12ah0w;kurkUfxuR_21S2T=YEVBC6;pTEZJ z=koGt6w5c}X^sn;VVzLy9~d1y2l3P2;~fPf6%?fEy1EC*xI1opmAD~6q@<=gMbrF; z3qak28D5g$K7_RFgoGoKDDkM;E=)_+-f%W-iq3ZK_)5Sqn!;8xM^*>evX#;n&Qx#`AM9CUQn5w*w8MaU+e!(~7V zAj;b*#%-S0mHt?TU6*na(1wbO2L+*QiVArpB{6f2VUd|yL!CsQXHU85s#Znco&Tc! zke%jpyjvQSQCDb!u#gWQJyJ=3gGtwr>SW4vj=1*7-+vdbaClUdB*%*_4VVbo=@539 zKB{&w!`rJZ%j*2|o6w@0hYUG6n-(&k_wSkBRH2%giR`OdtngCC#g8wcC%(jlq0fni zjF3LX0OCo9Lex#Sd%0(Ph9NEREIrdW(;eRZW2tbkHtPPflbGjhf$>$IAI2iUGu6@2 zS!RmHYvX?$*SPZ=S-7Pcf0;`0xvna-xQdF$> z(t2>PHS^owtCn#5-HOvm?N;Ab2s=l+k}#!mW-`->J&cBM2!cbMJg}< zAUc{|Mo#X4u<%||GA6p*)YDtAzB*``bwx{Se0Zt}>`HQ@Gf~Y8m3?T*wotk zrW5M+<*^-XBbZu?&aqB=M+h({Lw_@~%@nf&w`j@`uM{a81pW07Ba%})FQ2{_9?pu@ z*oabdz8z$AVH2X`;v}J`ihH+S!yh8tMLm-gBG1y)=X5TMF0hi;5+BZuws^wvNsW}A z4SyB^34f&R`3n~>UKFzY^>F+U9V{w@wae#{S!?a$6J~$?B7h*OQo`}z?^7}P)RN_A_$$1mnraNtNoPxoR z+`epm*jc`x`qXXWIm060H?^M;ayL9!Tk!@zgy)Yhj`_u&*EP5B;Q z4;gpzyBEf0FwexSSs2U{rmX{WY}LsAI=!oOpgxZoFTqK1+CCQ^06ZJ%C~#>G$d7Ag ztIS-iyrgVLco!kDAAYW*~HZ!rY~4sBhQ`ZIJUbTA6#$*iQ2YkNHMLw?RrTKPj?^8k^5kr}>^h)C>l1I)A z0q@GR=-Kc@s)u~;wt?X0dk}BkBFf7c*3e}>znV8+$v(~;d?o%?&{;2T*-ReUuZf?3 z3=5q))nfJvf{Wrt;}LoRs;%2BLsGoys^&!Ffk|ymT)4r@9Zy(JR&Tw*lc>#oBhL^M z5a?YZ^FiPS21kcAprVtct()cH)gkT(jsLAo4~viBt~-GBz-Knt^a0lkzE|93*OY5ja#;XP@o1yBfkneL};6T&<#txyUr$pzcKCMUzRfe?O&Gi+Dq4`A!uR8 z3@VcHg~Dggo^_*KJDc_s=R@DXpa|C~WyId?kUmB^SzzGq?(wQ0tP|ICQkr--e^6K2 zc*#%W(%QqM&xWvx%IfNGI$6qZ@Wp3(wcTj62pPK)z{VALX$D<@MZ)VuYkYU`s?tW3{oMKpU7Y0_~fpW&Fsp)A8OrYw>f1t|qW@+w6 z;I(y!>H;r)@ci%F=0u3B9Xfm%lb;uynL%)qVDnpW)@?C9p`WJutG9Q(#_f=oPcklb zUQmNG{*l5@qBb_4aT5O9*zu9&NU_pv#=wIVjA_L*)(SzV$@zO^moLcgf}V450PwU; zqIA1=hek$ju&}V${^%@juQ*0M#jf)4%9?WpepOvA-K;#oq@88Ke=tS%eF?O(DKy@} z-@(FcR+SU|ij#1KF3(F%!@h#+u58jT=j}tq)2azL^oz;??@BTILB!nHr^Ji~AuTZ( z{H<#9lhL=iH?RzbHTB5Ip7g6*V|4rd4iQua2YlBG1MCu_H{knY>Gr zT9gq$5XGEkOOWR)*lv&uJi}EovZRcAlqDs6B3=FT(vmIH9#59{7qr*eFq$rVx!2~6 z{TQRR!R6EE{~hwnG!twHL5=|Ee;Y)3R}*2%m)@*D7zeTEym5+ zY{cdiRFz3wl#b)0611d`stH<32M`InRl#bCy%ctqSF7epn>h`Xgtvt|yLOOrUU&b= zlPY{{k6K2htgMcqYUETqW1rWNXPQQs%)_j#o1Etd?qIMdd0@r*w{jVM*605A{xd>o zO)W+ndu)Zl@x6d(klBzXmbgt$1a-lB@4HY7D{Yv|ES( zaeKg4*`#S|F0_vrZf#^VOkROmX(6epwSoTDS?a{d72Gr+cpZ?-vY3p``MD~3Nm^P0 z9FcJ=Ty^A$EH9)1@;_tTYOvgYf%C`_aV4d|ak7S>he|Q>2-YEg`|{PR$+Q4X;rtPV z0pmrdd3dN$qIiCR^<{8yDNx57%_VJxf7yz=78d-No9bj{k*yA`4s$Y;`SOPqSZUU; zh|`*C{3GcqlBmu@hxsNHwN(3rIs?y613jks9E?oks-`B@jnMVRii!atv--r$^;4&m za>a&s1lsM>)%7|3U$BIJ$xQXckg`T3BgyTwKT~u)JGt4tOUd&zy%Ea5lVfF_klMkJ#^LoE3cP|FMq69= zVdMEvpB@Q3%gxTdN%&obVY$22T7Yzf(4B$j9kXL1bf`7LyX&l>$1r}iwX+tp(?L6*DEMnRY4lF)P1Ti2M&x8KKt{=nm1>8=_F z5BO{%vMw(#NepPjOg1OoD;^vyEM(ZtVu+E4)(%3ydB@J31p$vHU#STq$4D3Y|=aKue%x!7FB3+@^+XqdL||Wf2{F}oNwd~ zBYKwS*nRZq(JNS?2M;L3RghGNo%hzcaf6s#2OH{IZ#Y|d>GEZa34PRY{|B|Wj11*F z=!6rw76^nuK)gqUlKJ`h=WD#3AB2Xo5a@`b<33ui^@!zY@ z@Od{Ty8ODE^i2NW1y2mHQ40zT%owqK19J&1rVxGaW~#UnW?$nG!0r>V-$lr|4-By5 zoSrala_#QcF~-y_VEEKetmDtC_gQ#7J-2xJD3#<{pZ)eAuZhHOfDGa|M99Y zUcLe5olrHYk^PY|c7KL#Q$3Pyb{NumpHYeJL~7y2W9aHWb`S6ghwT6;^sD0O?QH)f z!H+5a%BPyv^Y7SEbMU)PN++V&OquSb4R&f*-lV|i zNA7}S@w}qoI*CCm{?dmy{{TAdl*BVxAA+YSOC5Lb56tt|f7u;%6#xC&e|`O{ zH~(J(=l%~~=HV|4fU)(f-~JloS+{~GybUxP5GAv`&weySqf!a;+WdKBFo^4{T>h1l zbl(5HUC2x9T>-OE#f|u<0~RzT93dANaQIf|Ks|m%FKA;G&qF2~=J$(A~9B@CxSIFlm zvefeQcRII20Dc4hktHe1)+rW0O#-wRi+%HF{iv10|G$m`3OJmp@ z25sS@3UL05mac;2fWhSJ@-(R-sEZsOGb7{`6u248DASBFrW1nVcwTd19~rux`1piL zZQ)c0cOIkBTC#ETs*m%`(;0EW(EByU51I`B|z17ahNKv9u6(q2Lu-b02>ZCW=MaBBX1_g0(>xSNBbqD-ir&V!9k z%(Xb51!RVnIt$krHYKHxjP1P+75eP=Rt z_0ej##lFSo<(kO$Cq2cM$z0~{y3ie;%)n^#f`&&p zqeT9Nd~gDjA3{EU+{IBJ+#!r^0%A-(G1UO0N{A#Es80Taux4W^Ofnh6JMi)E8Pwf$ z&ctN&v1%n8U=Kkc?3h6}4!Eex8%dpMjhd2h@SoEcqE+mlf|jM8W3vr2eM*~}=<}f@ zK}_yDFr2QMKtxY4)`V9;zf7Xt+re3T$A#WN07ArwNlf@5e{`0R)pJDqAkH)q{7w8c zN;>!PUkraC==JNVLsv3PT0Fpb0k;KFC3;{alNyQfr9$>I`e!SCl$S+V?z&04|Jae8 zDi>9%WrxfM$0ByW;Qq$(xo^4ht89h4bd1|^=`DdR>z``gPZj*G<9KTyv!L@6my@f! z&oA}H8w0uKk8?dhOcI7f3DOfGyD3&6>jRh6*SSiB7Q(VmmUAZU=it~P{FVyeRjdAl zudlB;$n4k`7@tuC`1w9qxp6aWpW{nMEK{ZGkXuMCtdhVWBje@VKCGD5mKQ}MrZqgh~n`b37gak zr5=JUs;hhOjxggss*Ol$QgFmzP}Uop81T_oH#a{5oQ=2@urL8s3kd8+xB=9eQrQ%z z6ir>?moHO8mar2V#8=pn@jM5e$>Vqp#pg0#P9=HB^nwU5cJ)Ne`;-zMhk&D zrbUsiAg)g~(&9zT189N>LeZ#Jh!NmQ_0}HhJm+y8h!?laqL>CGPR8{_C0od1F`AJ) zApwRDVqS$9KWv(D{$pGx3MF^$+_?eV76{X|m^ivk*k5@svMzYJ=s%yn5 z6nSQ5NF;!1eS#gQ0*qiZu~8VSN$>L^bd2|(5TItR*0-gl;34hrLElRrtc0wgP0+NB`*p*BM?+c z&&XJ^2BL%xl0Zygj@QEU!SA6_Q5&zt>>}d4OPB7K-E@-*yC)TfQDw}S4at&uPnC-{ z7j4HcF|!1i7UpZ-Ji14QZ6^*BtTQnd3u<2lqlEnzaiGPZ3}ofV_fQugTs<~cVk~wy z3CRTpDU$8)%#6P@+LS^LMNN2M0OJzqr7B-jepLx8yPm{)`0&;~yPZ{VF7PCXO1*#a zSO1)1>nqW*IGf{1^`b`qGcoEntY#A|4`5-)!5zm0@r(?mi8EtRz1#qY3Eze6*mbzF zqCyhvtBxR_F8^)T|ArP!8({*_Am`aK>LC&8D$n5#BaJ+Yw{I8w@4p6C!2x&zke8uO zGj?=5jWFI~yj=usTfoW1bC2=!`y4iYD-#rn4P~Ku^!$~7R_q6<)E(n*oHpV=G$|B& z9_=yD($F6=mPksZ8}jc=Nw>=Q9(p@-;}7;D-8$XR1D3S9l0Q4>e$=wHB8&fn>RzVYm2+tyEapdV~x7;QwQL_I4VUjt(&qO zL%kP~ITPDXTxe8Pd{9jIF$pdpnXf_lr&&AqMZ+_dUGNp?5Jj7E$*CZ-=h)GVOZ4f5%; z%;FOfd5YtMQ8MHt5DgEcJIB>OMhi|zSeS0}cv1)XQ$;UCczDfyV$Q9B-zZ#hx|VTH zzQAbrDk$Y?_{wh~S z>pz?B-1fm@>w8ugIcnMO?NuVX6qgRE>RsEDZrWPzbzlDlVW3S~($@pI!o*b|T03Aj zrNV0F*!<8tE&&@1g*X^a1k+@Nb8Bd}E}BBMn?xeKAf^q+ElTD(E&X<_#n9!DdP9D= z?y1R^(XA`(Nw-`AL|wUdGcs~t*bmafOBpsqdU)EI1jVq-%%&uDS=nuMhH1PzZl4GW zZ5+nK0!1|h!l-UA1AwDtHE-;umjDm

k+ix`OeHZRtt5pgKzcEHTn}gnhJof#T#xt=4fx`kDW0mV4H`d4HAVcJ#Qcm2TN-CQyd&#%KJ1wh~2Z@jNO&y9`aeL$%SN6Fr zIa6s%zm$Cb@K7{Y{O1?xocd!%w5&HqTs;YFsAb##zuYY|0m)~VajVlx%ga*mESn1FedF7PJQrAeIBrX5x^oB;^q)??s zFD<8eP6Rw>-oBSIRpmKK6Idm({pyX}p!2TRVkm`qPn@6yTIQzci^^t{+*`C=N&;U( zZu1;=D@&a!MVS)8o!079ptFlVikOoqV~1fD8*+q!fq@C@N3qvpCa{wmMm>a@)UNwv zTG*@gB}VQ}$T+2E*8JkRbVM`+!M}Z@gn|J47Be5&_ZmOeKU{#Enb0Hr{Gf2`wjGLz znt&pUuDSVkaC#-6na69Ftyy};Cl!&lc(*NT`oS)%Cy(#lhF)Tk<&oQBTNhBkc9@f5 zJu)i$Lu`O4#a}RGWK>RQ`}pY;WiFxb=H(vQ1%KEx-uG{a6eWZo&Mo1c=GD9`q&L__ z^XTkX>F=L7JvEEW^5?gGx&6f=t%rk3kx~7sT~3d4Jh%NTWwkq<%0Xp1pJL1|7xg8F z#wKqOI45x7@ntu44o_uPkCIzOyd7(Lg`b^&c(DG8=+`zk-p=@%N}g7J9m#Z#`;J)d z$5~F&XHG1ePh(B>57&2HOn3B!t3$Jb9Udxlm6acE-o{_U@knKT*Rh~V@%~pbY@|<$ zz9720V~PQyL7Q)Z8ox3w~<1!GWHaHqEC|Sk$f(7@%}UJAevw|za_cu ze%{r6Ng~sGSKlwnbeo3I-5pJ7FFj)<$rISqS#&?&3Ow7TD|4kwdDJ%Er0slN!SCKt zp{#*yG&D5SwHH`8*?a+MyIk{?xxjx=#Q}=|fB#<$zU3|Kx<|}(y^*3ld=YWp^X|9$ z-fUk@j+3j-@s*h}@!S{Yiv3dOtTx4nTW;D}(N9FG+YfpdA!cQ}eb^~MtHP>+C6Grf z{M}iud&1|QiUiGd&feBMZ_>QdDp|#?x#?_NA%!sopz33tPvq~y*%jK+n^w|xgPJwk3YRbENc2G!!$H5j&lGF!nC-J>yr7t4_j)y-C%_% zp0riNjcbew7JSQ>bjt98f{wZI5?$f=Iiwje(a~otEsp|LN3YcKmAR6Zb2fh`zRP{o zl$0=(&|ubT2B~1aGB_w`S|beHj>pRX%fg^O(d$)U@A*LOoAHSyO_y9 zM8cQY)&co1IUMXr^KrJhQOo5iFf`D%3dDW@n|Ul`SJI&dB#WjukN52D(= zoAo|7?biIIu~WH_D?*Bf>AT9a^g*DL5lRBQF(2)wZxw~ipb9phw6@6W2 zOinPMGU@@KZykxi2Od0lU@f*m)d3|DYinzgE83(yr>?mLqL5%}%F}8pD7reYTa*tL zo#X04zZ;J$9jIr_xN(5PFbRGj=UsnaA8;jR&_xb_<>T(|zJrtD`+sr#cXUA@|3Z#l z-P$_hmGL*S1nCMwa=p`Bugib-#7NEHozt6*Zt6R3a><@Je8(W?Mv9taEu-88%Q8YLx;l|!ul=I7m6Uu6)Lo53}o!L6}l)Idz zDPjKCkHZz|v9lU?&uuMhh)iVrrqcKPBg^J2gDkSZmBqeB{Xw&P_4%xGHw1cA8*z@W zvGLNrS9qwi`@uNErg`-5*8q(Kiv*t+_$oOGod7A;apvYjAgO{xB@tHB*><<%98Myt zJD}8b0iE>=UZ%io*jF7kL@5*V%t1S3Wn+_wkw^VS8{P%A8syy|@cfdDAx8p?E}0#K z$3eu8&T%3a5D&d_hKm*>u@|zbcsMvdp{HwoS#5-AYvw)3=8CPQSP4<|TtmLzjX}>- zEuMh&0Q$X0nHz`|pmLlAx5UTSuU#`AX-W|g^B|yf{LaAg`}YS5R&1~AA>vqx0 zPhIx(E$T*ai~7dKpNaahR{oRQ@9g?QM=LO9d*b`4@iTGt-D3Y2dv6}i_1^xCex;B| zrKl94G?|JrQ^p2EDl%khKnN-Gn4wgnQe+NElex?@B?(CxGiOTX%+qH(A@G z$TT5BAuvY-e1K>T;vLwWZh15_{AZB@0+noiYk;|g*TM~?aP68fRva1wFb%G9=M_>d z&}#w)yoptI9_$#s&oTiM{Z7V;lIz=wEc1l$2ShQZq)>)BquS_u1n=iRy7`LPO9Q&XZQA-Yp=6Ts4b zwdAm(Jf~t#re$K6KXZl^1q$eLECOKo_d-K&gJ=8I^mY{_vrNP1aK7UGC8MH2Lb+UQ zjUnK2;61o=!LJknTG0G$2zf64UT*vB#4dtQL)8)e^5w^RMz4BcYedk4D%s%73(R@P zx$qZqlGE1SggvnEG4b6#fGme!^&Kk9Y})T(&G7w*16fJuQa0iQnf_g?c4eTBkNnK| zgG?6VBMgTe4x*U_SNbb^UPJD`xyO< zxs8?4&b&Om-h}o1nHhfhiWss~Jo`W<{7&BdKl6j^9Kp@}vH4l-JASUq{r%(k>oqa9 zrA71q@msi|sj1IPv6s~1(vkU38NZaG<>dF$uiw|N>sqJ&P@|NdQ^#Zrb$%Ml`s#S>HG^#zLua374q{s7L?L?wN+PS>gkQf|Zt95OTe$?aSv+gLsE9AR{k zi>_HT>~&)9;XiNw^B(gJTC*2fln|y9 zwcnm7*PyCU)sFwXujcyo5URdPC#`Un4?Aq0?m3kr<|y>C_7&&aqgv(iZ_X(f-XKIS zmevuR{W9|n0UaV4?p<@d zo^&T~t!If}u{o9of7`zwZtqqR;O5zL<1b%mu@P!F3I%f00Qo18eK!jY1$pQ4nhV@z z_V({fX>C~?i(D*`_;)?;MVZrm{E20AIwR;BoB>dkKTk>ma$Sbx_A4-(`Ub^4+N->) zwC7>vhn9P*G~UpkOj*yLu_{!Xv1)bryXkpR>7m7qOR0kf+X7~<-Z`I9#`r?(_U*6q z7OJfb6Ep{&p4ljrlAo5#c!PIUhc$&lJt05ex;BaL zAJoms4-=L%^Mzvp6m*8;VB+kyzd3vMpv~-qLYDaT$Ps5N1=lnY8VKe4&5{*EzG%LL{nNhIe_3-CtxrQ8j0f_z< z!AdhyMv(bYJayA81*&LzFbieZscDm;buP*!iU(j5R=J}zXvhBHQc?IxF8r=-fL-}z zfbIV+!^SBt9?H6vZ!T}ukD1;mB}Yfc!U0waL3e?S0?ypNeLKPWbLuy3f6rr8f8%hF8L()E&#Ld-2m z0R%}YOmbf^M+@Bb?Tmqfs;a7d)y2%IYdJ0c1gZt-Xl6!_JAdWMm4J8Op`M~{O=7<` z{5m0FVsF})x!ICj8qbxz^UEcADS{#*@H5eXh$}povJDb7j2>vfT80eG17D2X!L+Nl z&}CcgO^7-%5cT(%%8w!d3DkYzqF0tdIS9KxJnX+ZNWF{O3N4(uGyr@a|iFI!?prjPXe3-Ij|= zwMUr6dBg=TMtIV)ZL#c1`EVnFX)37S+zS8k!WCug#>Y`tQUH$X%>S5Y<9LppV`x2j+yrdPX+vL!G zUG}91PC_>qX}gPqW6c6F99%qxa_uVFes}L0Sy(WjP{T}n8cNaKFA&hj21v^iU0?uQ z_j|}y+thR$k<{d|#l^*WPDDxAuLjHo2AlFvsyqHc3$1*0_4TxfH@qf=9vm7UP;5}MdDixO7a10cw7GZz@PW*rH0hIB zL0|{OlG7t4Of|K&U32_#@$n@v(7pPGMu@!ItiP?BbPlyp5>(2U^t7(a7)1P4;t1^;ewyoMk@2H1kXnl-CwpOS|0AY+TC=H z+$g@=WN&x6@tU=IC|>0r+C0>mB(ij1T?{jqz5(@ns;^9SCEZszRat1WE^zu^yrMH= zSJC`9T~&_j!8V2a%R=O70$Y|x9K9Lc$oX(bFsIb*eXeA6k*)#PA*y9VtS}%O3>%L~ zLv;eE84#*B;f=uLP$(emz|6E0$%gB!@Zu=P(pqA=d-MvBiJsn82*+0xEkWwzGCx`d z8c7M~4Om9t7H1v@1_DUJ*z$wKHK9<{cLF1kVxeY%8cz`yGU^}c`H>P0jsfT+_en`H zLM0Ha@3fNMr#OQV#|~C!k#Ogf<&L(THsoeO$Xy*S=7oGi=q*0i%ceo`K{RBrt0d$2 z+P-7Q%8#!nB{umJ90Kbf=ihWi!TfP7@0oOP)HO{_n@612e!Sx26hLpw5u6R63`xAy zFd4DxJ5a4yvEtRsS10_%!p#Q))ugZEZUEt}@6fRV4XS`-p_*D3;z|o4M8pp*HxI9= zYvBc#C(iNT%osD(qQBSIk8jqh9`8z+Lu-uYp#y<7`4{@o1S2cg2VlMYwf|UB|2I_R zP5#>f0kjnK8DJX?EDABL_w+$2sjdC}{Y0Zs(s2kpEJWuH4>XIYnR>R4f37l9PtxvN zczy5{OZn{|8VT{0pJ^x!+uA&yK7M*{vinovrql5nU52fPKkS(5TF0#-Dq+ncqG)Ak z(xX~n>;7e7C05zfT_;Cm8&@6i&*Hd~s@mn1$RudC`Q1%Dj?UqXMOS&}UTTloBBzHu zk2bB>$py<8NWfK%<>#oHcAHlJ1~?5N9IYG^jAvC z4Ya>dw&E!g-mqHmNGTX%*d(A0HBPeaK%EBd{4MtFct9}SuDuqZtE;=}tqvnDe{`G$ z`v)c>z*kNs^g`z*k2osBF!XV-?I{(CY&qk6Ho7&oxUuXVxthowj^1!OtY9WgW2b?f zRB-ecv$vV{Rz@!OAZVR?kVLtME-`SYnk+BN`3o1e_t^!vN+@vMZ?F6|k)K{NBk?w} zR|(xQ+VK4$%J*DWctFBxFm)o}%Y^LT7NkuL_a_uo9>Y`FD1XoL--H0}os{S3V(V`Q zNt}lH{T&bEKEK)2G}6;8GV0F1#4%rBzQnXtJ0nB!=)E0PQahuTWTtnjZnv-*8x>_P zb?UJ9=XDYNAFplME!ufJf7zkS#(ZDdzK#@nwO%qhD=YD8;;x2s?vG4?8G6WToZ|o$~@`zsqcFnUcgbS_KIb@!F8XyBHdFN=e)vkT6nB% zI8fWzxDrove%=Lb_42dto4-91d0y}sXQsWq2zhv9*G0L_?v`HoeX1?f8v2FucCfF{qs6jUL2lsO+~gotymMJtI0W{h?o#=I0RJf-fG`S11-M<$M!Q*+ zG%5`<-Kv&ZA_^n#V{yfpJbVMQ0d4V0MtFK5+N8E)efapX?}G>Hic*=f?WKR2OMEXl zHDK$8^P9r^=Cppe%fv?jnCfRH1|0L&{5i;LrcS|AT-Y`QkxF6ls)`~AzzVuc_>M>4 zKlT(2h;MM29GA}X=A#wcbr=&Kr&PXnkirso|2fTU!OwPk-JKJG>da%(m#gX41vgmB z@Efgtza#hPxA|$8r+cYOV`7-qA82uD9eiN+g}N*yxBQ#`tBe*MgRH}%#et+m?! z-c-1=R!xS{g}R_^;s+dNhS`d-MF46$2O_!dLCkm4&f<7ZHr<4lxtW>uVABD(raR9R z%x-{T@rmZE`(a^s{QUe5sGR=HbS9Z!EiYjmbsj^qep@+EG>V5#g8n$lJ7=~k>1BmD zzHfkogmtp>(HZ^2XU~4mj;uI=tQU%w+pp?3Z-mk7%m%rB&Kox}XzrMg(80+y$Y+$b z-CRefiQ2$Zt9roa-?GeeqHn{7w`&v)5@~scMU(CXGiC7lJlmd98XS%_yK&#$C;F!X z^82Od)4MYqVt+Cg)P)^y)Uyl!DY~L0mntMBL{!~{>qlJ@#nVo2%icVWVCz*~>zIS) zQg(IkPuX>Gv-nPlefwnAj*2UvTJC@T+td2?roIEeRi`@7)Vuq5dM|t4_4UKuY6V3L zMJ-$T-WDGXTS4$n&LhDPWl`Io>v5LA?FYq~7d9Pg7pMnNOwNx57o1hM zzhi#!%GBMCEl47g#1Ii%TzgL-eu7XJY#@d5{PZ441W%D8Nr2}z!oXRqoszwmoZNPv z`LaXhssG-u!;|*pP(z#rzvK~R&l4l&oUa-g{xbx zEr*5c-h}3fT>ZaKv2Sj7!^VWxwueP-;{uU8q5mEL&Ex||1m|A90KRk?E}@+R~hTdbb`Ai>-{K z`PD`)eXBb;$Mkvi*#qh`a{X^a)BIMRcyd05dMoqP`PrI1k|E>U)1U2srnVe*FXLQy zEx4ksN7{=v1m`$U@#Db}m)Y+=^@5rEW-~uW9hRvw#jQB;ybLGCEe8lCQRrad8Je2X zVW$!o0xUrA;R8f{zv?!7=)|n*GIv!jxC#O~rS^Pxm2{gI&7b|b7xh2%s?vqy)iMHo z#=YtV@yI}UQUQGJ@K&ir_jvX?H~y)qOIaK#|KKzo2#}$$bRJrLliTpY*XFBDOD4lr zv0>uFx!2uyG>&l%v+1wV-xqYfeT8RZ$ph~l*SC8=D?b`0Z1f;}@{MbC_$7(K@JkP> zoSSO%LqdLsD`zX;xbgI8`Lg9Y>saJI9TYvpKr=j-Uw-F;Zu$;$$ECvTiMQJYba>hF zqpsR`UbA)0Fv+PNZtY#k$hbl3*TBc@AJS;rH?7^&_r*5)a&l$IuwtdXXA)x*jXbSl zS93+aRCjY~eP7`_%bCUVr^ z>t`*4)9r0@F)kOo&QW4lpQCU~SvD#`9(~bw-2h8s$>N5&`>Zl`@oh!YxJ#(C0?I#q z@`j!e`e%rLo*9_l)p$R->?wd@5Iw8w-%3k$n?64RksngyDU%Z40l9?J^N2aW4osoR zL5K4A@rPGu%L9etPQCzE4bT3M(I=17X6m-iZCtm`vp33}9j84)!HShQT$jhzh{o3z zp*N(WU|N8k6{erho={ikoK28W)<|^bX8e?n(~tsl%A*#Md(F+w@!?Ch{E_Z|pGv3< zCRutf9vfJ1*42Ma9H$0_a`NQK@3y)euK#KQ(i3f6DdU|~lUbh(_dj{vTQw7Ks7Vkx#ryEMFr zJ`^EUcPd^r8j>L6U8nv!yXh%wkb+Vwuit$v@*0mof>z2hs4<~QmbJBgYdZ7c10C@| zev18hcmGGdKhOKmdh_!OXFUvg&@GT#9WHkTWDr(C{CvPWO3TV}4p1Z_Y+Tc8Jw(RZ z0olX#H-bcDU-lcsv<@Nr&lIEAQjUv%9U!J|Xm_t;eL%JhF^u8CHpe@N=I4}=;Q*e3 z`V6FyrJjhe@Olb5-;Z|$Z#`S&nUDJ=@VxIuVe%ENX}7P!w}0lF&G%16J=s)Kc;@FF zjVrI@2R2tKZrLN_Ev~Y)c%fu;KDBo(FVp1D(Oq&6kE~`JxbsrdFS6r`tGW}T^o!}` z#&JuPvH@liIw~rvVz%cx37QUpCMbN0#lg-HTn3+xUG^Pz*d{m;uBh zD<@}^q6G;UB$(c~`r>aa*!E~)C0{}IA1WN2t%pDWCe_En?~ZR`WMtF;TAg{FpED)jOxIy{_%g3aK@ETYQs!+6I5mgqyU+&a|h=a z7KkJ}t&st)H>mNmU0bk?VK2b&12z(KVAvipb3|j$BSEwERCt+>@*X|^m9X5}WS2e~ z;yiVxRYQ{2L&IGGdB-Q|t$cO9{r>jkSrScQ#G%e%tHst1yGhCdBBFZex#q%Y}j%(+B-=feMN;%uOx)9_L z*8dKC2J}CNaXfjI%Cb9UFz_JO;%&*J;_;{N$IBDR8v?A7{g-Px1~9qLwY$KEMYU zRpui?9@rWzo?{8}{NUv#Z!pTRGa?aZnMX^;#o>$C%?^?aSH9vs%hg|}Dxom& zP%m?#UbA71&)1RDKlndH*k~Dfl~cUR+pV+8C7tCC(^hzmez_fdqCwL)btqNhYKD%- z2ahAqxiqxGl35m|(_Pi+4OZyq4l9J4OWxE`;iF-orW;>X5>(2k6`Z^}{->H)o|-Om zModh`vb#-+rV~1*io*AfUi4Kj-6qAg)x5L5p=D=`^Zg(2Ysny z4-=&PD_s0rOa4FhWm0L`9oi2>(s0FObwQQz{uc92WUP21NH%9yijaJ=2N8TsY;5n3#VBas+>t+xIG+3A;lIY(oH6ss8Z$v4$H5X7tgN~^ zq{`9yK?u{-(y}UN9@vGH<(lLNRY=-Z2Y~gpT3x5~ zP|5h_2Of*V)>gvL2nPQ~c=(nhaqb-7$@0SaOrhkC6tBWvYqw-)WhL+jD}`f#1jXQY zAMCdq#C2WBOef*3Aj3%2CM@VL5xbnRnNe zg>xM5JNo3F&OYx=jCX9+Y3 zEeW50zWIE&4<+9kmi0HjW}g1>VhsQFo>@UY4Yqved7doXh?uXEOT`l^2i-ngd;`hq zgT1{wg+Ja^E96Fw!o?6nCUbBWTg^yci z-~TNedF9&W;h=-dYlrgm+*0_Id1Z`61ol^BpSO_YGRV_B-<`V-6V!H`ueR8=MFN%2tr9Vt>Fqgw2lJ(@U2@N{72J--N!$* zxLpphyXD(Wi|wa!26pW=hcMoI2htO^Jvs)jJCT9md?p4F=gD7J2C{`+FRi?!6_m?x zYt_27&*;380tA$enKw(YT^VaSdhJrS^>ne(d{o{Nty{jEq>=m&^^=jyxMF51+uAq~ z)=r$dly=krG2KY&BsK?lM-tCwc|x&aqz!p4g40$}0P5W=i5HeK!X&Q-8Lo4Yf6vd* z3Q|VGHTn4QuFz%2qE8qi?FS4mDLIhmtXm(~uUlXtrTHvL{+g+M(W$3M67|$D_rzN2Cu4fdJ&PER*>MNqazd zLoBSmzI3m((`b-YbUodq-q-+1#Po+8R1oD5-qDYV8qNp6m&Qf1Pp6p6l(Pa@ay39$Qs3Uv+GD8wlJc_ zIuU9vYWHiSzT3=2d{MHCz|8=<&K%C4Gw#;WN3I}_q~hLJXOf7-Yqk5*T`LzkI(~9O zq5(v1-TUJLc^8;{&8)1-h~o?9ZNOQYySyTHSG)!j12pV}w)RRiET|Ju?*tS?H-G=` zN6b$MUc{F5gS#w)0cFQ1}?%8+0{%PI5oy)vwo)D{zA%2m!b;a1&(NAUhl;2{_$Y zahGEh6Mm*bJmszWto9i@!;favmaF0F8Sh!Vn%!%jKD5DDXUO4I!jFW>{cG<_VC3W+ zfo#BOti+Q9(L-2b@ZkUva9zuy525%DWxRfUH4FAtOvzgfsjHT;@a71e46xvktFXEu zlxkm%6C!nFuuvUFpY7(|#X#@A;u^R3M!y>&ZA$@tCr+I8_}Fu-Pw^VvYK9wT_vyoi z!gBLZnSa}5wMXf)E}yX1W`@;FvP0ZT$_@;vC)4gd5|381IpNjDzQFf%-R{NFa(D0I zw!;#!KlWFxk2q}RvM2xT;P9Xy=fWEPV0}f6;~Rv%&JU^=9P(b_!zp%flllJoLW7~| z<%fk=ZS=79!l6z?4i^t-4{7jd9ES6zyu(=0l#!Z9!j1ttoL8C& z>lX5`&IyZ-Lxpbj>i3>2R*|g@1254(BJc>e-P7lW?09_cOH=N#sB;jD0r~)04A{K# z7%K*Q09>&!qalrf4z+tUb~lndU=L+!5%e#JKCt;Nk*|SbfE1aiMhC6j*|4e7zC=F0goFXNv8kyj)~P5VF@rR95wTN4 z4zd4irFfD!fP(|4J{<#tH-@Mocol;J@K7j)mSHO?ct9s~b?@NbtC^}wWCIungB?ob z^QfC3gaHx|W5=gr&}PViorBK2ROx;7uSJ9Sch>`HpM1N-8TfGx>ss2tM(^S=+0z-C za+?M-^CiY7Hl2QZx~RU4wTP-nYfV1Ii`&cemxcU!6K*pd^N}C#ued%qY;@%AaRn7! z#@hq8Qx4W*8`-^%xIZ~%_deNZNg`_@Y8C|%MF5E;BLdkEutQyki*Qv1Aw3Zb37r^`!Qd&b58A{)gRs_B zZG31V@38O@3jVi~6k50o8QiQClIehCs%_{SVN6pzcaDn!OZciecc9fS!_IATM~?WK zwt$sFwP*-<1*H?Jsv_W2%nV|DhzEgE3c+lwr?<$W$R;rX0 zI^q=+2-X|6#+-&PqDG119Z7A#{-y7(Dq)iGYj1DYZm!0QL^B+Vz8jS**j= zo0bOxASAgV^P>UorBEP2*UWRR&=t}>5|aj1YPx01&!E&_eKoQ0{$te>!;m*;=r^+i zghyV_%If@Miz_k*AnRCX@Go>?Q zemMc|=}l{fc$a!lvQ@XtG=IDLYpCn0t-J99MZMhx;o9{f^IcVv?Jq;V?{&yl4INB% zIXGZrQZ;^`TM0B25fCF$m>x%(y*S<6?8s;tM{Hi+R!opxx!A$6X!PESP2%dHaj0c{ zSX58RLa%alaQpy|$;Yi$Zyx1-)92wDdx*QA3!y)OU*BbfzYwLO&d`PVId&0NOWpMbx&$?sNyc{52?6_ z5h+4wCC~;aTnw@0V0Zkn7ASDQmh(tpup4aJaqJ9gLD}BccXwEOZS^txX5Cn`NWqK> zw%47pTe!J~3YOf$;vFN(%evknn5DNWBF5rL3>-ubM2{m5JH)j%J;AHx|0emLP_t zEyUeoxHV69WCI1T2T3PIt%?X`u}6z0PJ_7-mU*sAVzuMl{n_Oq`>&)oA8WM`U|#EZ z4A4`$MI)CP_1w(N;iURiQ?LBBD%5ayVR3dipQ+o?`|xXU``an~l7Zm@|D~zXrIKg? zCMrs#*3xoz{h1NJMNKSO#;xZkT4w)z_ZYd@(Ic(gg1TGk?JEL<1AysZke4_jI$R@%eofbB#gjuGEg$r!B6BZtidN}kjpu;bO(1eSXvii{*jgCj8& zUgj~f1R+_?aDvDfDtoQ$YrB8gWL1=DAPEj15!gPmb($9{Q!iGaPUgL~MOjiHatyasVn>0>36L42rK zK4t}>_w^>Bhsw@5SVya)zP{m);)CQ!o&<4JRE(1217en59?S|L` zIQGE-bX#0|_8eRTX9SG(pj^vtiA3zU0ZU-r@yDjq=hI-MY!jN z)DK?i)-Pg4S@EblO)t3mx1{crfS6e0khM3u1g+EyEAg|EN(?teK>E)ASV4{ZuN?e$ z1>HUtm#Q13RiW-|`))dYY`RUid0FD?<5i;*6AD@ zwZ)#r&)k>V#5LRalrwVlQ5(m|#(qw~aTfB42M5-ZgdE1~wOjq3rOY-;YRXKh_60ut zc<)h=PsNU4_0y-keQLUzHYrjc+x)(1)1^*3Mc;F;rJA&E#2r1(Ib|fyHO50@*iu;I zFo*Sm+=W2?jMnhG^>7Y>L!v7=)gUC@elD+Z9@2B72Pbu~5_E?MAcKf-Eh}s9*SpUr z-Ydh_1H3D3j&0zcDyV~l6{6c|9A$AKk!})H2;#ByOyLU&DmE0{#>rV^+4T1UZXc#< z7*)HMgLaiQGV+adBM02damRzXL`2SfHH~_X!WUZNk(VyjzXgpZ8hv=y_YHJ z;94lgk~={eHhioZ$*#*dz*AQic;&x)q%?PZ%=63{c-qKYVUoii)$f>YX`gD>fZpMR zzW&fx>8jsNjuI_SbBnbhZ-&bM^Zd9SdoX#TsIUI0yECRf+UzPaH6@oNueEgw)UQ26zmJ9X7zj##~3H*xB1?hM;mBsWFABPoO%p7jhoT$Jc>?4Ac45j6|Z^K^APkouMMKaLV%9>G;X|8-MwT2Eg>5&dQ>VPM(q=w34yt^j9;#Xe2*ZBQ8gcYrs9cs&5b{n+ zHWWw%pLW1_&0aljUX-420LjvZ=e583a}tzqHcd8}7c?Id{&o+jzGZ(49Nb_(R(d7-Bzv{b!N{EP42h}~i2$pElP3HbQ@tnkGs+%0uduH> znx+?2ZKo$)J1!ZxaP?VhRR7y?yX=X{g?OP$ErGVR$`yY~m_|~xm#|ksjT~`$>H4oRs^%p-%-P;hFXX`Yz6nlOmVrlzCM8U$WrM1Hv zj>x$+v+7c*wW;@WL|N}g-ya#D@H)-)F4+xF`NQF;3rDs;I2ZW&bB#yp`~4T<{NDr!ZW+dw#IyiJ(PQli!Bjdmr!eH3ndQ^%F`EBs&0X z_LFj+Y~YRhb?FX z@}o%vp&$#p96B9v?aR>^I3sS>Ztqmf!jM2DAgu;a z;aAIhU&WUlHZ^_T*RcUN_|*MlaUV_?KRI6OlOCDgUvHm}%lgCii5B05*&(}y%Y8}{ zNBmXZN4~ZDX|k~1^?@hrg9HC+0q$I_!5fSD$#o&lI6A(7Rz*)`WMcH)*oC=4zrN3S z_?b*RX)7;FT_y=Zj#tHWzVeAW_3!#2ZS$Pv#p7+h#HvnCYNo`r)$qc8Tq7i%ny$?cqhG)L0p3kWn?=8{0xS%||;rk=wJoO;wH2$b6$Mm7L z3s%lL!75W*a%@m@1?1(qn$*soeG!&hqd8{G&dn8i8J%PCLpA@NT1zV{T0;rm{JjGY zoV9z;Mp($xh0XF`d!1jada_Myqg!UY`)fD^)oONT9r2+QP|)Dw9Vj`>9T3{b z?3N#xA#~y7Cio~{>!z=sv;UeRgR5-Ni>4ULxhA>!X?(2A6e7{5`qfi9u(3SD}szriH?kq%i#-QnC)Ot zs>NvMJ6J&fAi!bW(8{t8oPb<8yCv*8Dx77R<93zPGi89lQM*z#48O53HxGMLd->&T zVGEp*`2VpIp0$+!yfs_10b3>qTSk-ZTz+s_)ekGB9vz*ry2Z?sZjPzH#!F|c-@cCO z$Ihw!vvcaYYsIST7G5PKWi)SU#u|Xuq{d20yEXHHWqe>%&+I~c+9lV&8>uo*Qc+%* z%~ic__PhAI!qWU;obQxm$2Dz_Y!e1_=j1*((!?I#=r6+0WjQ;cH?QSde{x0TlZe^G zyecD#=JTkVgI}vzgy<`tpcXWybQ;jkd=v+S0Qx?wK4-LTB-&y9#}Rh z1f0dB-;O!Z8pJ}-5f}&hS{9n#N^5^e7BKF117(}EwEmk3y@`XI$3alr5 zf8L*h8n3=h4;U=bzxaCPfD?2(xidXs4oeGDCN6$}x^NnvH;7VhzUPJ#+0IlO}~sp`A|{IMLxHFMshL4TKDs{g!m zW47XuF$exDJnq#u?Lspq%N~tY1YV4auezCbF;8fUen>T~bytO6LWPOhvtA6_;6g0< zk)2&hFTe=^wOa=<+jv+OeboUZJqxF0J2Xaaur_5$0Zk*WK_0yz; z&i}0B{(jxJvQ65Obyd%Il@^XrxB%{D7P?7veVsV9E0OQLuaT_tHTj!Kd)_z2-XB%w z#X7oLSherJp}tAehf^Bl(lSWU0O}(C2aPtN#4qgU1Q7%G2}{CNL?RHV7a-yxI3Cc{ z6WerH*xpYXX)q(;4-h5>ZZSGKx;2rx^@!#N154#B%aR zBerh7tN3`JgpKeIFiUc9a6rOQHYCYaR8-_J-Es2@;CF(}0rOD=-c>maapkMs)Nf?w zJD8-zzv`e-B0nxP8;F&;-J_zNa&84YU+O1M5*=7O_zu?1g(!;yWEMpciiJD|W3u|R zk`1X~4Fah{z~R@gd2jY!zy(fz7&dbr-0PksA`pHJTp6&GL2W`!A%iKbwEZ$Lfe9b* z|0F@WS#n%8UfMbXU?Dn7tkBIIE+bTUNNYB4rU!2W`xY<()Q|>!uWgm2?L=^Gw4BIr zN@MI$c9aYj4J_CiVt%QdZLSLxNq=fJb8kswYHNt|3bm)&;6@U0zjuFfbi)V~s8|mJ zFwUK*(*<#K);0GhF7jm%@ zcOJ@55&{WA{2zNR((g(fKj~?UAj}NXK{EaVgdXrWy7sERlZ0m$Jdf|RCv2~JMEJG=o{k8>4Q@U03B|Wbz|EzbMn~HlLbvBwrDL|P3 z92S>4t-HHBn&xv0vlF1nQk`qx5I*?yX|jW1*uqf+h65ry7^2ET516+P4-4oh#ho+) zElu*S(L(v`Oe{O|9f%YLqi}!^vhI4%2-F`r_slj~TR1s6kr|GfgJ!Su*llPENMOL8 zN2*Pnofi2vcFtGdjf^A-n;t)K5gbe8><3x`diEUnP{;&|&sql$EJ0%;)bBq1m$N%5-jpg2+hE!^82b^H6fEIN9+P)AqR^*4g;^ZW#? z+-`jgI(BW+mP=G{qvK0Si)<@q`rCu`_E1PyTe`BWc(-ELWnKk9r1Ra2U?bkmUL07v zVe^5D6qZb(AJ$jvwIsN|U6D9%KB;;74OUz1TAc`%(4v${Q!R!stk2G?^lYB4SP0Sb zHNN$)BC5va8m5CG8~i-bOb5))8qOXh>WNeA1*7lT@KH<3rmu3^~sOc9w z#qu3LSi8^PvRN6~`pJ%_#-&Ki@Rq55supkY2~8o_xpUGM0lvOk?67fX0@ZHgtnTa0sV#JP7dENkgLR;cgZ|NHJQ>Wf6&bAGF z5v~r~iaJiA`-2QIGm2vf*3x$PkAw$b-?L@*b>!*%kH5Zq|50(_2m1Ff5%S&t=f6Iv z;A#B(tAGA&!%SoN|9=_sjQ&6RY+M}ZeNEGIQCdi@l)t9t1bczwy8l`eLu*~A|KGGk zMmu(I;|g8ES)Ghns*bB@e^J_tCi!;|kse(5-qp~cZpp_`fbq_M^@Mk05p{`*p(8CI zfQeW;BR6uzh+#ME{1ao|e@!(Z$D(mR=-JVWUodG8f%jwU)0E2TKdRHwsPrWEAHi3 z=u`T`*j5+JR9eXwELB>$d6CKhIZ~t%$Y-LXD+HBw1#Ug!lqaWKtU-F_=<+Pfe}5_!%e*L0Cyp8%&|AGuq(eCnY`6BH~ei^(0~Kl2hNW zDu4RtG5^rOdx!L>xECWh@p(`tP$*D$kh!E-o?*72l@YzT$7MAvOcS(Jg+R;^?!3oE zAJVZP0Rw+PtG92kr+=)jW_8WS&x_fh-PTJIn1%pR8A2Z5H6~&+XtbdjK3MQpi7NQs>!gT-{C={`9Qo!&Yo%8Ma zY5T_JEmP~c6jEja&j&Gyn-Zbo*HNtiL?k~NP-SEBn4FE&$!WiE3FFt(b+2F!3d(!5 z8YGGTh^lJ(j2`@^B%S=_Au_%ehydefuroTU7#i&OX(dd|Qg)&~{O>Ei#C$VB z1(Rp-IU&iHFM#kbWX$U5_6OQ6Q(&{mTwazt3e$lQ2rW)lwUx~?e!6Pe}KumV4vsSGfjp39eSUs z>0{n~`sp}~dCz8^_}zjCA^DkpL^DLI2!5%qhCsa27nn{F@ZmkOzu@EIzy4A&WEgv_>r0UQ8SUh9DP7B<@xMEpAJkMx~iJt zEtPyf>7ln;zI=JZa`A2(v1QAac`v=6;tVhm-b~C@HxE~1m(#oM2V`#GGU}r;qJjTf z_@oJ0$-(R2ZlQe!zvWVYR_V-Kd!;cEGVP|%2Qtcq&=Yh~F>QKyUFaS^xyak^&Zm;7 zK*wT*Lik3mRNK+}W6Bkp?!J&Og2K+JcUj(4BkNu;XqmN?-0_sQtPXIh+cUt$fA znrwL3Tl}qSg~u6v#}!Zs6{r|GL)Wx4U%liv-djzb$!sCzI{T*Yau>$#-12;fUT|ql zV966Qyfs*91XCmWFdm(MZl$r?pq|yERM3Utsl#=~gwC|%;wCIZ2&i}gPJAg42^29* z;J&4@<+cM5Y{+gx>e?XO)ylEsW8ptbhr9?R*+Hg6vDarewY0|z&9;}7;FHI9by#E0ci!fNTyssS=-xfd+jY#eroE;ue2rNu<)~VK?YeiD=;_gV38GSkH@b}LIAuUIYNh%2=CDsZwXQ+gc+`L zb90Mnd-=_*rWdDEP4AB5LEFGsqqD{@VD^t!pNepdb4#h?78qoF+@qvjb>94fBd%1A zNoqObMQ|}9lA_4?$oEmC9sKa!tXTKN9Bl07ix}^s`6Sd!DD6n(| zhW3<|IbYa_uE%t~){L@d{rVrt*B=E3o20qv>qnaA*NqO~e1JL_cL(&?)?WuEVkiSw ztEFxtt)5I_CRK&qa4Vk<|D$8^;X)V6{I|wbGkZP6@LJUa(k4#16zj=f+JE*^*lb{k z)_YuAD%q~Mc3DX2kz$E5>{05@X`u{!AED9so&K$O8+@D(QjKk7JX^~2QfHd=s@u|0XvZp)D4*{WE6pmD$e66 zIyaZwiQvt^;S)CeYaiZA_2dou$c8e>D-pMTO^ko4ALujVm_Ob7G4htcIW+Ot$%h-Y z3Zg26HmiSQCdi1)|joE+yb6Fa4k3h&E=qRQgW z$KSA_gSBAVr;k8YAn{g3!P3F2;|7OkSivbRtzENt&OmV0smBr20|_u|(A^~&L$=cJ zJ(K~}ME2oQPVWM=LfqJ84xu)k;YrLY;r16g)5-m!m-D{#U-MMj%h=cwN7Q81M5TnJB+D^CK z-mrHKD{GnGk!!5yD0TIj^Z$?Kzt`Ie6=_4^Y z3a+kFgrrF`sqVzNQ3{6M3;~99y@YmO=T3)Fau!3#2p7Ept9H-Q?NqhK9ejzzdvLI zu1Q!y4?XwYvF?^qq#sx4E0Vj8tU}en%Q?4ma-&n|Ok%0*9y7|0sqp|8;4G<~Y?8q*qPC zi#r|akI>ZlCUmPLxsCIK8GPM{+3#vYHr}(`nScAwvE_l~7leM+!!~B&X{rg2N2cvS z&`1`Dt3DY-$YNH9XWwAW*x1-^B}O&@ka52$?j%NP?_M9;E)MtkD{v)eUHb&t?qNsA zEWr(r&^?2ELjna>=H=NSgpxs&>RSD$3Jd1d_Cy`a*@w(@KN8!Bb_U8ODE>igI1FgQ zYsZa8JWcb9HyaI*g4#Z9UKUi%F{r1(>_Gz=a?KSd1=K~AJx6z$8{uH3dUR}uPR}ow z`||c)5UCRlBj;ySr(>@tk3HgJ=qu&NT~TJLiYE<}?v50fkRT09HP*A8D2JIcMoD_KPZtcs`ZilN+tUrm zT~|LBLIUEDdOl2_$!r=vJyrYVOR`bP4d2DPJUH5mI;}LIHj2QiHIwx3qD=h!EJau!7tJEVq-jASl28|j>Y{5* zN!tmE3gRN-EeNDJeg^a>hCFx`ZF3R1V%mXbfY1an!^RSnfuExowcM3A)mk#_zT^zd zVgq=59O1+=Gm30!;t)S&={_^oJ&okKKjZhXBsXr{SO^Ihu|*SY6TC|N%tHTMft8`R zO6qua>=0vkvdq5q1T3>k1_n_hdWb~$9J~&7BH3YRS;-U~^hYQN;XZ^=Z9k+hs@XEo z{S!ooXy3sXpk;Ts@CHLY4iTR=xc%oZUK~cRhvL=yBE0aB65di-Gpe6OiUQi@%MHQn z5~&Vmwt%S<1b70-=C={%h{C$a#mRYn)BQgF9gc%<>qYek^@=SHc69~FuvEHc;ccSe z^4)o}#~T9>AML#EJ9IQ@$$fH2>h;I{ZA;V6*TWC5p`to`;>6*jjBmH8-My$?psaFr zzr?SZOWH#{$ILU{8k*vqgYj?}0;3Y?&|kPSlyD4GKtx2PO%Q46kPc~)ZjkQo`mWp2H_kfi ztaHxyU+bJ%Yu=f6#=+^bv9WhXEomEBj?fDU30eFH3VM!8XQS$=Oa8HRgw9z*KE-2d?p$vp%U4`PRMa|M9u-`H~-RiTZu| z{QgVRsdd->eRaqMGJLlx>`#C4>#yg8F0YXP^W}d1^@Hy|O0Hc$*5Po584jTnwI3}> zeggeQB-@3`{_FQNJe1--pxrz7@s9n1p2fpQ*CsE~so0^N0$=#t*Y_e0GgMJ96t7;< zL41p9*4o)w)n>`X#dTgrhC@i`6~svxX+t6-^IKX1aRBvkxNJ{)X_&rf31+oMBL!<| z?B^!f1O;EhnDr3zYrI%S=D)oKPLW-E_I$`5?CR{?jKmV$Heo<)Xv^OK<3ysV8N%WN55ylN z`Kxf!7W)dhzj?FstMKnD)4}m7Fi=KAV;4k>Fg#&t+}cf>I=g(0@(Kz<8Z<$gg@lKr zzh8kn&g>-kq4T4M&#MbVA5{w7I_Y_qHL(`nCCcfL#xBhf)9EW`AAb|T160=gG`7dG91AoP{HE&uHxDs| zUQXNpd8j-B8@>5%30sfsgh21?*|YeTAz@*AI5{69Tq8)@{|Q>tgglg2*~^zvH=b>Y zQZQ-lpgg?caCibUGZSx>@4o$9?>>b+((HEU?VnP-PxUY~=2QnqFs{wcBS-uomBEXS z_bDqg^DZW1w1T8EqWnTEg4ATE3^@byDq=(S;;~vuMZM4wy-UIwxZ_B^ z#8Px!JO(YY${GV)$p)U(3~Yu|4xftM9_Z~|@Jh|00No1GZkRBHX>=BP5eW6*&t>F< zs=Qh}Y%`{%T^3LRvJN><=ocSg%7n763~;OnP8{@|?0kGNiYw-IkBEyW^+%-83+Qe` zBhiK31ZaE~INX0d+3ky@I8yS^3QLZFX5K5dDY`b^AKRJj_&j$fVFT{ot-)GBSG2biSVau!Y zeJ9zi!NkOb8KApAQY?PxgpSTW;xr@^Yo6DL(f~?)73-f8c}@Mg-x6QHE#2Y~ z=(k^83`&z1RiO%+__7ELa}Ny-Em?$gsu=h4JTk9r(0Mde#iRBZ8XBS>h8Cl;ZWnV$ zTibCg4@9KY2kf$tH4qjPi-F&ntTBNjG6QO=x_ATS7<TtoM3+j*5Il|F^_RaMKOXpQD=v+cP*V<$=F&)qNv@4+PP*hn zYC@hAK=P;+B-jTZ4rZT6Fj3e0HQRz?2~+**!*=o^(dX)|SSaLC#yN*-g`4skH4yU- z2PAJ*a*o}I%)vL9SV8yCdpx^Nzc%VF@HOpHzsGg@U3k{Xif!!3fFkaZtLq*pu$}OO zV;>nQ6$xOmAxsOm6M|GQ2 zuPc|lm32Os^z4M9+zwPD1rCMO#;-lYErGRc(ZXV){rCS$TJyqb@V@F-Tcnmq!f604 zpa!DP1*fqSWQF?7NZX)c3e-#QqfJak&~918pQGANORE$~>-y+XkGWVxL_~3*L?9k7 zZ_qRtr^2@P8+>&zO6sIV`(|Qntp4p88wxZ5&z>@gWW7DT{Boi9 zT|kw~ezZt}?T!nmXl|2iie7zsYl$_fj=$g3qxE&M+BKFnj!%-G^| zi>9EjiG@XOW+r5WP*Czh*?O$~bVEF#aGVOr;yE5O=h1xpN`g^bf>t}8S54mTj<&V>bB!v_+NmPhVwRaAkzIKd0#3p1<5Qk~Q zvj+WmyCZ|b6y&{~R8S zMA`|%r4{j>4{2BtUrr4rIyQGhmWXG+y|wiizJ;#=hCP4|;8fVKBisq2wVc>v^JCaU z0$BHeYU*p8N_aJ3k&B}<#SroNGYK;t z^l`8vhceayCnhIWU%8wlrWd=}+x-yHsL{!!lMa2S` zrzJ70mDqO|duJo`;FP|;e$1XOG)AxaZc!6MWks;eE%ZTx?ZA7Aamv{MmPc8lp>=tH zmce&kR78ZRd(OBqc#gA`dUnm=W-R{H@VEs3q zpZ?R_|1_0jTj$YX;VkToZ!pZx&0UQL;`(*}xWB7%b3ayXm_VcuI+N-EeY{*>oOfrJ6@6(#7(QF)t?#eS15Y=l=dp2$>r!b zJ8jkZ@klU9I5ujp5DY%#e6jPDv4!bP;}P}#srTJauP7;Ah*CQgV-)BXI_}PARqfp; z>}eKMC%Ad`HYa7nd9c+tF+t%px^(5rkDpK8=j7xGH9^+t=cmup}87P#>D#zOJ zYmmuqTP3J!)482Q=|EioIOuff_9=yNAcb+~_5)MFti1+qNDoKv@egr1y0B9ASBGoj zfe2GePpevdNX=a6%<7X(4o}{|p4*1iptV@UTn!=`hP4rr#(Gb?>VrQ%ghp zzUm-eb*P66w7xhj4_^o~mo`0fSebgEA~7YHhQ`(2>BdS?!Jz=z7bmqH*exwBi|NI( zeeSFtnVjfMdp%$KSNhwk8Lq9N3hR5AGZv$#$*X@}Qbs?%rL{FPQ6%N^Rn?pa?>4NO zT_fOP@Y#V`P@P_Uz)^B^o5Hr0ZgSDfemWNB##%E@ZK5KlBG~q-ixr>=JAQAC3Fu3} zsbOBGQjYs%0*=(pu-Bg1RfQ6T6@Yk~7hA=_Sd>$pE3z`e;6N-WM zKUCWO&;E?2-G>kV=vuvqrk}##>E_yo2BC&@&d2p$*Ls=2j;1y)^A4%Xp1zlK_vaIh z=RZ7qx@%~7rl;If0?Wi{GTyv7F4&&6B70tt7+80Jf-g~;ds<>p`F#&AT%VT4c%dz#8SJ&Yf+2+5Z81B*bVhgXsURd57xzW%S}5% z&`aWV$Zk4-CXE&~*Ijq;J;X`2m6^Fo`}7drHxb*3eHdhM2P|wh^>E4t9lBY#?G0~| z9eN~HymRP{5+MdgCtsPK6C00~N*ye9wZ&ZnPHt|)ar-nrqzL6>TqNt*C|~nxuEAlR zqT2{?2(Qs5yzh6QH1v6*`p<#c!JunU9m*ok;9Op!Z5A3W)t{=G#v*pqG7OCJ!buvT1#Wb&b%@C_E5c0 zWqlWF_pVE0Y|=LaG{$-gs9_{Ypj^B49KZssIp-^SpF7Q~Z}(5Nhq&=2Et*YoIR*Q2 zj1T$efB*jW^+9dC9_&LpOnMS(MSX*zD1Mde*i1K(*JNsHY9q7gwi(`DC0xYb3OA!i z+0IsXq%EMa!Ffx8)E!w47xNRcr{@YhIYK^v?lTvIVqqyz3N;WpywdB1ajqKKM_x$g0%BM9iG2@S^YCOoMuF!ulzj~ zf?Zb=)PK3Z>>iE8!ZSePI0?QX+d>BR5fBewr28x6JM|O*l-d#SwA#g(_Q198UHsKR z=89kQVjoTplof^O6(i}s{60}E-rWvKMEZ*)yJv}gVG$!26S@OmIR?wU^2zT0{>+;* zm+7r|43`sA-k;Q5(PUj$+jms%m4UlNK(X-o@Q{~FON-vN4OjoZbI;hsJhSw>u&P$* z*yM%XR8Lp6*3N1kYiEe8dr&7lVXR|epoo!?g=u-`MHZ#3M!T-VoVHugC19k8UTn22 z)e0;x*l8NxY*o4Xdc_MZDQW4Tw{PzP79f6OM6;lN`0K`mFocHR<~;Smg4QK>ZW)Y_ z#b-Bsd|OwL&bvIx2p)4C7E8^zFd8$i>0+cz=3} zAWUE`xj%je@Ai5wRZ!0r9G`Ug`rwB1kQq<_9>gxAbJP4?)N8c_LrrdvIQ4;gK6cw$yLk$~STt_vMxd z4%(xx>@|p40j^Sah!KGu6hPSjeWJWn)tlF#J)J-G`?Wd!odt)-FrVKRI$Nq8B z6=c6gew|WEkO&6&0yM_0Tt^E{4$05ZZ%o{bQ3vb#GJ>RheFlvLeQf}I5NIZ$(R2ea zumIJJ-*9M+H;cIK_eeF(E#bEZrY>N6dh&}ZASKBM<2hNDtW+eI%|3@l#z=QEwl*z| zX5GEJlJcL4Qqg6;f+r}!$I0MAszOz4*fRm;;yZT9gFl^Ero`!wzTqt+7iv$CfHWHu zGfPujOFHK|6-C()&*L2omsi9yZe$eP=ro+Z901x<^ANp~e*|{v`oe2qf@WR&Jb8D} z0?Z=)oXEcbc9p+BoA5{iQA*g{YwN3b{>efp!d!l)FVCmj^oJ)w05DaCzmDky|lEdb#%%E4~8uUx&FgSFOl6zKV@v>5@B-30!zk%9ja zBr2&V&)1^k<+bR$YB^AQ{Pyh-3pn~6&OxCD1xT2RiLV+BgR&qB6h;vH<1 zaB5P3Xf%(BdjRe&3ytx*jT<{0!QvQOT2^mR{C$v$ZbNQNrut4UE*HEjilO@;*#Z)Z zj;^)4`>e6CaY7zg&=qd&@;{O>(h1tfJdP2$6%vx7(fGAFXSQ+tPSpI$!q0`qJ#861 zneQ8#4AJ(p*`I)vLti{GPH{yHaL2MO4k~~51wNR0K=BO0y=NRATFiGQ7wL;dg_nF* z>QCZ};;ow-tTPG;3;94Q{lvQHB%{W1;Vl(gl2ojc>MQ|ewD>PlJ7qNA6;(VH;la}P zcLc5kJxcUm_<)?ywJ9$jTH=eTE5;5lf-!zij7kCG1-792wk#|d-e@UMUUfIC$;x8C zrMJcC6c^H($B-7JWF#bYQw96!zzTBoPeH;7DyqhSAe-10=7RL+Z?-AP$v*Giu}Z|c zGKo9~5){t`+${jysCIwuRBwf|P|F?99emoc^CF92ukd)R$H4+<8Bp=ZckliNdI>Oz zKv{KPZYmgX96I#OC~fv3gbia@e{#rv&K$mahbpZv1zKbkMJN7T&44ssW8*jP-et`# z{p{?_#fLIby{vfU3UPg-Av!oz^zECDB`o4aZmb<--}dNew4o!Mkv4GUryPtA@8-W% zN)$+WgmFU*fF#t|Ywq1eH~btU&FkA0LA-{I#Cn#I^LXnHJURgZ0c06CUK294qOB9V zGZZ)FM-YEPG@F}ifu+MNtu$;m5S>r@L00>T&F)9W)?(aV*;?kf#76-^#ll=oy5S_R z1cIy4MoeV=fxo;_PJMYb^N2ePIB6kHS`$mlAW*EJ@6p{`HJY4F$cMzx)5C)ZqCj6H zJQYHs=N1;0h?V0s7!1rrx`khj1K(hwu5GB3)l1fBY%2HO(XRcy=)Hn-eZWy|(c%2B zGSWAwBaQ6+kA9s4sQV@=>@QXs)-(6rq9Q76KR$BUj0cPjNN>9Rtk9h!_Qs~h@1nw< ztub3Es}U5{KJrwMwV|xYT|HghbiEl`mDI@-9xl0b=Y{>9GSxF0vKfVL3F%73sq9Zb zbuWpM$BM^+_a_~BEJ^jgn~)#`3bmtyKW&|$Tu%KKdirkw2vExR0!%6_ya0gI*u*3= zKi?UYHE5~Ze09bGzzuNz`8wW-Xf)J|o{q?QvcLqDDcZ)U=Jp_%&b;T7IYOsQZY7fPb!1=E`^4c_`o3R0=&}N(Qyg{u56Ix z4M0=YHa2mg;X!)_$TB`e|5Qcn8TfSh{Y*p4(ite$ptk4+DGbF=+u)!S{5BZagn(3Q z1y^sqt)qj;yP3}oZf7(T^5Q!&nzy1+A=%JdS1$A5?luzv2o9LHcabzB>uAB9%xZD z=YW9?wp#y-51IAewBs;A7!j?03Klwa(uqk)n;94`Kq~FqF6i$z*pe=>m0hwGR~|w$ zrCX{oatG%l4@6n*tnd}{>-wVw$d@Do!ou@A`}OvRghpoPmaoQxf@zIj#CXpTH#4i% zwCS|Q(z17%5Jy^D;{&s8FKAoa`i@I#ZQS}$O5NzEs;`OV8Znln_RUl5L!DQvIWKTs zG_f>iKd{p^`m*Ne=tPq43R;F>rc%!0%+k`QZ8ySs?5*=ltc<6!6u*qc>=Sw^D=+sD zb;?22VdHv+Qv=Vg`7sO3`+SSjAi~qrO*?nhWMNmDW60K19cn)iZYpN+C#BiEHnZa% zW}I8VT(p-p;zdt&ta&S-{x9ATS2}_Z4VLIvlM36YU8b6s{)>R@5H;iP+_%?jueF^u zU)1n1i$~u!oznX+@>7NC!v2dh6C=Tul~tE6DM4^qZl!VSlDPjjxBn(QJ^GLNhdeF* zTXJA|5)>=%-u#pC9&rm{|SY zi~Rb_52^qD7~px?|L^j={zT%CsSXU~-gR9NsI2!gv6KFbsN6pX=qX(FnE7vpFC)|n zYx2|OZ#{Y>M`Mv0_X=n&gqP4@KzjZ{Hm!4%$daC*+@@oc9C&f`r)@dXfgno7pOl8kw%xq8t}1qF|f+Rq{B zvWTzjNH!R%2Ik>`0oUMQ4kYXVY2>^8V^5Gw;M4c-+c(unAoceKaJM_?c%lA)MC}nC zKJX{NrXM39dh?boKiVvj>IDx$Hvn_k`R{M#kVbrB5d>KxCO=Q5)C-&U{6!+OMWFJ+ zO7T@xRD9@b(0R51*NUW;2o`F#z6UQq&~jubKT~D;eJ92|vGJ9Im)8U0UGXDMh-Rz!^L9!r7m}J|6SKM{vNb1Q!c6RnHtgJ1)-IHkP$ric;v@QZ{fSd9_ zL6eqsd3t$C4LqU+MQ3s=s4CcK!xJuEya=Y39UUWVq~q}HMMGL;nOjp+BP%aYV(>|6 zBm$PQGIs&J>Je1qde^|iH`nhzf+lQfGd;_&cZ)EsKo!VG*k`Kbq%5SPIdTPS}}DC!3feg6#%K>!E6H%kM19PxR5~N3sVsS3kyNLM%q?Y zdSN_RyI}(&8lM3IfaIVEKCb%h%AmiATO(KF2KYH3LTjJ{fH-V+rrjMk^9EG$#r|Rn zRF@()Y@j{R>h8Fp8Djw4j^Od+H-VJ;E-q1m(%@~bqZp)l(ifh~h02=@HHv7L_~b$z zPk;`koaHte$3*V=n`0dX#R1~J1a?A%ClD4Oe$WI30y#15tK`JEB84^SF{`GktZi*g zYpz@I>Q?SMD*?fSesHdE${2ER2nVAEgYk*1x zvblzar5LPWxWWn>Yisg={dj+t2A*Mfx2q^$^jE(*es2bs7cAHtw4agbL$%2p@b;1= zSrC%{jSiH8Bte6jEN2X&d5OLsy3@z5uCdaLLp?p;0Q41L5V)JC+xB#-1eb!y{4q}M zN9%wU5(!PwxM}Y(umivwK|fGEmqv&F1r6ihF)@6k9&vL^b435^@}SFjn5)6IXU}~S zVKl(tT;0^zm^fZ420DsxsCaM;-L`M`VD#J)<&O-7LZo;o#_R8ZW;=YyYG&ldOYZB1 zEwGqdCJc6V-jwpIuBy83*^;ky*yH*06&dJClp0%NsSl7aT=Ny*EK0Jo@8J<#fqK*s zBIxJuuL$h~=3HDkU$20F3u*N2K%F6$LA&SsTePb`2L>dO=8pNM6Pyb&e#4r|c7tca zJd1leQ>3=^qcaUmOPsW~K0iZb!6?}LXm$tKRC;Nrry-HCwdh7QYpCiX%rf$LA-wQegrrd|o6O`4k0&bq&jSkC~d`MS4(n!%7IBI1p-nQ`3L zpZEu;ycj!^OJ3s%#*d;GHQz`4E9v@BTHL@i59t#0;iY1};?vm3bv^k5UBYj?M@9>< zFR??S%;I0<;8%hnSxG7itW_WIXh3vK@o?jgAG^|SA5?IHNL72`(x4u;e*EyK`uzYQr2u z(Ndc0cGmFLdxZbbYb*Gpb zvV8;73PKsxI;UBe0_2qCM?p@^cI5~u*r)CKVb8zXgkz$wiipkeuoFQ5gdOooY9JIS zvYly+tQuf_fw%yd9*0^@$8-VKMQa^KR1Zdc0e=1$$UwaQU~kP=6s~@odh@npw{Y7J zLqtK+2SDArfm4w;jGvtQ+WAtMWGGz$aGW094CweL}WTBF$)NiDr z=|)20E%<-nT{8tdA{hGZYj2Qm*s^2W1G*Wkd;rh87bO*ay+>eR87A1ebVmu8JBic? zf-qlq2t3rHVSdA53D^vjH<8s2r66Gx`{^%2u>{KECv3G#qbHNgzd^Pbf(#_^*S8?o zqHtxEV8OBCI|#3vVrZnYox|^A_=i0@j#*HPyf9nf-Dquf%GJQKDMGQn8GUD<4BOAS zix-ip`=)NHlnnoeAzy(#0m@{Y^~$%zR^sWdrqnyFq{;xK_2Ny7z0yymXQs!xgD8b~ zg>{UB>$(2_K|Fh&`hP(@L$DE1FnmQtWh1|;K_}{(SzwSv572x;e9_(+rVI+=T`M0DP?3|%1@qJ(U@?pY z4{N}ecmi(X0jbuyehXCsO$=5d69Xp&1friV7W6*V`5Z9}RvE*-;Pg5g8Y*P}d*L?q zZ|e!)fis2_G_<97z{bFmZQZ(6)2v0rtZM{`6^fx+zDS97CI1%=CW0{FfHdH9fUycv zK7T}&`J-(_TrakU$0bEV0_ZDfpi%khaw;m0WWW(`paYa6U?h+(jlEIkF;Dv7Fw50e z#+%q^+aLbR$Ao!anaA`u2M|~buY?R_O@xT&=H|v%!mJy%Jq&*zuKH%Uw|Ct!Xcfss zLVX#FEJCiqS%!u;JeLnK!kE;~QiU)-DRc>2jtmRwxH7xQ9zcT2_?>>8`MLbMB@fgyT?4E-$@t>$h&`}nb&Q8Kfi-+%sZ(b#&HerQ@K>Lqsyes#poZ&^9Hn~OinnUyYvVWmrqVUsB0 ztc#$ER&FxF>39biZncXvgipQ-uc3ARqFc2e0#QyJcln?xL;#ICF7~UDCl%92xN6T2 za=QFKVYYSkBx7%HtksByR3)rsIb{nMb9--B0kcp`rjrxpgz4~u_xE<^ZqH>BvAX}B z^Q?%k*~_x@dB2bZDFZ8Ck<%htUAHuF7`jIDg%v1JfP5HoNs7$n&rnD{9Bup2shP5o z)lOn~*dZ`yB1e0E6E%ygZwwlKvflU(s3#W6w6h8!jXTNxZ;8s()vz{%(&xR7l9%0MWom2#G%y z99B#CwlOv6*AeVbYl9#&bqT4oT8f*v9YlcxY!44|Nj~9?aIX^2wiSuvZJwa zyZLVAc>P~?77Ow2DFCKK_XL0L78w1BS`wc~bg>Z~)!KFIGW7+OBVS0KKi>u{PYkz0 z&mwtr$a2=SJ$Z|Py-DKO2DFG$3GC``O~ePWBp%8rvfYbV-VV_A)4f64k-#wD;VEO8 z_|tJ|VHQL!@fARbRsd-!1+nknqf)c~>`R6~R#q9bqiB(fn|JKEJ^uGn z(CGL0ytNTb%Has3d-?zZM^WvLH!ovqCVQ)#=QW1jzdFk^wGidJ^)?4RpZUh40fWBw zV|RvZDAugrlvVV#)7t);I{ndrqkzvUbs3>Zx-x#HAmxQKbZc`D^UU5gH_jM2oOc)> z&nykt+_qa73N+1-e4oAQ{eAuCN+s8{c8&P@=1!XTugmBStJt`S`H3ct|Jhv<901>l zP6XN_OfeX`+lPjvuU)$qIto=!Jarznu%Ok)T+4wXiiMrgNGul&y^=DxXXdPF-0g!a zlp`dQRlQxe&nA)kKpe{@@l}W zir|}p`ZyOSCyJrues1VFv(d#vIc*rT3wT`;gq<%yzyjq@PF*wcf>ZW2rpE8D8=?2y z2k9?ZA`?5?w2!SnfZ3OG-7tvX+TE{2|;3`IoE zDJOUO#EC3{S#h5&EK;(Y8-ADv0>+QXc;5dKvmXer4y01ywTQ7E{mC8o3elR2j&{|x zJvEW6Ee`Vsfd#xnr9!OrSfg1P83osDq|bP`DO~2P>C&C{DszlY;p|PMX#-5JyuhCu zKX=CHR{p_+#uFHdFiSum8fDs9sAno^JK48-L3n%gL8<9U6vZkF4KcJw|5prp_-6+i z8h2^O8!5A0tdS?~KtU0~5QF5i0GqBIWaa=#@c7A-A1+G2X&C4kXg@m!NY}m$nny8? zu}sGO$uCtu+tO@Lxi9p9o|TG!Nc5+SlB7xRp+u&=I~>h*Yi4*9jeq3nj+5qw@oN{qvom-Rk}FM8(DZF+JmqBD(4%%x#k= z{;*!NIp;E@VgKT$tAFQ{M2>GGADfpZ&YrE4T0=SqrQM zt0{2xtn|_Cg)A25*xqkKYw6C?4QzC4KOMhcEt200l ziso$R##(2n6vw`A>1yVCb-vtl?bxPwVV_+GsS?cC=Ut^&dFY+;j^)<9@CC47#rN;T zM~`gxyqcOD!-I=_|Eg>9Ey~UYKDcL7M)$ zh@kMnNwdP36tkJWlQ0z^*JQSAc|iuJ59v)Q!wi;UFpr^QJ&P2#K>I0No?;!3`z6K2 zIU3QiGri|NYRP_y59iEJnHT@@OP`npyRX4e#fzS&Zf=8>&Rx}Ll_(Bb4qWq{7LuZA zY=SvGEPo!5Tt~IC(Oz6}N2Hb~BspRyGO^i0^nYYwB>RBkms9W}|N6tD{~U~K;dJKR z-Q5k1gqJv0q*(du-Oz|Oj{XoGDBg6Wfw_iX&g8Pq<cNh)Tjp0D4dU! zVcXMp)x`Wy@$(XUp(q^sI;~2v)Pk6jgF|ISMQHh%DT;jr5dNZOFlWxe5v;AI5mEX5 zdxl=**XqG^BkU{!*@%_)hmD$#u-Nvn5lN!6GZolUb-Yt0Q$oHaUz?3bQ!SUmSOK&*4y6=`@Ie~**S|zl6Edhop!f%}IX&%z(6!YQwu6%sk zO?K^B=d)Icjy}&byac@dFlU))nkk5@NCZ3D*4%qr)q4S^%sQxQZeenH$&dLH1XBRb z(HSR9VDM7Vi`$yJ%nAg+AO)8SPKUS7Z8R4n`1x@{X4lqOOq zswAKu%?vLu88zGXAEY3cNN-DoI2nq8%g~FM?jcG=3TQlat-g$raT<_q^=(Zb#AJ`c zd%W5Sa9~{B8L<0AiE?kvrl0Ud3}4zZg;-J2BOtv7P#4k4UoXMP0C0c_p*=YBqR?^B zj>4ME0mLF@I4woly$DicSKvV8^&&>_aJeP)k3>F%UxtB>D2K%+{Cv2XX7L@B?bTKi zoTuf^xSNF?W+}6-;LBBM1nNZbuuU#%dlJz3MQ^R^;Ux#>bC9)0T2TDi`nhOgH`lUN-y{^fW<>{6* zHmWe+7wn+z9-EF_Dn;{kRc*;cx24eM0?4nM-B!RAKVNY)TDDAJ9H1k*I5_;2X$%cs zW*peh^)u#vnbP$yJUKk8oN^{k9UkKgYv8H5uHA6gz(BrAsm%YbTS2u^nZw1KQhUGJ zO|gHFc~oNG{xr|y^~-ON3Y5e%@-WU04OmgEnxd{O*k$TAaf!~n36Bifa6<67iQ$%( zIp@(p3|i#=Lk8fK*Cz`|8cy$UgFjK5lrWwlv6B#?cq(zDWT})R z7|Fh8FyS7PmQZz^J}u#(vjfi&tlRnucW`PVWUHil-ykM=kpAqXj82=);dr_hr@I|G z-uuqZ?fv~1;cdi^%+)#!BC`;^cSOB3TnM<=o4~+yKB&)>>wns)l8mKJ}?zK*fZJQ`B~^D{Fu*AgV) zM<6^zi3U*JQs5CJbruNxVLbO);5UF=0CobjTJrR!U0?-NCWuaBB#&qvmQ(|d0zwsV zXY4##I|DsX9%5L@MlyU-t&!GD0>I; znrxgmM0ko(EvK%|8{|5Pl`%9Vn0gZnBlry@&w#Yy5EpL}ZT@S=jt~uRF2$V!LSB`P zS1I85Qoj}TzIsCQ#>r2P`zrDz`;99q@+G?$6Q>I}i`yo{BP(EuU?|?S?dA5L?Y-HL zqBd7sC`E27=lT2DQ8umZTB8X(%MaayX>gk0m;6vSRKHNX&626Pyi0T5W_B}P0_YH+ z-c3;5XBs`TYhCbG1jT`FZSNX5gN_W6d5D2qJBM<4&Mchhe)3J=-70+{fNR9?>gSgy zlo|Bonldby-bd|4A>oBzLRL}nJSsd86J~gJJckrW_&}jA4#c-g^qeM1~HU)p1gs_Ad^7{?&iU9MXhnfbZbti6?fmu^E zS35NLBe0pkI|&lejL<0t_58kcqOmt&(S|(!9wbg4{{B+9#Bg;WzKs`(U)qC8_g}qI zNU7JokhS!aE}gif2QOqjWe|8m0^x{28(~9G(w&1Myt%mWX`y5lS#|!Zktyh&3Xf=ts!I2ALZpX)+i5umhNq^m3$>LkyJ-br)rrS1iz@XUJO3`tjaNRn`n_tE4_-=RX`Lh1YzWqG!=1c`9H%-EZ^VfGV zC*Qf2Q&)Ai;SkI=uuHPzU0yEk_TAcIJd`D}{=$Y4$K_q{%ruV;KSNV`&S+;elyl{Dgu-n++?Y{w{;PP;7C;UtD~vyU1Gv^Z3h%* z6)`?=hVIX9Zf23-k-&t$3nO9aQy+V&4kg|L*OM#X8UE#=*OrcGwaRt7#&~)W?dmW3 zClgI{Kz;1^Pxo9tVe3ONj=ajuyG-wWXZSB~bj=QzTn+!`#M|Q6HYf2C!}GuYF!dMl zF@5p8a7(Iq>W*5gH$=ej?*AZQSP6l`9ordM-9FuY`wmhd;#n-3?^A$u$C>{&Sbwv4 zQ+oBR_Hp(p%c&XLxx?(b8&95i_(}7W;i3N~`cSb8ELeHOz z>itxe7kVGmkHzg&3VX74?H8ld#~+>IefHP3wOYIXdj4$n3ED5i-o?ek?&f(p#aeVd z-Dc?#dfX)<-45Eo$o7mkmMtFHfz4oMNGF8#C?q1{%-c(?AQ&O?1XG+{ULIXE*xk`V zlJC%1!Fe8x*$Z(Yych<;!owY-udxl?|7{@9P5Jn7FCcDWrGfR8%x`Vh0Ljqd!IHcS zy%G_tfdSOGabr}?$^j{ZnUFfp;LXNqMxvQNUU>{XJ)u`YUlJa(Xb{FvBJDH92Y`+W zQDQd=UvLtb26*kFMsywt7KKYV%DC+WDoJNH+x@>ztR?^RNKM7T;V9T(jQ`lG7abRu zi{lWo0nOXD>)L;*6n-_6_rt@(Qz-{ODb$Rg?4waB_fDsleNPkJ}T-M77kbRZj>nV5!m49xGbGuj}#Yxb|g2j zuyDPyvNB3GHl_*-3lk!imWs-m#eMs`-AmY+Yo4;nennMta{v@jJK`ZU!GNMUGYe&c zX77)W%ukH;^*@A#k(CVDCO8d==M)$pgFQ2}y$lefASmlO21f2>JE-%pD0wH)%xBM@ zv4~07q8quYpujl91Jf>(u(1=I%vfOI2u!H z=W9xhPET`yAp`aZ3rfdI_MzJZIPTo@>#DA0%W+IX;t1Ka+G`F}PTjyj3S%E~uklrb zB)$Lk_rLC*H-w^%Gl~3vghQsTGx+o=L|v~#9x^0~sOT@5^;te+eWnZoZWOL-=`%Z` z3dHA9^UIjK_4^ce4Y{aijjS6xvzCn_#OW&+hy~olOi=KcZLxiW!R;a9NS?AvNCOrn z_7hyH!KXgD5dd;PHomLqg}HErW}fTukgLQ42)Lr4q~s<_H!|l;6halL5`(9~JR0H-l=RnnaUq19EdR7wcgVlXl4vqG4 zC;S{3H@7k}HoTAi=dmSMdHQeA!6#Q(K%`8B(0qJ+(2xUVLKcw|agc!2pU?^GN&GhM z@#5-BbQ}G$x^mqJ^|P()_h(KQFhp4$$8tR| zo;g)j+r2KVcDfSs!Et#B$__dwD3g$$(i~zbgCtk^P{L-y!H4)l3LL=bjklVanc?+^ zjB~ggFZ_12jfh^Q!}q{;;}-jxBnvuB7}nrJ6S2_{o=U1#P@bKTEG!Fjt0PsG1f}52 z&yH=QrKOeh6UMOpltQX1%U@gwQX}Zf4(@mP})`EaT5*`3vg z6nyw@%&bbi{#BWYNrqZ9{&whe8>rv=>g5Sme?@Ru-- z2UqbzkAs9fyeLZgJlx#c=toGx2_qvTWDBG>JaWVj`r|9|^3`oMn;}iZ^a$C@!g%2F zz*N%c_;_|n$tEXIP1N~S)zu8o6L`K(TnSx7z6Y=C_eO+TxaazO!EOOWh{6L;fuhUs z;KU7U{z!dkDXC60J=##DPYgEDK@A0g#STobh}smCELkwazGZwe2#u4hM|a_y=VWKE z{CK4RwZJV8y~4H!Co;iC!g?n#ceCink1corQL8D5xL7&WQq~=NHj12;f7gTiGY>G! z_+t(LDwKunG>FSqkxd*>rR+sP!m?*1Z&1?1`WI@ws1!kg8T#Oqg}@Z{y}*m$K{O1+ zhyzvhCU-bU3K(l#L47NACk58yol~v1rJhS!AOs8||*Kvd9`cc~csYuQ7(GtH@^Dj*`T=#oK z4zD($!+F!z-hR^1kQ>q`R|bK?9uq*36fh&jW*d;&4Pf!a+l->3&}#Br*TtFh(qf!h1%NMC`3;+-x-%eHG8TQE_fBfhFP*t9BB)u zK3*Yd6Hpu_S@hGwinJTEED?I+6tE0*gw74*2CKhxK4xTC(=8LqN?>5%JaFI?0=STt zL7k5fyvKO4@q7Sl60jw5B-9!jP!!^{dQadlCi&e|G%Oz=UqpZ|6ELdmC78*|MwUq} z1PzAuplcvKfc)eHj#3o2pAbr6;k+O6nBH94=X$gT+;|ZpATEazsg{P3k-L1Tfb9UL zPy+v;*H;JkL}YLhiyo@iOE7%u=;#mu+3sHwD%4J4tcy0_5ff{;WN*+nx$e(<{;s<* z)y9+6aba_~yo;OLCIsO6OP|FeBDSRNwzeDm)fE+xSLCw-O}@yIPqM zS?ccYej}cb;?}KOHrYPBe0eN4) z=8ePXh4zIb{^I320)A5BMRC40BPNr)JM4aDt@~m4;q76C8%751DV}0-h~}fy^1S{` zYOcgw`&99viACXhk;55g6umaRd$ia`THjE)#oO_=@1l6S^!A}a+@`oYbCbdF)xYDH z{n^+0JFu^W!(+hEQ_jo#=U&`3ZBj5p;Zh)$vx6x ze@!C_@GwwdXy!z4YT~~kc8G964ALzV`4x+{+5eg>SQ$tjIKT^Ft|w1B+6q?|F`$~Nj*Av2y~0#sY=u-t6F?k+-2jHs zyCL*f1gG&$Kz4~KDd@1EZV<2yLxV}YHox6FMC(do_?*yfl28RaTrN-gP*fQVLJ@XC z#bQn2M4UZn0g9Ye{#~yYp}fPPO;q?A1_o}@!BEO&Udq(P(mqqCG(1cc0D5}NMNdkc z0*LoYL;T1Qz!rzLl|kqFb7+X$=n5kX!_r?V(nCMZf7}kcD!*}z`M%eK?HF-Rah#F8 zs(L@cMJRj0+2V84$!O<&k=*(DCCrMrO~!AO&WO}rtD~P1_{4awM9LsqYVByz^HutEn^=y##>kTn~0!1tRg;ak&zBs{iEVSGuk3_*a!I~V)aEz$lu&%VhkP+CK z77kgUrX%n^`G!Rql?^qeDDT~V@9)2B)9l5Nq#zkwzn_znQipHdr*tYoLBT6fI?Vk1 z?q3_AzCRi~eIcNNwKOzDg2nF62zLv@Ar5U6y}WOm!P7&VsHwHF$AfgWh;(`eNY@0} zOc1?3LD_%@nqTDm>B#7452AEHhCJSYd`uzxSgrq*nxE9hrluOu_&q$j_rZy~P{rKv z4vn8XHEExLfb%#dgPElk|7+zUE9W>ZVL!it1o`*LEmBj5~E?hc!NMY&4PtFLP{juvOX$-t{;w~v3ie0{xbnbrQ zy*-o-r>m>0Nsfq*&jk&QcW%1s8?V z_oR1Dst0MkUOt50;<1dok%yCkj{Z&&t{qNoOWDdflV1i`XLJq}ZJc6seUPMb_C%x9 zbEmP1pjJMvs z?76cll0#i`Jm>cKeO)V!2Z_pn>vH~?XaJH!Lo73c_}v`n6G&(qvc<2x3Vd(#BM!6s zAPZXDvT?+flYl8G=gGb&dOq!qIE+!=;uSqo)H7F<21>{vW)W6tf2Ec6uVDq^LxcW? zGszA)7-VBPGOcV{?@}Q$ymurves0z6lPB*LXihwqf0Jvwr|I$FI<&^xaGV-MsD%eU zY^tZER3Kau`9@58q7052e^q*kRV!6%G8B~^!)ni$M zT{184Hu)7cX!Fv7iyV)oUGwUiy;pnEwzgMaJ@B?%cZO|}N;)S{eg5&_k?C({6Bhjq zZv`hG%PCM*6g`Raaw_5e)}>y2yfCy#DzB!pCbpgyWV*iT0Zv6uNd|#}XOdC{7v3Ik zI>!3yXrfr0-*elXjLi$r=2q4is%j3V#cdp6aB>f&NgGPD7PYgqi$BJ8s{7lCfTq9x z`pYRUP5`1pG~3xx;@G0-gbAElL7H>hdZ7H-D1t69#DP-BiD@wt*W*b$*L&Zsd>B2o z9`BQ1J>f+FDT>$yPV!entG?Ws9W#tWuI|m5<)>lMs__!wi^W5Oz zV9LS+gPD=QGi+o^8q5Ql9HUjRrMS2lUKJ`#J7aHY|IDyMJ7r@oE#48mp*bNfDU=B*{dn%$kuGq!kq5y>jR+mU)J2jX zXqs1eV_5w3~Q6HWsx0EMO{HuZK;Kw==&|e&KQ^G_(GP z&rxoBR~EkSb~`C-a&2@h>Z#-O-s)a>qfjH~dnD*{sdb>jkI6lKRg)9rJ^3%Ff?Egs z+~OVxXg>*B+NJ3gS>i@7yuxWlZ}eCNL!`(9kx#{P>@_bfER1hz=Sa#It7iV4Pdj4V zlZ{>oR=T{muTOsH`cRm=D~EZPcdX$L4n<@}mh13;`1tWMw#S5qa>3(zT~}7^msCOm zQ^8#X=Lc7KczSA1(Ax_HI`|g`Jlg(K^#h*ZWk(!q+;P}{k&Om`(i)yuQSrI&Sy_L> zH$G0H3GjB3?An#|^$Q}1paj+DN2=**L~!&;D^WAng?CE5*TKnS7@R+EuyEV zhi({aDA0RzgkoT7(u^LwJ-p$(k`e<2vOCU9_XkrAfz!PGaM})h{}F7|fk%8SrDd_S zXA}o3v3nq!n9piR1q(;nST+8AM+h^P?KHHoaOZtKSw5#D?xJL+aXP;$bXoSz8$Ns2 zw6dtn6}9h{qYiRYOYs5Hq4PeHS4qMPr0y+CNm<=#pK=on6iYNZRQmsf3Jzc zniF8_$HDyhU@L~Ywl)kl%I!{jVO#LAP4JYXt(M^_8?pB0G!Ef@E5|W%Mf2vSxH(9sFW|l=Z=;YKCMK#1sKxr0p!PT ztrKcbX!Hvop961r0*8LlrI5f^ukuk2u@q_dfdj7RJ=rI9^pzveOBi=RXTfKC6yyvA z85_V9^XmhfxP>0$Ly)CGp;x?W1!fXy%#zSX5Wmht9vNt5C|WzJIt>0ZJQ*mcZ@dN8aIoJW4E@nwt8UY`WK> z@JMAfzX3lAVS2M?ep!Lqwv{>pIeYSr+mvJ{yQ3(xMH?f~MWRyx$WEQZq~q~RG!dE@ zDal>e-QTt0*a__wHRF+t@ihXKCLf}y&bYDzPLwEF9~ZiR$}f3S*do=Ki(5EmS~ zvuE9obp+t5RlTlILZje7krA5kO69ubV%%{)XbulhKCiy z<;M}eKZZZa_dvw~Oqjix3&8<|gbd8T(i3pAKy!poZDJOEfgX~qmm=^2f|Z=na^b)O z1_w?^Ih9p>dqcIJkB|`y;I0mM+%*870kC>^X&=F?UyE7&@^2Cs20psv>qB=DX9?Eo z+=UA#@Ihd^Ac`MpHM=0y3M4&{jkW+>2C%9cXl`~IxN0*z=x`^Mz`1)8WsQOuxF|sG zFDy-`3(fjL9-fJ{WJhQI^}t>Kt$a8M6EV(s4rEIKLMF>~bmMC4>&LJtZqhmoAYDzQ z8d1yP*kG7r#6)4%64`BQ}Q#{|NH)e=+wSa6Rw;|99CddzQUd5-KV(|8iODPmv3+yEFd^AJ}c{MkAn*9L0p9Ok=R-Ev=)F95;KPQExuj^P>b)#A+n}L z_$=CJ;maYYwZn&Bo7Y;~fDHR&5wxS}Q-}_9z=Yu1rDM4=w@&ZphG~ z(%yke#oVH&n)&|ei_K3vb&gjM3 zyW@d*?}<^ujrENIpRB8kZ5I4+xqW@ZUn%o^f^VHjyRq1JwC@M2x^;8n2DE#p)@<+e zXVy<*nPcH^@0=ZtwXa=GnyYdwZp**0jqXX1`#r zb(^avH3HV}D3M^rnwy(#Qj%<|0m-3z@meZ|R7vmCQ|vc>nV}b9zPJ3lG3^^9hZ)zG z78IANV}t6|(mCPrbVL0v1)7U^WOIl4OlxI6?E70eCs()rd%mc>Bjn-cxn_T=s_9lb z^DWxZYBZ~FHm+p3Wzn8i)%w#jcXa!+Eq~39!xO>&?$spJ*RI~%v9Zr!$x(l1%D+kl z^P`hItuH`#I9GAL*UJqT&vhK|Ufj-Pk%OJY?&4FLnjZbD+LywyO%HrIW+ z6vQ1I%uoKuFRzr8dfx&D$-=WE%qfZIKkV7!Yy0C}2Hkh+^;i7A#$P`_Ku%NDbCb0d zoKBu=HQ-0mU&)dG{84<^nvVbBKWa5#W(U`Qt%AQF$^ZAi)QW(aR&Dm~I&|%dtj!`0K*Ld!RYOypi_3{=wR+=OL?~K+-@0>%%;8 zUO<=rN=iL&8@rc+Mql)U5`s7duP}06h2!5GiM!n^+WvX<1*eg#E+8BdGjVQ8V~{({ z@3D2(*3qf6HMX!A#{-1wvBt<~)Rw6-IIBF0KKUrQz@sSl>7cj?p6VKd`fB!#p7`~F zqQUr&&=j1i#XigW?M4a~Z$tg?HI(R&ROPGIkgamGKwa1z<#UEv_ZeY{;YRQA-VQ?fsH zT=Vn08XbL(xJI6!$SdIWd&@1hw4`s&HrB_L`9_8#6C($Qm^a!SOYhGVXY)HkvRC|W zPw4eu@p-#x40H!43$F;wim~TlsP%zHB8X7z_79YRp?`Tr&_5T^O*4&krpOqJhQX^E zOL0T^yVQocOG?D7)zo!q@a@}zj1S#c_<#$riz~;L!(An}PEb7IeIC%dNd+SSQ>N`t zspGStykeya1+d1pT+Tt3CodgiQ~EAjYj{`ns-4Q`T}0VqBtPD0a>UF}CWy+JjHi6~ z#43pd)52x~h4ArzonMY?U>71}y_o(kFfcG4qZ-Ow&Uw7ES3{e@K%a7&7mM2m5g+rK zg!XCe-g@SP*;_}{G05QfX{V-pZS+E=8zX+j4A8AVkydN#B)H%MT;Kn8_# zzOwS=#n&m3@gK2-49H|ts0}oz)I{Sh!WiT(e-#wdI)+Bh(*dy9wCc?^d_pO&|+t#StmLn%mBDD0~7!m{55mJVv z#u`lODHqq=mO3Q@*US**|WT_Lpeh+?lU`z|~T>^??|$r5uYB1Lx6tI)duQ=8#Ufz1Kq|2ELI zA?4m&^1=#XJ9GKY4E?dzzit23f}Ttezfp2=@e3;p+M=Tgc?XTw2ujb53okm%{Te|- z-1B%Mz|ba}c#)-yf%$z(TUt87i9)k39G~q2|J)G=?3NOzHDD(pw{!MM$?S7?7sd-P zHAQfR7{PKhY@eWIb?)lpaOUCZ(lJ&!pKps6U>Sa#sC z-d^>a1ETtS6qdM%c!ZrxT52mhj5sxN-lVMQ2dw{FqR7S@ontWn_jxrLWk27UGMR>q z6ym8%W@U0x$tx*|m=atH`Z`w}V(d1a?E;NN$1gO!F;gGK%IO{6_k*ysVQJsLKQqFt zu`PoP5#`HsBY)Zc^U9J;O#(Lx_x4!znqM!vmL0;90VBZ17w2{hy)8p?3Sp`AeY)D( zV{x(pLTfT%*#Yai9Q^zVp%PsCuh1xr!)t+%V&P`RhECQIqLMMLJ+-@C}T2Mw|i z=+Xos_H=$!C@8NOvk5l=l^pDFyw;37xNqOS_KD>4!cmey&9Lq!I#oSMNEX{ihpI5Z zgMZR;s@JoeE>$Mj;H}wSih=$(q44s#;v0@XOt#F(*0oC(*qmbX(81s1A29l+{Z4;> zh6@Z{0LYbWDCM(Qw-}ZjVPeK!;$-N8w?4Kl&RPr4cJ9_~{h72nPjXMgQk*?KJufwh z#u4?NIc?;=q6&yj&o_&J&31z(d@j#QHwgNCHzYM3#>b>>9|ueD);1tg1zgQ?c|}kP z*FIx=3CvvJN{m%KySxUB=_5|T7mnKmkGIR%}qZTX_hwkgLW_eCle zqJ^J$(&~_`tFCQTyq#d77+D9bnOD?(jJLjVhL3ZiGuL>1Pfo3<;{29RnJ!`4VNQKKj&3QYz^;g0HDKnv|AL)Tf8#HQ&H;lE zIb8QQ)p?!$@0cl@6#p$VC3n%vl_p=B-hJ@k?FHK{T{?G$-A6CnlGVX<;w#6ccvx@_ zSFZ9}oHL0;nSEtT)yyuA;&{^z-q=Y1Iq(W*`)SFHRLZXZo<~td&&mY>@uwp!GBC`; zP|}GlO$y$W4oO`*DkW}1O5frX&!d_?2EuFi!sMvzl44j$=r?H1d&;k!xxWy0_e|ok zSpiT*r6(JH|5A-X#(w6>eGkVh_uqS=24xQmMffNK{J_$w=B&4XwTDQzC&HrruOKv* zM3h_*DcZtef#E;lR-0cseqHwPN5zFuVp zO@%;LaQ7gXaD4HFfOotS{TYc1n^F>oh0`5iN>0HAHMoC3kza_!euzfS_$9W9Yb>Pe zp)Jnn7J2=}@W0pM9vE34DFZKOY^DsDc6IS3hz?`MD0V$&Yirw6q(cm*;w2BXdv=s` z8O~1lJ^~2vlxeFC&Q!Fcmt2t-sB$Iv#)Yvt7Y5o50^+>Sh;K7HKY9*)6MimY}sbjz8b4)A)7`LtLy~ z+I{Ffb^9u13Ix@OrPI7BRy_%CHT9a)wKcjXGh{s-8%DrSAD(<7TseI0rCS$ogdXw; z+j4x#nHgsJt7%V)c6Ge`b5srOUPKIW*n72piNhE9Rg11K#eXC$>l8z35N6a!moJ~~ z-nv8Ewq;8flUUtzqqO{b3c8w}4RUW`LI&&jt+{cy^1k&f6cbRZxcErp1J6`+{}PkV zY^z;Wz>jnAPTYuF;))q8X(!l&WO42!o*nHQOlHy0=5D4;sn&4X@jUbRnKLg<)5N1E zi^z>^ykof2gnenZeAzN{%oMu+HExM8$Q7b44nW zU;DyhY`OnUL2AVG%m0A`)2RJlabVIT{yhg~LPs^L)x#lI=|x*V+t@@gZ0zamw_!m+ z!2?oKgT(!N~Iq4F2Bfd`5lb3%{8?pG$8bjjpbFVDobem{H8rVt%=a^S67@2!nz z^Rj}^dUrdUc@;wz;n`wx`^KZC(Ky*RV+L1RXLlAA4fgBQ3EZ#u>bQ@O!%CuFWCGul zSeT%Q9{)LqX7i-~B@WGVPKJNaq4|3CpBx&Mt+Hnhy|ANkw8aNG(joZ*=NfnL(viy! zA1W5mC2Lan!s1+>fBl=$>@#zHsXT5GdIE8alqHWxg~H4Xhp=`{w=m1~@G{=Ld-n>8 zXJL4Ne19EYGv}r_oJFCJ^!OfpM2+@!oBaPH=SFGDpVl*OIQSEB8mmiZ6D2IVo>PjO z%T%IbJ81i)U(&iMmG2PMWmIK!QQ4z%wT9bM>{|Bl-n+nHPUF+stdj0;kDv71OAVZU z&qwBXfP{a0f7MQPGjDF%;bC+^+vMr(uwe^a9FHd_D!CnVPb~NypVa>Piv0`+H7 zf&_g3{Z0M-HT`x)eDrawEI8yn&~IU5s@6fRwkMm<_}1a%;TZ=skI!G+V}-76myR8$ z;{6DLX5ZXN4RVhe9C^#EkU6;Y zTC82aUL1Awa&eVbVMR^7;Zz# z!4A2?g|7uAWD#)4jMV~5LPTfOx*fLz4#lY@aC$J>2u$&s)I?{H}g-i8B7~y=+CiP`{2CK;_GI? z-xhc}m~;cz#+kkI_%83tGJDL9a`~L4AGJ+theVZxmwD6Z7Ox9l--S6hG&^;p!j+P% zZZ;}MArnh0XuMeB75Xmj>yWRq0YkS88P70i`e?-?377|Y1N~2% z$VrUZpl=wMzk2kOx6)lNM?u4qnz65){MjAJWG52Y0r?RSd-b>}W5=eZcJfPqM-qYf zPT*An3;;UHp5G?;KeBgJ1l|oLKInlW!+ESUL~kk_nW>i6Bid6h>_;q?R`q1RU;g_S zYtP0M7Z(e7nayYR3(OewzmWj6H{ySm0A%I=9|%A(OJ3XsN!u?zH>d~_L&@M9dqTOX z@IMj7HY3cdiCqH!rU||A^E{OIyeiWFB|34c!9uD$31M)>6R{p{jZqH7XGtD%EOb;m z!}Df;&XUF`_p{Z1<@dXhu~{QQu}W7V^D~Jq<|WOyx9nV+>zfig@#wWL!_z*cWmy?_ zIqa!-#Cd&UefckH(7faS^VFcH|2;Lxd)j~>a^u{Vq;6$@YwPMRffP^U&@LMhxFr5R z@60leO}}&z;lR&0tB45Uj{=u>zy9GVn=X0&q~*|aboaUz*(C~k{}hrawT^}=f4a13 zFu`~|g};LG`KN((6}cARO!uBYPPoy&_OC2lH5iH%6~xWv+!Bt>ct-AG+>PuYceC86 zQAr;f`>ZhV!j}d1w#Xo%)p;loDnurf;hS~(l0$k?nG*&+O-V^vcWV>n5@l7` z_EH0lywc<+;Y?NWpd5@%B#p2b{=NBxC3Um!6V3<9*E_H(Wk>Fh>XMz|R3&FFYxM$# z5&;~jgr6PjxdjW*3r$}`J~65Ob|nhtwk=*N!j4}l?yD3v6(X+GmoFhMj?cN7eKspT zFE2JpUuS=Z#!VB1Y&-u_II0Zsr8xOTI+*;B=s$pQ^}KNk-_lZix+tp0Ex5EWc%zR> zP(kJ5;azLYVPJLfe31Oi8PavZ7@O#nSU5(<1joo)L1mPRSN6@#H(!3u)nu~Jt5WUU z-lMYXzLvlBwYMH}vp8Vw*K`esl?k1{#n{y*q})5Yee2}Yx8-C)_2+LnD_K#J5g^e% zwEbv%`vJQfT6kq_ia6)sjv~QWHPZEShnNM^4R`5voNjfzozJ@#s4M6`gdYNT2@N(^ z1a9vdN+F)h7hCV)8zIo9>p6b<^outW9fo)~Zq_$QUs~$cn`T(HGYlVdNcNGj?FH|`ZsjsiZ8Z5e`m$J5q!(95;^x0j`m9taU?)g(9dL#Z$Dp6 z)<{#0vOzY%A19$q2Jj?mCY}v85qDco@&fjpP!$Lzmxf2?NK>jxOg#25^%~2OO^9dy z`%lMCo}6WE9r{QuEj#9ohsSut!eFp`HT(T3yJHvYtN8^4eR98Wq5TAnH@Wt&&QZ62 z&d+vxG2P~!ProsvMj2Tq_uy_qEn`d8nqAR0V!ZzijmfVrOi9~YMR>Z1cs|GsshdMY za2&0Eh;MD+ian&##A4_TcW^mkJ>GL;@X~JJRtMZm!Eq(nu^|B7r`+__e zDC)-+blkgsZ&5eaLEiL?=V8lNE;spj=0@a5uWUE}VT%I%eLQEYd8*eAy3;fT_{4#yQHP3i>|mof*ZTVd7s?p@YZ#oCi|Of=?I3pLKQr6Vck z8A3uNTK?(Xi|geFU((0`5#7-0prjPmKF0LC=I3-d=d)*{KK2FB>2+KcVIO#IFNadM zq4n$h!fh1d{22`9UR6XUAa4ECU}&YY`{{s@ZLirVGQVk>C$7RqQ(}gPS_xxW=AQ6P zUqcgH%OmykuJ{+pY5GFX=5xVKzbXqaVJIE(;TZ%QU@PN`!~g)+X=!i5dIl2N-C7c{%;=u6q*U$E>G~X*NK4TIayrqQb)6IOKw~ql%UB?pHat zcGLtvw`&0xE9N&@esyuL%!QL-Yu#*sy`>jn(R>H(1rNlA?BCoE(v@24U-90+P6Q4i zEGUW$U`aEj0^8OYdgDRN8xFwcXT2{~Jf3<0YK9}qO3T6oDVDjI?L;=5t!W(?Ix;&Z zCI-_n_&T0q@0q*`)?8*6N|wu6j_IbsXQV@Mwop|4@ug7WI|QrEA!>4RN9kajj>Rej zT%-rMNFbL7i;7_`mgM1m=Q(16J2{(BTcVoV(wA#ODSw)|~q%M6cSjH%h?|6okz2P|l^JX7oOgZ?vzK~?+j8B@t8!*~7R z0vv8{Nr8n~(#u=x+hV55rV|k_BY%K%(NX7>>Kun+aK_zTNIo^sE3fbAj7x*ik8UzH zz7Ki|^AcD)P0nv$3-DTlIbZhe*^_g!d2#KMHZzu_Mf+_YM^}SQh~)KMF#rkwj$+k$ z;s3c5tMc5)?%O~1y-l*F1b|$A@nmlp^>{i+sA;Uo$@_M>pXw)uk-bco2D8pF z*`u#Q%;{&?vD{P$yi%WU8RFOr;%K>Y#Nkm9%deSi%-oQFtr(`h@ub+jNc@%-k5q5& z^4=_Jis=-F9e`?+I$B#N3tf@vrDwvjDN}TD-RWBAM-brtn?R!H( z&!(xzalZ`#=dRugJuWE4WtB!XFS*SJuN%DZ#ljbB?Y6E|P}BP=DG`vj3VzG8*0)+1 zcj!58T`NKRMSwYV$*{;DJqlAm4E$HcJZ2iS)BEv)tBe0)1i9wMeDEmY-S6hMt{Tbqva9J5z==9}HOC+(`_AZRNBIZ3hDNx4CHwGYet}^En z1KPxl42W25pnLAp@k>BW&$kTA7M2{)@zx=svFAn?5-xhY5Ig6a8Jj8A=ZXJcyk5Wb zDkg4=)`Z6~H@pQe(`(R3TsR&+eX6MAJcY4^z}sk&w$Z5yaDi7Z@MEo;;C!aljx|fm z&xd!X7;Z{4^}N`Uf0qWyO*1Z(s&K~DMrhU9lYbE2sX(=fHu*FbC=y0SWs3Qyaa1%% zyC$4Pz&Un<-U22I&w5U>j{s%D%0OhfGp20SuASft;s3#~ShzpY@JzRnrgy-_Mg98H%g;92;)5bdGR&LLag8yLN^)+5%q6#mVf#q0lCvtj^!_Mhq6AeYax{9ggjp+JAa0-B!}qZnf_EqAu{UMZEU&rn|O(C`(&BaeHvhY7+lNx(>K&)_-KM&_ zIMzR+Bz6O=-6=0hEN6A>(rHHCNmYr;1D5C4SzQ0nc~fFKeqwuC?(OngW@^aQv%8F% zKYz8kwN$&eiD8Y}{l>W(E|kcW0?MNB9v~M`IlcJdfvrQ~tzueXSy#S7%#gt`xbRT~ zKJ#Cx0%cJhvjAN^7n}GUlEGW@FJO0o;plLTm?)ZYXdh?%a;%r$)u?PmZ|d%8Ej*b} zL1ac}k><0YUuAe6sNxFYPeqLhYegMTtn<`CedC>sU4O=QdyCg4s zAj)0@Y@kkujP1hKhqx`gr-gzGkw${Dr&2+yyFb1psu|)Lr_ttad#o7M8s04s3}SYv zIq(78P4t;QSXK#sI%@yh56TV-W;*xceh~o@96SLtcTy790HR0Nq|L+U%4w8ITt&+C zWy?+`b&jpwa$onZ>my}$vCp)sEoYgPGB&{?=LEBQRE9aFbvUng>}UT$@~5-C=DF9* z@g&q0#Uz*!h#@0Fk;aCnhOo>MrA73%Po=athnoaG#lPbN*!kM9>}?exFXqgRjJ=Y~ zLGjnTc?QrpF?HAhim4Rt=tIGF_4|43yn~wjwyybj9+X>&Q3A!BaPj5JqAQ0acl^YO z=cVBq^Rn}-vrXFdn{tjx55a-POIKN*lKnPgLs<58U;pSzbC2B2*XD;q-e_A|Wp7OA z&?_bD@P-IID|c?2&Atj>wtagx=1QO3%Tdqb?3|i3oK-XIC*AY0uan0EmwPG`xBlq* z^}*L>Ut7utzL>giSo;knuIDwgx1CY7ExIuK<+gRh5-pA{($hK;5GI$aY-O6^^W-?E=-GQ z`KHY8(E5SNYtE`U#je~xZKmly{f76;m0Jz`xVwhpP^aY|mmkv`CysO#RO zy|hn9SC2XW3<|P8`m(~>D>}$PxcqGE`j5z;uYI$ewyVurKa0(l9%Eo5{`2|&{LjB1 zhQeC#>3Pa^GD71f_S<3SR{7xG6+Kl~4-H9es;fVLxH_3DoRYTqX!)V$!xe`)cKZgm zyJT}ZPkHRXe97kjNIv@UVAkH*@=mYp`?PY^-SP41KZAyHX8z;H^5c~jNof6Y7yJF^ z`x^iJ8l5_sclqaUF>~hs&L892oedcOGx#Fyh9e|$jwehkN-rMz<bPer+?950RDTh*|(>31IHX))a9X8m3iv z)j{Rq!sK@_XBsMxdJMvJ<6D;nhK55a_=TxGTZf$?VmCw-A}k`fEltrx8P;w?3&mCM6vPsb>a+70g>mAEI_j zZex3P{!r@ml~cB`-~IhtT;xR53=MwbLoc4>#8C!zg(i8+Yd?&$WyvJV!#DhOhmKXG6W!zy`Mti9D?*;H0T zae9GuM6w%}6YDU8Yu2JgWQYk?aJ)XN_s{>5d^z;vhY#_bMQ<(D)=`e!H&*P@y}P%B z@58Y9k}o};7~XyZ#}VniaCRFyRQN^U-6wo`5Im8ayc6(q9Q3ZCpJlpsz0a|(H^qr- zS1^>}eol*XZ1A_6LS`1fj1ykCErP1w!QO$7HRWqj7vA$1MjANhMT#eX!LfdmfDROF z%ekHegetOpX)F4CWUo4Zxzh=IRWl~go%a1 ztXaGOQ^w52u<e)*j*$FF0~;qGsBdwN+2NJ5kd2ZE&%Pr{k@YQG z-|@G9=|kCffTUbNyvON_7aw>1t5?U4@wj0f=81DCYR-Ed>g{*nz;~m?5~0mOR7ChW z75c?nx6V8F{AleBPZZoTiq(<5~C^vX{)_z?#SF-$`0v70hh`c(W< zyoaX#c6mYM5-|j;kvyiWL(W;JW>zP1O~=5}oPsk3PVRe>4aYY*T{~p(U|gk9Ja777 z3ul+teH9cRd|Y^bqP7wihXK(a=X$wc$q%NJ=8(WO;&lh7FZZOvNGL)ykoNYIi^XG@ zQ&c(;72ChiuXNiXNF(oRH_)z0sMbDT@?vs+kil#N>k?d4&eoh2xtwI9ftX2%Jn~2D z#yP&vO~X_ioavyk?W8jm5oB-zI$<%ybHw5F zRJx+De&MGQ95V6zR7<)e>P9~7YFZqL9K>`|b-5V}rcK)!oAcWZFaJ1H3L*F9_{M2W z{6Z1;2-qb!4Zd2Vpa#XOC2lFR^nKe#PpLR9EtE$hav~FMEf6KD_^YFX-l)eqh^W^g zL-x{0GO(CPU)4x?N>I(9$&+L5*m`CeGa(u;Xb;rg?fa_EA+tFt7OCYU)-9(g0#H|Y z9t_tR9z56_l4s_Gl0>l0#LqeMB8sfHtp=-DFXEI_^w=4B^$Dc8Bc5>4R2=-g>#E2~ zA^zhHYYpAS@v~#*`IoRC^KyFuC>bWA6oM??JOnfXIczty2Lgl(HTdUV9wl@S&XzMND37Oiv= zArHdE0_0306o}#{C{8+_gd+N)v~wi=fsyd?#IpCtR2004A&( zCjwA;NZe^6N{8R9u%g1`$b)b7^@RCCzAa+Ky);&&fl0j>clN9_AxTFD%keC{G!R%r z5*~tKFb9IqHxVExbZ1e0s7!bxz`)R-4HP}zW%_vp`EiX;7WA3GB@}pPZkDotp zS=P8vDNE4W2_E9r&?@pNsVZjBj_{F!DYWjC9kTa)=ax5Jz_k=}42^vxUjlH58DDgC zbSX%S+c)YUiTAfODay)DIZP(KQG!lUebbvQdCjKg8jo5&O+Qi2hdR<&F}s6fkVS;T z7GEJRr%1%hOU#lvE~1w?xb&27axJM~KGFe(?arog2MVdfFhktO{bx4`;76RX*hLq(t6BH-S?3D8= zr|Ho@;V@5N$-!Jxn-%Bd>4ZrZlwTb$0b)J5ulC+{`tt+Ih zqjG!h=Pz^)zfzwyi<5Kx;1p_P1)Z<+f4uWpHi~Ri#yAAz!i6_yX`q?<)DyQ zxb}NDT-dgcNPFV4D??u!(QgRTF$u`@$94VX#I-fiOu}rH<4g0EO{Jy!D-X5R_R|8Y z$gQ8`uDo?5=IF7N4MT?vsm2PX=?5%CmA3oo2d&*(-O}aJy3JOh>jGBAXos5(kN|3X z%`^jQ_*o%$W)*As>utODp7Z-8&l)O!uYEXY_iOwz+u_ac?$UJE??~q(dqs<2Z+~RH zzux+RO%i$r=9(t14eEI`%-e4QMq?cqrtq4MMpZ^07DTheJ~lnweW1W39M_WVMB<`J zSgv8SMHKL*uR?CRhHMVYewP;$)oGp8(sMNkveCl6y>e-cM`ovURiMDTr+UNAVJ>@r z-8ho9D#!Ke-@pG3mXE?5L-0lHqnAck|%xU&(m2u-fMm}mGpn#b(Crr{B_|f6w zyB4x^P_xlMLu>AjS@y#dmftU{;;g;!^ww7dlx7Won}x1W#_*NG$wA)~Mvic!H&;waw>8K5Wgd;HA;{BBE+#)x^}!`(&NXb;SLB_B?wj= z(fFgPQ4?aSn|_kvZF!^2(ah+lvp|J_sxowR1|1Y+C6g0n=M{`j>DF&u7neuvE1bQ@ z1em1S{#9G=v;$I8uiH~{ufhhE)eQ}V-vq`yofDgl_@(JX^Yd1Q6a~o_x=rHe3z0hK zQ38F8uo{%W5mS*mH+;=E;q}FyG|x5(tHv%rFR&)$&$geG`qN4gjC*usB zyukp!O{0j5vRf82p__K9aifgL4ig?3hmGeW&p5A`6ZXhp%+ri*m zyC1!x+qG_OuDq|5+Kfd(Ypr>AI_J#^U6P{7!nZh%7l%m3%FR zeRS}VFdhX}Oj#-(wuI1p;tC#cb9d!@*j?Q2MVuKT>X!y0Y@LtreJo3jY~vEIw)>__ zNUL+#`&lh>mx$;_Zp7jIhDsZ$zMMn_BDlLp+!tZ{vV$W>%SXlKG8m*H#NwA62Gs znL()#rl-%fFC4rjUt|Tic+5)N`t)SIl4tFPZxQ#Z6&lDNA>S;|5=d=*{cewF6X#GDlT*T>x)U zdUEcT_Gn?QOO4On^9TWMLFk0zsTiJAszj! zYSiI1P(ppm$pJ6CQI#aSic zbM;l9-YFrQ(i8lY3|Pe&R33_sR_*Kb-JDKz_{foWH;2$)JI5OttY}cuY3miF_VWD# z`)zP=OkWz(REp2d)rAeowCU4##XkRC_ba*H9J!P?Gh0D+L+=##`Q9xWg1!C1kJ5)E zY4Ze*gnAFR>UXUY6s=>=H#haTrRGx9HYzvohCyb|4+r4r`SY)^{JCl2{4nk* z27VD~zpVDs-NV&}w}}tkB_3&gjpUDBRv|im7)< z%Q9~E0G%Q3Zx0=X@Ej!X1xwEM><9zeWzB3q)Ye#R+*)(5#Zb+2r8QA!kYySg7H?I1 zYWkWTCbR`i!mn_f8fS<4J=?17k+jIs79h;Iu55Tj+3*e(PXMbW8Q@tOZ90xdNkrsQ z@O>p6s@Fub{vgl^MiWkbeWfEXaDDsgz2-5ZW0sLMIFBa~lczxK(X?}MYxtS<1Aq6! zIRmH9n6WeRQKf(8#;v|3y@>R_Sg&pL>hb5(2KG0C6rB2`G>kg=k!%YA-nZ*L@fa+7 zYMa*3n~fDM;dE@-s;XI}FbG zdPUi+ygA#pMYwi*q5XBuwNX-tA}Gj9SkIba=Ifd$XNGr;IGN$;ux#PN)XP)oyjI*= z*IGjD>!Sr{Cx1&NXJ^{(7S#mt9%pJGFbfH#>J7d&e|P z|MREh`G3v+u$B6OK<3*-*|G9+tnEL2`Xmx#Qfp>&hpJ1hAu z6pYkNYg#^HL?TJweJ#DD&)c236+l7>UsnaKZ7w1LV8woi_2QFW!G(nYQT0I9p+8)J zb{yCuJm-mr(gOWI5k_t_(QgXR?hhGPN+corTd<SfB3MI>b|r z>RNfdzhNI)X!xpn_Iw9QO5tr`^KC-_mo{arNa(^ZL||U*?7{dU2*3aWQ;Y0uV?`lt z7PC^3TaDV{qFmswi}|4}L^DOJ%A8*D*BrI=XU*E{8lM(ov^*?iYjDdK>o;EAgkHqi zTru(Ziu@soQ}m*&lQ(tDq`uC&T$!UkJ0vvIzeBd3%lc<}%U*Z=I%P4VKIE>FB1(n| z{LZ>@5u=ymAGd;3M3w_LKs8~&3P#R%emlm2*+ZpXp&dy6y4v_ZODUoG{Mf zFfvGNZ(zM*i9pvFSmlkqR{v~vKS{v_8hUc-HcZQ_YidN8jBwgk$kdAg07v!)JUia( z^;9~eJBAf*1_ciR6IQNzadFJ*XntT}H6Kpce&S-HQ!~lP*mISA^(+Ch5Eo^O!pT|f z0!-p&@mOSJtTuVW=sbu+5k%lClcYld0RgcOe_sq?7nzdN&C=2IR<%v-spdz`!2aQg z>D;N)o8Vomjb72NOKdIFD$rpiv%f_W@w65BR8T-x8%FQU2sP0S)4FVYogL(*TFWAm z9^4bxdP@>#=#@}&nM%bgCtRSr&-rlyfIGtC?IHQP67ZWN&05R`@vG8~!K+A6 z=6GgM-epI&X;ku;2VXQe5EaJMp>u{h_;P(5rIAAB0xOK#E?>EFUpqS29b!YzwmM1* zW}uc27C6-}Azn*7EXIn1DD%K(P!!Ta85Z0>sGMbyB&PZ-qmb%GM9eTeHh%{d{Sl2a zPGj?y5S<8$<`eTO)FcV94PfdTX6-^J z4!Qy=6_{m=9$19gg~ym+LdeY|;7eLygJ_ZZH}}-neY_g5-~J!?pGPUG;Wgs3tn4UcVgn?U zZ7S!p<~?#u|2wKcj?Y8Ciwwgd_7pbKuL1Z7@iTDzeJ(7Sm0=-{cA!axEy#L0DC%<& zS*85!j{A#McFvf3L%kcrj+qVagk6PT_)_EmwQVyn%yyo*D^Mhya#t>K+Z9;*B9?u) z(MsxI@hL@X?NH-h5{y#@Oqmk`nuQ~I%) zG1lwS2o4t!kMP1$hI!gg2Yx^mEle}GJdc7?h7Ok~n~%FB-Su$msPp1OgS?i7id=21 z@3{T;V+#Bszp)`d!4h%5dTYB42=sj=e1G2oHojn=oXxHmE@bpm?yMf7s4y{Z4M|AB`c((s!x>eKA+DR;kCe*Xx{ z891&D;4u^Tz~F#Y=>t0)#WI+Ad5R zXqX2Ln$dFE?_EE0X6%xGVgG&FxoU0nnql^d!%Rd;aZWJ>^TCZsOsWSCWQb0jN$Uj* zQnX?c7)VXD{m>tyET3DqgjI@oeN>da;NO9atJX5+6tV^(h@q!ut{^x;3`YHQl|-?> zapN`33-%=f4(DX@x61)X1gR9L2FtUTveibnY`|b)lL{#s7%>O@Tx1Y#*;3^cQRwFG z{z$lW5S+&PrO_7|gp53eLnocB@cdsEAdWv&&kmx`8XF%@eXv^3qaI`^1LhlbzpXxX04oKbz3@nnc!~>8JMrg|EQ{{aDK2>{uPa? za1Tb0ZPoee1F=~`B0J2MP@qQS<}a+~K&OvzZX}T?ZP7o($dY|9zo zbi#pc!06GwSq-E|i>8=9ca3UyUL*LvqKDKD)CIu2Z)?t|Faf8QU8AQDsPKhG<}NYt zslE*d4<8?Wj4_>3+Af=F?Zu z9We6eu4l&i#zm!aVXFR>ZYLz|+$I_32w(v9IXn!8NTTf{Vj5%EJE%H@3V@Q(*t(I9 zvpFjlDV=3i%;z+(*&V<%SrIH{!GZJ1+Co>r#gfXgN6$(6AQHe+pwx<6@}96ve?A8+ z$9&x7E#}$MxPHy8a(wYR2yfI+<+oFQUJp;)MO5}mLoH<^Pb@3*8-LhzAEWn>s!sT+ z34Z_}kGoqdoW5n}=UF5YJ^LD{k{JM=k!vvEg?_gPt&|`(P~3_{&IOZeyD|bXwQdA? zSx1VDD4E5y3H@Nlu3h(JY#ySb;z60D5;MXMj)lO51?g2$u{%cu>+)rcosyVza?l%4 z02LJ#O=xxFcXNFpXC%-0h{Stlz=D2(tAq&BV`t!slmZFh5w6C$ue8pNQBje(oh7X6 zz-4(x&92F~k>4t&G{~`W%Fq;Pq-PG;-wbY1u7NLL0&YP`G+P4k?bHqrrSW`%$O{L^5I5ReCwmg##rgZIajuLr26WQ<2JiD|+|tFHXB{ zU*7DO<&pGUQNtz9!L*<2T587vwT2Tgl?-cRgyO8ebP#kMSR@@7>m-bhfN`4|V`n20 zuYJas6eCeb#mq$NbkG6{Krt>B(!6U)t4%AvQv3h>BVq+z#Q`RHY%IZFdb3C=xbHuv z`IwtWg!oN3ZxDSGm`(jdxAzGNQC9EP9??~>(VIW>$`G39og59K?jYJ(`h;qOH~5YC zThAXg!wTia$Y%X;iS3^&rB<)=Rh&&tv#`hfttHzLN?uae(rsA$XkZwTN&PvyTBTmR zVrEG>C}ITDuP+&9tmx4x+*gjVp4+3DG#I-R@uYIc2$B-_4tAB4qcrvRnKz5nC%B)R zK01odj2}lSKo|GJ>|O<|7#Z1Fg~NUHbanAK)w=B>l>DuqH(#QAYt_wB6enDL5@3eU zt|$)n_gU3)%11D$i47qOM@Pkl(Y zA*3G?~33(}@!le1bjy+OsgM zc2cHAbAK7jO`EduEem4qFQ`Y_agLKQIFol|eff4-el*uqDPfzQY(%R7L6qvToAzW%$8G4H!b(qlQ(P&_wDwB24>jf8Bz$H6^G}M z2W!oBV!wIhpTu{^jW$Niav|>__tPVu2b?Dee-WaKFSRHOj=W`FG-5b_$&VHa$7^~HJ4&huA?+=k@>Xs>i# zgZ@d>zSkix-b%= z%c0Tq>S~E7?T86BIurq8ryPZY5xnVB%7Tk2?B7H zqgZOy@}h6^J!`tZe-Y4+^$5vQMJk>d@Ja3zI1sZKSDnofEE9=4ckXa4gg&aEIE0CG zkJ6RXfU#*_|Ch|n?{Og}$2DZfDU5jdCj3nC+qb=To@U{O4&O1#Vm!6D8N7_*r|0MK zbQ!y^!{5*Ez2*G_ou;n*T7glQjH3eNDqu@$e67&VZ*T&C8Lh#Zx+Mnt0|2HXMLfPM>fZ!)=cn0k2 zf0ZF?V1r)2E;EJorWX`OOP>Khm!c*E;|MnHtWk^~q4;y|TtS zckTMTpzsW!FJMb)+SRt)^Q?UMHurcc&QsUp56Kk5i&KW;5sIo%34^L3Cy;*Yb7@Rc z1TBw~Q)7#HHY8$eUQiX*m*B!z=xQ~Gm27}B->cVOcyEI&NQio$Q%0C3Sy=@?+hArk zmh~gXEzoJG5lwp@Fx707fNjeVtqX%n)|s?@9_%WT!81Y?i+ZESHuNgmq)aH<55l$Ry_RKv8FxG z3Ex4wSxL-(^fnpb$Iv_jahkmzK9vrbH6xL{svt0=L1o-FFwFoD%z=B&f^FM8j8)LV_yd93MN+y;_pnspnbYhM^4 zBaeDh2jArWFEmU&U04ojjhfJr*ue5RK`j8oK-t1TXTYcZD(x^ScuDVf%u$xFSR=1 zqH4mu&8ZisQOJWvmsw0sq73ON*(56W>4U>P1XuzH|CZfT0vE$tr^BiuLk|U`?s4C8 ztE5%6mMwcgQmbgq=6BR0y zm!(@{hX{;^t(VBXD-}e_l`V@+!mPvH1?7iV?0>83&qj9@%!Z)lznBd>mNW#t z67N(P1+zr$4$GRM*^ zvB_EUJ#K_iVdblk!;J5dBiuoy4DgtGTIUyLSv1sQ+1|&l_QO_iSo;#L}iTRT9R->L&q{OebXOtGRtu?|tWG!qc$Z@g_^^5?$@7D0H{Z z_sEW;c;uL50MMR88q8eGH{k5Tzp;dE=dkc?%UO~ywKyWLK+A#k<4;QlBeE&+4sq() zD!T$e?S&+faZAX=s9?wVgp9qhKMIrG8w!ZUY_=S>%(X6ZVXCv$>!C?Fe~gfQGu)sY z%U;k*kLQ98C=AGciCVTH))nLgekAk?XQX|0fNjhY} zH*@Qz6g3ZcvM(v{gglwahwRfaTkRXm8lSy>-@!G(w9R=wm=pk4^VN)XOdERpY6tCN z>_K42BM}S{zq4s;41E`_YRLXb0@()$gFTgQfIe7xbt!65$E~Iy0YiDbIBsOEd5N>vcwx5`3g}KfS2d zvuuJ^goAT?UHKz^cZkgbZ@oBs#H_!$02li+6~Kq+hgM?YOj8B!w&Q~yp2ba=ikW}R z4onAIIjxY^r$-7{*m3qL-+UX+&N8w}sV6)n5`8bQ!hEtP_EmD9pZxT_#kvC_p~gEO zCNFGkaf6xXECBVGJJ&R>vc$vvxXbG@hUoM|8@R$)p}}8lt>2~X<)1Y%6EI#js_4vy z#nm4+T7O+PTOuODXhu$HhvT4hO~(ptW{S$=rcv2&CY(RTP{~wAmW|<|e@SWlzTmV| zf1db0uwpT)2jlUP3;G3ZK9s#e`=Q>koZ?6`EP{MzGly;=Viy=a4NvnMn@};lN_Wws zHx@Fp->tD3)7tiSlkb$cV2uK2!Oe5Sksgut?GM=Z8zGTBmpdEvsPI)_$2re`nQ%+r zPiqusHK3LUbkM$b^sH&lZ*7-pJMwVONFgdO zRQDd@nT766{70YwN73Q_3`zd{s8ciJ(TAgfF3Q>4jO~TEd`5@K&o^$9-oV=?9efRs zP=uH=6$km!i2;4CYHTlN_~-Icm765NAX$EUs4b2D2d=Ls6NYDHpOaaZc(zx5QTWqI zKMs5?*7#cG)MyvxR0q;{2I!GN1{{msc%ubkwg@|4JJx;@-z>6nUn7G0V(`SAZ6)W0 z8mzv_ABxXfQXpn<6G$F0PpbzuIdUtM_He7N?rgh_KknD|lTMuInz4E7ioL$!;XSYE zKCOy+I>CBf;i`W_gs45;(nuC6gh!t})`O2ux>*m+@T!Eb3^cF$;qd`x2ffcZ(CX$PffNNd(D4a#1MIhw0OTI& zH`Xtgfa&m{MTHP3@*-BmImVc~wcR@Yi|}T{+Cl?9m|*ZRJWqb*0}j$O5Gs;S)duPf z388f9qhj6jsD6~SGe*Qhw|zNfg~7L)g2QqaaMziX-x1DM->ZY+H%eUC{{DK4vLj+X z3J0fSpFYWaf)_2yw*3)0`3+*U1#pKEI^LoanrO3j1iDC*M%_T+X>OE_;`^d$&Ro5= z2n`d2AIU68rPb$>4GZx)2wUoHZe|v^=t4c1i&Vnfn>TL?NC;qpeju#H>OP6r;5k%O zjbK-Cx%bSN&}Ve_!{+6=t_OyG47lvvep(snAU|ywnw1ES^7pmhy%B~=4^bU8a-=pA z>Lf={^Lfxhe%5NU5WuBx?b)~?IBLqDm6L4nz^E7jRZo;IH>Jh(tp6v$$>W zaaR%sSP+G+@2#d4@F0o0tppWOKhTH`tX-}~Aq_X2Pl-if(GYlLvr$eJ6rDTXcpGxyaE za}l292zTh$TEdcHfKkL5Aox8w$YJa$D+S|&3Zi4@&Ud-0>G`5R=hJCf5r>@8gft=zY0DGX7Gs`Ef7wCM4oM-)J4-iRZ!`@pMA>6Nvr-FV&ljb zV+RKDfliH%1av{(k;C)`4jlFt)47h*`a_J(}wJf3m{QKd}a1}N6^eQyiA7cyl5`lcbUeyuusSY zK(+<(C;q^AMs3gF1Z&lw!ZFqh!vwNMU-FMxu z(RF>ZON&oU-{iV@?u<)&)0|VKURi0JRowLP+irb-XN|e17n<9~UGPas&&#p2w76YU zZ2z>xav`CF-rhs!TwRR!LQ~e~Eb8qIKB+6OVy3xvs0R)AmNYp7l4K9V`&jd_=#kbi<>2**u0#wQ9BnbtrsJDB&=pa1cdCMTV2$BVjHCKk zcB~WTc}!Yf`u8_Z3fZC{t>Ixb$0|5jUP36GA3k|dq>UGzsfaR?Xh9Yibga^Q!U9hIOhjo0XK7DepOZX~qu!(u$nsM%dfZM~n9@6?I zWM*`g;)Dw7r8?x&#D2E??7qn;LvSmY-uDX3n)-J#;=`E(RTuRfx;Bdg=e`LhGsjO_z z(yS@Z`qV>C&A7O{{0Jy1Y_Mj0L=3xFjmPF*<^G!nB(|sX^E#;EyIH{;GnX%2n)Wa{ zWOl(a*iab5aNpxp*y_Ay%OLG`?(zFJ zmAJ-+D%IA%Itu>$xs|`tEPOj(2 zO8lSyW42BQnVdPW6G(NGRc{LM12YFAeyzUp_xF7!_ntWX;yTY`ppr8rJAFpourG>9KofC-BcwJup z{icc<(5IMx!X>@5bR-U)%_H<&B%8KajSA%qqT_St&hY`by6=+}o-|zEXpS9l8x_bTkaSOP_ z8m)(fnA&iEK;l0O;6(lSD7nDkBKb!AbSp2n>b+kB@aqEMC~bC*di%tnTemta!+>7e zG_K?G#;(m%Q&Z(UQ(&7lYi6a_j76_%ef#!>GEYoSE<9{B7(;DOEe-Z$9q-W-}>2&kO;tO$cb=DGSR)7ZPhdb`w6F+1vO&H7_W~|zf=t&EXPY9e) z6`934E*jcxfkn-n23seoX|Qe#u4-9oe=-KH9W~yd^W+XcFj$nBf9a*xksRF?CKmNw zOQZNXVX`^i2Mw3S!DOrsM-fucgI^&u>kZhtOU3NhjTieI_6udJ zhW{tnvcqjMiE&Sv9h2TNiw)5u)Mn`KxzG);pF|n~}2Zo^V7%S{l zT2Ja^-oocH|_7!KiXEQ$t{3I@Mi}?rgUK=&c zt3@+0P!vBtPSA*naC@RGq~mOXE&}=GsJNUanwrm;o)eg*7GVdK)$Fpn2HDMki+qT&~X7cRWeyAg!M`g~D>`7=IUzsgFeF8kW285Nyeb43_ zO`yMxv$}gHS`7h_pc{Df#wX!WN#kF2X7aL0!RbSlrEnv%%Hi7FUZj)pVBk;N27)ac zh}@mV7SEV8NnT14@aV!I##IwS-n;A`Q=O!2jyf1L_eww~-_0eR)ve<8gZ8pYC)?h@ z-^Zs8_PcsWdQq{!iPB5eZF#$2>YY1RiS^OmJ?6dl;4dn08%a+1?zr$x$Li$XGHST= zBm%D0C`BmQ>o_y?Q16kVM8|mm6-eg<7&VsxMJ!0?*l$9+)ksW(MXlEYy(7>V+!Ft*Z{@zb`9y+05;F>9{f5LXn?Vr#B*8aZ+#6}e5@w#O{0{wd9mW&=sr zfNP{#C*;vOZd^y1F3!=M@jwhaK83`nEN7?FU%54uqo^E*mi~T0-=I~aM(cTISX#75 zW9#NvuYD(vJ{O4=!`Y?xH=5tKk23f;cJ$~(Og`_yo=0YN+&#u=PoN^M7!}VQ=d$Jg zR6HBDGci-MbSa!rvE@|Utrv?~c2*}L>A(YsrGz5sI;LV%bWZ%n{FKVI$vT|thO4cwt4(+~on2zRi%GssjZ`8JsYKL_9 z-|0fxAy4wku)=weR*ENpNOnrsl29WLXy680hJ(7PDjF>fe`~vQ)Tf2}A0Iq)$PcYT z9j@u2P`=tbN9Cgm1Kca%A!jT-zp^!cX!(OISO)&IP1&cyEg`GZ&@V(}+tRl4e+AH` z^qpNZ*?&~~20qvONz{cEJ_b#XnDVJm&wcy;Y8qOehbX5}u7$ymn_Ye*0UMj-Ibi6d zNaBU6R{GFv;nIC8qm>Gr)sKiD2V>b_93)#iL_Rob1ms_gOkm8u9z_c2fEqXcI4Xh zI)W+N;&NC;tEc0_GK0dy8vqv!W2pdNW5=F7L<>KDY16jS@|s501e&FxP=0(hfWXa2 ziJ!h%^Kz*fI`pj50C?`sALCbEp7W_j9@}Dxzhr=ui)-7qZIEjlhXxK|+>8B?HQ+&~ zW0n$HeRRrcMWGiwWVDTa+ZY2jidqN`XZ@Tom+A3Ug&bNU!|JygJh(N5@D*J4UyJ*r z6d|Bt6X1(AqAN{@W7+2kBS|?lpb1nL$;}B|_r;5~?K|$hlan_gIK6GJUJVmMJQwmK ziDCl05gZsLODm#1hJe4seCRT8U<*J(J$8rr#KszaDOq-97@jzqe@gyb8`7r-!Y1nVExzR}FfVN$7>=CYEX;$ds?dt3WnpR9)b^RTQql;1}zi&_8&k*=-!& z))>VBW2t?^tj;<**T5v-^CS^c8$WD&RD?&{HxqyjWPSmWzn`1yi)B?Dsk04V($c9Y zToP;@i}83T!vsS;`-HT((H8V7keBc2>N39(NAK?ee6eEdn(NY~LZ5nB&7QG8)2wdo z+CzB)<8tQn7_!`X@x>M}kV)WR_U}J0<}}Fe=ubpB`Jr0ReQ)GPS^`0tLr^O6>Xl|Y zgjq9Kn|?e5=V2OR-eKOY1EgQn13b9_q1ux?A>6rl?5l7A%Feyz2rjv5xFqI9H1ZtY zHjx{n7yGJyDEGjSd!dX~68`8g))fMPJH*HL4a`#Bn{)DP(dkrE;4~BN&G~uejyby` zSwY!67hH;Yg{g(J+NihL@hPWMYgNAdBZdqNele-vaGVM!vn#8rWcf0KKPR85$jP*6 zki{LJ+1#^Tch_d6_0aIJz(5uL-8@8d@x@CI3(p-rs*sUKQvEtJolR+Wf>E(=vx{0+ z!U@yZa6x=$5~q{`CYy*D!r_40Xnvoz>jMBWR~N7L2-2b(SY=WTZ{0FxK_A}Wp3LaM z{+Rm83JMFo@86$9g;x}WcksyD89eF2YbP&Rw#+*&Zou8cgM41Tv;{$aYS18W=X2E| zKuk<=tk@)$#peA=7iVV^9g5 z^-+5A)M46_t>&}WTt0B;ieeWrZPXo~j>^8iE^~q%-MA3N3D@LyyPUu2HDqy}C#a2_ z?U;NAGGxHD#w!V&uk1j#spjUj^G(~VOg}SSLK6s;A%=f5Go!RBJkmm@ZM^3*An#-a zxhxiT4ajwp*Tqro?cFvlM9wA#Jw>JxTrtvltmY<`BM&X$ zY%w~)s%JhH@FBd7kfUA*!Zy1s|K~7?xfA-brg4Xzqo@dNb=>B6YuwPYr@CYB{YNv4 zyozTp9NTj3H|ZVr-a!|;o#wJlhYr=zNu3G}HDMfv&Ab1)S7%-XtSlpI9@~0-E;CrI znZeY0ZsegmCbw^-jcAsD41T1kW(1BqZ^ zDRAxmi(jtY1u>{7ysJ?~%MB0J!xuK3MxP(p@Zj<6M~~F!@>zj0hghmRgj{Y;Rn*QA9Q%FD9`$!@**r=yR@#x?`FX>hx|yLsfPVa2J92WqIR zf|G4wd)S?jt23Vfq-^XlgxB97 zhvDV^T-&*;UxaR%!COh}-+f2@r#JtBky>|HL?%Iy{ zA~>;sS?q2nzlM<-Q<`e1TRTQ~b2|N;9ZwCexpSHM`#0vP?mN<1p`>KhU7G?2j9^ z08sQ;BZdtdw)gJ*k=tGBg_=&Ac2w?>Fo$ES8mflR#wWKxU$K}rZ6k6yhPbFR8=S{a zo!S^h`#MyKZF}}?z_k6YROjHH(^cr7O}~%kn*WXZg)}K<_PqzK#W!aMz$#X4+ z4O5j6IUyQuAf6R0bYMl6&7t`1dyHq4rG!QU94q3<7PYdcr^4dFdZ1;=c((&5b9`!mf>(&l)fB~+ag_O^7@#TOc~yTx4XM5@@S1mh!uW5}>! z8?K+dJRt341!;`!SqG|nwvOX?%5lJvvO|(l(N;_Gn*5Z+)z|x-9$=N-o zg91ER5xsvZc!qR&1g&%LdBesm>00;73-7oPl~rXGq+S?Ae14nW=~xLvjX;qsm{6mE zVjy|-;5~S;*VCK`gW=2yi*TyTtV`XHA@2Qyu|32m0C#njN5wH3P^7wR@Y{1CA4};8 z8n$Zn(RX+JULF+jh1bp80=y?aaJLi9t}tm$=cJ8fG)^7$D@vISg% zUiThzJV`JI9z7OIXlbYuccoowe|U?1YH>!AT~VDJF#Aql@(xEW^8e!x*{ins`dpTV zwuE_DJ@wb1ytJJ~t!^*pHF49|bx4V!nEE_la$Gm+$b^%PJLZoZF=D1~Uw%<$G_F^! zXib|nEf>X|`?hV~>H{0jISqQ6Q7xwU_4fX0xR#f`K1kJTv_+C2_}PR(;2D&6lp`YH zeNqi9PjUSz(RHLNgFaCPSD#&1T@~q{nxfUu)heJkb=_U~ToBL3lr^v5V26{H4|-eK z6m5uq;cgLO`Svkw{?`8OzA_gL{hWKZ-KVW_MV>6ClT zyV>A3P0hK`fcUG!(%q%DGE0*_w4MH~&iv~ZU3GMZb8iN>c4$&cizZYGp1o~+Dh5jP zU5+I+-CUzy>{Yk09G)H9IdZ{~Y#S~!YQl9?G^LLh9Ff+FA*PX0ot)dNi_akJ$&Y&% z-?;mt}d^?!E+#C$z4<};zrq$@Q;ZDhx4hF9Gu#W;hfORsO==b+sbL(+;*rZ#*1vi?1oLP&oFs6vqM z0g-e5jPg;+&bEp&cUs!I%zfvmdF4lTT&^1aVeG;cD$_9soVHQXeDem;8%PRuG zq6Df$=2)Fc-z;`X7o}$Mmy5Wi&^`sC-~I$4D^_q*<1F6dedA6LV0CYoUJb+TEeCAk zLKIsOnA;(vBih>9ST&j``G5(gA0cDn$|sJ{i8eQS{KTX8+C5SHP~Cn)377L`waR)z z@J`!-PqD@(OVs6;FRO)vi~L;O8XvSoRpAWxV(9;S{J5V*X-N~xaKrUh)HKtNbobTo z$8I&Bkv*mA@tB(7CxVZ!C{CR9WJXY0R&MgFm05>tP09N`zlqOv*JaB_q8i3a)!Da6 z_R9JVzV?{Qs|tOKhqG>osSiC-?fv0S^RG11P=A|yu`%nUMGn>H-awnZ&0f89%;ib2 z_}b|Y7R@L?tM=2Ue40?c<<(x1I~NQ+5wfL0w4Q;%v;7MWCt{)1*7T9JpzaqZzHDO! zmznATKfhzwu8l|zP{+2WS~x`v^wXzfpkKTOm_$9$dx-^*J86#QCJ-xwbIz3 zp3YzrRYN*1&pmClzsIyx2iq?PKfB%i(&1%clNUg^p?Q|8XukK+zk!tDSJ@6|Fc&s; z$DJ2hsN&GgKYp|R`{|R1lhDb%XMVNObQ*d^LCU*hcGd7DF{i@9lCOL#@4-v4gmckUQk0c^%BX1$X?Ts4Z~!9wALFv-Or5#`wh&!^+|;m$ z=*mdMPsFI#1FDtHbY49sB4bt*Nf4NOXeWnWrUW2{YpmRMICuCL;?yv25R?QxtN;XH zKH8qg)9iN8bTPufZvql$g*wp`DY?yJ+UC&IdMy%>e^7L^>4j7~y=S1h%ch?=7Z(>d z>2M_@lx8h;uzx0}b+_iN4+sdDts4H)Z5rEoKPFG(0ss-Gr8jfTEGkdBxZpvPys<4- z)Q;uuugCh`CSzRT#72Hf{^SO&{`;8a_Ik~jkkei+>NNhqMy!%PPLyR@_vqMqK>-2H zLEF{=kzkT(2~R z{fSl2qbE+>n0wg_FV<>?*?k61=5bZK4ja{g%I11;J{@TN9ecwNIQF$+V`n!zCazT>>Ra`Htm@_e4O(4 z#G@4OPgzfo3MjvzU>(@_kg&|>l8Q@MvEi5Oi1d?mgf^UCS9f=$ssnUxUllM**dHF9 zo-AgiD61&n=rOBZh}!m%Xs7!xFBV+W`ZZ-)ie&_hTTneD=$Z^Do}k`<2{1XdU!@R* z86{3&=B#t~^!3%?lB@H)E=nmp#D$H^zSB0qofi=A!aW1*0lT%4-kfQ`>u3y}P57gX z9=g4IHv(s2{)UTavPTuI4?PA55d&7_?1-fv9v-Zis0A92N>=+WOo~|d-Ct*M8Iq5+ z2^@*$(l5mJFC`+LpIgypI9%COn5URIc`=ysKM-)V5IVadF z^BPf=g2W5AfFs=-1q(cyH;+F}LF`l&GY49+QX;9Z&g*RrOAo3NQt=q8Es36s2#yg1 z{}X8`U2{(WsWqy|-~rtE4^MT>5)a*1#_sCJr)*)LE`0m2j{e$udcW27I+nU9;BIvB z!;|%8P)C9ic;?KQQxp-LwZxFW1c%AXYsoE7>rvQ)q{I~Z zd+4X(IH&m*k3M{jMGYE=Ao&eAi)wW^ReU`;xdv0YboNXpJ61Ss*Abl&O)nygqvy^w z`{=5}?Is$3oEn^d0X?Ox#0KtMe{ z)o4sdAb-bOYPfne2&bg=(!s~{+uqkXSHM$TV_QJ86P`YOdMuCbYu%MEFM7DIy(Gv7 z1cj_u>HV*mWZ5i&W+>}GO{gI>fc79NjZaS_ccH$2$MN?1CE4lG+%*E_(88;R$DmuP z%Vg*t>%rIJ^HFzL4_p(9;m`zcUVBKKHr>0I9IiKT&wov)yIU#I0pMlq%9Bxjv!CAx z$Sdw3N*7)fX}<$ey~184aKHwv{z7vtls+($77Mt!uu)5JhoaB$Vq7p!T?0AzDkr7~ zF%)TV+oT&j=W<`2^eVKRyvgT;kDbeM2WBV2{x?{xB)Tm*@pK!JaUPg;KL zIP53uki-{=r!oB-?w$CeyIbajc~9$lo%y>LCVP$M1{zaN|Hgovb!kPPIjf5Gi6*zE z3uSrl4Dan%P%BDbf>J(7re|hV&H~^9TCRL_Q>IsH0;pJ_2-G5rxa7+BHS))~P*ykm zH3_7JZKCC>b_&}12C|7Znm+JE(phqGw7`|en{nR3!hUd#8a1G)6H`-VUmDFgaEAR1 z3qO-~YL+PFNlH+o>p`1F{=re?5Bzi{%(WBs8b;Mo4bMx#S;S@Iq#tnW`t|CxI^JeF zCY&aK1lsIP_2wtyDHYKObc6Wbm5CE478sy>LT*C@hndqV+PCMV@HY7d3HH)|#1%t$ zu1|m8>A}UL%4tMq`Ha!tX;~Gpzc}VVBd$Z6m6m5(N}bSR=YzQIG6#Pn$&yzmf#tJv z7-$OJxU&=!BYgyZp~cdiXPJaBaTiWo2cRM1v`I^dH^1?+>XMt+SA&yn4u1 z4xP~%Is9X*UK5Rz`7i78H|Y{}bu``HsbudTf2>E`A*#CV;p4mR&ej>GqR=|3D%v(t z(jllQa7p1c;~V9Tg(_vgM0$bG**)z46)%KDs+$C**+<*{E1J@crV`GDxfBK*rckJT zG6;MjrNXX!Tj|}g@BfIZUmy0LQ}x~DmE(TmIaL(=yIx#6Ys_s8P|Z9?2%dz&<37`; zb>6oB?^*g!PQO@sx7YtOmj3Pp*iVsIn5ns@azpIMdX(1dfN&KoUZpzo7rMny3^F?p z9H@PK%EDfzrzkN20Y1dJpeD^n*p3Y{X2n}(Hh6L9!8ZE(zXQFnPev{P4fU%|RYB?Y zJ27L>F;2d4h56R>`FxDhB3%11F*S{(zb`0coHKnFd^x#>^Yn^tFq_Cwc5o<&Ea35` zibj84zPZFU#j{wAfg6eok%)Bmn)`!v_h(wS1h_j{lKlAb#k{IFJY9}x0pX5A zNY;|}9_F7igsSle@;u>C66zM+jD=D2v5f8`{{pB{z;>D9Kj%hXy0G)ki(==K>Godw z#}+Ux@^i3or74~vnJu{QU?)Af`<+*8V}N;2TWkY#%NTj}-I|XBz#gYw@SwIQy<_B+ zJcax>Z?+;)ho1>Ndv=^z+5U23WjQOFxrfF(Ya++m1vI zfrfvCPkFq4v$`xL@S>ziX^_T+$77c8%#jGHcy}zOjeR?6ejj@awm9~D^1P(P zd1-6lhTKal8q;_kirtQ4U$nXH8woAX+%8xqs7@L$GmRAc7wf2RP+>Yp!@_KaIt2FH z@pmm}dwYV^_Uvf$^39vBk!f~%7r;WG*?7F?Mh)gui%x*~AK4;*hv7#E02hNBuG`yg zwDd(q-7f8cy()P1X{z0=^z^8)$$hmn;LA5oIJtpY4!MTF!v7svKl+11!VJewb!oq- zZexx=uvaQj#&_=4Z3FWp_V8?vTtLkN)jZRSRu1SmtQk;uj$-4p7e(A$%>sD-2P)6v zSzJhk96&cD;XC*5-vZk$WIC8>A_XLNNeU2}s)A&PCdsAhiOff|xxGl8MqqPqZqhJl zVdnkjK0^X^L0J;ez47jBWm>PD7#rFD;AHL3nJSTZisBOE5uU&s7zU z+}|}2*Ck?wI~z@AeDxFK_OC~LUmpVqL$g6}V@jf6j&ku5dAA;=;cu8;)D__>Q0c83 z8W?`_)Ed-MArin{n_ZJ_6syGb)mv7s9rBB-IV8dI|0z+AK}wM*agL&Oi(?GcQ=QoO zD6&JuavVK`(gxj*OfKBtX8^v?0)XG8t=&rF0s|ADeRc}tc*>!LR%KYD*F_1-`8mzkY2%Q+FA z7W>1=%rK^ec)h(WdkSH+Hl*2IBhbXFj`}gn2v{ZaU3TSUh5+a-!kmF2skV3h)+LKG zj$Zsy$J5}BN93ha6;F~&qi!24gF_ROR^Y(%x?Gor;y*=-_?$oMUMF7q8lWLHt#MOBW%Tm9MURmXkY^R-`dJ2 zY(Uvx&hpB~l~y0wzEM>Ft9q=$f*7lz$Y_J~hMusA=n2{WEl_Ywh_if3c2l%Lm@gW3 z&e*lS1AmS`llw}R7nI1x1ejKeK*K#3&+i^zbBLCz!TxcOA4wIVk;hA{jS8Kre@=X8k+ps6 z*7G-g-Tzw-zR^z(KC^9p3oWhA^OR*vR$L2h@$}&JqQb&V`#-?vRY_0DX=wv4;F>+8 z)9B+a^hu0x;PBK z8)2GjYrfd}P7@3t_HYPeE0^p###SEIf;y8-Og5!PgAzvWo1N7P=f4<_rIKOYX-Su% zc=AcF%$|P$3+D)WvtzO&if_`{qVm8$ut&R&9dEq(b7@(n{}1k6?_chH)xK_*qsm)E zT}sXPdz#ZZ(>2+*Zq;JK1eO8k2`RB`-^jS5f8goUqi;T_zNYq^mBPrbMMklX(HkQU zlhAzq{R!FTF$p1#ncPi!dU{LX694-2GT)x0I~*w1ed_Fgm5D%H$l{1*p1O>!#2U!h zYQI0{0XGKxRX(?Z0NpZn9lV&i*nI+vnbX%kkam$b3V=K=Bcgq5fG*Mlw#;q29u0UQ zil$FxN51 z({ELU4wv9gLU-s9;tqB~V+oQg!8^hu5Tfrr*wXy&ecXhBBdoIDGMgpgT9q-FAJi=6 zQdNgT16MQ>ZAV7+=o26?srNqLmGyBVNE92aBJoP-il0X3@o&ha)e#vKV9@B1S={kw zzwpK+`plgD$#ZgQUy4fE>e$~jXLt0YK`A!#od%86bt!r^&qFatzKyOGO3=}ER6ug6 zMZ8H$;+^O}1~ZlOCV0JlP*IV*dhMZFy_Z$|=R~@9`^qS*TF<&~_VwKekU%X2GxsWH zzE#LRU6oVchBipv3x-GP_f@Kp;qD1f|5nY;@VvZY6}#3?HmTDoHh?Ek$0AyTT&{H# zO5}2}OD@3)7JRH=?*NVbK_ic569>LmL&qV}loA&%11A`g5Fr6hd?J7Uab5?8IDeaQZO)VKchtOd&~9L(WT>l|4~U0Zg&DDeLVi5~I) zibP*p-|c=}NUyeKPHlIdn%eY0j8Eewf9-o|!@RuAK%r_KY2753Je30q5z#bMqKXy z$=u9rvqYo7b0ecFo@QyT?&#=Y7L)rVy{XRdWqsUCDxnZI{(bR~Xh#)KdM!~wg&J_B zN-HZJ5gk7_)m+$YQ8zMPNakm7G1T7{W?W$$IgL$jZ;hG87h{Yy9h}iUzj?D}qAQX8 z2Yf0*0V6v<&TYt(d#6X;==jZ%ORY2W$bH(zbIqw&KjKl*loqF&yeARiAt{-m*;pLo zt4anG%q{y|c*Mo+*;tx>&bc}#NkrICn}0QzZ6dsElTKO6CcsnBxWd8M`v^4yb zQO1w6{`dg3&mcJ}W#-8#r$01VyDi1W!YQPQV|;Pul)ITU4{u6P)dT0j zrkIfei;KrAWgYJ(ZPVh$})xv`WKLce2~ME`zv>5bg!1O z-^o5I`;F1dV&33~GiMLKqOQAO()4N5mb}pd0zphwO%dHr%flY8Fm3^2J|hE2wv6H; zsI4URTH75Z7P+m0{>UpJ`y!?{h(;{k(f@S%y?cE+q$Xy9Cuu{Ipf^J4>T>el0t8x2 z;MEn9+0UeVFc3Sp%G1mJXGg%-sSSOKO^rUgJ1;x83e-qRpv64<#JPKYM;DsFhKJwb zQF)HRXE?92tXMYByF%y5i#!~0A|Bu_vO>gV?$5GvERK$OdxM)4h=|yU#DIEcOn(&n zU{9LTR%rDg=<+wMN`1#|PsU0RoRm6|9#Eek2pZi8X z8NflrNYR-e8$6TILVkuFwQ@`=g-cQ}rU|9%etN$1-5Z0}e!G;ekx6W;G6W^b z$=fX&e>De28h$}*p+nn^y4=#sS!3?{wQ?!y7HNrQm-zRuX*OlbT(=`Y4xq@|a6Uw? zBvTY}bSB#PO*na#B|M8*07%(*j`4v|ws(uavp9XUk^l=Ea#u~S#vVY%MCZ5$`j(Cd z7PR^HlPW)PoJm`3!0zv+(iAYwRj1Zdm~C)a@ri2C?u%?6Wv%&J7rkchS+gl)^78z3 zHNpu+k6-tX>Z3R6bxG7yYNpq>cwncOG{y8Ewmf&x@5$eq^zYZNX3=-^<|DD~HR|2d zNw;Ojp_Dsb>HpB>fmd|*Y8G{M+Yvh;*x`Wx-Luo{w2#f{r8v|;e4}^@ia?9jcIQpo zi&OAA;h@o`Cr0HWua@C&XZs=Sl4WGU4x@=hY{6}f=&c`)*wVmxdd;K~&|52#K5(s* z-?vWbnVHXVgE!&C*eD`}AE5X6C@803xQx?a?y3qL(dFyrhn;?;{DTYCoNtqY26s#S z!Cx9EJ(ri}8*CSRQ{EBIGx+GMNe!ZDR+&*u$ik)0Z+=kd%m{UOQSow`=T+S9 z7M1{G#Izs=Z`VbcJe~q^ViB#b&_~}6y|>W9gEhs9f_~(YeGch<)f9OfcyemxIN00E z^n~m!=ki2y4U!nA8W8hLzhn97??~=aC4sj{H$!s{J4Hkl#3jC(r2?8oEB-+=^M(aZ zVptaSFfNA1>n8!tKo8hCJ8!}^Mt519EkgN(kVV~M-S|%|E1-UXD0^#*rb1Y81QD~k z$2bg$h!8IQK?ZPU^r#7Tj*i2z@bfIu$-K?BEW0p$>C&j#tyyBJLi?6xUw6*sIX%>_ z74J+id6f6RjWWM!>cl`OlyrehnRgx@iXWRak}4=!y*%?9Ha411m!Bd58j2Scm zxh%}|CbYcyxIU7h#Y>rNat-#a#!N}k7>wRgBw01<))mXYYg!acC_&gy-i&xel2eZ_PTvNih&{hgUjW|clDH68 zMWTu0+q}3YlJU#h3_q|NT%LmTN`kNKJRYC2#6#L3XoJdltrY>s`xXc*r`180O1jH(L;U0 z4#K7!Klo22fv2JCrH)t=Hww6p@I$U#X2f1>FW{1GL_cz9Q+4#uldUU*q-HB#_%0^it5Bu#Q0xiBO0XPjO9b z%UKfbM9OYY`$wI{qX?!t^o72|%O>Ia={{lV__~$TG=e!@B z$p$T2=(@00+6kL<5s`ah9l|JHidvQ`<7_E*&Z63|Ai=794X+O%EYwsUrD4;zPM_uLr!MUgE( zZu5w$G;bNwa)D!Uzm`tLS!wnm+u}D^Cyu)L3&6#W0e!A0T z=SF?=gKGw7USGP?zieRt{+;@dzWX)z<3CI11*p^f53YKz|KO_E{`ZXhL}wb#tSRRF zR0(Z>SmQ&poPDx&`F8}wCDZD#Wf#+Hr#Qf2YQg9A3Kd7tgtWZ+tU>4Ha<0hLD7 zKCsplkmV~^@`tK%io?&Jw@)NeI# z2p7FzcT=aTQj5g*4$K}N5%D}R=tv%VI`#@#F1QGOjMY~1JbBCm*UGk67YBzrAVH!t z5Rt2QJ<;A;+1QjN6(2!-Bu+XSA2h$lG^rv*gv}&2uNI3AJfotP`m~ZpPs|3c81(Uz z3-8F7DpA=&yJcl(A8=eo9;U31WrmS}eTX%Aa>UdOML7P+Hg>=^;)UP~tCIly`Q@+U zdTc>=S}Q~pf_|HaY?{_p2xfM3)Y~$A?)zx?m{X@uOLFF)Q@Ye2G6=(&xHDM(fhY#H zfM)~`Gz+vYPxcVXnYK-`9qgk3(NNP9oag!2;mwubu!P^Y(*t6&FO8ZoTqEI|PV4(( z`Etkhlv~X4V zo9RNz;;*bZiVl!W#fAiGCJ7C~lV8?mO0aO^yjKP8ys)hXF88EZT7emUf}1`EdTbJv zX{QGkKa7@zP=jr#-bngxEa*5fgX5xGV;Dkqr!FfoA|^u6r?K54sLY2~iBCw&?+vkP z4Uh$q?qr%UHN;dHZ&`TZTk#x~yZCny%}R%jk~Z|AJ5^SK0J!(KC$TojB`H%Y*v$nl zPd*Mr4wA+I>uOJs`+wy-ulC2e71je2K+$JyW1|X33!&2Xr!k0SdAn{Eh3YO0pzOj~ zNg%e8;|YTU8xs7u7=RgmSU4V{mk2c(g0g^j3X~coL56xyf5so;&x)ysB$(Wgj|M2yyT!F>JkJ&04b{fr+cqAwEi1ixi-F6zgrLsLqv^vBGS^af$r^x+Gg4SUz z2ap;6t$|QQ;G}iZj+PEUY!9;114q8Rf0kKN;rMvel@x=TDvtm)jxlCn zpGJuc`X>jCTq!Sj-kFiQ`iFP#{#_X6{Cq{;(CO0&Q$IP`>BZuU4OZ91AN*6+#6!nI zN!f$Rrr@@{d;c-uz~*LNZV5&Uc(lcZ2BNoxTBWT;pX!5OwSY-oMahl#5G%p>Hv>qC zK$YTo=upcwALE`j^}E^dry3mf@3?IfBp8ze$=mj0)a|gNWy_Ym2$7HgB1p#zYrh-S zZyROKy_`j2rgd(Aqvv z5IXQe-9QqrqVN==m>cb1X~ZB0yiyOlfOMxoFud|=ihO0MZ={uW(g}8gN}{5Oc~7Lv z1(ynoihMwh5;8J08Dx0$Uij?el*)(saZYTl#ES$IZN5ISd&t=1Q)H}`(`IbE?v|(J z*z76KKY#jk6!`^c>&CdaRsJUmZZqS|32Sn@F4ai!^z*ALN0@j79wmvq8rgVqP){XC z1G2)5F$)K3b+4h;?w1j2Nhd^7?O?C@95>rLlawJ6EH~t)nbTH&+G>gbUQL?pHHi`3 z*|K-7l%t?BOH2BusMb*^RnO{pn(G7Xkt(91Ff1QP_YMisr4tuJKDAZbb*2SUYS;*# zeBV7Zt2UfHNwj`jTx`v)!fzvxzIAJl4-Kiy%`Ug(9+AUKobgk3yQpVE$812a`nam@ zi(M2{?!bV^iINAWU~xG8`0U)NU}uXE@GA*GW<|O03JW{=mgMrp1XXf?2JodRMT)|X z28_>*zS%D@czV&Th71u1g*P%L)GBkAxDi4zbfLd*B~$2-whjd-l8Q>hDtcBnH3(xf zE}9K&*sB}HvUOsyl1k~Lu|;LGh*+^7hE4m(;+Nm3VV_?9!iHCx2!h9q6ojmeiY2qZ z{EGNg7-P6qxHZ&EAC~82Yq(vkcFHaF_(dn~BOm!AfRT#pr&4S9^O>LGF!0nr=p`@f zOfpu2&XzXE45`hx<(_I_*Cqi^4syXEJZf|v{` zztxuau4~TH*V2!r1;hNer)Paz*QwW5h+uJ*iFj|^xN9WZ0A);hSEg;BYPSADQwjxg zYEQ~#ZtT)JvbFnGxkgzy+tT%m7CAaPHoF`OaA$NBkB~U}i4Xpr*UOG{Q0ODVq5Oaq zG8P8lJ3u*%6~Q2!oOJ1*wj~`ieMg~7Dtgq@^=N;NRxid&azv|fgLs>VIJ-WY#dRlX z9n2I-+1br_fi|K40rK6*Ya%HRsKd^t4GeiHQwxp17x5s-zk4lw@TcaxfNV?War4g{ z2%6Lxptwf<=mvdx6)DBW5IxxJp-Xu^WUdDQ%T_-SUk8w~O;dQW3G0*KgvKxB2YBx@+*rH)XwrTg%D z>)@6nu_W@b#~(opOBp#+SvfgZd1V-|f#@k$%3+Oc0}=mX99>$?Hr1&J6czM?t% zbWF|kyPlm?-{0zus&He`Af%5SGZ!shJQPtJfMr0r7L61o6ct1GxpT(wMF@;ti!yX& zbEkoUfh1sXMNuwzoM>6`HN%d)QQI`V>+gu3ywrNZ^ac9SHSq~)b*%`TU%ZOXjQpJ* z0*wKGXVPlJe@^R~MrNM%>;VG?&==PZn~wmIwF<}_o;-;k@zp`E83R6U-=SzOo;+#A z!wj_ygE*8%leJ(DANCFJQ7wLMK$osvYjb1BGt<;l7h@VDBlm^)1YfNIbo6Q*Ydvke z4Wvg+=rx``+RJ_(m64OfJD}Pi|2xTLO<8lo+=A}zRq}7yb#pVeyjo)=;%W@ClR9oV z6(zkIsQ~OduLfX1!hj8F*t&1rFexgB=Pf$%=bw*Oyc_65vIxQq;pG?c^arWbXL|gE zUe2$Y*GpNPLr>;?`SKv9+xBWj=C^yk3+AT9b=Ewugi(@rj~aT7&n_u8L1lN)Gn`xV zb)|TO1wQo4Zg#$i6z~+=@7}E2R7##+sV}JxL;9Yi-51pu)mnOFQD~4r(=pSJMugPP zjXE6KSX9lx4$lqf(foZVjKa4;Iugg4t-i4bFbOOCW<0}X~6OFvzpn4jnyv-4+ z9}qdHD5$A~+g^&k@o(Fxa!PkhOw5jfja#;y?ee0Jz0ok+lYrEZi>7SKUk13B_TEW{ z^fe}DiSW|V9Cq@dHbxe*v4axDg+@@1T|8-YuDRNV*TTX=PGu5(CpewSyT%*|#60Sjuf48yHt)0a^@HjhRRGLh{rAr0)OdDky8Oh; zS^CGhNw}s}OWSul)1}jUz6WJuZ|jM)WpbT8UL}F_8z>+=)dJRkO0u%*ynCVjpSK^j z?#a3Bx_fI6rSfse%!nJOhLZx?4JD;7O`bKmIowY3d?M8AzOYmtS(F4-G-<8uGxAt@ z$kC1d?n_0?mEUi-3n*i&YynX_8?XbBb?sOpXfCD*nmhEe(v@MyAi^@2^Ge3 zdM1XjL=vk-I%}ubj59d0pLe=Zn98ZXo_1RKG-Mmy_8%AH7OwV?vekHQ-vdS}3a!NC zcNf=)m#BV=ouj6`tN9QJ>#RjgJ*B734Gr;d@y29v(Nj0i(GIHzH|GnCJJ_!w5tI@> z6<_(LTYSMU=>M=Pof>wN;TJT!Hrm3~y>Ve^%KXOF8icA8m9M0(S+5wI{h-V`tFXNK zXN`}q%U7b3=pwSHc#l;-RT3aG^Fq+s5pF(td5d9DW12UYuZTpVw0%HEgRFOtPWw-` zjij!Dskdpgg_Obh20Mpz-F=L?*+gXl$3a{5!g04egX3$5X@>3HJL8aXZQf=Ayd9VL zdY#fQ2wx|4dKj5hV3`{jAGN36b!`++3$L{4-TVCHuU&SJ5j_&f?$v$5 z6iCQRhjz{!z$4!=s;}Az^mc?)mi~yM>dRv#{1P+VI=aedz_AgNLbF_*Rp0bDJ*TS1 zD4xuoZyruzPJqh)kyp0nixxkgJlge-g6{@64FH|%xZn%bq&W_1sfE4ZJ!$!BDB+Yg z|M>@wRPc-KFttIkiOZn5j>kVH_&ro`=f(G93s%~BWY)B|w7?FZ6t!bdRR$ErTdMiuphA>p`}zS+^aa>XDP4~mR@ zG_Uu%(-)oBb$T2sDD4ANH+|k&*C_Z35>=hT4O^x8tXIj>WK`8_>X~}?t_dbJj+C$c z{(vB^Xo8Lq!Y5^BHeuj)S^RQNv9gd*rEzOUeI%=r>xll);K02H_oL%?4v5+iI_~4i z3@bPvS+F-Z@+`=M<=U_M-`Jej)ngSDvm9c2(W9CbtaWoU_a;B3FcKQe z&}sZ``@TJMGf#|f?z84}*Up_2cpIe(5N=U}4qu#JSd6)%8!Qj$5qu@^v(B5U#0+-z z6;wQQdw!r%>(<-B{fu=q#lXo$oFDK@gY>F@?-^dVT?ajyH2%(SS3O`iPaXO31U2{& z`mWi|0;8Ry9-Y-l-SkXt{OgAed_&$v&F$)%v#+?9T2S4YiK*$kz7bpt*O12UT;z(t zfasD6=$0=meo>n)H>F9J%R96@omAMvyo9SSVWRO22wqGnstUf1H%=}!<8kpM!u8Rh zhk*T7KB||sZ@|pVIdfKR+!E;PFn#*&$2$7MJg*T%IkVmB&4)V;GpS^Zvd}vT3AR9G z;QrPZXdLM!-X!Ye?{w$AA3IZM0JZ=%Om7FvgF*S=u>QtedSKU#pQksB_yZaZ=9xjwsc^>=w2yx=NS zJQ)Fe_Gmpu+DALw6WT@CP9dY2j=Yjj^(c!v9_^gBwe^}$#{DdjCB&8QId_*#E65d) z{r6EhYu0EN&C{9+ zn|T+ar$1etxT$K+uEp^c6&1oxae1-|Y71OFI`N^Wr#+)-y!U~U6_GT`yiU{gXX$Y1 zSfpXwHKqdc>rj4m5-pt6zGO~*ca7uuS2Z?whtd@LJHt(~0e z0+<1o>~nOusiv2*X!N54>8*^>XgoS=M9WWfn}#9*f&l|7@87tgF4s?u)~h`QkRtt5 zY4hQ8B*Y-mqCwo9NVZ#3IxZL*XYpRVDz7wLJ8{97X6wUP2x81-NheYloYVH*Jvd|m zBtCU9tBmyZ_3hNU>)dmbKmUax0~F0TEVG@qcH%sXVMpW8*^SQ*-4y@!N!+sfiX>wA ze{6nR)gl{B@y6$u2}Y9a4HgA|f+2BP{FM!Ek_pMpDNz#POI}Zj2fz98Vcw7zLwm>W zBS%~oA3`poa>`;vNC&6apSd=Z+EjwX_!nvI=^JByphMGYHx^&aeQUVs!PV69pL)Mo z@k6YE&|Vz2e3J!+K^H&Po9u8yaja8aO)UYioTvZeyQfWhTNm9~!`&tJc!Xm-@1^Xm zwfOVx3GL<|d6GIhL|QU6D|{lCX)l4*n}I^9DYMv{G9iv{o>sN#Aoa-(?l@oy?u_zK z)lT94l^A;Ib?Jx2Tci7=qfb1l=y(ro&5iN#Vp=^PA- z?wq*z_v=k%2Mb1yb7J(zWpeSlw@IDjUGzOaxw-6mfV?iqyz*`7p(=4&GPTHr#P|1meD1<1 za|wTCF~Jo@feHwI=#I?@a54#*i6=S*vweM7a$8^WaR}h1xS-w-@95-joqv~e+1pY!JQ}YfVq_b@R@X;$;YWmawOiV+-sgn~9NmEyl{E+TIQTXEe2P~Eo%hwOL z2Vl^9cBbF4GjjPwo7oRyn3SYaW;TIOGbg@S+#jJC_9_Hx3(v2&8kVtTWyL%ofXD_5qK5_!v9=C$jiVHq z#ko5LWdnl1Q8!PW{DuHGXbzUr`8j+rm`%N4+vf%hd_3k9c!BA$I0?o>!Yj~q-HPYn zQM_MPNE1KNyKnd<8FA^kZ#C2gy+}0$hW|d)Qbdt+PIO)DYCX+OF`g54>ThXB+aw`c zqCXV+0;Zw?xE)&$3&v(L5cgXBsnpO3s8gi1qVF=pUcn<>1JfXI-OvzI;s~Fq6&1sj)Gb{vMKvXGlM>c$?uO6LljN*0?QI`BHvQ$b2S%1q_ zFQZ=rjtTh!<|y5FP@^6+6tdPuR-dp!wK~dS#q*v~l}3Vpnm?%~b1o+b>+iZCFccq^ z#}|`CgUJd!&l9bpz_{U2Q6qr#c)l6JgfZ}msY@Ip1dJf6`}cR50CtHwA2Mr=R6JQ4@DoC15ARbsqDI#WOX2B~$VKD?bQsY7A0kbMLbpmv&#tQW_JaEPzMLln23Ldh8gkZQU&`<1 zn8#g)7e%_mw&l$*9^yjdU5vc7u3q^}Rs;xp%J4dHd8vY~0z8QcMOYMBr)Isxe3*uD zmgUzsGuXRk7PLM*sxW@{ofqYIRns0lxS^C1r_c;qSd`oX&clyi1!uYPIn^cHDzTc7 zDz-Uy`N7DwOvL=WiKe41ARa+ma*(i*cHgyP;Z_dCTpo`syht*Pe?SS@p!dR%vu9m7 z`9hwcZ4{T8xG^Q>lNv=^!MqELn1BDeUD&8Gyl?&7$mo|G@^u zGvEhqyxaxYY3@Hk2Co)mAY5lo5q^{pF+2PuwkdQ)mz^KxM$3?k!Pk}5Z%{n7cV~{9 zf9Kl+0E<)UZ`Ah&#Fdobq~$zuuZx6;VOkh%&Ml1gqov}x_twif?T z4Adi(#m6O#Kuvi|s2yyVH@|twY2h9xy}TjA?_F*E{nN-2wYHTbDjy#CcJ0tV2B+a4>Lm96?*bik{zITco&ON%F!Vp< zLNxf7SpJ0-{vY^hj@k0Pc|s-e;ZynkUs`Ed*I%NLh7B)=v#f(MqFkJH_mJ_GEQ<{a?al$3EG zVq&@{>_+qo%)PMP%kQ5`*FwL~dWs^Qy=+Aw@>!HgE>8wRzFkQxW|>L>wtb)}K9!AR zRuXPQb)0kIt3Q|xTqR!odL$png#&NGy0@+3*tp@_loI8<_zL5SHld0BD>G$f4id4+ z3s%4`a|a7kP5;?cQU%}u8027E{cHzk{_oavJc$-T#;seYmmQ*nA%Xfn_oEBn6T>eT zQnS?|jR}t&e5b|-#O@n&$Zp8U$dG_if($_4B%VNS0*3k2l^RT>5h|K)>+-PcVncne zq}90!f&k@_RE$PI3Ka611WZAti0Eywt@zo8kS$HHaHq?X1M1&C$HCae z*dkh&avfrOL=1@h4wJ$rJh6O2N$&vQmCQm!b9G2nwjH!daBMgKi#_H@Qex|Gr8Rs8 zKb02|enz5<|6Ts^Atet~jCu`v##1h~1y~ai6(iMQBauY-YB~k{kCYZ8Jb0@4E8^qV zKj_r49%K94%@zX_E2W}8QRSiBQO?{r4K2O&gV(yibhcM=8i(%X4e}XNWMcOr#v{EVy1$)rm z;sdz0(Svl$b$&f+_|LAU?Xf~cC=MJNfL*-<&qyM8MoO)uV2kPuLKe=?>@1oO(q!no zHs)}rOrXO2 zJ$!v1I7vEHT0Rss+FZoVqC`a?rwB&?Nyppq>4rTiZ(jS!~$H8)JC1H3fCIZCKv}QzOh~%mGY(T- zqe6x?7PjwkasByT99v+;pQ9SxV8)ObNf>(AU>>$(ATKnMBdJoJoibgH*zUWdk2;3C z!o+wQto_+&egmd}OW{wD&H80u#_Vo_#@3oHCh-yg_3A?H?@M7remoL?Mvv@mCJSlFtWw-#M2*d;7OlT+( z!SaMRo86-uSJujvv91I9_kVoq9=MYK!wp@2+iFr?f8go2dtsY7g9R6*aVQvMoz#Ic#h^?RiLRvg?G_=r^gasG@AR|DApQ$Y<0xN}Bf$JlE5p?$l_-sUk*x++ zhJF0>-X<_|6g_f8)w!6MWG1k4tgCDRd5%lyZSHM##4pQ<=b{&{MfWQtG?2pb53d?_ zw~Y72n<<+i{3;h;a(QYbC?IVcWk~{n%`drtmX=-#3bKi)l=U-GG?-pQc1_V1jTR=K z!#Ta`frjw%$b=%{he(G#y}i9%*Ya(8eFu8=1%gh3e#Vvw7XY^$-?LK*vW0VeNq=KA zMYdZBF^swaf>Q9flMnaLT1LE!m>d}z-a~LSPyML7_l_jMqv?SH#V;if;92-$znTY&zyd%uNzFI=SA{DyvE$#iUmeG(n>ju zgbrRx`--Q&nj$z{Ny(G5P9$;Y8Kyz$Xp`%KKS+{kCrwtMw_q=6XB*=AYd>B4{qp3a_YcaN0U*wBjw&{f zjaIYAHht+){_*2T;-exeFSr$MEB(%Ak!w#BDdP5~5T~v=9q}hHau77V_>6g-txP_^Q zk!HrLhm4DKc*0JQ4~??5*|-wBG2b^ix`}w&+q?PYiTpYN`b{4mZSu#yxT7l&g;nF= zNoEpq(z{3zYuIja31Cgn3hLwG7wmjCg4`Xk>?!1R~?zTIsf$!G$ytp?jBNF}uA zviW?EU_7@sjQsvPRGaF~QSHB6#QzT$bYW?crZDPYqtX2wdUozS>eKhvX+9@%FRyB% zkmCNq@WtGgEm}x4q$a5p`K`YbtbbY?VQa> z?fad{GC->Qlc<-w&jSjg=DM#4S)0x`$;r-ctD~dA1VI00+qf10j?@{oktzvrvYY_L zDtfk!aJu(%?%WB!+on42G32m;;f4!C9w>BG^JIL2iqxyED0Y~9gi!Kb6-fc~d! z{fT|{&pCG7&sXUk#p8r#Ttas4b{N%TAYEI~*&%Fpq%u*zWNGRv@*N2SeR3?BF0;Y6 zu(M|!T|KV0XbH1&ja{{5s%O7Se(-w9kCp1I!-4;xcRBWW=9!6nt5><5HZH!5!`*pt zYox+wB6P4FQO$?bq{``!w)#y(>P53WOH=C-}C`g3n6IbTM7d1`Ci2gNG#crw1_ zW3D1c5Wi<)8KXJzI$Oa1>U-w5FZ{xG8e}$&x8nP94F912Ys#HzvV8f4TgFA8+RB^D zCX)u-mw;lGEFr13pZ@#)rZ&fZu6FsgVC(!}&Tf@`Qx=^;(Ea-L%tHOPC^dGE5$Vs0 z$?J}+-%CB|7&f@s%XRYJvrLt=o0DUkHJAICVoyu0n|);b>!%H7NlpQvli!p2!+Z3$ zO^Ei?zF@zvC|$rcrW;<%o@eGeZ-bvf=|@Sa$^0w6wP$5t%VFMW4=7~9eARDtxm0pt z!FuYfrG6oW76HCw*htPb2W&S7Lf*mEdl0B9o8ItMQm_134HaC?svE)%7kZOy}&ubh6TtJxr;={ z*6y(1$H%Anzpn+Ww%e3H-{V&6 zO;v}xpU%Bsq17rZKGR|B;jq)+2oy?#YnE^*st8LbWSbROqvh%kLv57k>Oh6o3l@0O z^|2mpl9_YOoBZ&4`}!X@4MwixETc2}Du$WceMX-otR}Wmnt$oc08j}KdFYrUSlz_itpe)A)@?OV z3s23`ZyHWVPE6`7hCfkjW6NbngJV#&Te4lDLyDKK|1IaDI{ddJf(ytqyc3L6(#dn=D9LNrXo`kk}1iY_jA;J-_P%P)_&LC z>)r3(YyYt=tNU3`TwT|Bp2u-~zn|}Cs2z$yRgdYe3ZPJuv3Cm0SkMB1rr>@kb~lTz zX};_CB_m;!Mh~Z>Z##f-tJK3#WRihDIy)lv-Msm-jm2N3eE+Lc%mVvv)%^R^yhQ<} zP3u*Qv#}CN`|K`1G4W)-oHkjYskY3TBSY4&Jizbv!3T35hbM_S0YFnA0g6cS0;dEW z39yvndxBaRK%6OD0j?P4ggC%rKnbUK(Y=I!GifbJ>3q`0ec#wFbkPv$A#U6v;|;5L zpHJx;z9X?Mbw}6C<1Gub^E;A=DsoT))@e(S02PgZ>ljWD-$0N{2?Y>QYsB@7bYyo( zAhr)KGm);4NssE|XBq06nk?X1f1STSyTkzADcIbIppvvIr%pv^yf(XWF>HQOEa3m+^xNcmPn)La#4?T% zca1kQZSCzm*x~W-D4UpUfr~q#&SHuQx|nR^kjwtJbkwQBCM(iW|0yOmlMy(MLR7e- zdi@`5m*9MrB*WH@jva8%=dES^a02B97&>d@US0bY-ppkJ1ogi$&|cbp(dKV1!2e&v z?Xxe7QcmYB?>@*fHu0{Wam~ILlPCwn^B2*!zBS3iKE}6U6i;9b*pws*ix?T*86tLo zAPrzHP)Ww7SU3Mz@i$%1MN;Rb=QwOIpH422J58q6PbWpUxXRr4dhf95wo$>*>e}Qp z+hna?UrFiTA+=YCg#hVfG<^N~WtbuqjB>`dAmx&U4k>A11fp68p;W}Av?X-mS%Z1% z*|%Ka3=_{3h&layeD>YQj*EHTg65e1u|EWhF5Lq~ZBTGt5#gC!c||n-$&=-HDkQk% zJXT;ifkd9;63(DdjE*Z~2*MzepMu3qCV`NF>e;xmlaUHhkN^|qfrSs~0I;^15|b?= z)Cxkbr=X_&_Tu6P@f!DW@iJE9vY@awly1aZ>4wc6?Ek27kk^1hnSrR*P_YnlIGIvH zZOfLF(l|KQqG!{CnH1?D(-5=$kC%Y%ePH@4eCk#2B1ptfD+$23Mpd6aomN zQ3Ag``_xlZO?Vnf&x-aqf8l5Q;Rk2Na3ByA>ub%{`{<_^=ZY4~P-_M7wj?8K0i2ZI zYKS9m;BJ50sU99Dqs9=`5M5_kjneI^*EU@Jh)sLZytg^f%) zAiwik7&71xKBB5xI+Rir2%xWSTii5$kEl-|C8MSga0d0FS;H9%>u}0Lcm+_rar?rp zq`_0C5U!vdtk8^b*6t=VKd{hl*ffHGOmeLqzBbX~;bHZXIS(c@MbvrZRNM<+kgu=9 z&ySRBWIT-_SGDBMKNX0E;5trDBDKUg67qz@D-;oY2^d!au4WL+VdBGb-ZH@~EIhp0 zXY3|v-EpV42?*>I7)m_$6qPqML}1*-cdWjg)u~8NLxXtbT?_WaU8?FtTZoDsJt_!& zLhRnVPUY;};-+&Qb3g2iptar%NyL0OE%q_3)qZ(@iI2;KS+Sd=76TEAnnGBm8Kz#q z;6)-*F|)?AWRl&5nj!`RN#$xNTM&xJtJZ0q3!??W4L0sp*rxC~vwiZ3v zJthSGAgCB~2%!uji=|s3KDy(-KMQ6Z`d=^$cGKUi!;UHiA9(^;j0Xf ze3XnNGsc_m@uBB{I=_f>VlDv%mG#dos{a)5UWJ&W9t*n zFYyiwW81LDVFlp99l-2pfRMm20I_-WHU*O`xFP|_TJFZuASN?J{)85bSS~_HN9d7H zjzo8UZjE|zo@6SK;WC;5&`R19%B#t-hR}NAMnK|oagtNIk?ccF0V2op*YKC$$MLT@ z)2nnG1Pv(Gp@Zqh^g0)XK0pg%ln)94;Cn57*NRW)v9AH1B)A<$*mSKN=s|S`$N1sY zgqdXN`F#)dkRMHyH6e2dWX60u;XD*7xTRF{;x-n;&(GlPZ(9Fw7co@;jDkHiS-(JF zso($Hxc9qEyev=py5)w#gj9qFAM+8avE#~C`%Va)EOZ2=AS=gxl7k z@F9XMfWBnvgLLx@zEcJIHg|XH&Fy>k^ZP9CPhPhu40(b5Z2Fk}|2pPnD%`K6qC#?o zNx=5uRSpSn31$j)1L$47pzA^^0$2}MnONqG0qLTTYh*WGQTpqvR#7R&uX~ zZx3yiX54>VmBSg^z(wpcb|W8mlX~Y*151zs#KU3J7=zrH&h&s>px7A76-p-$!OJ zm@WdF`#wIdZ90USgcS-f7sdh9h@Zx^13V}YoB`?T&c9eK%NUDt^Xm(a zs{^jn(2%^sK)2|?Ma*_{*Z#FEu3q)pBt;|iSIhV3Kf(XQy7=E(q`&_7pODx8?|GTb zp6%vb7-PsU&b(EwhT#n20GrPKdQSv|kZ2obS^@8u+4f)G%zk+oFA0OZzXp~psKwv* zjbpyP0#_K#%cCbxz7wwTzrM28Fcj+&-Y$gF6Cb&3pwg#Md=*P5|8{*f1c?!WtmJ>( z2iSBKJqXMDTSN2b{=C}xf9?c5cCo56vNGG1bGmf#LbKxQHs^-6t%tICbiPMPT?^$6 zjFdVYDSp15MJar69jDR?W__* zBtP6vx_4X6f|XzO(U$AdGhVl5_OCmrvzhz)?S)0E%e8$U>Mlq`O+;M4#W}F$+ka$E zthpAUu=+F!R!3DuBnv2_=VCq3w*Hqd%eB&maWxiMh&9EO^!m^B|GInlUrC1}F8{6Q z{c{5jY}r7?VG945CB#ouL;i24;onVSY}Pf-)XmfA=vPrNVXt8H8uLlu#?jMRR$NS> z{tGAj^FrnUMl@DoXdaOTGvA4RSohu;Ef^Qb%0^0F`tu`y|6nkg8R{>m{ z&#RaAty_k8M!;Td?ChoGi684)^XG5&=v`&;_Jm))7wv)XBhIX0eMzs zZ+{}>x?uT0pbQ0Rx5FNofn$6vDlT5W*ByN8*xcMODuutc(REAPUAaZjo}$&Fo7DkK z)Mc3+uEbat5_RI6H*-mGv3J*sJa{?5G3&jR1f}@>dp1ZcZ-I#b96KX}6idr#XpC~& z0S%LwBV>$|SqNZwrb0a=xBv&4IX^n-hIjC=!5rSnhFQ8qHjJMJp#fLfo>NVCYQriT z_~Z>v>BEy33h_SgLG3>tIX>V4OGVasd%70r|CpMJOG#mb-I_%BN=zc48bRr-0GtyJ z<p!!u22Xvkk{~bX`aY$&wB6|MUGdCPN6!Ea8|r?#`=xg?w;fG0?6G6WJV#P`>O zXuR>ZlfF-hH#$w)l;g*ak$QR7GydsQ+Tr2hQp+y(2gX^|H-mzD0V=U^aQIaB5laNp zlEQp3^YGS)?6jl9hmgx_e*Sy~)&c%KLQY1J8rJz1rsAf~^TN&6*=y3w6Lp8Un6qQ# zxVgBL_4GJ?xGnJXij_sRY{mm*IG(uG`}FD4gxm9~=9;-_j}10s*Tfn0dMeG(tPLsk~n20mD#!~_i;$Dt@K_{6uhwOwh|Ol0op=pc(ar*Kjj zA)Rx5YpruQ2(JrBAfj5bwn`Voz8G!h{h77@_LPngiwDe$Q?-S>Mx`Uwr6Sd9YHC2; zUE15*>&2XCn?vo5NqC7x*7Bq)h@*swc4kgaFNQhr@-o`}*BZ!tv-y1gY4faj9nde! z(OC3My7^AQks8e&-HnRNP;aalz0o1j^5MfZ5RIn`a>it$*5Qh}odU;;&v2u9!gNh) ze3t5)jaP4WSWmg{Ik-6(v&W^tvk$R!(ytwdUTn#pdyl|z-z_B6%{t*CBjr32VNe;1 zaXh*NARGV3h00fR|RwVwsrFo(mcUn0V&3CAxV=*QnFP<4I2_NWVXoYRNG(v^PHMH?r*E( zxOSl36i+jPM%Sb_PT+}DboYCI{tVtB93CydM`7XuShjGx5)qFLuQkI%&cnx7Wiy9I1~+j<3as9u@WJoi zyI0a@--99P0Bmnv=aJ+3^;=-cu}GQ2@G7- zlkwq$4y>uj+#diK%xiyy3pg1XQuI?KKRfQf&_zECjmX~a6Xjs26OFIZ+>T8xS^FPM z9ad9Y(GClNZs_f&=7N#Ry#vV~tNTkkR#C7A!Nc&fH@_dQF*^qbHpMHRKPD%Qpyd5$ zPtZL0XgL2y(xY0{n@;QD>;%M|+%If%hEzK*0y*|ATJvSG1 zOZRIY1u~5VeJxNmz*EL_1KcglAEHwwj1#VxC_)>uZYK)`1eLMy#EVW&Eh1u@b&qUV z<=GrXId$(Q)l4p-5!=%rH|1@((WnO6O0hE?J^c>E z!`X*du&Db)goWjP?k`l&c=2L)k8FJ7pccP&l4pv6iLA-z|Wd1>2o`Dl#l z;loNGnt}E`FK{;4il!#T$OCeUu-Y#wQA4GJemd%Z)lEvFY~;CdqOo#yebF@pjcrk@ zdc2sq^d+|QXTF79Kdsl?Yw=?IzR?lO_0onssV;A-KvjM}>=e@@gQ+2600y?Cw-2*z z*svdWzy9Wuz4d{&AMZI*I_RyNAGoo>4OjA;)_MsxhUzF|$rBG~B{<)F63;oY2jIQe z+zQQceVILW<1>D`(LBHJrvbU2NF840Q?gq0Wz(QTsi7zmP#+c)Z~~1)(9JE|?LF45 zt*!oG<8Plkg(Xo<`&XTGamWfcm-)tJac)yudnIL~u<-fAovj!O z7(x?}X#f28PNTUddi~GLkThxuHLOrW^E{X-!~ZLEYfhuNxYx1_#h5Y6Q#raxRP9UM z-<~xpVWeOJ?Dctmc0=?2p_3R8blv4+xv`9zn%awpkK5D^pH6ACR3o(Te8{uaGH;F@ z*(dibohiw)D)!TsFJzg&Hrbg!R!WaEvl#6mFE6hsjb&H4M|(%#J-&qK2yi`1oVJZmeVaD1Gf*Cx?RM`*K1iDoWKoAhMn?u z!0y@pA}GnFV=jij2A>nYO_%eFQ$nlHbqJuf1zBJr>gY?*3y4St(8ux)GYbp4RsPfv zx+^r+V3tsPHyKq0)!?^-X__ka%7UZSH8nrD0(c+LNCJ=GPq2TTwcj>l&QUC7UW&BXls8Ht@JI3A$dBqlEJ}W%9*mdiH*ooSo5V*H}cce{j zyD%43zOBG;Pmd8~Bv(F$^bsWtzBGPZZLS*%?|W0#XODyjS`VJ z-o0N>FMRCoz4qbCPy?@P7%|hXzq@}k?R^~-?lFmphh81^h}0llzNaT_Uz|b|PU+Q> z3QM6iNs@TV{a%|Wy1VC%MKunR*D=^b{}>!Nu)-AMpW_t)p2ExrZ*|E#T@2uny$}^P zR{QFeH}Yxp;o}mQm&XC+D}^X)mI=9W)1#13j?@tfC5%0~#}P)Vga~H;0trr`5z4;*Trh{LAL=mB1f#iI(k&AkIo?dQTy(Q}s8PGN zL;15Lfe=Kw*MpbyeS%cT>g-^EG}w^Gi@bU|t`mU73{x zeLL44hi%=1yao!P;5Wgav*<00L=&vr!24qZ$IYv2$9*;6ewEYHxm^xP)jIyc=1K0e zgYjT~7H(~g)_x_)%pfWszlaG4hE(6Y>83u>nPK*YrfzD#?|E3i8n{rcR@T)`YS|^m zu33|BV`jD-cN*0yUBU?vVts46w9-2;He2|V*g8}(JuQVI5^@g>oO9pjwg1_t{lkXy zDXCy0->RM^{EBbyPvtLK%RvVJFa+ zH-kBeb{C{S9O&IEA5|$586;T54d!SPm%?;8ymonLwJ(T7*c*tD1+_)tWx`2I6Ce+hCj50jUE~S&)Go7Lj~<(wSXtrtc+KI8m%`_LGemcp>*U z7a-~MZIH;TstvXCWVjfAVOVMG=BDd13cQyzi`4#Cul{qxu*Q>iM4YuILK+P!l5fBxn=X{(si`|zG{q+Ismz4ID!$WCwHPAJ^_mi~P{;*^Zd^5IOi zgxRX{zJ1i--jU-cuVYnE70HUnZHong2D<}x1O}nan?u(AbLmjgw}`%$9?kDH75y7= z`Mr-ZDXG8N_>cea?}K;^&Hn)6_-g&qzcJa&DDlFHRn(i*{A1TSjf#Jd0uz4KjvBo8 z76GT?HGlpYriPb<*uT7#ZkL3__oy*_{QnIC-RsK#ew9D}-E8!qlZ*onMOyaiWX(bCg_d~Q}omr>sEr1iej4a>5rk;D}lz0 zBi4Y5;`Jkr8$BIO2WrwSzd%sn0AxnOw6c+({n^gv;E^L$MZboMw$Hf%J0o&VH8nMm z%Z(rnLsyRG@a$(DQ<7iYY@vjVFO=WK6rH%1V-JiXVyZSR8q4tNc4WR1S4kY6%CXre zz03FP^&55x`7)oUmaFmRI}fo?x))__Dc_eB#e2-Te71=x-#)YC{pfjlA(F&~fYzIBC%sPjtyghQiG9d?56fqJQ7^0oS zUWH3cWL{Vszy*}x=0z=_D#SvM-Np#W6uyx)=#)q14PXwWyeVk3$RbK9)FVV6ppjzZ z=Ejb*8pntq=#$vQKxlSz+XKKa^;{!wk&{l^1f%Z7_f#C01gDbsN+&bx3o@%pomOX4 zTaNEcbKSAw{-S{I^Y+VGn1uCk+(NIlPxD#tr%zXweCV?`vbJ6Yt}VVH2AuAkDx|?6 zkb;exq>v$=jcAbO0a^N<8i}5CFVF|$V>xar*p^vf4+G+5xAG51>+ddEJ684Y9lbMQ%mPG>_WWf%yXEozo zb+fMKp{Wa-z~eP4n96?nX4RRnjU!*~>WkOAP41perT$4vFci>J(6Peigm4wX{x-L? z+=mmAY~={Xxb||GSd_`i20)I}BFoi-^OTK~6BlwF9d0*pJ0p~;K%Ay4B@3DCy_YB< zc(ogK;f?}l*s4+B@h|i>3*p2d-q5jYTDckUH8A%IpV!DGX(Dte^c~}LJ>K-^;;r#bQ9=#l0;DLiyjNY0=V}a1`Co=-v zgxl3x5YHQhf*Cl&z=0*+{Za0L!96>!Wn_9a*7SPWtarY4b%usXxN0PTBXon(+&0eM z-qgHPSGBeoUf9zhx%=9=JWh^~@zq0trKR3y!mT8JtPjYQ5cQ_Lv5Y$_%jjkL8g~in z&$XMc#{xc$nJ@t*8$hNH(yA(q6;PG|(Y8YbAJJdOS|6&0zXi!L$1zSE8n=g*4LhB& zvSL8xB`>;bmoIEImUJzQIQy2+Z{Y%C4>tyCu}xq!0+Rryq?6^|{|Dgx?PFH-T)d;X z*%$gwmF@RXSAv2;Bq<=2f|I`&uWp?ahx#5R!eumR*xT&jZT5v~DdpDA6{S-(A!kzy z?4{F>r9Zs&R`SZ5M?3F+x%VlF+J=hqe3c;AO*unDCXFUSSHRT<^M{I(nUyu;nS68` zqEmKYedAbOiA2-Vv#7OmUB)+4x{)@f+Z_KqLOtHrYk#>ov626g`*O~9|J%S)#m`&$ z%7CAoFWDA-PcGuIlc7n9%<2JC-0++U%%tN`=FE8cJ?eZ zL&WRx<;y)y&BCf2Ok5&sihfO|#Iz2L$8j&L;LsXddI8wdo;`a=oddw6_26-wh?ouc z0>Oj(r}(d#=*9Io5ef0ItcQql5ajgq|W)=guYANFb?%hOhhn z*(e34tNeL5I!M|!FiCA87ILuQ1AOIifJ-Cs&x0PLY|vpds4PS*3`A`HlK@3(!>V~$ zJ=0L;t1ix~)KButE&Mo+EODquHx%P`OLwhynA#2*_u3xmqPdRI`Rv^e1FNH4zuZr# z&`D_}*kopQwy}!~8-^gn;}@qmI59Z>MdvJdKZE-m!^Y2S9p7%edj{MWGCPx}w_O0=H>l_hjPZ2)OB=MVZcAmzO zZ|!@{x6Ekewtts^no9{e{D6N34Cx%gG?S{JollOM(8jHOvPN9Nz18aF4{u zhZXxmsfMF7>DxcfcN{MAyvr@1GA>3x@|cy)hP&!j2UE?>nqpIDh2RA8^Vg&K{RH%~ z9CCAI>-8IqEez?@Z>(h&(KPI}4zv!;W|W(z030FJA6g3{bVy6vfqICTI$`T7ZF)j~ z(Pn14#qQhC(7uZoi@L<0ZVwfFem*ZRZyYzAwo4iYyIoGef%l(2&1uuQb1NSo47{i` z6HmGn-{(qkXH6RPzoa5kpb4xLia>l8wIfH68zA^e#=Aw{saW}S)3 z%1ruTTGQ$ZPfcK-z8lv^F3AVd;W6u5_C_-Aq0-Owq>|kyi}Uz^`T=Ei-Bo7i zGjJ?FxNe^d9wl5zh@!*bi;Z2ABw>8}#;p zjmVJG9)K=$*0J#AsqMsNXW;ACH3Aao*ux?sfZ%Xo7bNDAq{jUC7j0q)t_J}FqUqA1u0Gz?Qia0lnv zS7*fK2HtHPEJvp870h9JqF`iEYMf>Wi~+S3G`u3#&&4@uEKkT{`^?uDfkiZdcSPB2 zA-l$e7zdn*>F=H8G1*yoeom%rsk;(BQeL;n1C25fXOkueDGw$)jZiib))ZlNZ$c$_ z5hT+q%Pr8uqFM(HxvbBg_DHd^pr;CZrLlp*qyCKBQmEUQ>#}Z3zl5Q zCp^k8CSXo{H*m%7wjG=z*7r>POBiN_E?7p!N= zd&gG&5!Q3^(-uEaTQHLk_r3u#Y{{0Hvls~=`B}0?STk|#Jtmyc< zt|^`7*PQH|eB|h`4u|0~4vCFoJD6x;uYl5_)VSo~2L?w~)%|l?2OhuI$Eag=w%$^_ zba+ycrP9YYvD5lVq~hBdE?koG`0_GS`x0@((n$FZg$_N(qrChL-~Cx~hpo3f+FE?x z`HZIgjlf3Ev0RyLAA1bATTay*#-3fW)0e^SwcUX?2QQy#xy0YG?uo;3(Vy&Tlaona zk*V7g=_S3~sayC3AMNBnp(F6>?oKH)&M>YhzjMV`o_`hE@`!I^(ROa^Pp6z%cM9%| zIpHb0V0!FltJp!;Q(PbCrnwkSPgMJFJE@wGelk^EcSoDV_3=PED^E|sbP3aCD??xZ zI%v+mYwTsgQC`7KH||jB*9))%Uqiu*st>Z26)3(_TIm6J7Uq=+gmimLshjECpCBph)i4N_pHDe*gZZW{YK%qPiV!9wU)BzV>g{Y3TMg*OoEd za(mvVMG`~nS3{G=b#nd+WgFS`zNkF=mfRUobGL?hxc@{WKlC||9170%5&2eU;_JE~l5yi`}BUNm)e z^GU>UcXsLnZ00lPL1DNN5DroAz}I&%GtE&DK%#$XsnWSK4(nj3vDe*QnphEm0&(3w zUwdF^h+0&Bt8yy8DjWg`E|2s@8t7iHi=M0`<0=%-C#B!Qk&JNTp)>&||hDkDfn z16AZf`xhJFv|mNc&j}<3%ubQ|BZ;|=YamIb-dQXdQHeP?I&MN=h%I2BhDO7D(3v0_ zOm9h{OcF&d&V*hpf!$kSUC@!p%O9-#;Hm&|BfnaM6;iL^{TQ2-wM)S02Mqs+cEM%v zap;w~rp88}Ai3EUD3YOWVKFWLj%OeZPI;K)q5kcC(H}+Mmd3i0xXU)+XHi6XOoVqK zV958D#CZu0O#X41*zES`Z(s!VfV2ZWuPbnh5C;}mJCwt$>{f7a+WhxDHPdPDrr8cY zV49oNT64Dau(NUhVle5@iB1H4BT@>BF)fBGB9ROdZ3#{ypfR67cP7aUtwW?1wDrV$ zU;EBh{GIb7BcY#@N^Ww3*W!Xd8}wLlsLwKqt=#_=>~w-u;^R9P&7CfqZ|xC%%q$ghzlA!viReOAlLZ~ zbp?9o@=sg4=?0{ecydz2K%RxuVkwqLcr8oT*mb85>(mR^-gtTJ`Pb^9gF|Ic{VXTG zQz&Ss`_``?xF1&B5gdF~+K}qubk9C^^&F1gjEq+X6F^D|W8*{#yv z?+<$&XevhnV)`ezis?=6nmzn#&b*G6u9zOnwSL!Ny>lAlO#Amu_b$qE?C)%mx%*8} zLDlHG0pC!~0K-UhZqWEoI}@8X%5^OpdNN}4_MyB9ex|N8>}(lxV1Cv)v%SZ!@HnGs z>>9flb_Y7b=o-Cgx98DseJd-YzPcmYv8>*7ud(uGi@@fMS=$^7YwLS`lMniL-Y77a zZw{1QOsBEqSfXU{`(0_U1czZ$ zsP947u&7!yv3&iMTdd)=UsAJ?W3L2>GoT=B9XPE?{!iy4=IqvXD+z2b^kN6kgJX`7 z2t!2Gw@w7Dht-;W?(37a&$JM4H$5qE?^cv&X)U$+LN9yj=G?_@xz3p~>FH?h`6Kfv zl0@cbs^zIEg_AWoW1oJqYGtNio5?(*3$LvW7r*4z&(Kj&QMkBHRgbyI#&C$MW-CS} ztvc|~b-k-p_Ss+8I$FFIx%Zy@Dv(lrp?D=Sx>9Y15XnR$? zHpFZzA&>ZHD(@2l6)^Nc z?@5pL2cX%^t_SC`7$=ZRwa`*k3qc}6{TPC(*50!OG(%)b3!hG!nm(@2bp`?3F*0P* zt>9K?;Y8%+FIfvGcWLo$h{C8);feZ3LP(3PP6$H zl5*D-YKAVZOG^=ZH!pPx4lph~zN}Zc4`8E%p&D`6DKYd003}&8bGV1!;oAPo#3Ku( z1Ue%Oay1Th8DB{YYvrq)d2Y5Lz-jiHsV*b4f%nX+xC%~h&||W)vNlOys@Q%j&TGvfIUAHD%WVytr?fBf~UVZg#P+Ju%Bgbjh#`|hv5#c^+0u>?4 zc=SCY(}sI{ZLh6XeoFu8WkpZ1+pS}_E?;LA*m$x=@~~>(u@hX$S5ENyRv2EY>Qktd zwEQA%K(%+tUG8lvr;crikl<6J<}F(2v#M3NzGti9gPza%CQTc{qetu>HD3%U+TFW> zvav|6D`kS2VxqeKyT!z1r`vuz&qkCTs9y2Np5LPAxF9~A_kIC|@j~Oz&0k7Pos9-s zj@El_G2LoZJuW;EnZlT&w}M)i87B;h#5LfQ+P+;~yV36HV=9lC_|~DxaNb?F&-2T8 zdU{UR+IaaO#xUo1N<2zDN-^Y+X;2(4uRr553XPxlfSUaLHbNsicaF;Y;UP~^Mi+a# zrO#KOv_5v{82DB@EF*o}d;RR%u4ey|u&U|2+VrSTUL$UO)S|+19qsiFdFk^zO`ez- zm&!2Nb6W>-6z~+V-DkU0VRor{cnKv}W@0h$aNvxVz~h}w_gZ5Hz1Hfw=^YK5oNRox zDwKLEYpP!?$bM1%!OCYdl|HL5kz%#+JC@-X4{YZFoggH5Nat2-YRL6}s;Dztvt zVGe6aQmCWxzfrLybjYa9WqS1e`>=$n3FZjZ$GPVS@&N2|ZJnpJwfgk))YP$HOW|5j zmlj2~ZPV7!XZ^}A+|{3G3h)hwJE^mOkC}{(<&JpZ+?;0@p&}#})QzA+Y>MY6rfs@< zdcMj>DT>s`(Ua824-x$@d@DETeH)_B&hElNNc!&*5GkxAXk;{U^fBFDLV-V!ri^fn zYU8+K$rGPtUsU=SR;@x-h5Zbv#d$tXZ(F`2<>Kxs?V6#R;_|DsFxfA5FO1iLg@%Tf z7HfUN_B*dhlaJyBZ8jz-;sS$uH$_<{X3M3bn{UQ7sLQ9R4V6sqSwQQ7jNC8G&4*(( zc#|~s3)@U*RLed%d*LG}#BV-yPfpo-%<&|fCT%lcF)#e=1V2;snjm1zpPTz;0&JI2uBlyq z^l{63_hA&RREriY`PL#g3zXG@)XI$PihCc7e*C#0Ehf>s7`|ZC|EzFdP( zr|;lY1Hy9iHbX-C<&>3?d0ScIlH$TVM6d0*`^)dVlh>RJxPC6UXVmaJ|WeutPQO~USdJ6PN1wdKChm>RjbXtUXY*|65ZQ`ms#&IhYXzG#m% z4hDsTgJ6di)dg`&tP{@4-k-^SSCLZ;6K9}YkcF0&mzTdB_HG`Uq@;e@RZ@DmN-pL} z>tsNS?Q_G-y}5rs=8GD!c9FrKt9t0Np4=v?;?JLNNBh$qPkWccW+e1w@|vAo;(C?1 zNH632Ek5VW&5JP&!NWR+9EUYnb7UwkAfTw<`EJrFt@=@OO|@2@kij{rxxl;=vO;`( zG@vRNMfR$Wp8ow@2W2v>;7eA?Kr?vc)bPt=LPOPpX@`<3W8h*F%^0Q@v|-s?g6Gm+ z+q{Nfww#h(SG8hxs0&nJH1ZLh(w};6n6dR9wYSvFtoheN2N>lPPsbdi+}UgFHs&PW z)s|@O-#+Sjr|!xe-)NcHD%r{03w0OwYbflaTAspatSEL#uqglXk93De&yELc-u3&O z|C!nON?l;B2#v8=d;R!9m9YyhQjw{iZCo-1eOuCc_$n2fFL^TZZr_#ORj^TbyT`2^ zWE%%-Qc)!Wr!NqBlAS3oe&vYV%u<*gSKf|eI_KFTjYk`Od1hwjL$Ns$VYHenkp2lC z8t{~+XSs-@suxA;(_B2m$ck6+Hk)T(9A4aTDB)lTu8?Qe2oVq&S*^RK^pyd1D} zsYT8w`Ni+i3Txde{TSBuv+R?8qU4`U4Gf#&EnP6t$ScgXKu6(!wl3fE^Z8R21y`bC zxEu!d)W?LU7(U^BY<#i9t0|;q=doJ}JB4hRNB-slfPsJ*XT<&hW^8Jfy_v`uKTY@Z z%FMTKLc|;v%hn2h%J?GQyWrQtn+Dj!uL=2mj{-yk`R2z0j?sJ*dn>b6Qw5;55C&E> z6axNZ65D_|B|w+%D*0dIFWt>I12O|fqey)!wN9&h$Zt=9zKFxT@JYKh-+TR6suc$M zJ!X$9|Cw;6uC|soa%`x<{)s-57$<$eu1!%~416R09P*_BLB^{mX1TYrx2`|vwINBA zo=>ep^-raf!`{F4kf3ai_LE6NIA9T5`d)O3m`N$9sQ9Nk5HB#2m5GMyFI>b)r|_Mv z{_7dv<0C0QIxF^cD!a`e82Z>#K4~6uSg_XFSmSp|BRfz()MJ~+lydZ;eS?rJ>qo)o@TKSe>QqSB;TN_LWgF=%Y_yF0Xhzi z`lFPSest+l>$e=EjnL#PoPC?pJ?XOWlNlR0r_Jcz#m8Q1Kh*Yi#rPMVky|_nD0J}G zG1Mo*a}PWs6EkLYYQCNgolkBbT*bBB&gxk}*3k_2neVS2zxnLTSS|AL$d>kFp9!=B z>rjLdVgk4XLm-^dWwtMjjp;fR@4S;J~X&`e*GLjj$C1+{Mi07{E2}2$OR*M94Zzr`IEQjg8zWHhx zAz{2%p5lAzQqtCv*1I*TuS+@J7E$$62E;Z+YbQL(io+Zsg0b zpsFZ!-P+Hp-v3E;iet!O!%(lkJ9mrfhjnO=vB?fyvY9nPMX)$}LnNf8QBOrBP2}>f zq0HmQDPQ6h>%5jo7hraZvUXF!7S3HMElWKLT|N&fJ`-ZjE=*(A&tYxkX#|e{aI~pR z#zcAUsT0646Roo%LoyzbZ??{<9(78+86X+7zU#yg1|7D0A{C?$c!;eAayc!VzvgxJ z7B1X=xL~5^K`|z}SJNE!)8;PUmEXFD z23HPDBj$2nfYxQhQN^ z1?`}Ja`JY>PJ+j!7WQ%)mPZtCjDR;ku^dXe+hD#6@)>vS-=72V4t&TOU@!2{Zs{4jg&T^3QW%kJbG9*$6S6u`fl% zc_`rL56|q6qJf{WZ*f-5PWMz!W*w8Lh)rHsEuP(S-%4UYjhEuB`gH%Xt3}iPD^m;W z+H9p{F=*ggPB~#>viIjwiMG1+{f*{dE1Mohhx^wAee~bYi-u~M(h*jps&?sAyD1M{ z_CneGZxcsN-v%w0T=_tIy&Hq6iOGsXa=yAp+#MX&?d{H-4z@b<>ANF~pWDM=MR!D! zjNOTz-_kA8l-ZH!IEqRLBoyFVxu4Tl7>_#^2Hw265vH2J`*-5T#D-j~pRHW=ew$tH zhEj)o*TL%OQG5gYJ!q=qzVv;ODsCP zy8}Xacz6y;yqt;3*9$l&dTGW_6@B}qOP5R~)0H0tRqfmvxg--2Qh8 z_vu*L@oV<41^8c^FT&o#bWWc;z4KRU283w5&+H^HFBGc&-ghNqbRN?0)tQ?JnHdZb zudVcrxO}cwHEkQ8pF`kc)oa-+E4b)X!@+%sT{>;={X=g>ap-M^m zQ)ReTRN1-8Og}2%Y?R=@f%5a-U76q>;d`}`Hf?9AbUHc8q#AV*zG~+xUT5<|fWUrL= zJM6(Yk($yY`%&3)q7&r>sN3+C+V+)41yp!~T>^6;YO&vrsQ^fuNz1_LtFStXYJu`= zG<1>mw9o0(J%##~WrOyLV$Vw!cTZh3e6UMlla`@MbD-&{R%DVgh%K1-sh^VVX}xq# zbp2S4`F>Nrq=S!v#YIKP7Oq&er5-SgsKsjYnbf$FdM|ZHYtTW&jR~4j5ZsZnwA=RaduaL zG)h$yWTr2*!~)_mfb*-_`!0_=z7bL5Znz6xLR*_I4#s(C!!cMJpZjQ*(St?f6_;Ld zpvss|((4Kbck2U{iu>mJXQgJwb=RoR>JN*ql004Y$z${DqS*UWN`f+_wL@SpUcm5v zx!Qttnl@}n%G}(&yiW9534Q;5p!)kg-E&g#sktljO=!2>rz>5uyY8zI2$>91qNBMr zX}+QB*fQ?4dyqfGR3&qwKkMk9-EQ`~?w4itv$pFFo!93Iv7l2wbYO2o**RLRoperZ z)>VBB280`67VXW@t$!xlr_Ae7Nb9^H}dnqiky;hN# zitb7`#^-vi-s{Al*T5pc#E|F&e59ePfNeSseNYtv^07GTby4pHMJJz@3^B_3qc5&X z!j!({39vj&P3j_c``o|39=vj>B}I$5?zs1dd*w=9emWmohT~I4<|YPl#JCgO*2LS` zJ}Y(^mVL(VCi^~Mq{N!yt(fesCg9U?j@4^RrC_g}N0;5Bt?^0bT`95)?45J-vJ78o z#z(F>2j2;y&Z$~ia4@Lmu3FQ*<`|{5?+>P*>*Zb7w@yJaxoob#OT|o;_tQE%6nUV9 zxtLA~N-YF69+G5vY_=~lsq&#$VeE?}54~5Tffyqt^|E89cz35U=DHSYzcZyWq?&7b zbmCh|``cHF8a;xyJb3nc1nerYYRjZW!v!G#5kM2|C@8xSwSl}qJ{HNcHLucp|K4cl z{VT4&&cwvUQKQQODC;uWtmPv|8v^1z;Wxw|iLRWP=+^+b3VflZ9;2`|5Bm0SA?M;; zPJ((?3zRh=nUj1s82)%!@;0@!D1s{oaE`=Zdtu&6w^9y-xJw|1U>Nlav=q$r71)$a zB*J|i6A}FJEtLN2u$B)DS z5CfM^8E*#yG0bP{>+4r%WmSX74k_jmz$&CNJ)o+psH#c__6-07pxva=p%2J1esm_y z_jiY6`P%-IT4u6X#Jr0zEuW`~2k#eV!8^zYl)O zU}+f}FM$vP69eSaUu^obDBpa)N5>aYG?`@6voO`=kLEbVYf=#8H(19IMt$%2M$iY) zB`a$mnee|bS{jg3eeg({kaTRMe2Q;6zoz43?dDLe_Q?{3Oqtl;-mWOu<#s#QI~+eA zmR={HU=Thvu)g8z_lcOu2a0pkQu;_3G1iEmtc}_9@#6c}U&mbxFTCj17Ny&M@M(E4 zNIrKW1Nct1JP~@t{MblU(zkuI%TM6=GS`R=XpLMxa-AqT77*BYi6`)hN_Dr zK3OW&duz~rU08czELWD0OFsNcX|=EQ6kx^Rm+O?5H-5X#nBWP0G}b0*;cjogX0&Lr(4fQ4$dmu$zles4az_P1N=g)rDmNuI zzx?bSj%`G)+bI9QcZzNi2)Iw?Z+hha{9y@tNX7flY-Z2JZ08rhbqpTY>+g^pOVMPx z#B@W{u-w?_=GF5o?X;brmOZ(4TGDIHr`+)^1=8ojP2NdH&i$hK7&_JH&{pTLGm`g? z!d$RjI(?*v=W^YxI__Nad7#jEn6b{eT6D^F3DIylh^h3ronW?1y0W7 zp*{Tv`kj-z`X)E3bNOdJ5;sp5f1htHw&v3smV6u2%WF~=e(Z`Ua^;HjQxCJ^-BQUH ztEhLWBit!2`RR7!-DwAIh6)%co<7d0JDHRk(7swQ$d~uHPb7!aW?}x}LMrWzx9nZ& zWr#!Hn%ZyjI|Zu+8jJ?KI}`lN2E9E?SD~_UFx^9!L7$f7!eQK(_Dv|$3ObJ+QZDf+ zb>n;Y3$gTq8>t9J4=OvOj1MH{0!s{HF7T|*>of9vnR6BNt?r|%z4j9Ptlf=?P~*lx z{{`a(Vt!})W1wMuJBU7Al81ZkpNNv<7ztyWRxBY|7wdbBDslHQAVv4#P0ZaPpNtW) z2FwVTd%U)ldQS_Pmv@T4_s*OE;R zG`zUvWNV#YEnuL6nL-kLpaz2&Um1lUSnWG4_ejIDm+UXoU5g6_py?Q+b;qa&7r2Y}o5(Cmq-Sg(#bIqfw z8ZzJiN_+n+_jXPETcQ50nbgxkp>AGpXO+BsCm(b7x`fy-=#E%+**8@gr%XZ+G%zsW z4fkX?1$21zySuyXfe1A1e7gj!d$+qsFYHL}WBjgP80My~rdAG~9)V&(X7!x~!&v}h z6R3sdEZc>uCe6|ooaFi&gFHvIM}{VXJZ)yv3I!LmyF$4$&qXsfP90oWKQHVsQ8&=K z0oG|{JtuQV>@c00zu3w&=tbg?A z;WpWYF8j{byldr~?-rc!>wKvnrdMnG;nb~4)!^8J3Y~Q_+up51Ov|!+%TgV*4IA4< z`@%}k&z--zW%IUo%tx7@-O3QAdH0^1EAokDqlQNUo8Rb4+rT~hF1&rh^5~cCcGZga zE-pOjsu`jVXI8B8pBPhYF{;JYDKX0^vEwt{t@6hA_|p?4gAsHdWfc{2ut4Aoka#a#&yzI$ zzgWlj^-Rr`DW`UN2IV`OSc1-LX_85lJeHh zdU1Gk=Oyqd11f=*Fl^0HAY@!3X} z8{F64!ZS%f2!fs|ydiwKO~YYrOwIkF*x*K{Ll0Gt8CCglZmSbEtEhi7l*q*hcnwt% zGNs{Yc?n5GDqkk>8CuV5-u$TmuYxZwuUJe4XrC|t{d(jjwg0=<4+@$XsU`pTC2{S+ zDEIl&Y+4A68m^Z!rT)8;NMo}Z^M5FvX#NT6`RhkDh>h2O{nEI5KxY~LlCh|*?acEl zN(s-53;y|g4Ts;pazCyj6U=z4&|W+lg8%Y;iVfty`scI#{($%+_CMpbVz(L5eeyqA zJGCppCZ*~QM|62%y65xNvpHgNa)BTquw$+Y)M@onDnhx$NR7yIKs+RpV}N-2-_I5x zY!3o;m%e*ix9;32dt;z1_%!*$$iF^$rZz+Ic7;(}5jQ_~QSm)X{Tr$J@2-Wx`kSR& z#qYD9Fc*BNb~HWqYV522i5?$Dx#EEVfIiDGHALBkXok`^n{)%+Pmi*>xhd}uci>o6 zwJt*aNVk6cO<(0Zm^g0Ob}x;-b96eF!_)H&8~e+Eo}PA5_Nt!AS;%Luwi;YC{_y56 z#h0*egZX|u?AXdtutAPOcwo>2V6pBmusU>z9wjBoI61oQJ%xa6Z0zipD~vDUyV=6` zZT~)Ohfv_?C{%wVhUY*PzI^-w{nmaEm?GM7RR~WAeFYqi-3|38avNve`CS7xRc~3Us;id8xy_nDXrUzGmVXtllVO9UtDl} zWs;sciH!oJq2gyJ6Jx)-0`NkI+s*os#&B!%uJ(mw_l^p$0f%hv5l4I4C-DoZ+7b9R zx7tujFJh&rpz!tb&-Nzq%WZ8@N}P?y{<##IC~d(RU#hTrV`w!|g+Rtc6u&t+tjIhj zDP;xyXH+58q!r^b)vH~xN_oI8f-j-?sxTW){h-cfCJayQ*v|JAapf2 zp`)<+Ve1gY${<|rN|{JUUxdgVSTGngoz+LY7i6#)uAr^5+IyXSN21}lllA*+!oGUg zl@xeaF1@_Pn6||%xuU^Sg^IF0h<<^`W1HGKVbBsNt9MMR?yt5@X}|9;tk(h!++JRK zkMp+EUI!_feg6Zgdzg@cf&qu7RR9?f+r!y~DBo|Ni0AR>(*pJ8fm8q(Vkf5?V;I$|y1;*(0ftN=Di3 zBCG5jQb{OVRx+|8d*6@Or_bkmeXskvuKW5O_i_JmcXWKmag;dE_xXA~pO48&S_9Fq z2-pFx`V$pj=2vlXkp!AXBy7Whg^{a5?aF&-X8|P(@7?Qa@W>Q?bQn;UJPCMWsTiO8&3E`g(&kZ>R_PeRcY0L*2o@# zR&zVuYWeD0ZJh><8wVq7k0^+RipcHefAZkiy$fpSXi;iu**G{|VeaXzyY8K*{8Fq| zsfxx~yX@}m1=jOx9&BYXNOIZz#_fyTjfz*{HKu(&m?;(6*aTOy;v1OZnQ7F{V@b7d z>$CVtTo7QDs+SOqEp4uLhs(g33eIJU7hEs34GmbaI-y&LX3ygX?ho%NO<{X5soPo; zwBgM#j4qHGz7tK(^NEUzs{T#1bok}m6|{>&A%Tv#L~uetgpDBHYj7L*McZ8F6%Z0SAl0Pckb8Jj2n?j5>Eu6JF={z=m7ar zq^1GihEZmFwtQ(h@mC{N3Iao>xwW#V&(L_4cPYX>iC0HLTAE&w4bfSF4$bcok1k_Lo!w!r&2H7^#3m(Ks0%8cP*K@Q2X(zBeIlv-slXKcutO0}%Vp?Db z^{>B@-*zArVMok|17;C>;~(k@mHAOUy^rr6sebfT-?x>Kx?o}QG@_0No70)3BZF8J zj+Rjdx2GOy?1-{gTE`(Qy3g78jV7j3V8_HxV^_N$ zwUk{hG%wbCWb$y{^y_!l$fS--a|FNg_SV6|Ix zF!o4bO$uzZNNWYq2Qv@3Qk-)6Vaka(Y6kf}av%lZniCFH!|g^DTjh^g9S_F-`CPM* zs3>Nb)bTZlF$b9>?3tF<*7Ot@g|2R!a>*zE7Dyi@!&w|PMD7n|D+bw45;%mlrgUL) zVj>>?c==dXC>_vbl5p{WJ#zE-4bvB4i#2Pv&V z{1w}c{XoO;pZMQdww=`0tvP;%^WV8pC38!U_tm(QA@svC&+F8fS2Wi&UwB*pstFI+ zoxSes92TecL^5eS+i06yp;yMV>d%ZLR}0dD_9t?n!BX*X}KU~|_n z0$SmLico)=(jBlZ5x+1o?^O8bz(z`pYs<+v=BHUWPr*w4L$g3Q;`I>0DtH-7^i6!^;tB)&qy?2`M z7k@asvF4@Cfjdczykonr)rTgFs#e*uT3>3v&h5p&gVm%qAiFQ=A1#37&FKi|M4e>T zZ8m*YUKhX7JLaqrAHKpqnz}DAZ%o~_TE0;rBhX?qHaV1)T!-HaPZsL9rA=-R03wQI z_X<^eLOSC}Z2OKKJL1r5#Hlrpk~!qwkyj0hE;>O7geSytNjyT>65iJAn1O)-B)a(m z=@8JA9i@e@qU2-L9>?X#Sb1MjQ39nfrY0rB_xl#7&*G4BP%I}|dwAq9I;bM2cI#?< z8+d&!(wlk8+iPmP!7$2>eUge7SMn$nB*lt2RDB8QQ@Ai>g9?*Rl+(C;X4qKh|wAo794fz>_ z%0+?NXk`2RhVSpcmc6MdsUBt;5V_CI_vTUdm31bRdK0_17JUBd8@#n6Jz`z?C3gQT z?uesFPnYv{J#%2imoLuwe*zL8`nO=xA=4q8eIjT(^$~*U>Z(dN?vlzq+q7X|rWAGB zDzIIxmI7*&`aBIGH<-%2YAi~}$9G^|OhtFPG{-Av1TzjUVIaU%hb|PBC*NXTMZp#b z#;ET~i@lu;A1b~S?CpOCQi<-bdAr-_QQVV4x^j8hYwe!nuJfH=_jQDf#Zo9SEi-&E z&A)4XCU;u!T>boPKT&3yhqp$kbq^}GBDu+ z#qj&?-zh?T6huE7e{;;}du z>!0tpT0Q^hv18OQxZpE?Y9JkCHA=HBL(!QF&M&ckZ-f8u-#p&hfN6lqUZ-m1X(%mL z9G_z7sY!wkfzHsosIMJeEy`P0pLKS2RyiY{5hM`iWT-26isi=sz+y#)cklGsXWze% zmVc-vwCKEY057fPw0(l@p=}cS02Fp_X#wP`<_IzR3AK! zZ5Q+x;BiWXgGNn<6tyB7Y@qyl1^3eSvxXpYgye~n95#>90K*QQ!r4`L$&_i708?Wy z*FRj^Qx7c&V?dTGnhM|1W*Ko})J#(W1 z^{xm>E7u#kK3{x_+^B-&f{X`1*Xmu`M)6AXNlS4|;Pmb|6j^Zb=-4+7ISZ7qqq?pP z(G0`@>V}US#R~=of4a%lCK>k%i+Au$(eHP4p%$TMVqz-su~o#VJEm6QnwgcARlRPs z_(aKN&v=rQLNS65%yS1_ZJM0SDkixdyr_B<{a_p+n^u7s56c}+{?di@) zza40bNc~|T=zuc>Glq_}^ckO@@|$4CsrGdk*MjRTqwPT0sD|K&s4jzz-p6?SA3xST zxXwG7ReNCFgGg1QOwCbhVxz_{R=HQ&yraAQ8wTjuoQ>V3FEiNrw1}r~ttoL@1X`&0 z~-$Czl%*!s<1Zj(XFEt@0z67hYqVTUEI~R*7QqP z?UUoSGW@T@VlQca*3~x9x>d0)yym54+1Jyt*YvkAP~P5#eI?}u*QDcRsUFwxq zGyRK&H;3b`=SQan<3D^+cy&zVvZL7c2_+^t( zn_kQwKSeL-E27++lZ_&@H7bwn6w6bQ0D;4ju%WJ#gUjZ=fB!4MM&hhTONTiml~MBU zd%k--drIw{j&-KWCGid^(j++0<;%Mk;k5@jqwrS-BNuU!$Oqn{PjZCp$e~`x)z#Ia z;=kzF_HE z{q=0w-e3A9yf#+KZh3)RJb%_P7mG^iOup=pO}=bXSev##_$DIrNyQ4B zhNY0_-1|6EY>pHzxC;?p#{RnJ49HZFdas8I)6-YIdi6>wj6tf8Zg;eXKH@8J>pNqR zY?64B=)5y{J3h5L&s&bz*HuinaC!PRS--n{u{}P`%ERHX%TpTGp;f6jPh}pue&l+V z+uNPq!AnzTv!1nX65UkN;~078!M&TRWRy&MhrmE{$~We|h4E=?_Ko+V~^w z*Nz=A+CLZ+qcGd)s#-{`aChypLirKP+MRXr71e&y?!3+87bz61DXxd79-iAa_U!9N z4z#2oSyD^EZga7Y&~1&&8J3Er4)YpD)*1Gc)jP`-jg5tYP?0GeiL8TzMY6HQ?5Vuc zRuQ95O(n7}NJkn=NA`YOvifObwznS1SMx{>Qu(ukRM*#E%gETSC*8Qmp_{i2wI5o^;5wxwI}Sc2{Q{G7;&$c zeZMX){_S)R+A~I+Wnsh9pES4I5BOju*o3u??4O*Z@X;F++ZawK#`t-2Z(@tO`jP$m z9tlgUzkRj-Vg945dQw@cUUkikOJ?POv@+h6)LeF~mbx~lB{80>Zz;j8$X@aM?g^Rs zAI8)3^313GC5_f7%o*)vUQHvPJI?dt*zPyG^)SIpA_}vnscG4rgMdXw;4Oo>*3i>v z*SC%%o=Hc;9o&UugZ8g2#+8N}iXJ162xP~I`Qsc9Br28AwnRsK|#%ok5)Ky2qT{ZMv05j$W<}E4|EM|W>{7qD*Frm!&zGGz57uM4@ z49E0)9{29ox8dITX{M=}Z`*g1?_@8U$k@4KHeDu@TQV)1h8LUJh0rzly;pir;cvKc zB58oR=*vyxbUjivK_PwXSWq#i7tHpH$|A;+^#`}l3(H=$otE40uTKAk+Bh=Fg7?vs zo8ZK%i%<}{P&L0#pY9i@WBI}|V~lRQQ%hzy_LJUREJMhth(oO4#KZ)`uV&q8Qi`*$ z^sb5L)z56a;wCsrhJz3Lm3^tUZQCF_aY8sJM@4eyPL@zLZ>T=XS_kqLae{gO>#$n) z1f5{e=JbvgTkHU~U)5*^nMTp4pAW*0g;_k2aT)Ks`;p0q?ScH(h)OXSLyCXd?8x~iF`V>fo(+dd7&%Z>?YD#lN&xmv|SBUzSF(cap$*aKH?)WC=u zmzT$flY*p_qV5*|wfB{`1XmL@0^EOkk3vI3dJ*y6Na?=yMv4uSuc-LO%v z?`P_@FRbEbe!Y4V9F>qMR`N0@xbh>v9{zruwU0@kIXH| zT={uUm-5vlvm>^B!Qq|kEye7g-kmc?+>i9_n)DCTyzNjRd z+Akj^NJ1!G&t-Y&Be1fYxt+qvRDy)W-l!k)-zPc;Pr)kT*KrH?vA02MGENLN78mqa;lMtd)(mPdbwM%5%W)>X$z|%i((z$p1D&BYC&C?y< z7!Dp*Qx4opU}yP4)_n=n_^;nHQL)iU>i&2>6di=tpFgG8l-P1hS9Rn}%VoR|2M?)x zuhpiSdc%tW50}QKmG>G?=Y&W5d0fIOha2%1017lVZcASsfTTfuO;63Je9f5@INw%c}0AMg8?a+{nq1AD`62<faYz>{Bgu3~K+yGpK;bAeH&GnUBx zYuUl+D7T>{R}`k7wB1?$dR<1{o|x-+$QQ z(eT}H*cYRNh_IM(@tpRCO{2}4h9xtRy*20iu6{66GI3kG<;|+b{PVl|AM_)^Frd`= z#qafG!aLc%yd{eT&!)xposHSX8^7HBGR*5mN4?pfq0*Nvplnmky-zu3Oi!)f!^~gJ zJAtJjMY9p51GkgZRgIm5GgjFsC(4H5nL2?_1qlzLRYYKrX=%0=64)6r{2?<_Kg-tm z9hbMo;X{XtEtB)F0qKEt9{0~$IFhh`6XyAIj2sgMfZeIug1QTieH9wE`v((uQN7^& zf0j5D8}=a>1xpWAz5%O$303X_9w<3}5KJV$)8uULW%q;sSrMR8jN~0;tD8W_FxJ)( ze13O}yKy-?L;9X&zP`7B;+>szJyX90clTM`2*6s(r?VIYg1PMMjy-;|Ij-ih$ym?M zg9mSme-GF#v3s}N+3a@ltJ`8@CJ&_l&3e|DfS356DERp!g^g(-!x~Y-2^`z#byJ5e ztw)vWnr(BxKL46RT$rl!Eup`_&cwt`$G3z!f4{L&0>()+W4w5=dD;!Qc)19WSv+rO zGLxbg_?z$8w{OYY)L+C!Yd?u3(Pg=md3am6R*P-`kP~OSUjd114;cm_J1fH|hqQO< zSK1ZJjdQCGUmTJ|;ArYvt`p|z&tDQo{crMkmYpmj2s9uc$D1(*ffkY|#PVaO6~5Od zBO{2WCK=oTzP{e1gI}fIoBd4_JqeP|Urb)S) zIw~2JZBGxzX+tE!{7xFsrCz6bd?O5H4sXF#l6jXTvJ#gY!lc2%(kjB8{1!63Q%9{X z|NVpEzg!sqC#s!oTL@+f6z;A>HX#C`0pTHg3kuq+Kp0kP%2H+Pf4=!|-yVC7^1(|; zOY^RSU}4-g;g#GwHQlQ(x773g^8>IS;8HCDdn-rHeQ@2sz6CuVnGYNP^+(A6IC@Xw zpMtf&UrNsP%;Ycr+ph!5{tw9Z|AQ}c$7N}IB z{|5A($hX{KqW@%;z8G-cvvn^|CbIqgI_hmlAO|wA$Y(%P6Nwc47rBLd5-LRLd3>BL86@hwPULj6MnDBwmAq^bgOMwo4N!zf$l5MfJx z)f9%qI!d~)eT0zmM=)ie*T^DLv9S?f!N2D!emxIE!Qx+yUeVE&=4=l5L_z3xu5tT) zb$Z;qckZx5@=i?A;9at8;-Wmh&BAI<@j`qFgZ&@~62b=Z-g$Tnoc<==<6bN?yti}r zaH;umAma%mhD(UR&h~~Pt6g0`{6ePBO#EUK={gX-Y0dw@a+nfgr4@8_t*zD z3u&%|Ob*gV-5r7cLd&Os8QzbWFkZJQ+_P>$U3yE7FZn_^6L+^FHSm&RQ02wSAYg!0@2Kp|j}Sl%ERVkwHNFO*3WAD6=u^B9$%AK3 zyK(s|&yWvSabhEtS{WLHDTjZjqO)H8Cn|c~|Np4y-@1ejBoj|YhV=Ln#LuKR1`Q|PDh%(rDo1>v#aa!B}H%Gi)K9(9r<07W#&Sm+gzc0~khQTsdvumn3}o+McI zmAWbbzG8+2fv{LL4qg6SHtmej5bMKV0k%Ob`?%x;NCr*~@Fa{~P!mAwj>Eth7r#_S z;nc6mxdr??q>&EsTOb5d05@qZpqYr&EMtEx!PkfN6W^9J(ANX=ycliZ%0{`;4FuQY zT_!g%X+46h$i-zgum3xY3>bkf^)3C%8`Ef<#lwS(#6e~E>!!RoC;eLmsf`|~5tIKE zSb344A0UE=ER)5jfrvP9n&FW_#{qcBYhNDH$L?y~CKGOnPd!rhT<`#OR@EaH3(*Kb%VYX!2GGM!B#JVyUC-m*>>))$?xLWl~+1*tx$3G`t z`-S|y^eeOcF)HmO!1skly z+XUIOMBu_o{m=?%cUsyh8DC z7-HwqDFPx6zd>{oHOD(AIXO98>x`$h5s;1@94{6^s)^D$-ccZ!0o$loRc{HzJ|#ZM zW0Hs;fnb8shl1E&!~#J<5BDj==|nIh^${89ourNs!SWcq@#c4o%^>$NI3_0Mx@Utv z9=tY>xr={Nj`4^ik^mvVB<~GA(drB7@83^%>hmG8)L+np5n_6vZRo?of8w73Ez*Hw zZMsa{!yAtI>#;BXz*K1WMJ6wi$0Mz6X>8w;FG6gIi&@ZP+IUl6pHnU{(NQqj$WXo3 z=8`*C{{F_wjny?Z?6adNf4YTdn24KRy<#B`4Cuz;(}K9Z@ZKMQ4ho_U{G(jbs%noF zhE19!o88Z*E|^FTY5qM+Na0i^pJ1Q}&|}~%^%Y{om4SteA~Eo50PQ7E_@eyLZ=0c2 z698Gx)vIAh69ml;b`1L)lk1{lK*=W;(M)nh?q7Sf(a6913-Tn92TW{jhYlTLE;?2# zN#Q+!u>mp{#R{Pdyfh*c*gLSFoUZne&z_lJgUE12XLd(Hxs zsMK>hyQnhQoWj)faxkUlq)0t`RNf_ySF_rjKX0Z;dY-j7Gm~RK&OFtjG8J^4s!?%F zNQM8=_23)jE)%oWzps6!$0G&aaP)f&7rP*@pkD9&$vF2EIV+x;W8_CcEUcrWBXr0F zw<(Ql#6Yu8gd!TM2De^NAsoGg!&FpM+;n@2go0d1N7Sgp(XoB=1BOdVC@#QFq-^6- z*U<0?P+Ys`k{sb)2tOFQ+p(V$W78cFtsw6FeS9%nz?mh9VY*r?LijP6;jucutSA zPXCzSNb%}*lJ|d>A)6lO&Z0*jFVzoe?a}<#dpOf|z?+Q|HsBh7xcppuj zqSx!*zFVz6%;@C&7AH16cIaE9?0~lP4BrwYP(=}1xbJ=;X-%J>EaIeXgnLvd|l;7d=qg!o{aL9!P z@9Y-|xc`cED3F}IgI+;+bpUE;WV@z)>l07;l8oJW!4*(t!Uw$rGZZE=Twse;OEdf8 zcS#*s%TB`az~n*&hhRvd!D;j=Lu@k&YC{$;3!54hZneKTYSW*BOc%>7emQJjFp2-y zVQ~kMq-Rk(XIv$P>srY{`}59x&5@}>Ax0PkR%|m=J9U%vWsvYS3bL`J2ksefF&9`dWdXLSPDYeA@5u06Ki#U9CUu7f~DRdkdZTiMvy3881;hRg?OYnTe z@A$0uDl9ZjX<(nsm-*pho(f`J!-y4?77)gNoK3ZOc5p&BmY-1@bB*zU#06f<8r--kwu1*10uR={+WS}L;+-XE87{K?6uQJ&bnu{A_0ER^eBmwkmP zxZKh4`e(x7AE_v>aPuiRdT?r=aYlor5&~l*LQIBx0YA8wFxv&8oaKQLa`rcMCsmH z*MarZnS1_lzb4rjlPKQ1dcsPSS|pq2^wkP=E$05l433_AEmy@@a86#QKJ6bm_RS95 zWQaH?{ybpZIL>FH&iU0BBA^1kIjpdy>ek?m6b~P+NQ|vR(nx)MJx_&i)1pt5#ztbe zg{@E)la|#wJ?*>)s`n4Bd;8$cPUq}?)A^x*LIAg2xf#E-PDvMLub2Dk&G7rCZdqc> zy3!5%_2n_%lrPOmg6X@r>YnjfP9+KX29j%Xhg&R@X=!0;aqss^dB>AmesBLBC)Hp5 z)JFNm28p$kDw;wIBl(XEse}&QxoRjly%W$~wP~MHWC6>?S!s$FbQbwfT#u%O&3rv? zdIJb61UZ{-XWr`&Wji>!rzKtJ`)-eoebT3QQiRG zzVk|WNCh<)ZSOsY`imQ$ZdfZ;Sm((!e0~@5knJqy;&}!{g52_3Kz`#wsBUb%e(cER z#LQRR608a!Rn9KHyKYJ(M;^Z=+&lz9&2meyU|8U%51@)YGs|rMg0GqHsbgFyIp2^` z1S|_EEnz~SW}jeiDq(3G?_G0rcLUe&Cd`JU6A9}yw65IT+$4z<>>o)7g@{P&W^jk( z{@E{_IiJ;OlcZQ58u*mIMuHP!M;A{|Ry>&u@cY;8x-IY+PsA2$c=Yh3vim+>p(-R| zjDxzdq5;fwz)I%Dpuj-*alSu;Z8OSYi)01 zsISETYhLvH`Cc_iEAXQEp8q}D>9UE!74^$0spe_1V?Z?TWnonRkae!OxY)C$fajHm zWbD7TDZeG_@Pq3x&tk~KnIe?|IU5yQgwiHG)AOA^#f4beFn)JpTfj7Xwrpz+@)g5h zEh04t?-wcruq+9@Z|}0t?n#$F=5^nqpfu5^yK~e<>8G>Q@$J25tk2Z%p(upMGvUq( zoNyO$e@$=X8Wma(GJJ&~$UYb{o zct*&I0tqwbNz%WFUM;vb;!tx2M!`j>935V4GUd5BYi}t)+I^~eK6y%x%V9Vwple@L zz(74+k`y3G_I(v-Ie7F)#HytmrKQZ+IRMNR6cjuk+BL26)Bede5AN9mkN@Lkxuf1x2kA8#UGegco5AZvN_|k;0wLoTK14pidYTxq%3uk76!?yz zF0GKKo=4;>F-(gr&VA7I;MmjaQ-N$U-muj{RE-DLNU(MY_AYtfDqfK#yDx8>)*0W%i$>Gq6QmUBI@7$d$r*4yRoAreKt^azWAzl?FmO zopt+HB-Gsm>wMMVX+$z9Ji@KABfP)WumegY2Qjk+Td|jaF_JVCjTqTw33Y4q%rjf; zFrI^lf^}K$HpS{sWsOq#S8x!DY;QAo{;-^&(zgFvKzAuVdJlARo{R_hW$dHqBap!p zQbFaPCmyEW`ZEgj9o054Sb_HunP8YjwCa_S9)gqvK>d%OJyYfD%(<6VJhRjP+Oqx<*bl&QccLQl;@tP;cAd&|ojk+*fMK*Z#Pc2WG(Gr;`q1+aDk*HL9U)&~-qgfOO# z+84*CyTv_s4;)@m^ZT1aRVNq=fJ7y+i{l#+twUrB=e9!#7mrS0(6(b9U6zn9w7XyK z)mJ~{trYKtycNLy0FqG@4MX7GE^dM-Lxnz%QY$~TCqA&tAd9*E7wU#eF9$C4dqQ`|Iwp$!6l3O<^!mM!%s+}pFsB|WqIWM zh3lXd5`;l~w)vy~cx%HRJh%w~M+c(AunHC-pc*cf05F1t$mCp(i$EpcN>Pyto^HFY zcPxOX{Zu#+4zH!MjT)I}#uBtoI~=n0p?fb)Y#Bz{Mt!!*&*FMa;-F7Zn<7Qe#wIsN zv;_DF$l`s)id-aPR+?qWhpE`^x6I@9PZUF*6cZg7TX;%`JJ1>Dp=ZgR^Oa+LJ1)IF zCnYQ?&%Ua8`C!`{UdJPj>=ic-nB<+9;UL4tOB=t7->&Ii*$R)_;J1{O=MSBqVkx5b zzE|SgqX<6so`srOYf@Sw2miGdeL*fVQ7hn$K`rM&ou`kW^lZ7ADXjhZL*>u%oiLOl zhF+PC7C-P>DF-vP5d@V(Swi}LxWx2}5J?g?5rNx|G$Rr&8IdzM$3fj8*_sYcV_$qa zsVP`SdeRG#+l`D~1*}w^wnf&34q{KAJ;Htun@FT&jXQeqNc|CMK)_k~Ol|8%E z7VOgg6LjY%iu5m_mZ&{JvV?@BBo(k?bdrOgsG8Yo{(m>wcG^-DN^8e6S?XNyN*;d}ZNyFy_{qSt=W=)T6(v(yRR!%i={IWW(s8srOz54+!4r8Mr9KR29< z>7od7aTFk(5-#=l7rhc3g%T(nT+4u7x(gkTXO}w|MHBXx(T7dVhA)aW?79FS4!Ppu zBF0Mv9}W(3{eMc+6&e-(Ll-_&{etgKciH%RlmF2PTVoG1hKxfGGwF0f$BPK~U$~Rt zSMU>Jgy{lt5&J}MF8D0`-Ia|4vQHQuhGMB9@6V6_I9L4md7a{9G9y+gzfmXXtV6E` z%n~R7Zgb%Nu!x-aF!|!a*;#HC1z7 zjy{332lp5SHYDHNa(d5PUsQU7o_TEkq+X;DqtCzp?qFPA!~xOYfB9`oOJ@Wk=|BHz z@_%J~s8jySpC*5wPmxOZzxxY}x7grf8sO(B2|3Uitu#N@zpwMso;!T8>eRw9TS&GE z!Ph7H>lm4sPN%dljFhmFZY)H-32oVOp}xvIz3VOhRxIm~%>6;<&1i_T`}t)(xfI*o zr}(i-8)vrMxqCOwVtn{ehN8*n_kvfosvOThNG`-XxxTY2e4w+Iaklt#*7X7|5ZHNSLdBe!@Uosl6%3UfjE? zEL-!fz?~NyCPo~vaqGNqi`^DuqitF^+tn4k57|0SbAeU8A~G`EptA_ogL=8*-X-0> z!^nNXHAV4)u9APb-`lS22^Tp8Bo)F=--(Yf{%mDn;lMI*hNMm4u?${NO)89T#J-6B zg-SDJU0rU-|KTy0cXf2-Tj*jSwIt#GSgdhz;h;rkHmD8Ue_27R zp4#_*=KqFVm3L#m8dGU7<*u_3zjXPs@}nAZnu1IOMotMXho+oXJ5kpgCJ;Q-Z!KLR zAOIi^g%u!m~Is?BA$&Ese1=EO~+H1OKwXrn%p4hH1^{)eH;SkFJAQfi>fODyTfwl;C?0HFxpI; z_G<>osuwQ2Z1`~bcd%ypYg4ft1-8;JzYhd|9X9_R4B&N;Hoeul9B@2xtneGAgVEm= z;_yMxP~fB{(T3Qs;tA?s|!+3U6Yg1JHWX-@@JlJ9K zK)d1i=sEX0NH=g~#1>TSLwGR&=pcBK@oh=T?u(~U0S1yZQ9t``Tdo;__EC3bH>bXi zqu3-h4g@%C;}#b#5bc1uoAua?TXL0~w}OICj5kJ05ad-y7J=B3txrHe1tyRf_sLVi z0pE!U7k)oXp%jXbuP^(WH8%m=L+*lZ;R;Km+MSbQv?UTCU?^UApLmiB!O&7<>0JcF zt?6Gj=zq92!n(Z3{(XACCHIaMYej@VRB=GJf4U zT8up-v$?SO{>a4f5MvLE2d~1JLJv9U{EA`h*na=-ELU7G-w|CHm9f4DR^zJ*LL|!_ z^A$X1^zmBYKYZZU{g&@aWMb%;*ze&{&@h$=EkBGI!rrqO%LoDuJvfpBsPGpMhPSxr zL5el-@{#BeLKq%lVqU~~K}3kQwh|cK0?+_N6Op(_=hUeiCZ>74R3YwZ3a zmW7gqO$nmP_WIk?j;9?GBA-w8q&gE$xAlLWk-EBg+dQY7%EapAzhg|sH< z+SiQIZ#Zd6(R6`uj1`HxsXmn^EX$WGX=|^>K1iXUAI-naMA*BMhExi_IC1^fEwgTM zHpUc_vgLyZWY$+F$&NdgO{5->1Ed(TZFn zyN|5ga8En*;i0dzU#~7>k7w6f|2##?p*L{ok_tbfF{ow~?VkTAdEW4Bsf+SIDaF}n(xkNqF3 zzqK;si!hf6?byV5*LK<6uDhvMCd_C9d=DMEeg(vF2g0`ywCjzNQeB;ytjY-J*d@n6 z!5~92t0-OsI}{lBZU}|M-}*5?9i5Y{pyRGXaF(|?JAkx-h)DiOb;6JR$xFa72)-r7 z;o0TA0&qOzgF?nP3E4L-ROhY#b5n8+hD_DKreH0nv53CYPMh26!)1w)>9 zHU8j}V>pL}Anw)M%;Onkvd2Vi%rC71;W@#VfA(WUYB{$1E`z*l#%fK zxdJ9xuMc;3q8(Ro_njdt_{@kD5I8x~!xlRnt1%m2L%QAyWb8m!qgEs>gRCDc>+l%^ z!VyBe4l3mv^RA5T;ElQvfKD2iv;C1=P$Gc`1+)=8iS0R3*p6$M(3>b*i9WrX^P2Gp zl%8*`q(wGwKHq$^0CxbXI)#OZWFaop#{(E4-v=8b?R3@Byyn$w*Ie?FA-Rr!{+tm` z6|(o!e9>u;TLL46IzS^S7o2f1uEV=Q1xtGP!j@Ogv zIqo-8P31XJ-7bF~)qm()UxrHvR&rz5tfW3#_y3|AY5I&28-8ihbOwEAX0IlssKk7T zPY4=^&9!Id9x{1P`)9vzZ17;JU9uNe^_*W9ewNnIbkf2QEvB$5KSTv4494)xG@>sE z2h)HEyz|!}p+S8KbR|&iRYHw6>dd-0y+5hkPhU2Cp^hc#-4*@0GFA5)rKSb-=`pLL zTSAH39oMgwbY#ohERdjyhJ^wsfz9{?xzFE`W9*jb7B1(C3ER||)!^7AYS(Ek`(awtY_|rE|=C%&&v_Q86(R7g9 zFnspbL(gh&e1-JqQVE-oDHG!(+>b)}A-^pMeNjS|nFJRp5_NsAIj$&K~-4@NuSQu`*Y%y$o?cgS*{Re5o z4v3dDmU8b&kM65=dYJxfRk;)2SwpY&ogACGLM?_a9ysZ`DkE`H-=Nc@=)UC z=4J^zf@fwKOCFW5jnLgz{UE&hhNPK*a+MKl4t-9XnwGG}8dWtVTMc|Zk+%%yjvc94 zkj+3ugV6jqRIWk&>5*g>%3oSmX?bdi6C7E0}jIcC10=1C(Y)s8^v%Pi+~R zMim?i%HC((2nxa&qY4WGDN%yF51;wzZA^x@f`ft%I5|m^A~U?l5dKWMxJO$s(*nOl z)E4B<&{AI67V5CHsB9P$$va|mVaFQq&pyV`{&8UHf_)w%G8_U%@E3h;#$56p`JF&G zXwa3ZFGdzv#HEdVZwtDT>p-#X+ICQ1Cr6fYnq_=1^odiuWaRV#|7 zUn)Ze3q%N<3S=#3bymyY6m8i6b*zwkv>IS(Bm;tB#TD!gBemBgf;2Oq9NUb$zNWgG zf;${l6`4gILW&%Qoq7!OH6;qOkMVCJtBj6~4dYd@ciizEF zUxZUXXQnp0BUo(Oq4o6#ncE&?3}QdHuk&R&Coyc1f=L4r4M5zm$>Zma!)GO=A2rFk5SBYLc%&tf&^KZ3|?GdM$xDjBg-fDX4GJm}Y+3>%4t z*ug1r*5dYUB!O)0%R#ZFDcCPK`B@-i~qTZS7cnBa!qot#(Z1#kIUsk}zV0D1wW#qjG8qhlRu6r#e<@Yka0^UNPzayw z()`$9=`jZfDUDe9AOI|Q;^gX24&vQM-q2O0_##MA8tu(6;E`0ymoJ~Tj3OZftTZ!# z52TNL*!K1Fh4hE<@x_*tt#0_dLGw+8C;~s+9+#8j z()?@YYtQfQ3e-AYRo_6&`At+lUw`h$z2{jfdDZh@3T0=YIOo1EO?vQF@uG1BYhyb8OO3; z6&}@O9odvy;CZS0;l4f4hS5R72s9rrKCpOywhrES5G z6+$+#r~$T?;oZTrX3bkfr+MSzoxa4f*yppaK`t_|5SFvTxk|yT+h>LBJHBTNTu-7= zIC_+w+$?yrl(E@B{)Ed0JZLdeTkz??+YcK&738E|#@q;wd%d`A3}m#o%(hD_aQ_blE}Zo*HyNFEVXsWEC5ug`mYaR@vY8~yLZu6 zvf3%|Y`R|4VAk#1Y{`l%bb4ZHEU@_ua#vXFn5~mWAOY@cyo>&r^58APE};_5*`X`E zb?Ya~u=NtBOs%#ceFYy_GVxa&Sm{tQArHTO(@i^!L?|)5?=*;NJQ5s%s z1ZoHa=G9^&1uLsWO$R;b*C}2IB;lE>ge?n}19^Fm`oOQ{FYtMcPO!RO6enjyb4iG9 zA7{~UN|#ofFypkh=u4Gn-Z_RW^0C2>T5hF5h=IGyPU4qPRN&N(x%3Z~@z+nPNAAB7 zUe-0z^C7hTw zOYRu2eroUV>`2j#G7~Tll~ECeb-1k9 z&fKMKvh#KZ?JlCxMsNv5*7^)RrL(iMF~yk115T^&T!qtgq%I9t@4Yh?t@wE%owzH} ztANtl#a_=v1`<|8Xl9HPR3vUJ2&;yx)gyGbWs12rI3M)g7?=LnU@#Q7v+b!YE32Fi3|(4s%w4h>uHw_ zhU#B+o+@+5yRW})pUok8R8lIYr1MhTi`-@FS=DUg=czx3Mweu#IXt&`pl|vm`Pb#W z21Q&#dmZfyy*}2fW&TQZ61`BD9-xx9z+$kL4vTy6w>V znHB(;D|mf4#GiZnBKI5;4f#O82{_xLtiaRUKIKwb!?yz9-qiIA5q`u$#oE`5h%C768ySgnTU z)_4EfVqTj($yaV)+?r0|!kU{OeZzIh%}v()NpE)EaML+Hi^7@ZI`+)_S9mvzb8W{8 z*7~OEY0}HjpFhWB#Hk9gr4;U(Sp2Wgrh7LW3ncz}6i`YRvG~L;&6`WVFR<@cBl_ca zlTg(U7P^mC!R`nHo52$GW-e8NjtZRE5?U@<*lNw-#S{DJ`0Mxj!_Ewc?1>hOeNncza6z2ejOEkxmqUsw}L>o`|BSO&$%bF&VN<{o^I_y^XS7I zZAq4?TeCSfjZF#Ll%sQ2%t;UW>TaT^)V>%nNccqw!idn7uTgF|X^SAbUm;39@VpThNlZu0%xnIn-`r6)JwW1O4NAD=N z&gN@s@#4zI1BS{W29vXAYZ@9D@Yd|KtWUWwi_bIkyKv|k=!nfGC>NcxO$S1T zRA?lFgtrK_;;NIC{kE+{@^<@!Ev#Z!?m9+_@-yyd?QPyj(tyFi;wz4R6iuc*QU66} zuY+l0B`2SLh7}KV41UREo}d}pW!R~9%lo~s)?BxeS=%Hh;!}JLl4D2bRDT6C#b$B8 z^YiYbZ;+1=EzIH`Y>U0IMQ6jE1P(=*BZ=HJ5l`?tjteJGp2S1pt+nYYv{#txpkb7H zmS0LBT}Vy81aK>|m2#A~aF?f#SUpwSl;m#kOhC}$^jZlkX=DT7(_byFa)qy4I?u89X75X3G0qIe}l!&s&w zC$kfNSG)C@30-u*!@@4}qjKSgeVM7c?nYaya!CMJyZ0v7Nza(9S46<4oUzP*XjO+e5rfM;pSaH*lI#9;MivtClQPn6vS+Mg4QtD8?4WnR#raE zl5Md1^yJ0}@N&FQ&kVMY6CDdRlYfQ)A>x0!ZjDEOh@SePO z?abb8(vWznE91fL+wJzn69pogY1R%;XuSJ6_2)`MyVu`2NZn@HVz_s#-dcYAX23wq z&@A=PF3;F5?~jsfyJ;^J>c6+j7?|q*w*zp8Fl=(Yx&Nw$6P3jsPcPD}>Dt{Nqw! zSJr(}6H(EP0{oSnJJr!LD*#Pt)T z2dGV7ExF0JcRjpu|I#+LR^}7Qe?4@ZUK1hm?t+xK5e?zxzc_Pvz0anpU#&DQ zaedZKLji(&o%z7KLGh%Aht5hKiO4II(FnXUpZD|;{pv`%4|X49(oAz!{=PS}C)Dx$ zK-{p-qqHX+O&_h8gP7wjE)ef<3g!ZVmy9?)MJ$g!L3 zIR(V`Imd~|612U}E*+ZD`c!$EUPoF*Ew|{u`gB=tyvIK1tCgBqIpWIzGXSOzz>i6? zE`Z{YHBxtLjKiU2o>komZu<64N0L6%c{XSL$iZC#%g$Ww#)6MN6&|_=TWK~(S%Cn8 z^6w7XLO_AxldiaqqcUqFCcJ<%vKMlb6jLmdb5&nE|D9q9I~XQFz^S0LG+VmF*!VdZ zX`OrSo7+wepMk>UEZ`joGX{UmJPPUYp09V?ZkQw2Zu^SHTUObu3zICdngI$Ph4R0% zci+-XV3Y2cvANXDz4COKpLR2>p7XyeOxFCOerW4|n9J+urp!_f-0*N%n ze8TiFQok=Vk^^~3N1Z#qL21YaNBhI`>Sj?Y;vU~ zIKwr?^WCcNF;*JrC61DiqWYbuM|;L>)@p__P_i1_ zg7008;1Y1x%H@VfW_tREiSLV@gHWc=8BMO9zZ4qE#M$u6C0B*=I_w}PBP~EH65-nB zHg@Dkx7?c-t_3Z%`kz-_chjd42~v^jwbXkq?fo${;LqbRwH3RwA{J*rJB@=4AZf(k zubZ=Sl04oMGLWk}6^jotXqKx$N;f8U+wYFd550Yx0%$N@Zz!X@^^xzWg5&#D=a9JM zhZH+N9>^R=Cgigt77p>rW6Q$j&4fGD7^rJXvN@3PX1Mq}9AA(yfkZ#MyYM#s%>>#$ z^(S`tax14kO=Y&vPZS26x#f`B?pN(-7-19JSCJ)gyLY=zPO%?r&qs0jZCF3!ASK20 z1vt~}FxRj4LP5$1A`TsLG`9h`N*#xiXYj3>%~|h)f)7`tRWs`taWw5s5;}=%`r*Te zwy1H(j!t_?9EJ9`S%Wrg2QDg=CfaSja&b+oLb}MDEGen)7On0QGqMFC%UB;Gqi-x9j0%$EbxDs zv4s*cS2BB3lu`DAz94$EQWq-?5)w2YoHV4+ zWTSg`g8sr!f4^EeqqH42MYWvKrFG(@+<13(c5t2987FL}ouhsZIGdpovo6;tJ9#WM zF_Bq2A#`D%#Qi&O+-B_IcS;kTkqy1I?1VokW^4km@t|b#W0>INiS73CC{(Qm-Y3t60Ye9aKrY6l---ac1f;0vW@qQymL}}_ zeF_(Pl9!@2cZ=Oy5WAOD6*@C{qacup=89NVxb^hj&s}fD#k6yKIe>Oogp1QqkT%!4 zVOcE3Cj8t0tAT&Zrt@sWtyTK1E&WWDmCpLdsGOF9)rVMax|Vlc6XQb{ik1l!qXTtG>zOXXe%CQhc%qr-Z?qsFP-jY zE!|y}Js+xxdpa#G4afyi965A(ga^lGQ*{ON*i;v{gddrM>Uh z>AJ4p|M&m>@B4n9<2jz|a5!Ae@Avchoagy|zuvEb2q8?z%K>J}FQ+k#s00Op(kcCR zU>4nEoc+yaBmO(;$ky8K~R5Uj~SpE$77AYv&`m|G<^6$PU`|(H*l%?I7fh8DwKs#Tlj)x(;5Zp z7Pu>zNl@_Rm_q6ny1g`L#fSz!kV3&+sEuGFEe%Bzo#V<24qH60h@!%)%+%{xMh`7@| z(FELmUTcX4v+nyVwf&a`m6|>`{;-=KSpWxfX$zja91CI}dkw6IZ0yKZSpkz_1aN>I zvYY}9xcj>Utwo-)B=owme-vIq9Pld!TL~B^dOV~seS0$hQ_~wS9#*x$0Ey3b2IjdK zCBUXwXv2o(-~=>mxC9+ASQ4x@>YG%+A_9;HmMH2iV2P;j+pMb-9hQkCLUd7bR+6O4 zkWmZhE^t{{hMflOC?Km>Ge2W(dFU2jG~>48C*U>xG0s@G&i}pXcHU5H>1yEB^HIy9 z7e;nFvQp+g{;VFbKjNlYVJ!_6TgF`T7Fxx*=DHE&2JA(ub-MS$X5a%r0sr#zhC2*V zFoyf>Z8UCrSyy$B>Ic9Uuu=Fi@(1q(xUWEZso-DB0i-W5`YRWQK3ThO^|smoGJb6H zO9bAByVKiuaRGn9c*+L=5xJxQ$WWT=0vNeGyzyP+3fj9tMKH+lB@s7?9={m?PmbW# zFo9=pd@`dhIzAp36RphBLdQ}lo+w;Qa62L91%jHKmG!Y_&b=+a^Fr}Vzjx1}u*GlT z3tR6$s|%PJzfu%Nw(7aZd}G^-I;;O|)t3Q4Vcfq@Y&9Xn2u#R}h)~zbPpzpQ<(B`>zvqs~v*xp!`OX>r)rKtV2Sl+32Kd!s}p)~evglmm<>Z759aF-Lpd>nH-u zyWeZd_XWUe6}0*oWrSmREj@Mw(_;>q;J1Ano~duZgxSb@;br3)m%)}F($1#b%fTs$ zS6j&#fNNsQG!G3!CbT8&FSs!Of*DzJQi_%su~qwQX%@aRqyl4*MCmWz#%A!3Dr`6s zl9HD%U#7;ODzBMdBJabehPd<)G{BSc#@Tzflu4ld@jtNcx2y1Xr9L#i3z00P{HuLV z`5$<_{!)L5ftah-<&>cf=Yn1a(}(U&*u*L;<#PAMqfcjK!2pRKGg3W&d}E(Xzl5C3 zHDh~;TchgM2G3cr)F7MieS5PE>k|)5)~&Dn`d%6eFwdxO?qIn0mL9|q5N0xO>fTR3 zT=nyF>`L*J(6}oz!kGHN(}UP%tFzc0f zpCpD1xzG{0IE&xtgfYGnm<90v2Z0ucA7SeP99#9^LBrr~i1<+^kT;BBSLw)y6w@<= z(*{Jf&eg%uo0Os$1d@siynM0|Z7Jmfu?rO$4r}M7oV_jd0ZPQH3~Mykdr1K=5vB!@ zZLZ|uVE|MNvyU7uHY2lAGex--I9FV4x9+$TROAs@+N(sKUsA_m-meC5Io4@i#9KmB z!2~5eD>N)DP+7#c)VL(etR^K=|ESn%HpT!nGg47uqiR7ZB9ZFtms_7*Yns79Vpmv# z4ybO=?VfPk$IvD1xkyW6p$Jg_?7j_uPA={Vj~1YZ621y%>rf~`@W6)q2d)Lg$+f!`#&c|d zE|91ItTv=Jl%3m=Rp<6v3hIqYM&4W6|7(Ejv8F*;5y1utN(<13 zTRV5tfY6Nq6D4@TVt0gb=L*nHz_dh%1bc?=-f+I&zY} zd|ik>9G^l_+zH^0JU(Ez;ud1oOCM;0?rjv4j)u+dx>Py! zu%}kprcU21*_rVmMtrY%dIDDij1n9OWNUtWGGd!(a4HLkyKo{QdRtU=U?^h65z7Sd zV9DT^GvuJwI^J?_NB;dE^lKg+I`G%k|L=d7u3YW&7vb>V zza0Pm|C7iqyl&-x{Z>OQ!}%2qrJ9pN>zh~pc^>dNaSk!cp?`giUFFw8_k;8b+J=UQ zmHzd*bd|IiO#gnj|N7vcfBatv;q<0Qu@_$r;o9~M_l(#LYU%4U7PN;AeA^cA4;KJl zTOLp?61^heXyNFZ=DAVr=9~Sg*>~<^JH!Q|s;0sWErtT9YWG9+ zLrYDCK9M2lQeUp;ob)?$DUiak#~-A2t)4aAKC$F+s)nRJ0~(m*Nvu-?krnSM)BHUz zcDKuQOPNh!*lf~{rBW!w6>2qOK$Qdfj`_h0-hS`R%fNZdFn@oC$GdSAHfKVndrOHD zvaxY{k-g$>ss*iTH|^mKn^AzSyJ;*IDf#`!`n@6ylQXaG-Q#?b(_h~pg*I>{qIF)| zx`3KPeWAGU{Flj7r&QbW9|WqN@vksdJ9`$V{`aOLc^+Zmae+UN<)Kh){a`Kad;Iye z`E!ilnNg2|Ew>M9#2zr#tV}X>;rp1G6tX;8+nZzcY6^vnl)V?6*sJBh5&qE70PLL( z1wXJlY{sZ_NFIA-HmKzww5n-pvI3|9a}_HGE(FOso6tjdO@{RnZ(Gz&*!7U#;#uD& zNI~06pb{)RRK)KS^10Aaw!^D7T#Kpt zkTzJJ|H6r$l|j^GC2i)}^Hx@6IQ1~TBPK2&W8@6OoN%RpfJW)V)aw|wL*gZWeA|`( z;-#OA_vZbPr8{T3asDUnp|ueb~M>~J6@ZPL>d_(Ou{Nziz?>2}KAzZxeT*;RxZ zh`gx%VvgP%Cfv*6$_H*YxVyHcCv&*ClkN0d)zU*ex<7ue3|;Z?bJ@UBg(;P_w5X%Z zD*V~B*?nXz(L!YB@t+N@j~~ry8MgH`?rbk;^kd@UEtO!t?57fZl`*hX!q*^2=IF`P zivIKq;QX;U36Sko9OQCdyRn}~B$#QydHa8)xmSiOz($=Uk+7FjlUWw#C5f%X7X}_@ zwux7iMW8l-0xcQjcVhboF#O4|I|R@aA1F9f9K1`;j!fcEx9;4DDjw==^q#PER{|ch zLO||K(f(D3XfQi|lcVSnf*Yh9sA_s)==2lqCrX%m06i!>QwE-3zyUFleYi{a>w6t3 zK0vk3gI_^-n+&}h%^*f!M|+bgQ+dJ>uKTuCfXR~p+w8J!BTSiRM#V#uo?c!G0BecA z4;)B|Qo*(d>{^&@sA4b+-_gzq7w{DlF7b&7b_%AYNj}kA6;!UwuM(sZ~DJ>#9ZzR@Hh;aloFQQN}HuX5b@)yq>F%E$jayTP&w*u>cp zr#gZ4*|tY6?=30&^>CSy=W&+M%HZ_kXPD_eNv#D7AKMB{$}DIeqE}G^MG)2PUoA5# zL3_B@p&avX$o5|%@veV0eGZRO_R|LHidO=^z|Mz1kmr*8ZM{~wz~fv(6|yf)#}var zQuOJHgCs?I2l7?8>wwMO60^7S6R%!}(u=_5(n8@zh*Gl6bynkf2sPRV3%_~Cn-x--9|JA$C94jfE znTXRu{5a-uluOJ-L}R2$2bu-xBfx;CqG0@C+YzEHLX_}$EEMNQXh4{58iuNvymLy) zSe@eVPAi{F`OVo|7;t@j3=_H zX~F#g4i3tYW9!AW*vo)B1c2-Tz+ClS*NZJ(f_P?$p&_moDtrxUJ<5sn)1hFwoWb)( zvXJdY+Op|Tu>U(t|LG+Z9{!l*ST|)*QD9B6BBbKmgxtST?5k&BNu30`WMN_9n432~ z1C}Pm2RG|^=}F^@O!1g>Uasm+hItbTiu(r+(O3Jh_z3oS-;RS*Jqt+isXfw1Zfofu zzq;YbD(q^?{;GQ;lU~=pi+TR${{!_tIuj%DGMC7XeR+mgPEHoR_ENCrQPVrcbEhEI zgj)(^FYp7E*thP320}XhE9uZSGL`bcc})yPN5BM`1A}C^cu6CL)}3T4;C>??7P;@N z(BO^+DbAN#U5P^OpvP3Z3#x8pCki^v5l5}2CT_2>*bWK>PV&p)V2*(`a9>yq8H0sw zJGp}cx*Zs8!5a+>U1P9nz(@eV4wl?rTicf3Q8#mi000kdfy|rMzJ+|%#7}8lvL(H(ix!r~f$rdZyLCi_*05QTT>KnXC zf4*2MoTxaAWQ*>aZN>gL@&UADoNxG^;0hBkVZbLN!17@C=qts?hX6&qbZm971#6#8 zg5VjHf9T8TAcuW!T$GB50^B*zw9YRKd%MV1p>BilAe-mM>-C1y+r0!>*c&Yzs4sJ5+ z2#DYU$0f`b6{5BWqI5yW4PhD$+9?nt$ZCKhp<$pLXe6MkRg}(f@A-RGg~24k4u=a~ zC!MVG0KIPZV#^!D33Fj?0qJf()@mWPkp{@L`$A{WzBy{}Smjjwm!7OQe`;89@kGx_ z9@Jvk9F{{mPqae77omQEH#bs%Ob^9s#5dY?wbZ=C@`Lvl#!Uk*&IRr1**N8Fe>l`7 zDh_|K1^W&mktwxfzfZg2h{V7RWl8*H{gAlkp9hX$C#(1;VBjPeFeEP+Su*48VuZqO$n*Hi$Z7vB<8~=G?GVqKDmvr-9~s{oJ=qN$i%S zPu?5+p)~EedpTl4eqYg5IOjIy;kMs`j*zKk0v)+>lIdXyAJ0Z zN%`25vbdYdH2cnI{R0r>WtgdqD6Y5Gzku1m;l5w z5L>3<)*u{BSk2hVAuS>y1whb93mvJBw|EzAsX_Lo`oSPGk&6!UnnUORZ$$S6zxRO< zfFsW(hW|iSMFkP@1M`LU4dctrC!fW&H%{9>1G}2=!O?5}HGs$8_&33Pu#84RjOM8^ z)}iWfAfP^I>mcBxbj7;6^eP>sYmC`l3+sTJfyWAg03^QD;M^H=R}OOjzu=(Tz5Q<- zbm>d~CI_g7{}88Jp#aV~q7Xruj)J&r=pJ(LfG^^J1!4u;47=TH2#9m&P)O^cFNWkW zfgKx2>TT2+|H;{BJ@vprV9O2mb4zs(wh27=Z#?^=P{Zci|AS{g=m(YPp5`we(*oG8 z1_rD#S}(y4wPnkDo6(@0l5UUg@M{Y%!z)Zr7LBVUNq5&>m|ZJsl;9h3oa+>+lEA?! z1zQv~R2V8n2~tsV5$nc8~tFNiHbP z&2qMADcd6_w?-!3_Rf+}g0&c>U(|C}VKuEUAVsPfwsYX0{ucVJ7^-4{;(8`1sDe-hpEEOz_{8J`gF1w=P&fNR~LbG%en zT^=z`!PW&JByP9;WtKi7ZbXW@l97=h5d@GFcmb&nkGvk71~4VL_u|EBJkkda9vtO< zH-j)13+56|c%I{s2D@!P_C)T$((-cu*6k`PDufvWek#Pkv}pdvdg_RUBBno7sMBBw z55GK6d#OsPwi`Og9bKfz%rWUozSV#m0eMv)wiXI|7y5(tnJMhU0GDonQ%3uhu4 zLtkU;IYvSjU?fmwDhh=zI`2}H%XOzU|GO9?`(4{!>+;6T2Bqtf9IT<0a1T--dV^Yj zth8Wd>W4Z~+c=H6jXl~J(U^Suc7lS?cWU@$EF}a6Rtjp|4Ho8f-+Ey~q=v@zzKL!- z8J>|DIo=P17F8~iiu6@<{Y_bBOtLu$S8RTlPgwg@Nmy5uh>#xcK$8x^YpVB*Y`P)h zMHz*C7i$rq25C+{9ehrd{2<$qLT&Tr5ZWwSyTUVp0RfrWzr}!|VTZ)_=N-T{jd@*)1P7abCF*c{AY6hXdN2m!$#&1^NtahhDr@ zLT8Q2KZjxA_~R1<9f1UrQ)a~bk|Dh8)9 zOL1l&ui!F*J8*uiJfP?^C^8)MAN;DzBlbzRW!=Uf8mO8%I_?M)R9peF*w?RL&o>SY z%R4~xR|S8nW(G5X@Sf~Pt0+XtPmCW2YM^s3N7X3AMxWHsi>h`MhRhj*0ELK43U+qV zGDB*9BpM7V;nj?zusqBvWu;iV-oe{IgAbi{fX*Shb7)y|=w;%}b<> z-r!Ji)k4>wF=lM^(;v=V`_TWsp(y>)op)aE(L9R1aWH&8mBV^&OiFAd8S z&0oCuYW#WP(^7}J2V35F-hMAl8PQjDy?E2`kS=%*+nx$@VT8s%C{H!CvF z>jqdN_ZC#kh9Xd;2MSsbySK4x3V?#M>T&z*h*`^(j82L9)&%eUufzpV0|JZp${w`P zdLt?-oqpUXcFYw7e9@_oCsW+pP9i*VkComT%&IYdyCo-98t|KG_etj!J=L|zch6rm zs`TX-T*U=k-&-m z0U1#?`ldn&LsrWZIZsb~`tl`<^}>ZqkMo8%nI$*&w<}yYcaB0?hZ&3E(Cb8pJZf5W zMFKS~5JOA1HX2BjHoE`34CdSW+j>7`ejZJE=1~LAI_Ci{dfF#zQck<<-%kUQ$;FFV zjh<@_%^XvgE1Z%%q^TLC{H;`NbEGX*TpnoU|M2fMsuT?HK!NW7H&_OR#JUyhQcoX) zq`tMt&v1Ona28@p;?SLo1`h70L?i(z{p<9ispB2`1_sRvBRcu(6%-Q2wC@znCR79} zdc6~z(>?6Gv&Wu`PP#k%!jzgu$WhkewmiS74sSu^#43FCoH{j+F4CL^+=^#$P8U9+ z6rJoSnr6eHfC44mTPpJY?@Gwh<%hcaTI%#+H6O#obVNuxi+f_jI_2Q;@wfd>k-Uqe zGt{3x9WHu&*1WPViH7>XI$?s}?UiW0uz!E|!)HT&r4pG!QzkjGf?+#fDM|$>Exzdf zW6h%51{^eexE$0^id+~^YVAHbH;*J6h7Mpp%0@;Vmu;W#dnd>lvJ6~RYX)0bUQFno zjGFzVQX3M0tQl!vIE@jUdcXzyEktJnclCqHw)dYfE{~vz6q-C~H!rA?v(<*bTx9gc z8Fc*2?{~65%A3(_!^U8d$jrM#gEvu5eQ4tLUo87D)&FAI*Z=QW_Pbpbo%&>SZB9H1 z*7G&1A6mcl%L8!a16$Aao-bXp7_Rk;&HwG;>;2O0hFQ(cA1pOYl9iGnp)6FU&IJVw z>yC)}f9P7@uJ>zQWQ?2CXYWGqudBx_rtTZ1rs7O}RPb@X#Z6zf1N*6|zWLB_TXXu2 z7FmsMcpGJQC`-KNqo?<6_kFrq>-D6i=M|2pt-krpV>quT&fUqoXTEk=V}3=S<4zrQ zjx6o0>l-v>>uf z7RDZ$K@I={BpAd2I8=^r2~YiTHuJfrfcNdUVWx~ug-YJ9XSPmKD>Te{fr^DthRM99 zx*xaK3g2EW<7>`xXdSz*coa{Ew?{GE@)Us~07FQqnhxq1YF^i^bPF&a@q6U`d!FfEHxz!p##LpMUzr+ zN7Lc_+K`t^`UTP~@854|D^~R3myJ^V{oyS4+O^%mA*=R3T@knC?2qboPYm~Pl$&uU zrC$K=l>gT+?$<_3ZmR^na$PH9(pJvMPYdPtjnaDU{(bJlM7^=Nus@p;XZqec&L*l3 zDYG7vMpw`AF^Bdj+B(R*Q7hsy5J2bQ-l*LOwm<<{277K0&f#!PA=E3vSHSu8}eNEa{RDI;wZ_N_K+uj@~;T?#HU{5eRAG2$Kc>?_urv%>k!T_$E6WF<5ua$grYpTLV%@u<+2?67Q>tR={YZuryE`hD zYnvNF54)1U>9E-Xh~kjyyd*gxHM)0MMOpEK=lU!o)qf4`a_Rs z#({VZLLnH{4?p+$^cSmso2PTw+Qbtf8Dm{*MHi^w(R7CS#i@)ci4M;?Q+7+9pjHJ= zg981B3Q{^%Y&GR6A#&2NIsPtk-9ag8if2;IXya9F=;nwd#5ymg`IbjK;y=+=O^PiqF; zy*ge@Exh;e)WJh_j_$=nn{*Yp-Xb*zF>q`QD!LKf-YnaY#Y&gW?^D&kuR}|4Tvh%K z%llv3r#c^78SN8ay+0x?nQ^~}Dy(8*eu)kodj?*d8u|%z-6J5m?-S?LJfuc~s$q={ zvIbTu3B>`zA#&qf&uHeR znHwP-$KWs-1ba7pS3rQzRbl;nCS0 zZF6v>$t<1#CKy@Fy{f8}NI;ZtYNA*5!UltD{Q+A~06iTZ4pXzZphnH-F$gU)B<#Rp zE#l)O4Q9J~65MNtpPa)r#ta;R#7Qq+IDV~>Koy13c5*H@nqN%z*w3|D<5~ju?Y8CH zOO{t@9I?o`HfzLMZyM_s52sjOK0`NE=PyrO%h!xZ`F><&4b^yH_U`ax@rko_#&y@c z4G^DnSce%Voq?)Bxy|Xz^p*v)zn}kbw1jK#1D#|?r;RI$?YLui#8N0OEkjyn!ef{D zg>~Szf~bNs4JmX^L$%{FsrBceu%bbs4+zF~(h8_qx!-l`K4rhs5#^$gQ#7_IddCOc z$6ls<(`FlTHLbZ;m^Rg_7IY&;2L@trRnSO{aNqq*XHy=}5hQDa!imiU4}!wtJ?rFJ zZ}iDz3=3=lup!~xtSs(Y;eRAm_SjXEd-cuKnC1vk4l3`{sm~R|bMe$uJp0dcallYC z>Z1G;oQ{VMF@b(XWU&|1LeTNkP|$&VeD!3fz(CoZDs1*9*4Ebg{FioY(MjqQjg^$w zo^X6-b2jrcpY)rS561pgWl2wM*t)xI#Uk17KM06!NjNgoKT*4M=U`fzHhO2wPYb{H zO-bnw>YO@}#=e(c*#G*2BgtBJG~qN00)xYe`W=g-4?KTnZDEK9mv^$`p5NN$M$W!H zl?~s(c)c`SIF+)%C1&GtX=?0PX(O~8;Ma7L#_#aqcTZX|=YTn#Nkz$uVCh+RrIL|YemQ(@rv+K;>@s^x@dccT^a<2cp-)Dt|Adi#YCrc>e z?!q~;sfx6}B~R<@I$k%O6F@B-Ejg{x%Kypf3)O9XL1`Upwx*vij;aVViAas@i+_G3 z-9ah&`k{0exW#??EdQ{zqGDwSYp5y>l2Qs!EA|Lk@9u#5P)G1%d;8#2iWivjuv1Y; z^yI{dpO_Rs{tR24&A$elB*6jj``nirKGer3t5u%D_YCthkfEk77+X#rgZ(YISRYzi zct--Qh3mYbXZ`BdzlGdwP{44v5q}*wUC_onyO_szPk;l9p|w+emmLWRT1EjMd}dzD=%pnGdS;}Y)W+>uWp|?2 zBhPa#yW`qU@F{5}b~4V?ztG3%5fnknJY54=_@E`My5Sj{E-l$m*r249#x4|HWom6r z&CkEzaJI|NyqLPA+&?IGAD=B{*Neq~aE{F>%a^t1?_4l!wch&T#cjb)7u>F^<4F*A z!gVb0Hnn&p@0DJ&Tq|mukwB(R^B|R0i5;gewLfmYfEO&C9L(MprJQ)2_JMOHWC{p@ zNdk%r*y9p5KtJ`WR*X%;tGZq8zSc(M2un^YXh!N(O{vVwjC+zCk8ixIe3YA)|8;X8 z(xl>e4|bcq%KhrdzhyR!&e@>Rnq_gHau%cBM!gZY!riWe_cbXE);qiV`HcMPro3CS zZl{SAEWJ z{7Lfl(1d`x48J2{XH++bu^|#kPG~)MM`awTUa@QlRLNecxk}81%CD@#YeuB1cM44g zy2iHIVo}WmW%%sB2wFftLp1gK_xowin48J}x~G{i?t0D!F*p;AzH`5tGj{1hRzc}p zlYLCx^hlf`YbHM3)D1Sy zy9aCTgck*|Y|4BdnHV{l$=&+dy2n(Z<(;*+RNFGiIk0+B&G>KF0 z9`m$K8Ny|nOX+yYC%YOnhgGeYa%>EM3I%;RA@$6#_ow;S7VE7zPCXB6xB<)bX)|2b z{)QZ2n!Xr@l5^fs2A%swnrUc4Hf`EOW+-uS%#rFG^)}7EKA229vcEZYg{5e6a#Cqi zqbaMQOQCt!VS@o1kmd<{= z{qBqfO4vz(s`yFS+zwB{tld1;XQa1^<=wNRLxh3S?APc+MwOym3cjUhOR7W_Rn<)y zkyCp3#HyR@H?{6>RkE2I57M5AnR%oB_HymRvicCU8@I0eiyd8!FTod{ZW(9SFjAE7 z?$C%@zd!QH<+LN~ih!Nto&=uq2Kw;IC*Wew0=7MRn-ll=F;h7AOD#2GG!&t~U_9H+C z6*s(s2!S}gF$5vuB2SXYH;l*TN5j4SwbKZx`t8}vjr{>Q?}1+@%=kAcz^S^Mm&Zc_FW_8> z`6XhvwJ-!8bxP$jnA5c$+;rPvWv}$AcOA^Baj)~1Z%xT>!i)%S4m@W#5!PLBRezuj zI8w2+w;`3VT7ke&W3y{eIC<=tl$GanwD(N(^(Y=_(YeSl7~cu`VriEhQOi=abacwi zK3@6+hYGlD5&uZy=ZCV3^2hLOAJ{Xf1J_1<-PI<|u2IO4n#kPP^78z{Cj&|rJsp}-K8s^bg#xv6wa3$7(DcCbAD-0Sl6OP7f# zR6DV4#mzdE8zT6N7Y13|`eS!lKo1$j>a2aNJHtX#p*Fz=HY4%5_WN0{C||?3$O&xw z)_rfZ@A08~9inJa-wZ${2DY?4ro+TK7EKejh(NeU;XzOq*#|VCJO|sA3YvK`$ASLN z_CykBCt1oXvj}F0Vd2%eU9wiKrkR~kohlR`7xa|2lHkr|R>I9ezJysxF|oZHis31f zz~GbZiZYex5Ancmnv~@WSv*lqrTGJsFfhSLT^ANVOd-@64!2?xLRe4FQyO`nB|k4- z6?K#e2g#e7H)R{%ZxGis5cus<{q5`}@8P*zk6}rDcYTvJ(n`FWEAUxsqXPa&r%11y z?y>1h_Xb#Wz8t@Mv@zJERpM?%y;f>krr8ANy7lYc^ZG1H(O$uKcsVBGs~<7Zcs;W| z#X~IO_&%7FZ>N6T&Ik|6vwD(P`Wbn~Qut<_g9plSY7_Yhz;XSSx3#;L+>G+F{aM>W@+qxc5sW@aG$@S-QcT#$~3qZIe&cYD# z-b+in5*rDNlcf4{BOv_NFyL4P9O8!tEPx z&k}erz{Jk( zx-8wH-k`rR8RJ@&`>ls1yrts)96Y*xccB==*^?_+BlR@3z_wk6D5fzMC+!fXL^}qh zY;)Ydyr@o2k*KYyLH;EtQTst{h4?|x!%W};N);^*&-F{-;Se)rINE{6xo<;+2|P#O zefeYd?g9Fo(03DG&lkP@u^okwvBWjGOIkO0N1pfgj=}@-I00x%d|0GgY0(<5T(wqN z`zEdBOX~IOYcT3@>%48^lbPA;RNZgpaoVLIHFd$D*o)_uI>R%g#!_Q$-_L!@9v-WI zkHPlRK-$z)*>RO7swO!VMn=Z#=#Ih00EhoIG+rV%2x0+jQfhGpi%Tn-M-VLd0bhV{ zPzeJ5RGiQCit_%6*FP@KEO<`->X$Opj79M{x}bKhkic!R*$ICUKl;x|!EhL$9Yk!~h1wDKJem*50Mp`vw9n zhCSd0^9C!k9+SOucmu|?m@^q83-?x0z~4WaUikY)CyaA8(Plk7N{NE?MCZE+DLakb zSoGAC>X4e!o_gBzS>^rN6_+>; zM-bq4P(EIbyk^qT`sYoM4oQ@_hp!r9I2WoA4{=Aw$_g)y3{eQmVpO0RrPp16A zF#q|$pP!{n552>`Zu;M!TBiiA{eSy1^0h0KsC57BZU6Q8D{Q6UGlgkw7vIuzA->An zd#M9;^qYei=0Z`6Nn4QrXy2Q$dn+JhNlEv@p+ z8FDsz)K5k#i6!0L;Qy`|4?hrBP;AinCoq2J5qEz?b2jZa0#)3`#ULic@5bg$jDn(T z(&V+4^6%GnH)su$31NM`FHl7|UX^s&kq#4qa8FMFg*bxROxQaeK5*dp5^*>xYRpa# zYiN-8WI>M+SVdt9We;!{kR(!|F^nX+tJq&v;14{plDvx;7mU|n)#8WEzjY9zDN;qC zzz9MRU+{%iSX`nygNY39H3cTj>+nKQ&*2X<3k&!ndqL<1@m9)q3dxAeCU&6$8@VUA z5X{&bj^9Gg6)7)sn2dn(8s3yg z-NsM(G^_^+0~l>2j(w@7sQr}Keyli)U!BC(gjNmE);T%c%pwGequO3;M=bA z;W>iC3A?&jsHe7n0y+s}_(>uC3d9;>xK#5)3D_AqOu$KnZDKOsX6F>(E?iMeHUUf} z&H6!%j!HsURMetgKyX4{lanA4&(l{;$qWmtuJLnmE~e3IE8AfR`#^vQt4A6C+N7`R zW!$^6pQVUhN#p|d^oG-`Al=4xM7S-a#X(8i-rnxj5VS1Iq-;63qP}xEpDkJ3S}|cQ z>7Ou#DGPYDd{g;4n<~&ljU+D3B!XcKLsoiM^Q~m(JRo6dWrf2X0)B9V-W6`WaR4OD zurpO*rKl(nr};oz#oB=V6=Y-JXWK1hH(Rfq`3lULlBD-0WTdU4s)`s@Hbkwxa`h@e zVPV``xVhJV{v5EyAe(m0UU>6@{u_oG!{@o9;7-te;43G=yh?{Md655~OVO#?5Sm7} z`f<)QtGX2=e*F;yJU zI7|ZTRQg2F)djK251g3qdaUSE*WKNizQ}v?+!ELIM}eC>PR{Wo68Dwf;)bc&+g8lS zLy!M~{%m0_7aV#uKwKjba{=qEP1nxZ?>NrMzMc5~VRWT1Ke8Wbu$T@hr8heC2ic&O z!t+TXsz`8&sSuz;Fm22+fSzaCw&$Pkm_u?L1DK~>uqaP~m`V_O*shCtq*lWO zpA_f{gMCNAo(1x*3Kt3NKYtwUMNml-mEBq}8aqc_W`VMlG2g>a-ix@=&v&sB z19xOg@sH49h{{2Nt)MC-8vB*9&VeQ$&^PDj%YaXA3VS(3iNIKjh%qoBa#{82R<*Z+ zoYy=`^|6Bo-5~1Nx`h?grs9Rx;(+=13aZSkVYL&FhD;sHqO9uBGzgxdl+)U znO+t%rh3QLd5L{=TC3e-zjbi!t>27h-fQ(z#_W&8UqQ|@^uuLcC7{V(9_O>oiFN<= z(rdx3m~}nwCy~}eMX5)VksS9p@7Az(Z#1b{s0j-fZ=YDdBd>@syWl}!jMpD4ZG)Jk zu8$E4yvin-{TmTP4wSe?^g4;3JxI$cavTj|%HF10mlNeVEx{k6R?n>>=R9LHG!+c0t25yN}G`dHfQ z>%nKZRC-1)wapq~IS?*7*#g0pCdB+6YA)PAEIPP@RDS<{ziuGJ7)1;@Uzp1fiEDz9 zBZU1Z-271yW8|1(bLM$7qIQ?~@nLN9fN=0P{!N|%=)=86LyUyBZ?|vB#tJ8=M^(44 z&L$Ndoz>id47uJ=KI4jmln_|+9Y)k{_I|x4-&vABno#QJP0VTL!X7nflg$f5aS~-L1k>5-(hS^CVDs|(Ho#mEH z6f`iuqB_=|(R)gOe_|KR5enJ~6O?NW$ss#(B%rLzr_`93y{bQ8%xC62G_!5Bbntcr zE1<#zBxOIxXZu0y=Af_V2muGS{(?g80}w>?M@gxvbR=z}r>!cW#VDYm_`Qqb>hm{b z!n?A=wQ4puErdG8sLtMzi3MR7I3hOrBy9(k*Wg%Vo#Lp$u{G}%SXi~4n|b9^gRZDy z?IE(du3P9~DI*;msq`UDO}hUgKjT{{^p_H&qM`y}x&p8J#Ky9AX(Sfmq$eE{s#^62 zzhjn(M%VQEZ}9;g8s9mod?V7Sn&hF)0H8pKzZ}|?0UbhPwWhK-W$>vWjWBE%e8*9y3*`W`lF)P z!Dnb6o#j|zs~DVnJ8jwZ_iN2P78iOR_CI0D9lR5_vnk(gv*axv1y-urpjrFhEeCh> z@!m*(UxiP#xmRqyT3_GjTQKOdu-uqs1I==^d!>3{-6jh_&)HJd}6+d_5h1K(RlORV)wlg@@n8*j~=5FC-6p>wLd1@ z^0F4eo*dC!8rOtg&%5d5Q$0U~1B$He&MbOVEJ#KqKxWBrhagz5?mhHLqp%@VTF2f6 zkEb@~a}**#22PLI(m$FZ>B$>jmZsFe9~IIA);49aran<>UNW9KqtIV~&I-*Cq>&}^ zZvH;b$P@5NFgc+Zvjd0$I?>{I(PW@z1za8+8p^WUa%bF`C9t4BAa50q>HL6& zVi`7+TsL`?Oep+=bn3`zx&XX+wQ5B9ukwR2u?>3Gn#jZ8!8vT&}GUs9*IBsV2@ z-qiGRtO_UU8HwNs_`p%X0SEKEt+4FPn*+MY;7CD}8Oe9;1lZ@0i_08jdh+rm2jzNf zET4|0zNBXwMlCA=s)=mg%!FcwNk0sN*tQD{+3_>29rzSV=l3$*j+rsN)2|2J4}2d< zqknzIrG<)O8_w6!u^wk=NWzaWvnzO_TM|ks&v&MBz2j7g~)csXwX`u6E-o$aG^vmgF5TX z&^M5R$s-MYDcWB&+21S_=XiEWUdN;dbqK<7%aD68?&f*GdmGws_sN0LJo*bQFBm|W z1GBlXusvrBAG6_yi|CgXSjBK*3HplHk9zG$D<_5IZes7p`DeQ%ST`ZKLi!;{_?~p3 za<{wC4xgZ~(mX5qbZ0r5R}4N596IFQM90iR;w}1>tX2Qv0$|@)T$-u#RLvZP5DVrE zm}4M25D$I!1*4bdEIOMMJ&)`2?uvNw?3wMC?mUkfNkTZmyks7S%{W6*)*SueWj{gM z+rk+FllWh&xD&Q@MSYHFS<>n+&`8}6S$er?X5D^s3bX@;jH!0jTW)n5p+EtE0WF!E z+q_|&z&o!~1+3^^wF91ZWGF$?C^yySARK!5wD=EAftwgF6}Y5p z7QU^i>84)5=rP{m&ja2wb|_8o>Mgt0D#K^?H-=ixSEX4!Qbfl~9BCI9I+pmCMg^CA zQL<7|PP_i#AVU?sjIlT7y|*_?y#FfdTKF|MMRi50N1D+F^h8n50L>wTucpUU8)rV? zhbg{oY?Hgzlu3{_zu%!bN=^@#7OS{Tica!5ZUd3&5#c(i90>QS0;f6w*XO=t8E$D> zga;Aqu{kO8TLsHa6GOIUkC!>fEA+W1$lamhOS$rvVTi71o&M#em;K)R#P9HiZi%iQ zt&Tb=Va*pWD5ub+FWK_6YC?yT+2>wM%nnTK&PsH;TzVxy%Bu?* ztYP+a8{{J>J_mG*yQOIgbs$?rz?)GoIv(^*?PacY;;X~_xW zhX)(|k2gOS;=Gz>dVSe3ZAnk_J+dFG5YYDU;W>RD6(KeuJfr;l{7^?@?{WR$y-ln7 z8+K@Hzu>xeWX}ujMcdH5tAcbw&{@~R>ITy@+`}WXMKj#?_qD{}>4!SCPm&kFBEMOB8ju&6w&Li86#W&Y@0uy4-3Grxm)H&Cfvj`60QxnOJi zvqkOx$4}x>zeQP}8Wn#Xw$8`w`Wqs!e44ERs0Y`bYtWj@)#`VDm}q3VpmpEBRpF;w zXvp_Grb@$SX;Le%CB;a9~uKQ#x<*{Ih`@Uv^1+&d}4BJH!dML&%h4a zxpODU%r!CTdbJcq@;|*7<)VvPJBl)!c!mybtZ1o-*mozFO+O54g2*imF@E#B#l zu0RzUD?Fm3IBGGJnq4r2OBLjfP??8yEDX5-%z>N4o9b#M{g&4g$Nt&EWMyNmQYILo zOI7mvu%>pD3)K#aAaJ3Y3f*_PbT|DQg?W;rFEjS=1`3FYZhh5>a;uT5ju2uT>L?e< zgo>#ou%RkIzhnQxymo(($ojU)?a@|k9^*DrG5tH8HUO~st~x8l><3~KDYo#q6XVNK zbb7T0jFyQVr&%vQ9+*{Gl;d?|F^jn}BWBe1r_xOwc3tJ}z5N(xh}!URfkMHUn(Xgy z5kTKY%XDW!#s%9CiBmuW3QN46os@p(0zwzX3=W0)AE;_r9Gwb$>#*k)#{`3kSIhEi ziU^vk^Y$J)3!&|vZ#~Gcs8*cuZ^T`}I1qPrB9#wOdu`Y%Q#;)6 zoXVeQG`nVN4paZd#^kdq467L!m9N|_=^5>E+%p>6T|C;_35@G(s`-A|B$bF~48U(F zCGBBpj-laoUdw!F4^pof-gB)wU;V|zi)3t18&0jF?Bx_KtGyd9W_bEQWWc+Sz4z>! zLf%^stIZA{v8rLEUbkp2Z)Y>JPa@z5-RQ#^!wW({AMgbI!?|?``k$QJEY<|%19SP` z>8~vqfpAVN9(dpJ!x9l`9K;?4C@K_`9rHhTNqt?DAw@BhY`(_owdy~K!|36@ zWdrFIWn}6>ua)y8;nQM}L5BtJdM=Il6+P1&jLR@@hfhU4z>2$f=^CHY^#)noS>UbB zq>HFEON&x;J(peNVQqcwF;my1ee#znEydzbv&jb-ay{$>@iAKS}=|LZmJYj7d6XI&bj~EQkLn9-Y9%F=N>pVJ-i=! zr!jeQitRx&4Pp_{6+qUWKWn=C(~ASkx^7R-qM~H8v-w=*tqFt_U~Q9iwrgu0X%f&? zgY|$O7*$KmXpv!RgRjYLAK1hyC3g%Kp5BHY7vn<&5-IlFZNAGWa z{oxlI&;Vtnm0!L;87&A!`9{;aqNIBw>B2)+w|fHb1I@>8yN`T+nT}H|`RymI0O7hd zlhi%KmHt*WlWEznKCpH+@i98{H&t2W{`~%(^fCZWQI){n9|VI*y`_ozGYHGHI>2hw z-``KLI(V$XpmF^8zIPvqhvR=xZK)?K&}NfRa|~IqyCBz-KxPP(CE-S?EOtA54@xa4gWzdvu88&8jpVYse$S#e z#lEjxSoHjKSkF?R>WfXF$xk!E=FYR;-iq+|AqnsOd9hm-Mu>b5ZIdA`CDc!*%xj;_W#v@-F41G&i&Gf~WKrqofH*cQ-flg)kTkzFL@U1yqQW zvtqQn%A&9f@H!3xO!OXMC5^9xvokp%f+= zFDxwf&yAQE8ATL2h1q+YH{M!$UTZz+Z3Ibsnya&ww*3XRvx$` zKD{;S@68N;pT&r9s3_titL7dsJHXy3JioL|y>(%Cph>P-Q^TNWfcc#Ks;@}{IYi*eS8 z`{@)4_Tf^?91Zv4$HkkCDN#0uoqNV_hymQ_OX=fTf=Tsv?d2Wk3;gnHWhlq`%L1>m zP`AcOKN9;M^8)-=gQ20JNq1j9g!n?ZUuUt_m;db!0~uxMb~~WCILvdsX^uUYh8Z!& zl2xITW6^;m0}_}Vo-;sj`-ayxo}A&?*)!n=UMK&jDGVpOVK#XgHy%+v5OxkdUu=D{ z@X0SI?S{I$}A0?IW?u`5nm8fo2VuB{iDlQ4CS1hSf5#d zv#aR*4`+9&{Bnlo-TCON2VMpt!D5bONBb++RVAOSRi%Gu-=EFR8$Y?IP<(yigXtfL zD(_aK;pDDQlJViQ(y>r8Z8iJd-Mszh^A#CWhhU(3XR_$MdG`=<@AWw{9XM=fw2Kd8 z@+{|xk-STKacZ;ma|rGX^5*&uM5k4C zmx4d~0kd1^(Oyk|3z6EYSJ?+PPF44)?C9C;3{%rTTc)n(-NPNd^=y;MEip!@8g?6a za;}OvwlU?^HLk|kXZKVTC)kYp?>yb-ow`Yn6lj=n#JzIMz8$2>`Xi0+jW^={T_#9KtwxnmzS9Gr` zI?u)5z2ei0PZY{Wj$WOkZ=?=B(6-8(R(;2(ai{FA@Sn_*Ha{~uw z049MD^mYQ2Qeb@)6c|X1dY2zwDIZ}MmROJ=PoI6_Ls{cyeMh2p|0oqJMjOP+&Y7 zwP)(@L;m`LR_?+tkGLwkR<+z89PbuuA6yu7@wkznl7&;{PYxAfjaxm-Z?`2x$_w6e zeE5lA>m#){!`QP7Ik2#jfe_{@sz^IO5s-EW&_-taAcoza$TOEc324;g6c-sh{65RU z#RbYK!IY8MR3K>o*Mt-wfq1l|^P^$58J#=$s~->Q!WYkm;sf+ay@q!k#+(0(w)YO_ zy6^wSKU$ikK`7EtNhC8n4U!eIDtlzh-YTo2G_1@dB!q-y6S6DGjLc86LiYMS-i_b|@&Vpn50xsiIHZXZZAF_N5h9 zg7F7zO~fhy89rfN9nVblYH3jSXh=`EY3IrQyPvN`dcF=7*xBq(syH0bBR9XReYAiY zy3#BzM!LZE^RHJr(L1rYjaJ8T_B`AWU8H^NYtKXGy&x5sQYl%J)}38<_MjqNOjf>q ztNs6-xYf_-e=2URPbQ?Ek^xNK=GMV8>0m$yY+yVaKt91@xe*_-Ef-e(# z`uNYAwT;~1jGWie3i>tB1T_~T{)lme7-De)N?7dubDa5JNO+-itNGvRRJ|}I3KxV$ zyW@NL%09dS)UrEv?!>sa>(J2FMHVauHk$MqW)8Pz9{#rao6+HUt17mLMd~c78cDb1 z-iPwIFvsRQmzjRE0Yu~jTM(A|DXapiNs)*i@(Uws3#JzJM6=xnqQuy3@RG>-A*K`( zfd#lxfzcCj%Y&2MKe|d!B=o6&8+Q!%I={ea!qDu?ccGi;lL@q~7(q^Z^(FLz~CNi7Ktc!G}##PgCWA35M_79HnMW1$N^}Q+ebyD z#dZq&=pdK>HTfu@IANxGBLxc#eaDn-nh!Qc_Q@_Pbf-!Or}uNX6s8U)+eFU1}# zgOGQHpam;Tf`SUp+GApjaU6~4zo|qo0(}3g5@n!@QMifRbpTUq9Y#A&17Gw%vlrSR zWZA^1Bw?KV=*0A_t0-YtCoG+4V)1GT0kK9(Il3n3Vz!N!>LS~Rm^jjKBMt6WVr&+s z0Ye*^{F!o5+4|V{_;{MrM87c^eh0R2La`Ile_)FNvz)qj#&YrJ>rxM^`v{%ud3E($ zVCq2HivQ8MA~p;oSxF?8lwyXuvH45&xBW2r{B_iJ+Pb!MBDzn|7Nc4>y>=L73eh+Q z&K>eZkaO+M56&enM6bDTLg-C^LX^NDPb7ZAh>H{%NLk!9Oa`rfp-ck9dNFe`R`VZb zf7KsWRfj_tBTYMLZ_V*NL~KkR)(Un*5%@7&0w}DAsa}Xz0a+f1xjC5@TY<{IsSFr* z&KFIk3_G3=mKw*~CB(*qm4FEY@^T_^5I2h9<&}p%5j){e4JruB5;#$s>CsNYy9pQO zZ}}H|-9~v?zPaWYV3%dtc^AMNBBc>~=H+64GQLyw%_WY)>6m~5(S|K5L*j4o1}vty z9!26nf(M$2m%@ex=Tq7<2LBc<5sO+|>#dPOHRI2Tzv=559r@; zmJ02CBfOI(;0dqxEov0pKg)-lA&VSm|6q~{TRSoR_Sw-r`h+s|)*FSrw)8$H%!fS( z)vs~|Ew2a>i*dJ2{2BX6bZw*1Z&6}YZD$I~-QRlE4n!)?y#8X(h@n!}i8~Jme|SeN z@h+pxBD>U#uLtw75`HqWK+28itKnC#?t}P-O9&++bV_Rv8yKiHWwd4MAPY96I{Maq ze?PR7ld*n@%yCmEo^{at{&`Gq(;_DQI4z z5)J5{0F!zSrVR*vC05fA!Ec1O7*7`Ak6y}b-WcwQaHt(V*Fo|DF*sV-#O=4*s4n7q z!+_U^nXk?&n()@h_Z5=*%sGH-fV-n zQu!$U;|U5;DW2_mB=(^ywaY7m!8xu+q@QZJC#}+i}Sy^#m5q+LA8!_A-5+%0f z)odOT&)hakOy2$TW8Q7+z(BAaY-@i1)PEC(J`$?p`X38L*B5R1uirq*3-9UAPxwk3w`41`d*q-TsUToCmJ z4hBO*R_Ky@t!KH_32YiVmxCM}a0@JO7c%z_n2>4x3@RZ3Vf?ii^tl*!><~v|hr=AS zKFA>;Wsp+|f_Oje+6KKC1dB*wg}VLyy3i9i^)bK#@CQ&2OcMg}4t60OV?2`8Gu9|3 z2Cg?@%K2hJ1Y0IG>LQH*W^&>RP)s}p)CAwzXp!n)c41#DFk7W02aIEA9_j;=(scu^ZBHPfEfl zQOyx#3M3#DBnXMofntOE!g8;fO3n7{dBXr{_cLwtXZZM5=**&<(1Cy(12#__%`1KWje*{G!lC(4#fq! zGBjv$?1%V!u_L`eTu$nw{(U;T$8>NXMQ#ab2{y>zwLr0+zk7y}8lPG#>eRsxa_gOG^{8%!-|v~jG$!e9lxE$*eBk8$US!yaQJ z5{vc_!>xB90u*am(iD+uH8!gRdz`3JFOx%;yptu-$}@6C&QITaP!ge5y-~BnWq}&BvJkL#P>d zFi2`2k`Re31YF0(+Bd&t?Q_I_A=ExNoD~Fkr)3~jMRXWJR*+CABXKZby(v=~w`x6;Hv{3B;o%+z}$-K+Mf%L|I%vuJgzqexJJmWkbJ6x?{`V$ zkJJhN}j`}Mp1G4OkA<*o&I$Na%#gWkZWTS;=Ti{u~L`4_Sn$? z^qzJ~`f^*$b&~Rjlk37{L$l;HSr@^SJvr>J_HI%q2IZw|jEcvjY3MU?RzUtNxJ#^z!iEKpY{T)cP=?lqiB z#DECoBNI6mp2edD^w^&Sx*q%CX074gBS-Fl9(@VRMry&>WTC2-Ry~4YA&o9J%(#E= zo;c1jBC9t-*o!+_%VB=Xyu)MJ4N41QCZpr`#DtlK=p~{X1RTwVBPOaICfGs)&t10Ga+htzbZ)# zg?Arz5qzuM$E+>Qq@~1DR31i0*JCdkMeakIJM0g}SFUIy>>{N4G&Ty{NM^0CD#>RX z7iZB7MhH0&F_ZBL36)h6^7WJvv4?n84maJ7260);H2t@;sQG(`|KkixUakPS6 z0qdO%mwc25{+q{?vj;Y%Shr0H(u}UIsctJaby`CfX7TJGq&f#TvOpxuGeSG z@0t18Ab;rK!LO2HbLX3@nBFxn9Q?F=Y4K8`@_2aX!kXMKbsh^99;6@mmvXWuA0$P+ z_#H9x<{=_1T1VCBDg~(}JJ%WtQ^&b(;IjW^R=N4k1ry9eLqm!5g0};<*6=z4$%ltu zANkmL^zv4fZeLu*rZr!n@y0pQW_qg)FaGhzjyHCGP+7T%P8U-$JI28yCV~#e`bYnv z<2 z+nqCeDOFd=u1KR%a7egoT){JzKDKS}_DVTR`fRJT?%lyxH?YOs9{Op9p#VX5f?nBX zKW>=Oid||*ivHN%C}XS4Q#n@2e)eKXbMKDfc>7k_;aB$Au~e(mc^X(B@&<_o*Eh$Kua!%so_8!0FVGT6+LW@e}&TwB?9ar4Gj$t z+#pV~7OxZicvO&~vvU}1#tol7_0GCzqy!W38||-8fZ`_*ajZ?9YH~7H+zUeTPLXEW zDH`S2eaorw!qL863=G{K%hMj|8Yw75?gJ<+?ZO=S2grzZ>f_&0+}jup$d?$XiQDvi zqB4j9U0q!W!egNU&FDO(@>#5$HL0-*y(S&12Hg2z3?yQT%=m1&N>)RhSV?GwV9jz} zl8ycF4klkr9)c5@kY7TDIa)B!K}br_5)pvLSbI%&iy6do6L|MWMMQ?3-f#r+k^NMX z;-J6-Ym6lX)5TAxjX;a(85t*>&9TgJq~q%Z2tjC!@{F?Ej=RnrMTEC(IG@vMEze3~ zf9$~G0uBnBFbTO1j zGnO9;A>UGpuhR=0VA|12%dkFd8bs?PD;ozt5rVRh^74AiCBOvLG031=6O9>Lh#(NZ zVM2q7|E#>c5x&90%D0%>l-GfS1`hrf~Cb zZ0b!t5vRO5VyQV!Pp$mOw^xExWi`Uea9r+&slEqs z|svw59($}_<7Q1bR8nn?5d3(9rzd4My^OfnyYgj7J7B*I^Ssqsz-)j;gC z^QpV0N1Y}S2^WS=+*WWGXa3Izsv>Q}_5kRN8W#atafR1nZA029j8T#KnMhj1-eICogNeypCC&4VP6`VCC}rA#fWr;-M|+Y3rb;JDie%D>tF4>9>{XfRhVs2_`Tkh zqdUO!^|fZ2impt9yb!p}y?ghHo?l2RQJJ#3Q|p(wL~g5R{;al3D$+OB((70hrAC1_ zL+-E2^KD5EW}E??AuckTMT_hj^ zWMvV^rS?+)*3PFS98Vy|xgNGRLP&kRIZe7ETu5|uu<(#2YwG5S{Vqj5>dR7MBA(oXcPKL!tP*mz z>P6GUDOMI7nHR>y583BFB8*dCZD*sO6bgFq3Z__m-V`_FZ>HHivx1bFoxk#Rl5LWd z|GBqjTnz>zVUv*~Evcp|$t=>70ilauzwJKCeRyi{`sdJZJETLaP(~aO6byrh%xSoS#%yV&h~a%&nd3|<^t9*1s9!CB=i38>ETct6H6*|$z$HVA z7{=}-!1C#(uc?{4az%^phmJkx$u?1vz5-E{Hc@Gz<-bf=YiZs9=mSzUV7JJG$)7D7 ztX~Z8Zztc!vclc3@bUIn7;DCe--YnJL^l!PW@R_C6F|UYHQgF1!AyC3SO7pD(k%t!*G&rX*}a#;FT&Z+j$Hr0MiW zErta}owj$jFB-V`#>ir5+YwHQNS^t#5jWyi>&F|`&F-Q~@Vt0ATfk+Jo%w?M+p%*M z$K3}6R4rK)~i?VoW~8{Hx1U z1vg)VF(JW?%o@kcP{_x-S*fz=XV&rH*j`lD6;(e&Mk6cvfejLWz_*THX{6b%hs(Tlkj5@ z>G39+(yLFuUpyy*0DnN*C@WwPhp=0?dh>jDl(GA==Z_6#h8a-xcBzkCOl_(z-WC&Z zT5)w3(xzWuonJ#T-SBzM2R|P4)F%bW$2`F3x<3={%qIiWGT9 za^%6Kmkk+x>u6}~N0_ff%F!u1dz@=#-CtY7vpk1P-~!S5b*)fRxWz|CM65E5y0>0c zRBYxeF{lPIECOjju#wY=s==sA?xx!1{pW%mzweJ&fj0-=fFz^<;5iqt9|`h5Qce=K z(Uz8siumi-AC1|*SUeESt}dac7fa62B3n+WAgdf;jZJ}v$LtMroBLCUXnv2Ftw)J! zii+JfT6NkJ%-^{DUTIg2rB$V=%{d)K&9?E<8(U)NVH8F{>*|g~x_oNV%WhK#7#2}& zx>{pOp`u^XEy8U_-z0E$yH;(K@2kEZ~uOsPahjgW_krsp*J2@p`6?`mH3EJ=+@O+?qUzOh4fBLrr+Y~m|qYvQ{wyl z;!^dS5lS ze7U-Cp*nARebl+5eQRHBq)r+=^*owVX$h=8s2q@(=(!yY-@XZ9jxwDxJ!(L0XXgG1 zNAdX%sZX;JoNJ10XFj%Y>r+5|hJUH_XUpGWj$v^1ccA&F_h!dcm{ zmP>2PwM}~+(yW6lwy#SsUM;Kp#7J;@ruTJcy}#_;S=Yt>$nfTPvtFaV42Ome_0jpT zS?5AK@4=%}^ohoaG0Bhpi$9#e4Dp+HZyVYbj9z=mdZBbFVH(HAH~OKN(oZM!jP_pc z=eT=W_zc1h=XO4N!C6x3rqsG?=PjP;fMIOVL!6viX|5w}*#VGqd<0fNoR#iBJeeJj zoZdPxUdP*J`@+w=4DC39iy|KjS1(*IV7jG{IRJ`cFDq+#M&Qld_5!&*B0VF`p-t(R z&CEGIqBtO!8Z<~D)xW~T2s?P)^8kf$=676-^z=FiAN%akzWnw_sQ}gWz%HFz`eM}a z3xx6I3J;oG0BrQo;^Swbv8ctgtWu3B@1;%Z$vw$Hre>Y@1;2MwD{R|vJW6c+qUJ9= z+e?cMk(|>@FAV*bnJGM~sj2VQv73g(PUcsrG>JDw zcwCH*Jpg~n-6g6ul9VD8eGl5V=*E%@Agp=*-q`jVk075|`lH*aY|qS+drc-TtSh>m z1`-OtSVK!oj?k6vmMg~bW;oUZG!+NF%3IiLwI0KhS+4&{9No(?&8skiL&<5U&$+{9P9cnux&@^PI$<7eUu=D<%ZGIhl}Kr?MKZEDbyUS z49#?>9v+knd06FBb$r=AkgY01|3_ng(xsDh~rk1<`^-i>@#9c5L6?r~U-N3Q3eFUkqEZO77gtzF0{30G49Z^0DlO0FQ4~+1` zqW0m+Dk2O)=iH#&Xu%n};_$GrZg8XGz07GIJ9C(SX118QGqc;*Tg%GHok?7fyn^cx z$si{%gzQEQ$w6Qz5!Z#FB@7xx428T@ThY3%0Bnw4=eC-;{1kT zrE|gD_rvu}&%0(^Mnu*IfB{ufYDhlN3;F}XJI*}5>(r{E@CM9aQ(>-g`HfXN(1EBU zoxwgg@}w`7(~-l+1O(neNJ^)Fs8<0~(r=@VQ$MG9Hy}Xif}N$A##})9*@On7;yqqB zUB3b+T^FJhfZPRhTxJ+!oGQ-Bk($M&@@;r{KR5S7Bjko&Bl-l)c`2%3_87|CW|c;i zr`~KB++AeTwf%0-W*K^>zyQg_XkY7%Uy46tNCK2%Kn>hOb~*>TpQLRQxCrW`2)4KsP@O{FhVrF&z}C5L8KIz_puv(F z=OVfoq%|D0lX7z}QkCrd12CP5{a|Vuf@@4rNa#4+!B7(fNuNG@_Lj0*C{Rkm_)`Qx zIiKmaoxn~g4kC#r0LsX|pwGKPC$pDL1#&!7(XQ+}aA1NMG#nawkW%547yF5wYrd@f z@-v`@-H5hoywswzZ9#-8N>B>eOQG1fOYqYp#a*`V#Xia#ny?zIHh}oBMp`vONd`*> zXk?z-ocS>&?pt^6#(6wt_H8JhV2mPrRx{VkW@nll5lp#Tw^T5NHuh); z6LfhPW>c5vIN@t1tWGkl(8|Qc#bJ09`}ajDB%;iYSG(vbISWEGhO|3^*n)bm(FB?y zuB3KC1&K102>JtHgXR~E0+thSQFuwU?paf|^_L(%;0|ELEr<|>@Fs8S*`Xsx@Dsez zh9mW`3M1x}>Pt@)_lkw;(cb1Y{fz7T9W<2)&_4jjv$sSs{Ds2vch_j#)vh`k{R>

0dy`~$!S5EQt=h*X!;=gBcY?|AR5 zr*j_q&8$$2x>rRBBW#Z1n7`ZeNel!0^G8O><~FHz|soXcz$sRDRcQuo3k}iAjkVOVL6@r z6E`Xmww!9(D%H`pIe=Uvv@=co~<3M&#!A4G|FkT+t849tJh1P z?;C%bc`aXEW7LGmyF-C_ic9OsCiUk#HS5#tLLrG<|8hg~_*+^mRpuSnydUlN6`B`1 zk3s9Sfp9C$wpxe13B!!LienZ!`ev(eN2{d7U2&oTwX}t9Z@7xzkK2IzAX|-p@q!4_ zb_q6>k&+@DF!`FJ4zbgZ*Hk_`2*;>ADkY%8u{ebvRw6igBP>@0?SJW#@Sqoe#4IGE z{RfaVlDyk&A11&|U{InBg00|e7#JMf3zA_IBVQW$S-D8T)tjgC=}Qyy@*<%4!7-7p z#_sRm&KUkm_ghm4-bjJ6Ykiv!i05gBp;Ian#`fwq&yfSV`=AoI_p?X;hTsYU^ zxch9BVZ9xF__q_nHu6Ix>qWx@g=Ha7#hC~4H4)IBnP;zE5XjErQHJx8`^W|QdT6&cMm9dX^ zL!L@_Z6>nyp2o&{5)!$l!8i%8d+tn8HUWNg#}PRPbc%?heJ~etRppPSzGsbshbtGkO_gaN!HA7HLb75 zWGjMC#(jISbB@q_DXL3IiBZ?*NZRqDr^m_@qm|FC5;*(|e8vCO-2B96D#5;H%eCzr z)qMr7&aT=zwN9p#m1IwEAEW$kl`#twKTOgQn5#y#)wm?VYJ&vP)7B;;$&jXk$g!Z? zTksjKkeN=NB>o_{8<}_)GE*+T16$mZK?FYS-;dOLmZYK`{ZfyI{x>;g=B~@VKWD!p zmxQnn(UKu32NfCm5-%(Rlth4M&!jd@0IH|ix^?gN{a!yO-q(o?*+b9*M>m!SN-}J< z`~UXry*76Lha9o`R6;V-MX&m?_2xVS5JjXk^ZiSe}0dWQ!CQ`^*H|iSsGS6|Nr{cn@7(h z7HM%)qL1XcGS%%1lNp8Gwt|)Qbs_6%_Uv4I{^UmC(xhf#RXz2^R-*VNCeb6v_Qt1A z%86H4XwP?UI^f|Z^1kWhBpQ-nv`r|fBy@GV`RAI&Y`C@c0Eqy}LHY!hPi)#t(X6oMXKrks-S;Ct z$tOws-tND*E!xYVUBX6{yY_Nz@?nh%6f+@JTe`U}C@Y^*Q3;ON?f2``Lw1OZlH)dM zNVl@Ol&weN=VV1p)SsoJ%Vlb2){9FPS2FRDq@_ztGOanx{FMG`0pKS@r3$M(C$^@J zES^dQY8*@o44FS?1A!N6#=V-UrzItkqJ!Er4y-$(l8|>W;pKAa)}kA(~z7YE%s@3yMVLGB=n>kgg#*w|H~c15@V=rTQwKi82x++Q(Zi~L!r+n?fv0*Qpx(;M$T zG4U37CeXF8w>{0vyToR8f071g?`d!mxRKZ|zp>Ty$iSZ(8X9u4l-<5{YbkBPGY8C-Rxx|I$bv%Bb1@14a5uI zKQVmreS71^qPrh=MSVRi9>{h(($wMQr3@qv{Ku|i5&=Pkw+93rxi?X9W;ps<5CV;( z2DiGAk&#-%?OD9KE))d)gm?qz)v439H6ng@?!>)%6$l;dmTPb~;q^T&p;c$T%Kb%}vNcn+^vvN{rqGOHP!pv>rxi8l6*zo8G?{hl~x~6yECtsD&^=0#XMAHl!Np_g{RW08(M8M{H^3HNw{{I=$sM;^7c} zMda-gzY9xa1*l2XWv|Jdgv&U82}DsY^5OhcBO9BVh!If0^kHuxBuvo$KwB?-z_<97 zulKui&)oPw@riXFn}dyZ^A(ZY$?0jz_6leZ>?UGll#X$S_9Ak)15@8K1p^>uy}*$xlye(I3*;V7Ec` z^nU#^@z}syHCgQh@}yB{Vr%j++)>upvAV6UkmF-DHD&dHEiNqzWLZtl(r0SOdUzC) zZ3?i(h?l6Cs1K+S;=yx0vuhrb%5Q_gnw`2Src>vSB8z_rtFV|OY_YxbeNiREB)AXcvDmp>(JIbr*T=Il+tH` zY&?k!x=-|Wgzt#OPznHqKaV@V{Fw2y_-5KHbW6q-7ObEv(Qtw|DM2lZ0u27KhSt_9 z3|SQz^vNyLC4!E?I3wv9L(*X0A+%e@#$)rb%qFdr14BcgO99G4j}I9QLqw=S)oxnoTTecn*pj$Jmw4=q^iij^@d4^7 zD!-!B_`;#S!6A-H7A-VJi&&unb;rz+hY)jSz4X?T*$|)n=NRrH1bo;oz(t771^Fme z6`67X+qVdgL@kT z7G$4BHE%RUbKR2M8upbKBAX_iT{Yo6nPP(F2tAEv>(Z8WSJy>N4=LF*2r=esZr!sJ zT8CP22kHe2rsjFsAz)7ww6x?=^B_BSYDBf-E{qC@;fJZND5E8}#jHPnx+6C0vq$0j z{llKF2~{n(G9`JD(`U-X3|pAtkV|TmMwTxCj_Fl8xPJc1 zT8f;IW@iZFK%`s+d~>HHO5EI9ERbvQVUQQ4Ar>m`>IwR5!)V9QwE-q3T)M&5D~a*! z5H}*ns>q>m{_^?_8$`^tt*sw0@>@9ealf|~k-7d!5@r|N<6s=LGg^?a8s53P5jP|d z!ha+>2mbdGov+S*wwikym-k#Kms-b4UHmgWRx&`BFB~NV9>O*7d&FdrS=jL8AUMbD z@NT-onbXaNK|cSn0;^Hry{oP!lAQ@NG{RBZhNIM-K$5w8I*h1aMLZD*rW^}6XHUe{ zR#idA><8!^6bJHO+0|d3qEftvBJbKG%96!e?QO*yvLZVzA(rD4QbX^F-oeY~G56y(&o&wrthF-<6CcVmGMu`+UCb9uDIP&7?_ch+XwoSv zPofkDWo1;)RCw;B*8_V|U~iC2XE&WKgO(X<6W4%-hK6uzHqOq*Mxmq{YbZx24Lo&J#E<<^qFif+qzDS^w`P0|jeUAGuleWg5bhAQ$R~lTnVs{y=nEpy z^bi}{xXDUjB(QgN3=Y(bS5F>Yt-(AY@&dITx zVRMd6f>C@TV17Qn&lyJFF178*Nj(eh8b?!9)5)`kOZ5KHg&e-vcuHKLH3t|!Z6|P7 z!N|Kr)+kO@1Pi=Wpr?=X^0z|^hb1} zNPOLB=aIL|Os)!YG0&^dy_0KMK!;pg zmHBU~t5<6l`&h+A24E+DBoB@l@B!)52Y=rxA+1EwBPP~4TEHqVJhtlEfgiMq z&KvkR?|=6QP;66s#@F{^5M^F;j}#$TSyyMZnx~XE{`8aOKWz<@JRu>mvLGZRM%rb= zOV@7C6Z(Ugj21JnaE`%OKMzhS9-`TN*M8)eOl02g&TqYB=sLcnMibodpd}!(tUvZv ztLf9HQWXX5FBgoz0w_q%dJ8Pt)b1CO7l-^jgnyY6`F?COm;`HO1IR6T%HibRL=Nw%0v zBJx(f>@+&s=d89OC1BPnd!=7l387_iH$;4FsM8jn2a~jB#L3MRmzAzyUUk{mW?1Q^ zekEaK_GB6@;JBoxv2QNmH(1g=)@!MCVS2rmP0Gifj^*(sLhs{c2*?436|hB6>Jr`M zh`OZIvtd_Y&49!RCGZPrdnBaRKc&_Je4dz^8a?^O?LSOT$^41_z zb;yDIKW#*Y=y|q4nP%3R`ohJ8`V&X@?)S_~7WQ{L!_dlj@Nnp(FZL;RhKD|+BE?Bc zR;DlWOX}4ZQ#*lH@Vw%G|Gt9+OGNG6m%9RA+{>&vJ%ebhF$9;uO-(>BD6-MsctQe+ z0vq+?0@0GiR6WS7~l9K*sj8Wy3Q$5^`#HkEF< z;#T7;^tc5Y`RRe&c}}T4>Xya*`xO^Q&zmrAXpCQxXzJjx@xtr!S5iNje>W&^dn!9S zf<^}K=DhH2A3d~fed_4C{V8iZe*Wb757kCQQ?#xHa>7{RPA3@L%z75Ehoh0@M;Y>{Wa;>cYqM2p!McT<}_GC)7 z_QaOTrR?|Sdg&XUzF54>zN&R;@A3Fw&Wp7yrv!4c%W~ko!i^{D`E;bQ75b5UrnQ^! z{_YCR;Oz0!Na@cZM{W2P>tUzpUQJ2g-LM+?$Nw#@0F9F|O~|FD&rQC`x65@ik{pUBz& z_DubvzK?XGM8b!dhHuRaZw=WBo{vfGVbwBBFNqPRIxIz)}+&8Y-SErfok1z{G zFIGXL6!UZw|ManNn=DF~N&95^ z^h2^Djri}*EF4LpAjMDR3H@Rg0+-)T+u$+O@g1sU&wVq6S7TR)BMwb41yp#yM zl!k_rP>jLAz#=ND$;NsL@S648xp&xZSTsN&YH~I;mf9}gHm63gbl!?Ii;;Z2#j8-@ zDb{v>h!132J1)s@&>!FB<#vN3WAw2+@Kcg;rSY@C=T2^xkbB6t-cP@;KH52wKg>@W z?0D<^KM{MV#iid&8+&z?S^gq6Fxz3b?6Hy(m&NBfkM7ejFMgjgFFX;U@X@CY@TZ8= z81K21>}>w8i(1UhA)~8vQ$Dx29cP1xL}m~VIx!`m-*Cr99nM@#5ROs6hM-Xtzbe|d zKJc#~qXQ+~g6Pi8>!%-jEyO3wxMX<~J0Vz45zb zp0oaIi@cpEOcOchtYKW*ndA8O@HJy5u8FP?W@o#O`92e)cyd$6i$1x|UG;+xr_SDW zziL~jo@wDz@~G&nfztlZ>kfl=?d2E~8D3VNJY>>l^5~Td=Q=^r<8l|2wv*0r2TSYG z==5mbKmuzpo{eeG!-oWyJIan1CyB-4Zr6KLRlCfLZ=%b0Y5u}N&6Ix>v3od}{56S)~h0(}mOQvs_xRJ&;_HI;fekh-Z$tS}BE!z7wFB zDDvh?ng(m~=|cLy$1ORQc8X(u}GkYI#8$m|^^>{S* zvc%azss;G&t51Y_V)K3ZB8vb{BIg-Ys3KQ@IP+CX4!Vh#xfsOI1iJZdYD@a4t77GF!e- z7IKgD59vPxenP_N=w3SEYBlS5d^t-c<#a;hhZZqzKZD__On0$1A)LRPwBQMnl9xMx z#<4B%4n;MIDq$tC;9UknPqB>;ad5Em^M`=7Ab5SGv)%$wj_EkQrNx;0QcuY|W6{$& z-!UzKjtABe;_Vq#KG=`W0@zF?N;x>NAk0cj*pv-x%=}Ja$IYOHJQkZge!Iqs^p7D7 z7_oA3;L0B-l>O0hxE&XX1Oo-b3R1oC&47ss+0Tqrk33|ZuHkpMcVr9UnF0I-NUjT^ z!ut;$x&=51Ux0|AY`}KB)il-VhH`PBDGEru_xg^&iOm02d6D+HB8=Dc3OFE4(}PU# zA%a09Vzj@!v5OLMg!%FgSdfB(C``+VhNZCH?6hB5_anQR8t!_pPfUA)i2hS5i0k8? zNMGW!5)pbZQY>L0$&(LPV4j2mxW`ryVn-zMczmAOB0V4QHk6OKc*^c?@pKqP9-`K5 zFwqinFrtn{8w^|=mnfE4AoviGVVs&M=%@hE^nh89qK`!PlkxIisCrOk{)z^eRDG$L zr{-Ir0g=>SasB80qPCpsz9;$lk#HXsZWS-71*L^?qV1O*Y{WrUXy}JPP!YQ$fw>|R8sSxG;%Q#&ARl41!~$p(`w`ICQtHHcU8ak2DgE3O(QcH9kCgE zi_|55GYgIqNkINphf|3;V}!DXi3#-KT^z8`u1gpi#&?pEQMgPtX_3(lfUY3)9oV;w zd}i7ZEJO%7)Okd2WHEmo_g_^V6TJptC!xbzzx%O>8bmpdn_FXOpg~#tZ#=AeH0l{JzM0Q^P`|_9tU}XNfBQkIXNzusUmF~Kwbj26Hq5& zhES#c9^fkIdobw`2@+G%TV?W3vk_hMeKx(Prv<5DRwly8pTd_39eMq<(O-$l!+O!J zzt$d+=uH$F_n`!mfE^itF!m!Cz-XvLz`O!bK2lIxvW7FsT02?8j@z)lT$Iw54ou7skxUpQkx1pd~os;zdn!}z)Ofx zz&72_#}^DGI#9$z?Ch6bRUh>8PH^nG!+%L}Q@1-BGix+pFkv|wSDaI1kr0-kViJ~u zLKeZI;;BuXHKA93S)X+>QSNGo9%0e5CZ-e4k9hux4UJAV=xtwU57RtQ!!cL!NKSjRJ!saliM&;`2H^L|0>+L z&vkO`*p<6~YbfF%^9t|2!{1?bmiJE$`>)T+a_XCYzSQrt?w>Du{Xf!P+|B+fj)QRqIUisO5>Wmb`;JAE7zIBpR-95~ILIx7DG}q+PqvXD%XEVgqIJHYAd;@C$b*wq3?L2Kj@odvc(WMxF zYU(6v(d1**qqRLPO}($hS{E13A0`jCkx{pL+csbOKE!ue#Vq9ZpU<-i5cDa?Hvuv6 z*zs`*2)+x{yY1Dy3R2%Pg)5KMRM~^};l13HRDs_JOAh=34u*Z4)~-+Q#?=J)XLmSn zi2d+wGE6aX9|RhJJGaUUUoX}cPh6-dQNZm_-0s)FLTm>cHIa+UWoC4F$rA7kF@)Z! z`__T}h1>!{Jclojex&u5yx6umC1s_pLx66&%rQ|5RQQioD$Xn1LsZ7`XN^}+cz8(q zdRK?sv9;GoYl(+oHukkz>F1Q$w-u77*;6)4xHcfd^}pAw%rGuqyYLLf0fEhuCtH9f zE)7I4on+rHK#boL z*N=S6TGqikZ+!TlNKp330N6rw*@LZhl4+uS&1b{!=ZS^^uh_xBKun?Y+e6A#8-Jj_6>Dtbp&-myrqVUrNfO_^k9KeH zHLeoAq-kEhf~IpjT{MQ?oPEfbbGA*$*k~lOV7aq$zQTo^W%)6@#&*Q5&9*(hpocZ9 zIQNcuUid0KM#c<3SqWVliQO!SMCn^RDSF_Y)Q)}Ei)Y;okEO&-Jhq9Nh#*HyEJXED zF&$#kIo-OxH@;8Nhi1zPjA?r!qxNL>EctHL#^J*(%29_>-&G5Y;`W}LbB73v5UK!e z!NaMOl_2tVcpZ)#lL?}K*3T31_*|0ha zQ^~M0%0)P?&uqP^l)x}nOlc|+hMX=G7*OifQpOIK|O5nIDiBYS$qH78ROQcPn~+4oV;;%c9wJv_IhWxdh!G@1qO|pE6Uk# zgM)g7aLtsV`l28~do?Lk;(brttmVNiUen+cdv2|X9yNZ^H74LVoQa@odm5zgMxK(d ze;2Vd5-B8NmD8@4E^))W?PXEVRT4=;M}Uf%LtJeKok=D|WaQkv`2Ak@RArHNiLfZV zhP+@d1PYWx1cE8{Fs8$rdNM57%SWQiI5y$_TR-k)zuUJFI7h?GTwk{bVSZ_FT%!`D zB!M8stgq2&emrMLvhM{4uVET3i)@5W24nkpdO9!N96xO^(Rg~V_R3!CoUf2!kh;}6 z8S9D*?r(=rS4CrDG=C0jI<@=>WoA2vHL$qggS2w?}yXUvHopg?}N}FCFK*-*N zuj9)k$NcPT^PRl4yb4#g9Sz-t0WUY#2i!P##w)p(-K?hb=Gqghw(r<-Y@&7E`|_>AoyW~IEuNyXz7wK=h8xNquIwy!WoFfpAEN8-5{b8 zkhHJaNxgC7R}8t~2JuE9f^aovbRw|~q;n4h>QEFxgm@CAFo;M51=C8!eY_T+l%i7q zeFs!DzsA{+epoI~S!$YwazQIZj6Q^TXe;Xc@C)vBYGUf_gq;rM8W94xZ9NO3^x#>4 zT)&Idj!-JZ)*}oKupa8^auoInkwQL|`X#W0VP|48ZT=J)YSm{cDP^dJ;fb%i7g!AK z6D$ZAu2rP%s4{x`G%^1SvzkDOpThr&+UhSnHdsE5$y{S7=ZSH9L=qHCkSjU3uLlmt zDHo9Eclz$(T#-|U>;_^kcG@yjMax5z{0_sdzXpX~I8etoN~^1NBeB!)4IeT3!bO&) z*FJYFw{wvSRuUv5HaHg}P#tR96`>UGduJV3QZW(lE_BpLtJVgI zj`%J-U(oZV$bpQ%99!HGEiuMUSLJ*}EjCugb;)UyqcF!(({k(WX9o-FhYM!o=~PqM z?ga&1i(X9DSMj*G@3y$@D-x~WF8leRwjHboE-M`Lp&*%lekwaJ%E!0U32YRv@rU;0 z$*>NA&{r54^9k5FW+HEgUI0qBlAekHE{I4VaYjNkg>_CuWNYBSTi)#%!KSDL@SgJH z&%%X65oc~`S%E^XWthmP4gybVhv)I+A^!#}5iAr^8iG5j?(Gj=M*JdDNO1iPDd!i| zkbjm=*tsh6X_;fp-DVu6Jes$Q@1J;PXOb5@9@aFCag1)IQBfa_ZyDRnwVm;!kxaT< za)s+gMIXz4meq10TQgHKzkM6LCe!T^HDMa?;zZ2(Ys}@oM-^{Ao!J+9phm&?0{;0n zH25~g+_#zT{CWSiEr(jZ4UL{U>9CTo&vJa$f!RT14JokKb=vw$=EbqHIL@Oc466gG zJ@?72pwJ>^H2N2GiTmd(2QK{s6+!f@g>B7PPg$ar40 zLqXEu8M=WxG#7dls(OAzxH!%t%m83b{hEZ?p7?i6X)70HKNqJ6t>9NEp$NY|vWcMJ z+0QD}` zE`kjwJ`Sp?Vj?IAmLD%~Zx&cBzC@#mM2>~`&zTgJ!$hDrl9iDHePYjjaReWm@x`X5 zQUfVRP@xpAr7QE^?DO1c-b?VCQIL>3=-!m&5>#dXxX*>9{_4S+KEZQRQbf!$;^e`& zr9thP8WpOv^6>Rfw`?kNXFEb>pLGKJBIc98l9x&vf@UA?F%r}fMO{{oDKwS;AA4^e zjddG#4PO+MA&rJIB;BRSm=YpGQX!&3#>gx~=DE-)M1_PzBt(WJGl>jc<}p(;lPP5W z_U|6*e%|MK-u13$eed_z*Rt+Axm?5Vcb?~Q9Q)YE-Z_rB#`Dox-%jyiza=tA+p!&x z$)YWBO9bP&p`iidK2SDX%fN7}ZFDAQyJj}Ej}!%ALalTgDhD_#5f$-;#=+O>C=9VZ z{+e+(a=DvhnF8igNED0E@*)Il@#;8Lx~h(JYNjlyy&P_boFxi~?GUFyG=@AR{)@lE z^vMe|WQ!2IJmKosxrNoxU zsRN1iZu@NHn=OUH%Mt3JsbkikD(S-Tw9_+_p08iwW_J(o9E3~4`c^=oc9`XQC81S? z!l=uoOrUUDj{>s)19<+c3*X(sceJ*Lqghxw9ZEdcqK7E$L=6D z!{T|KA)eoyRaVt;%Z0MMVV{YVB~Dp|=zvpK9EYbfH*DQl;%*d~9(}%jXqttSwi~g5 z2pkw=Z=tq;Ha2F#pXcSV<9ybR-da>tM7T#2Jb%ZZ(PhK@J`A)7A2-p_ z2x!WnBM(E}4db18$jxBV0|D-vgn+?Np+L2Xu#8z6aZ)oU7Qjds@SHFF+ z)T<=b|6aT+@3*7teX=x-fOB9P;3PO&z;7XZ{5_LXEI`DX$LUDtf&j<#_RXH4hp3^g zz2F4FQW7C<3=sfGifR{L=v!c#ZVo>av08=9Q!>w|+Egg@Fk9(MDd5lt1pMhTL&(MB zs6c%h;o#Mf@CK-E%!^~QS21gjvKg5I7n<5=hia!HZb8(wd3a(@U5SK)f!H=5-sqQF zfk-^lkwKUc`V>*Mk$v8G!0aWeZg9r~Ije7F8{bZq5rd0Qg|CBD_*BeklLQ8(qz|Va z`fC%t+`<@pJn1lwIf_UMweZh33MDuHbY=fG8ERB%oqc`6TD0Dj>s5j%1!?=?7%qP6 zndukW66;B~{TPq$7(cdEN9sl#zlVVVD^KutO`bgiM2u3!5y2@axEcP&QU(UQkXRy} z5l!X6R_VXCs%u>cWyE?Tm?!7zY`g!_vlenm;K~z&{ZQnQ0dRowYhV`@%n{j002&1o z;!QqPkUjcxF}?d7kegfn#yhSKG=j`@STjWTDv~x>YVLXJoN2U>u2+g{i_M~K)7b~R zPZjsB37!~?KRe;!x5BYFJGVlJ&XwP-81MK#ThQ})xk!1qUTOV4XgDh8y?9Cwx5!zQfA}6S9hkXVuf}=l`oL{t7^xZCJ~8nKVp-A{ z*PtkJ>?|3X){hXCNS=|lL)BSet89|NS@^W=$xD{!_+UEhA~;{pOV722*7=2DEtGowXim}FftYy zrgdZ1nAV1lRx;^=biC^YiATXMNlv>T$Psc3?=)X~uDAmc2AtkM9gvQc2qNq6+OMLy z>u8aDF8*1K@s15^bGD6;jvru5tE2V_)Lu#K*uOWFksG@1n3MQnY7j9zL#s6t>3}E- zHqAO5X~gg|V{O;)WuCUehhsisrBQrM!{%?BPVBJz>iSLV*ZH=7AkTx}&V^WU5~a~|@s)d7;+g})JF0D%UM+;k?3~z_iR_(?t_cbxF^FYtJ(1}Cr%C$H9{;6fhn|o3 zPpEuuFcrGQ@hCXh<^C6c2>s(y;RZvvmZLhiC|F5z)s(dkZDaYPQ(Y79loIYUv%FDU z$crizoEPFfdt=6_JiLg(kcG&4uB&e&cLdyLk%+IMwdtmUE*Ipf@ zU~WjkYF|2SVN58QI=5+~&xdz1-V;T9dXdM2QrA7vt9rVueKNA2ivP$#rspApxkpn~ z(jG7e3-@$dy?<)ll-|=96!uQZg~G`6a~Gxw>oZ)O@6!3vIa`o>CYzPtPlr!yceb$E zAKDv6B9$ENpr?OR6Cs<*c%F7-z35izRBq(QANyNXD(4@8AUNvu(^Vu((+~9mpj_B; zYm!LtiD*iopdlgcK>S2QtkE&sXjhfgZ@jF+ zUw0EZmZMuoOUtM4{>fBB#88;{qdzvYBIml^ewATvhBtadkk=7YLqz@x@1$|aA`)u1 z_e?pM%;vPquCdZw%l&M~RV`vIKFL$<7V1B*aDY*odrQ&fH^<}ZD8_y1RO3}4^bFN> z%m`l5*%bF(MOOAE+3X5`_)3W;2hR_?4aQlt4Q`3)>9!whZezqaoN^gGGhqx0=69LDDCk>Gd%)fzaj^iQok;7$>Nz zKI~jsyzlA6();x25%f^SE3~AfDBHNVyn1HH{rdXcyJV{U0s?edSrIms@?+ao(0hUHswcOlkM{>NieeE7LM+%nq$Hg+%rK z;xte2g6mrwVOA`*YxDJ=7b=M#6za<|-!1v-|i2PMVL?kDo zBC^!?oX&uW>)-3^5S8_YtKwOA+Rj>XNrreb%(#+5>(jI!)b)N?YFv1C!Gpf^HCr)x zdBR98`193{3BBmJQmLQ{3epcfsqKFCFXbgz7+RID7zyuDO+pf#(g43Pw zYrMf;?0VVRpenr)Gln~}+coFH*!@`8rd+*_2|h86y_p5eb1Y-KWQSs(j%f}m}bw$V6T zn8S%_Ag}V`(&Nz3JIGZ*cOuLpP<)`i!a(ljlUXy<(}nPO-?5?6#lKxC;y$cRX&3Dao#lM?HDJccqXl&#Za}&AUq~l>x zE_9S8+M1G|pVGi+K_}C)^?~9Wu zV-(}s#ty5jic?wjsxXFFd*z+)UscL03RZnCNSqR}ThOfw>;f$Mc8d8vpXRo?$OjJ! zsg>KW9zhz9k!ZvotG-GWR&iIyR%4rlhPwb-z++r^sy-NInJ1~D64cpge)X#CwQE!9 z*e?N&Q=gPCpPs6$xDZRW_xup~p)d~4RXr?!Jtp!_~(%U5CkqPgxan|CR#i9bi1 z@~55Bm`d+H2z|P)_t~a{uNb#nagqHX{{4r%#Ny(>Mbhnie#N&I#6Kk6yaeFLSUKa_ ziQdqUXSQ$^`8{Xjc1;SPp;cGPb0(j)xXr@BVYIy~f{BIY4ywYpQPmg6xBh%BX$^s7 z3_A;cKf9yur!opjZQ~=u}NTefo_XMQWjrlCKdN##XZm*wIWvy$-71`2M;QFOWiu1^kjSn8U z;_#P_=HGd+sxE6}P~|M2Q^Tuo>dBAFyGa#~OR(MUO{^?;y3x^x!mmA-dw*E_xs8=u z3M*}k^7uNfvsjZew7pKj+TqNje3pG7E}!LR3**`HVwb~pYXiF=9Yl-=qo@On^pI1M zu*yBaSdmV~P}6WGms`plx!a0x6o8-($Z)zCSv?ymUP7?h-$Gj+0HJ&5i{hdpSMek8 zHbE(h%p;PG!_ZlgeujW|C6q{qkDG>X1IqEB`+;_0Q~cw&gD16I*yg8~tg^JaY_z{@ zS1p*;tbe@j-pWnSb!lYsc9(5>VdM2y)kQt%_)D4C*F5UBtjIG=5Qv;B`3FUcB9tOvSVC5Om1_(PP ztWF~AOU&2!8?w^>5SX#%4<7RoDW!eHbiGe&hu!6uQ$!?Ap1jR{e=yE<*ZvG=tVd<5jBM!t4p&b zNnAQi!x@Kl2-h8~KA?5PtOVLk&{!b6DdCUeYo>Hi=-SaEQSUG2CmLn>0PRk(xw45} zydI^EWXy{al>SjKO6v5YQmnpDiv?FmYDcV=mNxt`OLl+E_C|Q9WiGAws>3{8pnzG! z?p-oYR5$-zTFKiC=e&{Tpxh^ZmgWZsFef`|n%xK2trsjYgC3Bt*?1rmCTqnb8;qQp zXwNTS%hE(G3eoL{T3?M`F)2vo0Bg%Eg7o zzNj z9sg)-POOwRl%#r;68S=j((HoP{#E7Bg$=gFWB_DN(Q zp!lsE9*Yy{D~5t>BbT$O`xeAM)~~D72&wC!KlFr3qOWA;0DlnTEpUeGbJs7jXwF46HfN;Fw9?_C~GJUUkM{Y#Z}<;?mOM zrj3Y#*V8nTFda{ITqWmb5nRsi6Zn7K^3)LvhnG{4CUMTf>P|vwNz!nhH zmY@;L^IH^!QC{i&$F`^ zUa+r%iWh7lNS*heL1ai$D8;$qY(-?lSsEX5%}LB1)3zFy%afy&xLy4knVFf_4$dd@ zCeB6(S%t~RI<>fqmoKXV<#B`tHB^{Mz>$*km$$9I)$>9-@=UJltw~m118p(?!SGSb z)6;V=H!t} z-(Ao>d)A+9a|G@eX!9mpc;!kQd~1}Y6!ht9K)?ncARi*4(<48Mulu@Fk+R!A`8^9i zLkcGMU!Jo$yHMh_rj88OlJupp@9J}kH0m0#Z*2gg`-YrUd2Sn7LV{1QBWI@7jPp!I zj8SWH*$Bo5P=#aSOLBLR^34O?iy(^{h#r)Xct_x_gSI@5Mt!<|{^fnMYp8TrJ>*e1 z>FV2mB5hLp59eFXEn`o4_Iwv=FOFV+me<|zSc7_Q%&9A7a^+AYlq$)kNhZa9epWnZ zN%pFkc54-giQt@}Z>PstfSyET%Gqa=S9^V8PWE%0_LT8Ppsy0Ks}OF@eNs=Duhfg}qZwPucEO@iJlKry%(Br!A3V`J#{;65Km zR*lX$Z9!U@h+t7SR3^0Vd!x}(QW9bJVE?{-fY1*oO<15u0;XZO_4QdLHfi)xNMt$R zcrH4yDIsjTF*V-ciU5m%Kt#jYty{I}djXaAlNXXB`=lYIfhif?%r^q2ZgA(9+3x;bp}#ba&WrjtSm2}?wi`= zO>e-#b}n$5olk*ce!yE4WAP{5etsr8njb2*JtAmW~3 z=HR#m&of-5IJbOc767=3y_A>dUh}X-cg#zENfna5c99Tt5C%CB*$FY2K$%kbC9-c} z+xVX91*;u2G=UT(J3CWbTRLn--D%TKislY&uI1%f>hz33-3*b~L&EQ?YobcgNZ3H_ zwbfOe!K^8EPMGHp@r6X{QomynGwp9JlCM|vKFig*h4GT+jp@6C==Ug!f!Ymf9IK7Z z2TldzKzjmr4MJE7g+8EJt{cH4?@K0572t$O2Bg{|uM;o;~YzBOQyxLt@c z31@OxX85atLLAm-l#m!fmkh+i_3$S{fIuHx+az@GR{uQDl0XI1qpC3mja7$_i}5h@ zwv|svG^}`StXu1Mf$fBWW`j%yx!yK0`owQces-ti{yb+`R)-?XT`sn^4YttG?1 zbA-E9(#Pk(O8_`u(JjS{5y2b8LGq_f645{eG}fAj#$u=Y!a*3-fL@y0*o}V$LvjsR z!GzZa2nGHYTfSskasVubnikO}MT;PCbjkA2wifM0v`a&0^)WHIA3x+55V%2%h@#L( zxVc$lECbnnG-jj^SB)~bkFNrEeG8S2awghE|J7-0n1X_SNuG!&7c?O_i7h?HGaMPRFGih`E@8!C#vGGHn3eH^F zGwtRF4YcLYD=B%x6$-KzYcR`?W+Vk-2DET763%AzuWgmH8iWZe;io2MwFXzNbYrBI zXu|vYg1>45|1DRw%0G|v8@c|ua+vf68{yfxc*3KX5L*YFhR)HAy1@^q6z`-Nk^egC z@APM+r$5WeV$svn18e&kIfseH2UERA(C54d-2C#~Wbf_!_ru?|qsrHDJg_p!yYkgR zp}{AwgD`>lieUzCbQ?I9$JgMpA;X8qH}FFAy}Qv%sGHmsvQX!$y=r;2GspVGWx2wn zOYH+gwGs(an>R4^FSxph^bAyYd>>>j?4Lr$shf7RW&Qe%8(kj;Cri1y#`yO@MzsN;6-+^H)Nipd+oP6J$lfViqpp9ps}b_sXi@81zqoEirnSM-kfZu-!Mo=IB= zQW2izMTaa+sNb9O2^}~M)+*-?=z>U*{_jMF5M^ zqOW}TPT!`Vq;J+vVawchbxyvt*J?tsMURnXk~#Tq(I?T$e5>^zuf{W$!|Bl7Fd}>aG)4HFys9S;}~OG6w9X-GAf= z>S`8(eF3FJL~?j=-GENovzQMqBBKNhdGs35NI~aG?o?>Ub~j8&LyZD?SqV1uIP~q( z7%0IdmqpmYWut=+c+v&h>&J;K6ub;{S$LnV>CR$ZMZ#|GLDgCSnh(+U3;MMBft)v< z<1*;X?`(QcmrY*8;vnSi;Oue-qXgJ-Ykj1M{yU_02zzM8AFg|L?dtmTA?@#}kn?~& zWbdKvv1B*X>?UL`z+k;`CtIRQ@mk2HBoA^ksrJ{Yt&(xSs+8!ge`z5ea*{0Y2-4R>Uq z0RY{n%iGT|BX7qR!C6nC5PB#~ER=x&;`cQjPnmtg)NPYR&@2dZR&<;&8omYZ4+#68 zR;nQ(14l^NTaq)BKnfsYFR2Uc^Vw{B5z-bWCg>=w!*JF+t8N?~3!^4&sFU)n9^cQB z*Awe(%2wk3!0SFiOSH$);9gpQIhsutD;h(SPT|zoJf4uvbou4vZhOl!uE}U!+m*fX zOjFP-$|%ZF0aO1KYd-2^F^vec~cfEQAC%RFWD ze~WZecK%71IA`AW_)eMJat;AbT~vUU0c1EPehjMMCZR8ld&`B!6uJn49ch#bu<-B! zs2u&`1r>$_&`lc2UOjO?RF8Y_UXzc#A!T37JV56GTE>P-7zVS5?WN#UqR9&!dPmSF zf(OMi*uG8y{)0doP_9lL-mmuZ&!ETjnNV(xHQ%AqZub7x(7b74KvKaa(T?YIoM(zK zcuont#9w@VEqn|Gyh$Vw3hs7vXtN%*S#6W`WjOmD6Yp2tURb`YLC;a~N+hgK1K;~^ zlxixdP|;fAhhx@>J;sVo7w&6ii^uxz0Gmv%>`T4}2k=4sQfc}Xfwk&%#`J1mOGfR} z>b46G7ZM$cn5N;V3of!#3qxC9sqWhdqzXchN`}x5P`8=omm1hcJkeUtPNP3t)@umu z6&3^K=X-D83BGmr7Bm0-9RP-VD_%CO6wfvi>(iL;i2fns~}@AMI5avLBrf z5xDW^XLPl!UaR(tv>kAi819z;>jHcKJVEiVAE`fo@bs@I3}EU$$M_e+`PXma)*Am; z4y025r32~CEuMe582oyNaP8a>MLO`GsOsKpadrOJf88Zh#7�^NL+H>TL#N+Xc(w z&tJnI;!%@#3AZ8L!(kIOCpjedJvw*u-*2<*j1)!lj*yQE1MCB`k$DVD#Y@brY~IC# z$8B5%mglNGA~Mqf7e~E+zYXx4G!h-mgXbQ7k)d|royUqeq=Z4Z=(Z9@jqHQP141Q) zOlUDsd(zR-v8;A^I@!Yq-m@Swr{GeHT>t&y$Ska^GI04KXoq|DY($6zJcN^J!8~r= zVG9VgAQOZ3A7ZD%9^F3~ULZ{weK7=!4#chK$|q|ep#m2l2!Ie@!_x%21>GWEUJt!_ zu)_`=J}eclT4a2v2x#HXos_T<$1n*vzpi?%#L~GhOF9n0F2Jfp4-;)af+g!b;;}2!IIUhy1LzSXnu(5?3uMr8SxFKtP<|5;DV7r)x^i62keIyKm3lm z;N|pl!rwz|^g2Jm8vAD@eaI)$G$a-Xl;Fi-1_B1>Y$pI~%|yblqV44h5y zH)ScB)gckOmUfD5K15-M-|E=t=v5d>q#*7Zfu`bNBoaae#0+n=n9G790sik2wJfR# zAaw=Q+UWcOc7sGIZZ2V*jvS0=fV^Ws$Rioj{h)@_YxMKyMZ+HUQe;%*$@ z4|jymVx?UShG04-NWgQ1`Mfv8XSuMR&}w#j1|v%X9bZuAM$`7!M8pcFM4CxMn3z+7 za5hlxdnGp@5Qw-z4CzB}mCi&%zyZZgbGpgqD<3E~!vp=y884Zg*YTwo=hA)K;A3W| z`@J`B_)+rdVxSFE?NlU!8`jj+13C&!sZKz-jNsVTYU3#p@)6o`I*!z8;yMw1ZnU_p z!RCNP+uV{{W*hyZ(^TS-@N>L3L=e%@vD&eJzu89%EgmM6AMnKU!#oQ{ayW5r0WHPs z6~VC@S#BGPmP#VL{;%)UQA4k6@3#>z(8_60VOY-_5v1L5@n;WOGO=b zbQH$0QddJ?MXwF9+upr<7ZAC5lNe1w-i-sB8NZmm^Rc%R#oyLOdk4f-yvfyF@Ex?3 zWz%rERMXH&<<$c2A)RChsn&7t-PC(Z54FAtnSTCHBxDuc`a=y}8cRY3afUtZT4R)? zj}|>IOT&^#Am_4BO7fkaHEj@TQKBc@N| z8j7I&uKC1uCIVZjqL-4Ce_aLz0#>iRDD`I7`*-e0+Sp8{+amwQU?gfwX)psJsyI9~ zMsE61OwxXL_y=T6Zh}ONeFI?>&^#U8R*<5Sz}c*MZZh>pnlwf8Mcp@!IC$fb-lRNGN9WP)i zFc*rpe8-S0or~rE;Aw#To`;U@25D(&H7zZ7Fmst-cbiXzTYgkwEeWR^3@%AHPn5W2 zpcMf@RJ5=0g*a|KQ2lU{?b{gD-F5aX_hr?R8cmKx_w65bg_ziXWWKThmd1=ddN?u~ z8c#aYL6!wdEp_SA_632Rk4_Wt2-;659H_u{p3L@3(nylUEEiHt++lRTanilk&ZR*! z39R?3dEx(+)0*A*8e6@%dt5_DCSH}&^CGWs&?j%gjRS!mr$T_-F8r4e{z6rW0iX#u z>DF6X=Afj8E`9N!trYi`oj60TX1aV_viuj}RxQKyQ5?@(4a|Y*5N$)CUdRd%QIYW? zlNf2;mdCFBPi7Tx5lk))G{1=ge(P48=nOd8kq5-pts}X22L12(rA`^sP-duJHzgfi z15eUTP?!Nx5i3hZQSoznyxFI(FnoqhFbPixv-2wzkDc7cY_cG}xtdf*Z2&c6Qi!$N zH>6Ypw(m`v`c!`<_Pj#85s|XZ2+yDwd+q^Y(X^(u6<4$1Z9hoGKtPlwHN3e=3wMud zUE2m~w?I7I$+sMm@-ar;_TkF6dYb&BqY?@&TN~6tTWq*MOtr|~q90hJWSvZjs{h;G zsT6SN7PLN1ZnB+m_-b9M4}#%zz_#L#dNMvI^?b~!NL_jh(pZ9Ew~jXsTXOFEn(Y%c z8f2gT>Qb&am-j)-KmNet_<(%Pjaml0F2u);IFK-H=omcqi!6CDZw6(uGrbirSXyI{Vc6&1hc#jL;_$I4G7um*ihu+RIlM6x>c=7B z2L|3x1voGKo3^?t6$m?y7h-e>qSZYY^XIoh&)qGSckfIG!v?xf5PDb@Oi@0+ilG&4(R zGWsX=D@%Bd-vf1*NM3ewae<$um)X`*V-04Xc$50-yzN;=hqmEgTV|c3YnYWhyl@~2o*}$Yxt>1Bl9X7LCXC(p}%%DCBQvS zY#Ssv=tl#A2sr(su2nbG{wxFrW-Y_23?q9ln>z9TN#1noHg1?BaF&A2GVboH$H&L{ zu)ooZ#7RP68_8p9sHtI1aT~L|$9aNPBsC1MBx(K|=4OxDG=KhJ9QB2`(;MTu3O=q9 z*09@xMu>J>Qb5viTbVOB8368Uy>|EeU)Jd#iH z*4j_I#FNzCPy!+)N&@3Ub+SqV(aN+mG&!<6DaUCNoga-o+yWIx66{t_KyRwazHpJ9 zG$ZN4Q`i0xPQ%Dx-(i{%Jf-p3{1t*%j`IQL7zD9MTRVbmqUUvLyD5@j;0l!23-JTOn^PgGHDNf*AL^R)bW}l) zD-|HWjG%ZAB@SwOOwgeM2j2y@!&`AxP$3dN3wzTTSwP!{4Z zm%#-_=&EsFZ#V2!jQ0^kAD|xgIa zHk=Qb8mTwm_3@9(&B7zImcm+!IMkkdyyJMhj+RyNRzIbK)3Sq=LA99+d+@F2Pj@2i zdzP2hv7cn-&|DK^KB>xnv}B|ooXQ$gkc<*5HP=ZpA5#iw>7H=JBo1-H;Ev}~KDW((Rk_iey$BI`LC1g?Cwdk$)YPt-hR0vJ`#U*C3`<`F!fqhIVrphqgQ-%;7$D!q z5c3RWTb`RJp|?C5%PQZhgjD`V{mHB>@i-D8^6p|So(ykit%Bt_AqHkJ)1**3Z?ATZ z$e(7#v>V3#5OxKI^*7!t!H5USLu>%-U#vesJ%5oX3m}=(a!aTyyCxZk?1-1%$y;%L zpUcZ9kM=47Qh}}Sb(ER;6wT=1F-087Y`YID^B!Da;E|3PS$3li3w=-w2S_!vWpls$ zty{Tvt|O?TSG+Sj^lfy%mxPJ}+xbCgOU{mf%99nD-+!m%GO+{DOD6CFjQA+4smZCl z<-xIcN9+536z0eq@qW=UCQc_J2P5gjhYJeyd`Kj)exE~ag6#*=Wh0 zyHV(Cr8BVimBr!hIKZ0sesp`(iK3qrF_U-u_F7O{gV|1TY~Owl!V9|Q=8z0$#F<9u zI=tL*5J-!g58w6kr=EToJ1j`0dtPJfzOnNdf0|d2xVk-ZM*WoHI@2en)rsaGBQji? zJx$Y6S!Pa&KK_G8`rM*Jo&NuZ{3wtt$(j1&(Zh$&FfoCQ9HvzFmQ{AMK#K0qfXvaqm$ zC;}FTRRtw9DV>p0Vljaf7t&)d~hAN%*o1>E?XI2GP&x4 zpkJr(`nDMQlA|TuTG}+$Pnprdv^uJ(W^rM0X1H_SRcXV2WF<0Dkk}oZV~xT^=C_i* zKJOXt&SS7n=w{rqjY>oHAc%=1(%)Uox(%E2KV0U=or2*BoSAPte{R$}+G1OfCma2w z%8)>f02g3v6+%TmY6oOd2?K1wXLet>B+)DC*{Q#Jv!~l~w*)6A1zKnyC7>Yx6lS%T8>FZk>- z*r_9HFB+D21Du1(0VWr?L`B>B=ac0les0@X*;qrS{IDD=6IwNQS$6iW%yX6|tNZuv z6%#ZgP}d|OrGPR3XNGwzc4GCR55I!V#l@tW`Nh8ofx@iG`J2J97eR4=;Dtzn!$H8n z5901)*TNfcxGP@Dw0#Y27fh#8l2G!-HFZ%DU8o`gS0?6ip;kz=5iiaIZHDdn+OrX2 zlEAf4-~e*Laf?YLVyGQ$pU6=IyZ{`+$9@!}vm)Nc0$c_!i~$U?XTQ9~bCfek3*jaz zCnrbD{w-dWn7-x_P8~wV0}n8ssqXjk2CApSNx7Ux6}QJw&C0oGWNPYTglzL}i?Y+7 ziwYIi#JP=`eH&JNQE?`U6(oXa_7g29s{IFRMC)nYnLGPiQv-$9t+y1Vi>tWf?k3@! zk!yTD6T{S9KXU6px889!?nLyR$jJ*DgjW`j8kDY>(2CB?WO5bn?AJ&J`3F5<$T>W* z_o8<7cct%}Wv+O9uo$h`xFojiz8KdhCR9A2jt*>=4}XTI*WEZJ+CM+gQd}s{rLdIi z$Y+A0_$~_W6Uu!du9yEiw%^)h6XlSe$?25x#u~%3Y;5wnIXOA3Ff{-sQ2?NBJep&v z%xoW5@_V(Ng&;72gMgt8fAmCfhDb%%bYVse^C{wS62B1Zyt5%BLJSqKuN(ELQ1vG0 zzUPQ|t_gbV%@~x40V4r@KiuoKt3nO+HEq{xO*63DF^MuOdhIDj{IQ>LOt~p?v7!xv zZr^3hkJQx)tXl7S&~E1W;H{>lOSb^uDlBNmtA71W+)MO-v@UNw9o=zs0ig_o>S`cf z@}kG6i;6^CYVJECZ3txU4{g&ls-J8B*!iP)o}X+RHCSsK*=crD2&{zvio`c25m10S zJg5v`DNYTBs>fbRq1uNEgEHyyPhLx#qsZC`FeF!->?d1ACeO0GyBu4raCTNDPv}X& zGQ0EvMtz_-oD$3NxgmY?0h{GpvvgxgGeRZf^|$ux#GKoUAsX;pKJ=W~T7jo7N+{ zkBaJ6cfxQ~mg~a6i(Z>7jQDS_?W6@+!@IaU#5(NtYo3{vvsz)hLeiri2L<)S`){F% zycRwP;hQ>}-U{u6O--sehj0*`y6`t{gvzqWyxg>+@MfZ&s>`yk~-?WFB8ni25g zO6{ttwg=1S$Dcp&Kv*+xdzQRI*vTn`g6nWt)tD!}VazKf?$yDf3n>>cP>CG`sf)Ob z29rbEgu_3Zcyaf60f2+_JR}|bfvFN2Zy#S2$6g*nJG(pWY3AFvl;d=!QF|+yKpV)D zGB`&}Z2;jw@n5w6cD&$#)pFaE`~En(c%$2HnB{h+c4;Q>8QJ_Y=hD%hmm0F4Y|iq% zdYiScdle$#EJCwPK)Y+`Ty@rOUm|jdc8#@FPX;(5#$ewC;_KjVRhN zPP!1j@5WpX!TSo^Jf0||p{~9T7Ui{_`b2AkV9UU@PH4Et6w4J_<$jo?LTO!Krlk>9 zbrYFD4@P@PVibixfBp=Jq0fM57lyAfn$d%KQSCy@zo=$&Y!5Ig-jZSWHor|wGvf>R%m$!PAob0byM7J#AGRv{0*KWXLF|8tX?Yor8GkmW- zcifPeIQdGpMkc(mc`@XWMp#(vDf#}`BjKNI=P#}d3D5d}{vkS8FCh||mC0uLv}0m7 zzv*SuLm&6mFxR|P=AzucGlhH7Wh0}SZp#>leP-f;e2)5oh3T^u*CNu$Q%{fezv(SL z8W$BMiKMF@`XtisP1urAApQ?RwI}fVV&3i)XBKukl)kAg=7BN#rG7s0nke_)TXjo~ z&su}V!>*K{ntBc$`AJ8y!cNY&>FERLU+;s5+9!irbYrLuxUMTXJb!CEyh4Y28+!H2 zJI=7GSa_t`s|udS4%^DY5|4T#T-bW2uzvH{>@Y}pg%Vw8HpB@Y(^b3S$g0tL=|}J? zk9EuFt54kmb#yIxx^-WOj;>mJR8Gny)#y+2Tbk267M*EYDsl3UlF4y+ zWZ>7Jhmntxr!JBiUIvSDT^v-YJAeM-i||_x`}T^TQhuQP%Au*EslP4_oY+zwH?eOS zDkFPsVuZiF%1<*Ncs_DMkDOrfsv&-VoPj{-L)|k=0xc-F0(LUl= zD~m>W+6wc-33++i07+BZMq6{7()2v+jM7?uK;Y5@k9>~~s@2iU_yB;%!$qda4%SjP zfVTBcJ2x~pb4QZ*WVgSLi=c61a=EkQ&!NI{yn%C(Z+;yPTeIq|RP3?d{ zs61yyTkMM$gJ^feyxA>x=~5V|uG<%n@|k64WvN5jkd9p^MOU(H>_U}c8ca{(Fgm81 zY1!F`>=DA?TLoleM1!_dCTyAMx6ii2z|*M}jdlE17WiCXe%KW3T9x0KjF5RkR(3tN z;FF48nyc5FT3U{NGYJ3l=VPph0T~c?XA^f-gT(AUUf$p;!=Tb0W!UQMGJztg-X7Zf z)1ue;*Xoweof{jsrxWhzAEQ0mQP-w#+#c1ur)|2Ap|k!CZK>)7mDu->MOrSKYeZyf znlUCScb62UOjqtsbASImZeNbt%df94XQXEs2igUu)~2SLcI^A3WDouJg3}If~vj6`zX{UlVlnfq4MkeF2vWU6hw+1zs zp4ZfTik$UfSeVP%75|S9_o^6Vw)NU)3)v0TQ&e~ZZc#tLh%L1Kz3rVU!@B&Hh5Uq< zFXi9`wC?i_pjWDZ@gf|*u2XnoFtR{4OdABzlWjxM>r0u6xM3&_&jEn_^4%lvp31q0 zK|#^LteM?;iM2{{4Xz3mJgE{ZU-RNjFd7YUC?-lie%!~!B@Nck`UO$HiN>nR%6c4r zw!P(B!EanWd)Kwhiw z=-|QXMEP@+b^SrLlpP}x`RMthe{s&xurDBgkB|l&B?8*K>EG7BEAFm_@QrPE5miHd z{mYDu^T3mz@ax~~BS$8evb$7{kFD-8YK2@;q@kyBUe4kRzo!zIJy=Z zy0y2C>FP1(cXDWU2&Zry;EP%sjjZ@aJ!9k+@_IJK%+!?T^X@+0!xVr0{+Io5CBx3f zyQ98;eO>XU4}6vC{pv!QLi-CJKU4RgxX2aKwQN6=h!X!%K!DZR<q>*WoxQ`W z*Dn+U)7>YWLlxv-e_Z_|v(Ip}GhYX!hF1v-Mjn^)wGGqeqTY2B$EKyJAUA1(NX?-u zzE&)0$Usq_3`oC$=){`^xQ?L%Vhsco-IDt~|aLIrn1q_5@PQjn6mL2Nzv{Zx$F6Z?_z-U&z!<1*K! zUa2t1(D>I&l%!j<9hRv2`z4A0^^}S{`Tec#21>Qx-|?-bIPm*BW^WSX@9*fONVLDd zqvrJd^T__|U%WOHQ2zRvr{r4Qzi$`*tzZY^6J2va=szMsZ{{pD{QNXNa%se9v->C! zv=FAg!H}u#=egg%zu-%1B+)V+2xu|C008hRsj>k6? zZ0ia&ig?gqnrqawpPM^imz}NczuykShME84x4Jsz*SjG7e{f~~yyU&Y8T+dFA)}VV7T>vN;j!>uTnu3keM=0>6L6u>0{2>fhgb@vXAI;kL5S*@Uiz zn{>tRpNNI5)ukWD)Vp@zp=*8exD66va5_e-y;?L3^n=v01_Yd|AqDRAFtZ~_2v8jzZ`LU z|6e)_{)ZRya@4x-9LY@y$fK8sD^k?bAxpCD_lp1Nx6@My>OTHB0?(_cL}QW=vF=m< z)F;yn)AEOVpB%P$0%9L@JB0^Dw>u6_n$S*ZMOq%A{lO4;ic=cZcPejoYxxFK*V zrc+aV_w1SO@t>_aQc^`Plj~3#g4LvnOT4Q5?@VMEz*_m|&y7e$Ksx9D*6#+D%~dyg zpr7wH*BgwY&>6-@(&ZpJ*+R^yJ;&)<}j4} z-ixf;wb+D(#vzBi;-+?VVj^T} z6$&FUukiy+SyS8ywDjtb( zjpFr!D_(s0@}+BfczD>$4zpz$;4r~{`ON#xQXa?vCKr|hV=xD|_t-JF@oT*d4QZ)rP#q}xF}OtcQjj^VMNBucHEJd)cVQlTlYTqp zZ0X3wU(X~~jsnUUH%i29-nPt_jN)~;1qSjEp1Bl<{0Q@{Pekm7ZoekVOSmX@k$Hm8 ztiQ$e?J4HHDC~S~W~YM!0}o-UOOiZ>dsreB{A*_yMBn@4c4-+75{w0MmV(cafpI|W z#z9P%nO?nmK}#zf-2~f#YEHMG-M5Or*R<-uU!;tTe4f~_$b9PC+7i$^1$pCYnMjZI ztos`XdMisy7kf_O^+AJ;K}(~S|JTPEm(zd$Rk$)-^ddq%`a6aC$BrF)Z#x)Bj7xqe zM;>!|i&wl6l>{I`VtIlA%Cj$%lPwD((x8xVT2b-v$ebZLB8iy19N4xtWYj(zg>yq& z+y2Zpwx?9sPiNwOy;cF&eU_A-bPU97-Li!)Yu3~QAO+X*2-ey$7z>{UPxI*asX3f# z&{WyS&CU1rT1ZuEik=q=21c7NqxQqN45-Cu)j=JOg}m6`f4XWu(y6Tik%y>hh>}o2 z;XXbr&aM~8;xLBy=_=7VRKT-75x7$RQe1TRZdsfvIs5kQLs9nnuOpnQ0)$B++!qSY zcx5OvPGiDL38@My>5Fb|xwsjF!T{ zy)P2!qrcF>~nGP2qQ{%Ys>tl zx6pY=JbJB<8{UxBWN|p(EYEtZ;Ig=tS5_W!{i66ScZ&U=W$fCdW_$y-$#roJEiLho zl-SS1bM;H)MGcKtm~}i0$-f3fAHku?H4~v$W2oDP;eQiY(Hqz_OqAGgF2{7>GiWVK z54$lfR2YxVY5R(f|9bi_9II1iAxrLu+qI^WQPgcdohZPb^9;F8^ld7}%u`8%)_!Mh4{mdTzY&xK(S`myOMufmwoi@fUzM z(9wux5dR6<(HWS#MG+cq(nH5+eAyj*FLg-&{mhdTrvN@)qFid*+|FH?CD`xl#&8bp=EN8J}l*l#Ei){p1T6!pV>a!^Dz$ToyLi!)+i0H-P_Cq;kG1+6utZWYT zT@$=XW$i3`)ZHBqkcE`V^$5KQzDJe=I zq$B8Z&gwv6Xl6M(J7Q7t;Xhn}?CC!%fFF?RRWzI`$UplN?$ZRmm86wTc(1PCYi4Y$ z1YvswpxwAP05;&d3BaE3Xc1D zcrMu6zugs&xFbL9JH)#bc_xq$R)eE(`S3K6&}pO_KL9~x<4ktIp;vF&D~|aa%n?zS zIQVfM4Gj(|pF0;wAW{gJ#?=e#ugDC&->pR(`HzHvz6{S|7d)m0oU3$jqQ@4qxBjyX zqL9X+rI@zd@3DLmU@ZK2Pb(-qBKNB(D?dPbDdaZ)W246fl;D$7Q|Hf}+lj1HJYx_ZK#qo&qi-~^uxJ3$xxTga6;5JgNK|7hNU>>@fYdXGq)z${uh{&bb1zhuD8$=h#I{%VhDzap^~o zAD<3HNO%+&_#7#w)_dDi0K{r=q60@0ja^_Ld5>Q3IpovwyMusW7dKXwl~v=GqH%Vk z^rHs(_Hu1xMQ<&%bid6mT*+)hY)L>fgn&5_vG7q?m5kCYjy-l^zp9Dh$U$@h3dcLJ zFyFqt0CeOcVga0zvJiPkru12^d1V3BLhiEXlryNfLY5slYv$W&{<$L?5!>}JAx2=p z(0e01{1#uhLt_fG#TT%y_5GPiy%^+*E(UvuDSFU@@#yH#0NKK;Hw9D27@uBEBzR)gh-zgSjPl z+0xV$hfO>LPT(zk>NrgQ2LqMgKJCU}-(Db(DI+!Yq{bAx z&6_suYF}50^9SfHiibn7&a(d3p?hyS@wEh0&2Wg^?mC4~DuS~=Z+YGf+)8=Cfvbjm zW0Ow0kc;o1IVEC062f>;BPK4=UF4n2o4Ubz43*d|FFIW@FfcB>LAANDzf_>F2w}t* zPBt$=6tHMXg~E_JL&@(w(Venpgc)s&_}Ez43kgEIb_B#=eBGio{S<=DW*Y(zfA>xp zr#HPwm;j%bWy%%BHT&};$y*h7R9?z)obaqJMf!wJ1ZPxqMen&QS6*OOXuD37=x+Gq z6!LE8zEGpxBg<%N@ZKus?-D(Qae~hptozoUflhLk5i(ytzxCk~9@;3ZB<4Pyl`?z? z{tNOIV?5`ibFK&ygplu|U+e(4BfRZBC4JN4`i3{j$!BqE0}u5%%brnCXu!GP)tvx= zf;>&!eN+~SD@sW+>cvA2-@iy2sZy_&%D@Y^jLuN>;_@TEJEyPTt7m;)aew>a=+5(TZ2!56x|j$qXA)pA@m5p`?dpmM7D70(#m&tlb>b% z{(fof=+2#&$C>2v1IE7_u~{68KDPX`N6()e!Y_?z2twLy4)N)0!`-eGk4ofVu7+^C zL!(Ct+W_>>Juzf|`^xG5*@bB&BLk2IK)=Vi_t8b_N&)wP&R=1f`8sM@%CrwRTi00Q zJevJu*SMqDtN3_0df$ze4;6Sdxn?x$@d5Sc1o(?{Y`%wM1%ev~fK9{T3VEQ#aVzGv zq13e1yA;$&m(VdoMvU6fuKF7KR5#6=vZ-3LP%0APvDq1u9f2``zx@aEinT7zUz8g{ zf|}GOAx8gHqS0A)`+=Xdl^b$h`bK3kr>%MfbW`#m%o~k*8OY#E@Zy*Ywzc=46z!W| zfZ(VdW@ixE2H;@wpvutY<-c-`)f6MlR7GJ?hPS45=6`6T#tP~j z5RnC=kp@VQ&@i~EDIx?3ZpwW0h*7jNI58mWFI-vvo;`Mxew~i{TrWl8H{DJn-O#Rr zz@qNe<&}olQpmm;5jE5cUkWKdym_0Uj1T)RudSwrGr37r&&@qu|8;&r;^pji@#k)r z^UcOC{FA51-XQK*cY)Hv#TkZE-(M66#CeSh9#x(5`l*QxNp$pF#Uruk;xRi1`r=FM zd>oEM!v*DK*^-M`grr1rZmwIi+5FOSO6eN2U}U5haQGq>afUzQnuiQRQ+B(S5^-Fj zqTFtMEVJ!kX4|o@pGs-x#u(R{wzai2w70Vz{(sv05~!N@ukVa;FEXc6k#Lcc5*n`? z4L3wWb7`IjD$PZ1btNT~G$E9tNuy?|&~P*!6-7zIsgC3{olZTUFLm#I{_nfq_rKP& zp7pGEt=GD1T}!8Pe&;*v{n?-W*?TYldA{x9#fwW!&Q)m94{+7T*;vJun-nWe*iN(6 zCCJJ(iBj7GMG6y0YVK(K2~3r_-~|~INA7CI`GLQjM6nXw_VEqI+?HHbpcve}^s#n{ z2?-&{`G6cz(4D#?8}4YPdfdNsBZ35yVSIB}9-&4ZqWOzwjsYwPKDvAN%o_@q^|mHh zL69P_-r(-p!(9eMQli$_8>6k^44UAh;Kl{Sy4FcY}y4Y=%u>*+l`ix!Sw@RDtlwR>@kCW1k! zXsGn8&2v;2365UYXgd`(vI=XS%f6&<_-ogmA6|9k$Od&FrZZ+SjZIBgErK!hO-b2E zyF)z`VC^B~oYgThQvGU4r8iYyoC_L_Sh#ADRBKDi#frHlH|u+sNX^T*chB(6uGhx9 z7mR*h!ugyqF>f~PS-$I!NQ<{{OzDp5XpWp2>PKo3 z_-x*0tZ)~c96kjuH3M~EA$JnM+r)Z&eHEh8_8H^ULQ%fYy&Fl_>c|!Vg*%j(m>6MY zIDf;J=bW9KEPz7fYmTmmalQH77)pas;p z8@q$EDeX2HM#52K1*axxzaKulUi=bozf^wg-?#Zn@yZvSM0lr!T1z1R2UBRVzirQ+ zld`d@03culnxK_|*B?J)me0sGD4B~Z-7_}S38dWwwT#K`hz!g{C&{t8XfB-#5w@&( z0!8g2@%7u18WXFks^-MX=!_qfp(@2Z`ksGqFZQ~NiZ4(qH-Hc!&0fvJvjadFhzp@W z^MJDqqv6CxCq0*s3rKDOt_Iecipoz!>+1UYDVQ$M)!j`4-FSwc2@3(}04Al0hznp< zN#Fom4^jGSz)oDyg$MRo>i3P= z)0D;67t@Wn<(>m)s`G#ruZ){I-WNL`iuApTN}wQ;+4?}AK)TYNQ?@{{A5o-54mn8J zc+|6T>s)>E$6q(tU}6706oU1j>3c)yW|h_OOWD50xast8y0_|}dp`AKILl?^*F)F+K)!G}X2rRlIh;q;B1yG}3F{`p9U@+PMPn?adnddRmXJ7Qmp|mU zR!HLxeuB+?Wte7;82Y=jk9IYah-9FwP90Y7#(Ue-Sb%r7*+{&Dh;K?|nq0l{BR|i; zgh?y(TE2Yc3fR18K+%hPy9wEV(#f?tveW@*@DN9LoO=Amd$Pj& zCCXN{?4(&H`Q zO_H-+iH+DY`(Lb}R|C;Rmx9P3_Q*Jr!&3vQLkyg8;f&yK;0!A40bLJt;PpCLP z4%QE&;}a3>z1dK_Nz%`C>+FN_%?Ahd>OV7FRo&77FwjKsWC8k?1R4suULvjQIFjL| zJsFLs&*tg?lp*{&0ksw?<6$*yT;9_Sy}1Tt{CV6_q@4`h$3E3*kOrdd6e0&QSorzE zxQ~5WLTiuQ7FU*tBxmyW{&Nq}o&w2_1M#!;xb(_J2K4KIyh)H7f#{T9m|7Y=yn*0I zLAYu6!(DMVp(#O6L?mEjR}ZlF;v`Ifn<2^#E^!LW`zTBCVy z^%dMH@<9bCd;o@A;62#iuMWVDj_ppUdbD|)dH~jhgPF^sp>%{87f44FpFC;A*;|8b z3Nk~M@ZNFUrL(*0!MURN`7y*qfLN!JP6EWm3G)ZS-PV8MxP}xx?>_rq@l!z9MzpYA zvtq?vG&1l+3wJEv1X>+4%6aV8X^kG|kA$dg%qNXxyb!1+B0+=7%u`s}erIMtANq!& z1;7zh2P3$NbEdZu5sOvXm!uqgQKkAhpaSVAOoIUwK|GC(NxlCpRV7@>_NcB4JX{={%|njCX@pW`482nv5uhn_achXU9B z@lO6%MMeLkG1A-MSAmAH$FQ_`JQGt>ORNEsCUprdXQV4RvNJOufx^RHKwtv)h6p=| zim3msDDn;#sEpOhbGA_`IN#=~NQ5lUoRYwRh~AS}meGE!yiOKN2l|m5vx?5eu6`Ku zl1h2={{55o>8a7s`|Yg3^SdM2r*vO{6i7rukeGR`0yifmO_V_5i5*c6N-RZocBN(J z_RX6Qf%1Dzp>Qx+qjV`i3Z&eK8I|S>_WI(>Z;sAvNN5o#fmL$E%DNWlq5H`%Vqzyy zm!^hs5eX9&_Eep8<3FR0#tV{rIIoX=3YxjrfiOxp4@++M+CYLTz=rgII{6OyV9h_RiwQWd4$&FzxePL< z=4dhi+r~BhS4MHm{5g;3Ksbf0pdgS9<~&@$mu(KHvRFbBviLK zb(Sv$DZN8PL=|bf5=rbS`f7vF+WOPF^;IAkNoq~G zj>LPe!=HyZIA^Y?!E>VW0gtAY?~+EK4jx!p4TLPV^FHDxEuyCbzb0r=euaw&*N~6` z;hYIkTGF zmNi6f;s1q9Ec)*y6B}hXoU4n4{)J2&U`|Y26!VL`eY;$p8ZfoHY4pIfB<@;m+pxWn zSQM%tpn6bIyt*E}4q{14*gREcC4hM7V3m4uQWA-!m+@egeV1(GgUiF zg&qC{stWXdT6U{33nR-wkD@V4FF2ohb2;N+?N}&JUZPnjv30AWs`St$!s`>wx1i6` zODCb5F4PJItiB)`>g4P#tCb0Hw~jtp_<71B7OqEdg3A`=hgSr0Ub zzA@oMSB+PXMc+QW1@ur4ViNeAiC3y#_ehhIanq-o3l=P}w6<#LdvjjFM7}1>H1DRDobeq_T}D}y5KPV zWzPnnKv*So%5Rck9#w3W1tYptR(|@Md)Nn8n=Gtx_t1Z2QACXxUIdY;f9 z3;=TD3NrP?l7rcTUHYDbemzg@yU~pb zP_++isU=D%H&#FuJ|3XNG8ic=8B0EEc5$s=DR*o)CBOL>-~=WOM? z-(HmzQi@lWT-v6%0NAS{b7=wtckV<5~jVIu%Gh@Jw;6QgAY?`=mD z%AdQm9lxMi?wse@;I26f@OSCWPv!XY?ufdzon5&2u5X0b08;}WNl*v8Eb-ik5?iwE zV&Q#(#uXe{#Vf&Vitbl;-H^&{`S6QUn9!aU^Omh&mTVg5^XnL8mh$mGwkc$dXyeQQ zi1m$k$MPSOZK$H&ogWiFLtY+7jT`UE^aV@yY+~46xFeDJ%_e7;*z)Aff`XTX@?`Lx z>NQ&2#Qk_8H$hx{_uf4LMAl1NvPvHTO*(FEIHIg9>ak>Gv?EZYuU=ISJX`}izsDWY z6GC42$kG`n=W}h50sl($eLQ3K5SD1Zd=A3dR42%g;FRzm(P;2WIx3Nb4{`YP4(zP-g+aA1{rE9!U;$eE>f`Gda$$%8FNs*z7;%d?{5 z-POLlv7$x_Z@(fg6_q&$N(%=?AiQ!=n-WUj)E34edB8xoRvOL&RLl`=-qW7Q zEd8;3R$XSVdduP>6BU4Jb#GKIU;Py21H#Qu*L0*RLJZzU@Mq5cKUOUohFC|zaSHQr z8bGX~AjDtS)G6odug5++N|x4a0RG{vpGt|dD5_mVmA&w#wb#)vdV$vQ-yqmKBSSqD zX&If;zN5z85ibcxhfr{n6K?JYhC<#AXOc&q=-KqX&{G>FJ22_1b}yu_<>ZW~>bV~Q zn+<~24V7Z@BW$zQ%HZDe;nn^XHl)?R^L?WKneX!kn??9W`{`F`pBsnR zQKim@>l}tHQh|3f(I6>g^M#71lc|Epn^;YJ>+KsHY(h#;{`m_cwSxf3=yt9|=!n!m z$k0wpesJDUR^ggjpxf3)tC8DsY;2r;$_EdqmmCA=mmU9fePeh&+7Vw91k)vMoJE7R zM|LyjK&+gMjBY5hN@XG4{e69Pm?P;QbxrC9nvW1IS}1r_KID^^Y48CYY9cfsdE%wK zJc!f6Am7H;BY5MREWJ1rFhU~Nh!Wt^8hc*V_e0;pht{cTbDXDi>U!nm<&jYLwS5Yz{IizFvK%4QUEthc<87vhw*X02$;8 z+fb-Vh%7Wk=auu)0dIF3wh>Gv$-4k{1&>Af;7Ij>10-4lkpGBf0R9A(5$R~<*q?bh z{%^3GFyR-UO3j-C_xD4GauS6VKHck+r9UXjOQG+Mg<;M9AAq(7!=XLvH5iMSKd7B&qrnVOeZAHPmnB`bGtH`)%E%FcI+B3Kj9()VNoys00Azz zSs7;k(+Om~DjF2`+P?b*oNY&kA(2B|MvAqj0YvrEnp16%cilDG1OgeU{05XVIDYFn zPIRv*WQB0y8d8#2c=RSQcKN=A+*aBgP80;*Jhg9s9>X<~pW6oJJcO$k>}5SP=&Um{ zM8po`_70@gtx%#(q^JR{#zIEB)*}KT7Y7Ad4PefFD^~=IEB$qGGRBsE^9-F~L-oB` znJ6sseagqARPnspKZgk3R8^_y0!MVeFo=*!kO&ij!jR7}O26al>eNW^19$`~1p*!@ z+Kz)%gnHyIP{>jyCSDS*0fODdJmyPI^Px}S9ki%9@k77^Y!rql3QZc5QPQPGDi;O8 zJ->b-N#Nfmg@VmZxA~TdKatetcP6&4i`gMjv@uhh0 z1yGFzQ@>qENZr99jc}zFb%HPlg!#vobDv|gO4A@T2jR-mE&VuT6F5VFzqktV0NvQ< zs|hlSR`|Ze7a}daIlOW+EDN}7{LB(W0k%~lf6!&3GDrV~ku~k^pzD1jkzyLdugZGw zcVT8NSouA$b>DR|5pP*Euv+jiqyPb|R*5_RfRJ-s+wr>S9B_mZ4-Bv?R3Dw2J+Bx&ex6FRft#$KLT{iq1wCd8? z@6G1J&OJwnZxKwn7TU*wV-m)KgKGyDg|oK}fj)v!BuXFLo&AvFX*+sN7`I~69v^fK zXsuE|+0Z&t?@ZUNiut76l-m=s%)r;?_cz~6p9DPnB}DAzqt$aJZbW=})QDVtu+H9@ zx0x(_COq@k1i#t3oI3)u7T zE1s5A)kTSOpoVa`D0k4kX6v5}yiZ_G8}?Lo@u{{v?_ufSkM`@(GY;aWPp)3}T!)r7 zS!Q;iGfKKp;49;mfn@^1A|i2mDbsPCXutcyQ8Eb4lneAk1Oz@0yDsrBRjL=q3u3>G z7Y^*tpyQWtf;3X7wYJ%D5X#zUJvrsRAl1LY)jZETyAZ#ssHn)JFLLokV(aNco)q+* z#*0PtipmUEpdMN%FTqM8vJ8x2jp%qSmHyxyR`i@S0U(NI9&x=MJ&hj(ne}t_u z*!A|7DE^5PyL$VfNwJfX`?7&N{CPPnEi5d24@G@UhUESCCmX1?+1Y+EqoboMR!Gq% zw)VMO%f?n<1<*Tc-70%|Mg^$z& zoCcyv0ol9gqecaKilKs-{3F3vT=d`_*305{xm&?i^jPdclN7#SBiUFvP0Obk-e<7u z7ye6fdUMedIZG&yN-IMv{sY~^`Sjb>pKEq?ZjP%>=#NK-McN9lsp4OV*P`Sh>DSUZD_vECsWOR)li>Y(GeB%H! zIwBJb8Pm<9g8p;wu`YPn^L~P5>G>zGWZUTd6ya8&=Q_~V6649VP1AT`m==KLLu>47 z-L9Wpryg>7Fq>SJ@{$th58MTh)SHWQyZhJBPqv@Uy&_G?j!}&19{TcSd4V4NL&Vdv zaoO1YOf^q_PgWaq=7gUnHK89WHB+cvU+>{^aR(`Y#?Hyj{WHL2WyU90zU=I5T-SRb z^Hq)?jjzusEWC+vvxS8}T;ik$4ad zJ@7NlutT>W)uuh>-qV^O*qA}Mr2|uJgGDWu2?y~A}#@L zH2WXwr5{s0%=w2#r!E|N10pgGW7NKz(Pt};35QprIiKopMd5hLy?ghPr$pm%SdIqE zOtR^b)vwbzxHu^TeeE_a1I~iV>6xCW(V>qFSi$%lv|gHt+r`yi)KrsL-l{#=+)cf6 zdBhr(^HWnsxwQe2k&(Nvi0CbMsXScXKCYQ*)qnEAqFUKR&y>dV?(RG^hNRcjWbRPG zkjr`+6HU!x?V8=!dyO z4&x#^CMG2L`1oL4529JEUJ55ZXKi5Fb$@1kZ^mSmaGC5S*p`%<=aR-c){|#4jr&v;licH-7hmdK4JpH zKaYAZ$l`XGnDMBEHco7b!LjC?gx_m}gIiBe7BySjR$ZLpEn~cMs3wT|i4`u%P8OySYLbQx=A zIVtEB=(W2X)06I*LQ^L zy>-I2n}3t`^ZE`e2!ocG;U+-I`*q_qa#-QNwq@H?o1QcK)&3>E@rv|^7TgsT6)RSB zO(mXWFFG`qLA#}!xXzCG49AT5d7P1)C?n$e5X(63frUa!CaXXrlsRsebgOGrEiZ7h zQ&RG92v^rh7ZuOzuLQ#?O?34123Zk;%CFtgb)0|z-0YXb`T6Z_rB1mTM`g#p``zzW$%hwC6;>pFjFs)j?;n;oFlWR?`YQY_h8j<>ytpKU!YeVN z!Xu9{mx{)HxKPW3Lm9Od^HqUOo_OLfkNPEI%+neqS zU#(OE3aKuwT|?>Rt)?QUYh$Pr7OkGT9%w>TfwO_MYY`7MT_b%=riI1lv{vkOU^s7E zt9GAu3KdY`^@CS|jq@+lbgK9OLsF)sZ4u=Z*3s7#4{~Rxusl5T9X)Fc@u7kt%ZVw%l(FN}=Lrh_|cm=14`Rb7fc8V`g3m!(+L-k#TfxhwYk&g-t&Lp3Zh zJ{2AX?be&EM}$>M){5D129_!0AD2GPdJhsdq_`2_fn?-vYPOn<-iZmzh+KMx3 z*id-OAkl9z175+Bfm~g9bpG8cLpvF3#JuapcaAE0$qL8UTVO}}qxKi-rL^1Zf9F{~ zppsSKczp7)O{SKJU*q2fZ*t)h+~E3NN5f35GHVIONqMPa4Jl%P}S@C9< zEXS&^((Nr_9dpLAObkb5V$ohnGtB1FhSt7T6Uk`V{o&G-%H}7O@cn}fHv$^r_owAD zQea_CIt^+3r&GSslPPP&^y|fg7;dcAr}{7sWrjn7LLwve(TBIFmLIyl^Rj*$RQ>9Crb8i}bjPc@{Xj}pVYv8z)?EtaaAZ~j%wlkUW7E8RF+@&jZ2B!*@R zV`mro9=LD84X9L0AC1G1bU3zgk3!MN$3UPSvcYg1u!gvgxv@0-2u6*QlaoDG{$!W4 zWHca{1H4T1(XCB1r^E5}PsA!OH$OR~fi42rMfiXBSk>C|z*cEG!j*+PEJD^Deb z8rW>T79HCgyKV-uZR?o!trieh4ZYuADNX5w?|`q&H8cGVp~#z5S08cAd;c%>nY9-tQE3hy9_#VE4sdY=dMO_JH&BM3 zbPjKxfiEc`CYrh57+EqA(~l->?d*WpDk!mXm1$3RzSyC+ODXizt5Iw_xyZmig36y< z_52<)+&qmQF}fM76IA-nWw{(^;>E`H! zcr^zvFFj$0@v)EYC{i`w^4aL*O>Lo0l;>35K@VF6^m&Du3UZE(i75wKfzbxEg@xx* z8ayWptPjAxcVh7C*WG}h%ldqQ#{fitkPU$`flko2|H%QBH2qK35>h#oz%MzA?7N3u z0ZQPcRA0lr=8Grm^|k9_=dou5?9&)}kF6x5ZL1n~Bsa=-e(ve{1%8rf^T9 z6Z#2Zvsc|`0ra0X3wa?-yUXz{h(w+rmg~vSXZxVik|p;6_E?(2ar Utilities => Terminal. A black box should pop up. + +Insert your USB thumbdrive now (if you haven't already) and run the following command: + + diskutil list + +You should see an entry, probably near the bottom, that looks something like this: + + (...) + /dev/disk42 (external, physical): + #: TYPE NAME SIZE IDENTIFIER + 0: *8.2 GB disk42 + (...) + +CAUTION: *Be sure* to find the disk that matches the size of your thumbdrive! If you use the wrong disk identifier, it will break your OS X/macOS install at best and delete all your data at worst! + +Now that you've found which disk your USB device is (the `/dev/disk__#__` part), we can continue. Make sure that it is the disk ID *right above* the line that contains your flash drive size! For our example, I will use `/dev/disk__42__` as an example as it's highly unlikely you'll have that many disk IDs, but be sure to replace this in the following commands with the proper disk ID you found above. + +Then we need to unmount the disk, in case it's already mounted. + + diskutil unmountDisk /dev/disk42 + +Assuming you saved BDisk Mini to your Desktop, you can do: + + sudo dd if=~/Desktop/bdisk-mini.iso of=/dev/disk42 + +NOTE: The above command may prompt you for a password. This is the same password you use to log into your Mac (and unlock the screensaver, etc.). No characters will show up when you type (for security reasons, in case someone is behind you watching your screen) so it may take you a couple tries. + +This will run for a couple seconds. When it finishes, you should see something similar to (but not necessarily the same numbers as) this: + + 0+1 records in + 0+1 records out + 169 bytes transferred in 0.000530 secs (318865 bytes/sec) + +At this point you _may_ get a popup warning you _"The disk you inserted was not readable by this computer."_ If you do, just click the *Ignore* button. + +One last step. Still in Terminal: + + diskutil eject /dev/disk42 + +You can then close Terminal. + +==== Booting +The instructions here don't differ too much than from Windows, though it's always the same key. From it being in a shutdown state, power on your Macbook Pro (or whatever it is you have) and hold the *Option* key (or the *Alt* key on non-Apple keyboards). The *Option/Alt* key should bring up a boot menu that will let you select a USB device to boot from. + +Strangely enough, you should still be able to _boot_ a BDisk Mini CD/DVD, you just can't *burn* one. I'm tempted to make a cheap dig at Apple, but I'll refrain. + +=== GNU/Linux +==== CD/DVD +Easy. Most (if not all) of https://wiki.archlinux.org/index.php/Optical_disc_drive#Burning[these^] should support burning `bdisk-mini.iso` to disc (I'm partial to _cdrecord_). If you prefer a GUI, try some of https://wiki.archlinux.org/index.php/Optical_disc_drive#Burning_CD.2FDVD.2FBD_with_a_GUI[these^] instead (I like _k3b_). + +==== USB +Very similar to OS X/macOS in approach. First open a terminal emulator- the ways of navigating to it depends on your window manager/desktop environment, but it's usually under a System or Utilities menu. + +Now we need to find which disk our USB thumbdrive is. Insert your USB thumbdrive now, if you haven't already, and run in the terminal: + + sudo fdisk -l + +You should see a device matching your USB thumbdrive's size. In our example, I use */dev/sdz* as it's unlikely you have that many disks attached to a system, but be sure to replace this in the following commands with the proper disk ID you find. + + (...) + Disk /dev/sdz: 7.6 GiB, 8178892800 bytes, 15974400 sectors + Units: sectors of 1 * 512 = 512 bytes + Sector size (logical/physical): 512 bytes / 512 bytes + I/O size (minimum/optimal): 512 bytes / 512 bytes + (...) + +CAUTION: *Be sure* to find the disk that matches the size of your thumbdrive! If you use the wrong disk identifier, it will break your GNU/Linux install (or possibly Windows install if you're dual-booting, etc.) at best and delete all your data at worst! + +Make sure it isn't mounted: + + umount /dev/sdz + +You should get a message that says `umount: /dev/sdz: not mounted`. If it was mounted before, it's unmounted now. + +Next, simply dd over the ISO file. + + sudo dd if=~/Desktop/bdisk-mini.iso of=/dev/sdz + +NOTE: The above command may prompt you for a password. This is the same password you use to log in (and unlock the screensaver, etc.). No characters will show up when you type (for security reasons, in case someone is behind you watching your screen) so it may take you a couple tries. + +This will run for a couple seconds. When it finishes, you should see something similar to (but not necessarily the same numbers as) this: + + 75776+0 records in + 75776+0 records out + 38797312 bytes (39 MB, 37 MiB) copied, 9.01915 s, 4.3 MB/s + +If you get a popup from your desktop environment (assuming you're using one) about not being able to mount a disk, or that it's unformatted, etc. and it prompts you to format, ignore/cancel/close it- do *not* format it! This would erase the BDisk Mini image on it. + +==== Booting +Exactly the same as those for Windows. (Unless you're running GNU/Linux on Mac hardware, in which case follow the booting instructions for Mac instead.) + diff --git a/docs/manual/user/ADVANCED.adoc b/docs/manual/user/ADVANCED.adoc new file mode 100644 index 0000000..35c8f31 --- /dev/null +++ b/docs/manual/user/ADVANCED.adoc @@ -0,0 +1,14 @@ +== Advanced Customization +If the <> file doesn't provide enough customization to your liking, I don't blame you! It was designed only to provide the most basic control and is primarily only used to control the build process itself. + +Luckily, there are a lot of changes you can make. For all of these, you'll want to make a copy of the <> directory somewhere and change the basedir configuration option in the <> file to point to that directory. + +This section isn't going to cover every single use case, as that's mostly an exercise for you -- I can't predict how you want to use BDisk! But we'll cover some common cases you can use and in the process you'll know how to implement your own customizations. + +include::advanced/SSH.adoc[] +include::advanced/VPN.adoc[] +include::advanced/SOFTWARE.adoc[] +include::advanced/BUILDING.adoc[] +include::advanced/AUTOLOGIN.adoc[] +include::advanced/DESKTOP.adoc[] + diff --git a/docs/manual/user/BUILDING.adoc b/docs/manual/user/BUILDING.adoc new file mode 100644 index 0000000..452b933 --- /dev/null +++ b/docs/manual/user/BUILDING.adoc @@ -0,0 +1,13 @@ +== Building a BDisk ISO +So you finally have <> BDisk (and perhaps added further <>. Now you're ready to build! + +Building is, thankfully, the easiest part! + +NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the *root* user (or via _sudo_). + +To initiate a build, simply run `/bdisk/bdisk.py`. That's it! Everything should continue automatically. + +If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.) + +If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <>! + diff --git a/docs/manual/user/BUILDINI.adoc b/docs/manual/user/BUILDINI.adoc new file mode 100644 index 0000000..4e51ad7 --- /dev/null +++ b/docs/manual/user/BUILDINI.adoc @@ -0,0 +1,598 @@ +== The `build.ini` File +This file is where you can specify some of the very basics of BDisk building. It allows you to specify/define certain variables and settings used by the build process. It uses https://docs.python.org/3/library/configparser.html[ConfigParser^] for the parsing engine, and you can do some https://wiki.python.org/moin/ConfigParserExamples[more advanced^] things with it than I demonstrate in the default. + +It's single-level, but divided into "sections". This is unfortunately a limitation of ConfigParser, but it should be easy enough to follow. + +Blank lines are ignored, as well as any lines beginning with `#` and `;`. There are some restrictions and recommendations for some values, so be sure to note them when they occur. Variables referencing other values in the `build.ini` are allowed in the format of `${value}` if it's in the same section; otherwise, `${section:value}` can be used. + +If you want to use your own `build.ini` file (and you should!), the following paths are searched in order. The first one found will be used. + +* `/etc/bdisk/build.ini` +* `/usr/share/bdisk/build.ini` +* `/usr/share/bdisk/extra/build.ini` +* `/usr/share/docs/bdisk/build.ini` +* `/usr/local/etc/bdisk/build.ini` +* `/usr/local/share/docs/bdisk/build.ini` +* `/opt/dev/bdisk/build.ini` +* `/opt/dev/bdisk/extra/build.ini` +* `/opt/dev/bdisk/extra/dist.build.ini` + +We'll go into more detail for each section below. + +=== Example + [bdisk] + name = BDISK + uxname = bdisk + pname = BDisk + ver = + dev = A Developer + email = dev@domain.tld + desc = A rescue/restore live environment. + uri = https://domain.tld + root_password = + user = yes + [user] + username = ${bdisk:uxname} + name = Default user + password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/ + [build] + mirror = mirror.us.leaseweb.net + mirrorproto = https + mirrorpath = /archlinux/iso/latest/ + mirrorfile = + mirrorchksum = ${mirrorpath}sha1sums.txt + mirrorgpgsig = + gpgkey = 7F2D434B9741E8AC + gpgkeyserver = + gpg = no + dlpath = /var/tmp/${bdisk:uxname} + chrootdir = /var/tmp/chroots + basedir = /opt/dev/bdisk + isodir = ${dlpath}/iso + srcdir = ${dlpath}/src + prepdir = ${dlpath}/temp + archboot = ${prepdir}/${bdisk:name} + mountpt = /mnt/${bdisk:uxname} + multiarch = yes + ipxe = no + i_am_a_racecar = no + [gpg] + mygpgkey = + mygpghome = + [sync] + http = no + tftp = no + git = no + rsync = no + [http] + path = ${build:dlpath}/http + user = http + group = http + [tftp] + path = ${build:dlpath}/tftpboot + user = root + group = root + [ipxe] + iso = no + uri = https://domain.tld + ssldir = ${build:dlpath}/ssl + ssl_ca = ${ssldir}/ca.crt + ssl_cakey = ${ssldir}/ca.key + ssl_crt = ${ssldir}/main.crt + ssl_key = ${ssldir}/main.key + [rsync] + host = + user = + path = + iso = no + +=== `[bdisk]` +This section controls some basic branding and information having to do with the end product. + +==== `name` +This value is a "basic" name of your project. It's not really shown anywhere end-user visible, but we need a consistent name that follows some highly constrained rules: + +. Alphanumeric only +. 8 characters total (or less) +. No whitespace +. ASCII only +. Will be converted to uppercase if it isn't already + +==== `uxname` +This value is used for filenames and the like. I highly recommend it be the same as `<>` (in lowercase) but it doesn't need to be. It also has some rules: + +. Alphanumeric only +. No whitespace +. ASCII only +. Will be converted to lowercase if it isn't already + +==== `pname` +This string is used for "pretty-printing" of the project name; it should be a more human-readable string. + +. *Can* contain whitespace +. *Can* be mixed-case, uppercase, or lowercase +. ASCII only + +==== `ver` +The version string. If this isn't specified, we'll try to guess based on the current git commit and tags in `<>`. + +. No whitespace + +==== `dev` +The name of the developer or publisher of the ISO, be it an individual or organization. For example, if you are using BDisk to build an install CD for your distro, this would be the name of your distro. The same rules as `<>` apply. + +. *Can* contain whitespace +. *Can* be mixed-case, uppercase, or lowercase +. ASCII only + +==== `email` +An email address to use for git syncing messages, and/or GPG key generation. + +==== `desc` +What this distribution/project is used for. + +. *Can* contain whitespace +. *Can* be mixed-case, uppercase, or lowercase +. ASCII only + +==== `uri` +What is this project's URI (website, etc.)? Alternatively, your personal site, your company's site, etc. + +. Should be a valid URI understood by curl + + +==== `root_password` +The escaped, salted, hashed string to use for the root user. + +Please see <> for information on this value. In the <>, the string `$$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/` is created from the password `test`. I cannot stress this enough, do not use a plaintext password here nor just use a regular `/etc/shadow` file/`crypt(3)` hash here. Read the section. I promise it's short. + +==== `user` +*Default: no* + +This setting specifies if we should create a regular (non-root) user in the live environment. See the section <> for more options. + +NOTE: If enabled, this user has full sudo access. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +=== `[user]` +This section of `build.ini` controls aspects about `bdisk:user`. It is only used if <> is enabled. + +==== `username` +What username should the user have? Standard *nix username rules apply: + +. ASCII only +. 32 characters or less +. Alphanumeric only +. Lowercase only +. No whitespace +. Cannot start with a number + +==== `name` +What comment/description/real name should be used for the user? For more information on this, see the https://linux.die.net/man/5/passwd[passwd(5) man page^]'s section on *GECOS*. + +. ASCII only + +==== `password` +The escaped, salted, hashed string to use for the non-root user. + +Please see <> for information on this value. In the <>, the string `$$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/` is created from the password `test`. I cannot stress this enough, do not use a plaintext password here nor just use a regular `/etc/shadow` file/`crypt(3)` hash here. Read the section. I promise it's short. + +=== `[build]` +This section controls some aspects about the host and things like filesystem paths, etc. + +==== `mirror` +A mirror that hosts the bootstrap tarball. It is *highly* recommended you use an Arch Linux https://wiki.archlinux.org/index.php/Install_from_existing_Linux#Method_A:_Using_the_bootstrap_image_.28recommended.29[bootstrap tarball^] as the build process is highly specialized to this (but <> are welcome for other built distros). You can find a list of mirrors at the bottom of Arch's https://www.archlinux.org/download/[download page^]. + +. No whitespace +. Must be accessible remotely/via a WAN-recognized address +. Must be a domain/FQDN only; no paths (those come later!) + +==== `mirrorproto` +What protocol should we use for the <>? + +|====================== +^s|Must be (case-insensitive) one of: ^.^m|http ^.^m|https ^.^m|ftp +|====================== + +==== `mirrorpath` +What is the path to the tarball directory on the <>? + +. Must be a complete path (e.g. `/dir1/subdir1/subdir2`) +. No whitespace + +==== `mirrorfile` +What is the filename for the tarball found in the path specified in <> ? If left blank, we will use the sha1 <> file to try to guess the most recent file. + +==== `mirrorchksum` +The path to a sha1 checksum file of the bootstrap tarball. + +. No whitespace +. Must be the full path +. Don't include the mirror domain or protocol + +==== `mirrorgpgsig` +*[optional]* + +*default: (no GPG checking done)* + +*requires: <>* + +*requires: <>* + +If the bootstrap tarball file has a GPG signature, we can use it for extra checking. If it's blank, GPG checking will be disabled. + +If you specify just `.sig` (or use the default and don't specify a <>), BDisk will try to guess based on the file from the sha1 <> file. Note that this must evaluate to a full URL. (e.g. `${mirrorproto}://${mirror}${mirrorpath}somefile.sig`) + +==== `gpgkey` +*requires: <>* + +What is a key ID that should be used to verify/validate the <>? + +. Only used if <> is set +. Can be in "short" form (e.g. _7F2D434B9741E8AC_) or "full" form (_4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC_), with or without the _0x_ prefix. + +==== `gpgkeyserver` +*default: blank (GNUPG-bundled keyservers)* + +*requires: <>* + +What is a valid keyserver we should use to fetch <>? + +. Only used if <> is set +. The default (blank) is probably fine. If you don't specify a personal GPG config, then you'll most likely want to leave this blank. +. If set, make sure it is a valid keyserver URI (e.g. `hkp://keys.gnupg.net`) + +==== `gpg` +Should we sign our release files? See the <> section. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `dlpath` +Where should the release files be saved? Note that many other files are created here as well. + +WARNING: If you manage your project in git, this should not be checked in as it has many large files that are automatically generated! + +. No whitespace +. Will be created if it doesn't exist + +==== `chrootdir` +Where the bootstrap tarball(s) extract to, where the chroots are built and prepped for filesystems on the live media. + +WARNING: If you manage your project in git, this should not be checked in as it has many large files that are automatically generated! + +. No whitespace +. Will be created if it doesn't exist + +==== `basedir` +Where your <> and <> directories are located. If you checked out from git, this would be your git worktree directory. + +. No whitespace +. Must exist and contain the above directories populated with necessary files + +==== `isodir` +This is the output directory of ISO files when they're created (as well as GPG signatures if you <>). + +WARNING: If you manage your project in git, this should not be checked in as it has many large files that are automatically generated! + +. No whitespace +. Will be created if it doesn't exist + +==== `srcdir` +This is where we save and compile source code if we need to dynamically build components (such as iPXE for mini ISOs). + +. No whitespace +. Will be created if it doesn't exist (and is needed) + +==== `prepdir` +This is the directory we use for staging. + +. No whitespace +. Will be created if it doesn't exist + +==== `archboot` +This directory is used to stage boot files. + +WARNING: This directory should not be the exact same path as other directives! If so, you will cause your ISO to be much larger than necessary. A subdirectory of another directive's path, however, is okay. + +. No whitespace +. Will be created if it doesn't exist + +==== `mountpt` +The path to use as a mountpoint. + +. No whitespace +. Will be created if it doesn't exist + +==== `multiarch` +*default: yes* + +Whether or not to build a "multiarch" image- that is, building support for both x86_64 and i686 in the same ISO. + +[options="header"] +|====================== +s|In order to... 3+^|Accepts (case-insensitive) one of: +s|build a multiarch ISO ^m|yes ^m|true ^m|1 +s|build a separate ISO for each architecture ^m|no ^m|false ^m|0 +s|only build an i686-architecture ISO ^m|i686 ^m|32 ^m|no64 +s|only build an x86_64-architecture ISO ^m|x86_64 ^m|64 ^m|no32 +|====================== + +==== `ipxe` +*default: no* + +Enable iPXE ("mini ISO") functionality. + +NOTE: This has no bearing on the <> section, so you can create an iPXE HTTP preparation for instance without needing to sync it anywhere (in case you're building on the webserver itself). + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `i_am_a_racecar` +*default: no* + +This option should only be enabled if you are on a fairly powerful, multicore system with plenty of RAM. It will speed the build process along, but will have some seriously adverse effects if your system can't handle it. Most modern systems should be fine with enabling it. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +=== `[gpg]` +This section controls settings for signing our release files. This is only used if <> is enabled. + +==== `mygpgkey` +A valid key ID that BDisk should use to _sign_ release files. + +. You will be prompted for a passphrase if your key has one/you don't have an open and authorized gpg-agent session. Make sure you have a working pinentry configuration set up! +. If you leave this blank we will use the key we generate automatically earlier in the build process. +. We will generate one if this is blank and you have selected sign as yes. + +==== `mygpghome` +The directory should be used for the above GPG key if specified. Make sure it contains a keybox (`.kbx`) your private key. (e.g. `/home/username/.gnupg`) + +=== `[sync]` +This section controls what we should do with the resulting build and how to handle uploads, if we choose to use those features. + +==== `http` +*default: no* + +If enabled, BDisk will generate/prepare HTTP files. This is mostly only useful if you plan on using iPXE. See the <> section. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `tftp` +*default: no* + +If enabled, BDisk will generate/prepare TFTP files. This is mostly only useful if you plan on using more traditional (non-iPXE) setups and regualar PXE bootstrapping into iPXE. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `git` +*requires: <>* + +*default: no* + +Enable automatic Git pushing for any changes done to the project itself. If you don't have upstream write/push access, you'll want to disable this. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `rsync` +*requires: <>* + +*default: no* + +Enable rsync pushing for the ISO (and other files, if you choose- useful for iPXE over HTTP(S)). + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +=== `[http]` +This section controls details about HTTP file preparation/generation. Only used if <> is enabled. + +==== `path` +This directory is where to build an HTTP webroot. + +WARNING: MAKE SURE you do not store files here that you want to keep! They will be deleted! + +. No whitespace +. If blank, HTTP preparation/generation will not be done +. If specified, it will be created if it doesn't exist +. Will be deleted first + +==== `user` +What user the HTTP files should be owned as. This is most likely going to be either 'http', 'nginx', or 'apache'. + +. No whitespace +. User must exist on build system + +|====================== +^s|Can be one of: ^.^m|username ^.^m|http://www.linfo.org/uid.html[UID] +|====================== + +==== `group` +What group the HTTP files should be owned as. This is most likely going to be either 'http', 'nginx', or 'apache'. + +. No whitespace +. Group must exist on build system + +|====================== +^s|Can be one of: ^.^m|group name ^.^m|https://linux.die.net/man/5/group[UID] +|====================== + +=== `[tftp]` +This section controls details about TFTP file preparation/generation. Only used if <> is enabled. + +==== `path` +The directory where we want to build a TFTP root. + +WARNING: MAKE SURE you do not store files here that you want to keep! They will be deleted! + +. No whitespace +. Will be created if it doesn't exist +. Will be deleted first + +==== `user` +What user the TFTP files should be owned as. This is most likely going to be either 'tftp', 'root', or 'nobody'. + +. No whitespace +. User must exist on build system + +|====================== +^s|Can be one of: ^.^m|username ^.^m|http://www.linfo.org/uid.html[UID] +|====================== + +==== `group` +What group the TFTP files should be owned as. This is most likely going to be either 'tftp', 'root', or 'nobody'. + +. No whitespace +. Group must exist on build system + +|====================== +^s|Can be one of: ^.^m|group name ^.^m|https://linux.die.net/man/5/group[UID] +|====================== + +=== `[ipxe]` +This section controls aspects of iPXE building. Only used if <> is enabled. + +==== `iso` +*default: no* + +*requires: <>* + +Build a "mini-ISO"; that is, an ISO file that can be used to bootstrap an iPXE environment (so you don't need to set up a traditional PXE environment on your LAN). We'll still build a full standalone ISO no matter what. + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== + +==== `uri` +What URI iPXE's EMBED script should use. This would be where you host an iPXE chainloading script on a webserver, for instance. See iPXE's example of http://ipxe.org/scripting#dynamic_scripts[dynamic scripts^] for an example of the script that would be placed at this URI. + +NOTE: If you require HTTP BASIC Authentication or HTTP Digest Authentication (untested), you can format it via `https://user:password@bdisk.square-r00t.net/boot.php`. + +NOTE: This currently does not work for HTTPS with self-signed certificates. + +. *Required* if <> is enabled + +==== `ssldir` +Directory to hold SSL results, if we are generating keys, certificates, etc. + +. No whitespace +. Will be created if it does not exist + +==== `ssl_ca` +Path to the (root) CA certificate file iPXE should use. See http://ipxe.org/crypto[iPXE's crypto page^] for more information. + +NOTE: You can use your own CA to sign existing certs. This is handy if you run a third-party/"Trusted" root-CA-signed certificate for the HTTPS target. + +. No whitespace +. Must be in PEM/X509 format +. *Required* if <> is enabled +. If it exists, a matching key (ssl_cakey) *must* be specified +.. However, if left blank/doesn't exist, one will be automatically generated + +==== `ssl_cakey` +Path to the (root) CA key file iPXE should use. + +. No whitespace +. Must be in PEM/X509 format +. *Required* if <> is enabled +. If left blank or it doesn't exist (and <> is also blank), one will be automatically generated +. *Must* match/pair to <> if specified/exists +. MUST NOT be passphrase-protected/DES-encrypted + +==== `ssl_crt` +Path to the _client_ certificate iPXE should use. + +. No whitespace +. Must be in PEM/X509 format +. *Required* if <> is enabled +. If specified/existent, a matching CA cert (<>) and key (<>) *must* be specified +.. However, if left blank/doesn't exist, one will be automatically generated +. *Must* be signed by <>/<> if specified and already exists + +==== `ssl_key` +Path to the _client_ key iPXE should use. + +. No whitespace +. Must be in PEM/X509 format +. *Required* if <> is enabled +. If left blank/nonexistent (and <> is also blank), one will be automatically generated + +=== `[rsync]` +This section controls aspects of rsync pushing. Only used if <> is enabled. + +==== `host` +The rsync destination host. + +. Must resolve from the build server +. Can be host, FQDN, or IP address + +==== `user` +This is the remote user we should use when performing the rsync push. + +. User must exist on remote system +. SSH pubkey authorization must be configured +. The destination's hostkey must be added to your local build user's known hosts + +==== `path` +This is the remote destination path we should use for pushing via rsync. + + +NOTE: You'll probably want to set <> and <> to what it'll need to be on the destination. + +. No whitespace +. The path *must* exist on the remote host +. The path MUST be writable by <> + +==== `iso` +Should we rsync over the ISO files too, or just the boot files? + +[options="header"] +|====================== +2+^|Accepts (case-insensitive) one of: +^m|yes ^m|no +^m|true ^m|false +^m|1 ^m|0 +|====================== diff --git a/docs/manual/user/GETTING_STARTED.adoc b/docs/manual/user/GETTING_STARTED.adoc new file mode 100644 index 0000000..3a7b03a --- /dev/null +++ b/docs/manual/user/GETTING_STARTED.adoc @@ -0,0 +1,91 @@ +== Getting Started + +=== Downloading +If it isn't in your distro's repositories (It *is* in Arch's AUR! Both https://aur.archlinux.org/packages/bdisk/[tagged release^] and https://aur.archlinux.org/packages/bdisk-git/[git master^].), you can still easily get rolling. Simply visit the project's https://git.square-r00t.net/BDisk/[source code web interface^] and download a tarball under the *Download* column: + +image::fig1.1.png[cgit,align="center"] + +If you know the tag of the commit you want, you can use curl: + + curl -sL https://git.square-r00t.net/BDisk/snapshot/BDisk-4.0.0.tar.xz | tar -xf - + +or wget: + + wget -O - https://git.square-r00t.net/BDisk/snapshot/BDisk-3.11.tar.xz | tar -xf - + +You can use `https://git.square-r00t.net/BDisk/snapshot/BDisk-master.tar.xz` for the URL if you want the latest working version. If you want a snapshot of a specific commit, you can use e.g. `https://git.square-r00t.net/BDisk/snapshot/BDisk-5ac510762ce00eef213957825de0e6d07186e7f8.tar.xz` and so on. + +Alternatively, you can use https://git-scm.com/[git^]. Git most definitely _should_ be in your distro's repositories. + +TIP: If you're new to git and want to learn more, I highly recommend the book https://git-scm.com/book/en/v2[Pro Git^]. It is available for free download (or online reading). + +You can clone via https: + + git clone https://git.square-r00t.net/BDisk + +or native git protocol: + + git clone git://git.square-r00t.net/bdisk.git BDisk + +The git protocol is much faster, but at a cost of lessened security. + +NOTE: I also have a mirror at https://github.com/johnnybubonic/BDisk[GitHub^], but I don't like GitHub very much and since it's a mirror repository, it's possible it will be out of date. For this reason, it's recommended that you use the resources above. + +=== Prerequisites +This is a list of software you'll need available to build with BDisk. + +TIP: Your distro's package manager should have most if not all of these available, so it's unlikely you'll need to install from source. + +NOTE: Some versions may be higher than actually needed (especially _gcc_). + +CAUTION: You will need at least about *15GB* of free disk space, depending on what options you enable. Each architecture chroot (i.e. x86_64, i686) is about 3.5GB after a build using the default package set (more on that later), each architecture release tarball (what we use to build the chroots) is approximately 115MB each, and each squashed image per architecture is 1.1GB (if you use the default package set). If you don't understand what this means quite yet, don't worry- we'll go into more detail later on. Just know that you'll need a fair bit of free disk space. + +==== Build Environment +* GNU/Linux (relatively recent release of preferred distro) +** Building on FreeBSD and other +*BSDs+ *may* be possible via the use of https://www.freebsd.org/doc/handbook/jails.html[jails^]. This is entirely untested and no support nor testing will be offered by the author (me). If you would like to offer documentation for this, please <>. +** Building on Windows *may* be possible via the use of the https://docs.microsoft.com/en-us/windows/wsl/install-win10[WSL (Windows Subsystem for Linux)^]. This is entirely untested and no support nor testing will be offered by the author (me). If you would like to offer documentation for this, please <>. +** Building on macOS is simply not supported, period, due to chroots being necessary to the build functionality of BDisk (and macOS not being able to implement GNU/Linux chroots). You'll need to run a build VM. +* https://www.python.org/[Python^] (>=3.6) + +==== Necessary +These are needed for using BDisk. + +* https://github.com/dosfstools/dosfstools[dosfstools^] +* http://libburnia-project.org[libisoburn^] +* http://squashfs.sourceforge.net[squashfs-tools^] (>=4.2) + +These are required Python modules: +// TODO: double-check/update these. + +* https://pypi.python.org/pypi/humanize[Humanize^] +* http://jinja.pocoo.org/[Jinja2^] +* https://pypi.python.org/pypi/psutil[PSUtil^] +* https://pypi.python.org/pypi/validators[Validators^] + +==== Optional +While not strictly necessary, these will greatly enhance your BDisk usage. I've included some reasons why you might want to install them. + +NOTE: If you do not wish to install any of these or cannot install them, be sure to disable the relevant options in the `build.ini` file (we'll talk about that later). The default `extra/dist.build.ini` should be sane enough to not require any of these. + +* http://gcc.gnu.org[gcc (multilib)^] (>=6.x) +** Needed for building iPXE. +* http://gcc.gnu.org[gcc-libs (multilib)^] (>=6.x) +** (Same as _gcc_.) +* https://git-scm.com/[git^] +** For autodetection of version, automatically making commits for your project, checking out source code, etc. +* https://www.gnupg.org/[gpg/gnupg^] (>=2.1.11) +** For automatically signing releases, verifying downloaded files from the Internet as part of the build process, etc. It's okay if you don't have a key set up! +* https://rsync.samba.org/[rsync^] +** For syncing built ISOs to a fileserver, syncing to a remote iPXE server, syncing to a traditional PXE/TFTP server, etc. + +These are optional Python modules: + +* https://pypi.python.org/pypi/GitPython[GitPython^] +** (Same reasons as _git_) +* https://pypi.python.org/pypi/pygpgme[PyGPGME^] +** (Same reasons as _gpg/gnupg_) +* https://pypi.python.org/pypi/patch[Patch^] +** For branding iPXE environments per your `build.ini`. +* https://pypi.python.org/pypi/pyOpenSSL[PyOpenSSL^] +** To set up a PKI when building iPXE; used to create trusted/verified images. + diff --git a/docs/manual/user/IMPORTANT_CONCEPTS.adoc b/docs/manual/user/IMPORTANT_CONCEPTS.adoc new file mode 100644 index 0000000..cf7ae1a --- /dev/null +++ b/docs/manual/user/IMPORTANT_CONCEPTS.adoc @@ -0,0 +1,51 @@ +== Important Concepts +If this is your first foray into building live distros, there are some terms and concepts we need to understand first. This will simplify the process later on. + +=== Terms +An *operating system*, or OS, is what your programs (email client, web browser, etc.) run on. + +There are two basic types of booting systems that communicate between the *hardware* (the physical computer itself and its components) and the operating system: https://en.wikipedia.org/wiki/BIOS[*BIOS*^] (Basic Input/Output System) which has been around for quite some time and the newer https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface[*UEFI*^] (Unified Extensible Firmware Interface). Don't worry, you don't need to memorize what they're acronyms for and there won't be an exam -- just remember that BIOS is an older technology and UEFI is the newer one (and that they operate differently). + +*GNU/Linux*, sometimes just referred to as _Linux_ (And there is a difference between the terminologies, but it's nuanced. You are welcome to https://www.gnu.org/gnu/linux-and-gnu.en.html[read up on it^] though!), is an example of an operating system. Other examples include _Windows_, _macOS_ (previously _OS X_), _iOS_, _Android_, and a whole slew of others. There are many types of GNU/Linux offerings, called _distributions_, _flavors_, or _distros_. + +A *live distro*, *live CD*, *live DVD*, *live USB*, and the like are a way of booting an operating system without installing it on the hard drive- this means the computer doesn't even need a hard drive installed, or it doesn't matter if the installed operating system is broken. Typically they are Linux-based, but there are several Windows-based live releases out there (usually they're focused on rescuing broken Windows systems, so they're not very flexible). + +*Hybrid ISOs* are ISO files that can be burned to optical media (CDs, DVDs, etc.) and also be _dd_'d directly to a USB thumbdrive (for computers that support booting from USB). That means one file, multiple media types. + +*Architectures* are different hardware platforms. This mostly refers to the CPU. Common implementations are *64-bit* (also known as *x86_64* or *AMD64* for ones that support running both 64-bit and 32-bit software, or *IA64* or *Itanium* for processors that only support 64-bit) and *32-bit* (or *i686* and the older *i386* and *i486* implementations). Most consumer PCs on the market today are x86_64. + +*Chroots*, *chrooting*, and the like are variants on the word *chroot*. A *chroot* is a way of running a GNU/Linux install "inside" another GNU/Linux distro. It's sort of like a virtual machine, or VM, except that it's a lot more lightweight and it doesn't do any actual virtualization- and uses the host's kernel, memory mapping, etc. It's very useful for development of operating systems. + +*PXE*, or Pre-boot eXecution Environment, is a way of booting operating systems over a local network. + +*iPXE* is a http://ipxe.org/[project^] that builds a very small Linux kernel, UNDI (traditional PXE) images, and the like that allow you to essentially use PXE over the Internet. It's very flexible and customizable, and supports a custom scripting engine and such. + +=== Why live media is necessary/Why you might want BDisk +"But Brent," I hear you ask in a voice which most likely is nothing close to what you actually sound like and entirely in my head, "Why would I need a live CD/USB/etc.? And why BDisk?" + +Elementary, my dear imaginary reader! I touch on some reasons why one might want live media in the beginning of the <>, but here's why you might want BDisk specifically as opposed to another live distro (or <>). + +* Fully customizable +* Works with a multitude of GNU/Linux distros -- both for the host build system and as the guest. (Still under development!) +* It performs optimizations and compression to help you get the smallest ISO possible. +* In addition to building hybrid ISOs, it supports building iPXE hybrid ISOs (meaning you only need a very small file; the rest of the operating system boots over the Internet). +* It supports both BIOS and UEFI systems- both the full image and the iPXE images. +* It supports multiple architectures (x86_64, i686, possibly IA64 -- untested) on the same ISO. +* It supports automatically syncing to a web mirror, PXE boot server, etc. via rsync upon successful build. +* It supports SecureBoot (untested!). +* It is 100% compatible with both the https://wiki.archlinux.org/index.php/installation_guide[Arch installation guide^] and the https://wiki.gentoo.org/wiki/Handbook:AMD64#Installing_Gentoo[Gentoo installation guide^]. +* It allows for non-interactive/automated building (i.e. nightly images). +* It supports arbitrary file inclusion in a defined path on the ISO itself, not via some arbitrary directory as a separate partition on the media. +* It can automatically build an accompanying "mini" ISO using iPXE -- which is also a hybrid, UEFI-supported ISO. +* Automatic versioning based on git tags (optional). + +=== Who might want to use BDisk? +* System builders/hardware testers +* System Administrators/Engineers/Architects +* Information Security professionals +* Computer repair shops +* Technology Consultants +* Hobbyists +* Home GNU/Linux users +* Technology enthusiasts + diff --git a/docs/manual/user/PROJECT_LAYOUT.adoc b/docs/manual/user/PROJECT_LAYOUT.adoc new file mode 100644 index 0000000..d7f49a8 --- /dev/null +++ b/docs/manual/user/PROJECT_LAYOUT.adoc @@ -0,0 +1,81 @@ +== Project Structure +The following is a tree of files and directories in a BDisk root directory. Note that yours may not look quite like this, as BDisk supports some directory relocation to aid in packaging for distros. These will be examined in-depth in the coming sections. + + + ├── bdisk + │   ├── bchroot.py + │   ├── bdisk.py + │   ├── bGPG.py + │   ├── bSSL.py + │   ├── bsync.py + │   ├── build.py + │   ├── host.py + │   ├── ipxe.py + │   └── prep.py + ├── docs + │   ├── COPYING + │   ├── LICENSE -> COPYING + │   ├── manual + │   │   └── (...) + │   ├── README + ├── examples + │   └── HTTP + │   └── (...) + ├── extra + │   ├── bdisk.png + │   ├── bin + │   │   └── (...) + │   ├── dist.build.ini + │   ├── external + │   │   └── (...) + │   ├── mirrorlist + │   ├── pre-build.d + │   │   ├── (...) + │   │   ├── i686 + │   │   │   └── (...) + │   │   └── x86_64 + │   │   └── (...) + │   └── templates + │   ├── BIOS + │   │   ├── isolinux.cfg.arch.j2 + │   │   └── isolinux.cfg.multi.j2 + │   ├── EFI + │   │   ├── base.conf.j2 + │   │   ├── loader.conf.j2 + │   │   ├── ram.conf.j2 + │   │   ├── uefi1.conf.j2 + │   │   └── uefi2.conf.j2 + │   ├── GPG.j2 + │   ├── iPXE + │   │   ├── BIOS + │   │   │   └── isolinux.cfg.j2 + │   │   ├── EFI + │   │   │   ├── base.conf.j2 + │   │   │   └── loader.conf.j2 + │   │   ├── EMBED.j2 + │   │   ├── patches + │   │   │   ├── 01.git-version.patch.j2 + │   │   │   └── 02.banner.patch.j2 + │   │   └── ssl + │   │   └── openssl.cnf + │   ├── overlay + │   │   ├── (...) + │   │   ├── i686 + │   │   ├── x86_64 + │   ├── pre-build.d + │   │   ├── (...) + │   │   ├── i686 + │   │   ├── x86_64 + │   ├── VARS.txt.j2 + │   └── VERSION_INFO.txt.j2 + └── overlay + ├── (...) + ├── i686 + └── x86_64 + +include::fslayout/BDISK.adoc[] +include::fslayout/DOCS.adoc[] +include::fslayout/EXAMPLES.adoc[] +include::fslayout/EXTRA.adoc[] +include::fslayout/OVERLAY.adoc[] + diff --git a/docs/manual/user/advanced/AUTOLOGIN.adoc b/docs/manual/user/advanced/AUTOLOGIN.adoc new file mode 100644 index 0000000..707e1b5 --- /dev/null +++ b/docs/manual/user/advanced/AUTOLOGIN.adoc @@ -0,0 +1,10 @@ +=== Automatic Login (TTY) +If you don't want to have to log into the TTY on boot, BDisk can automatically log in for you with a given username. + +If, for example, you want a terminal to auto-login on TTY1 with the root user, you would create the following file at `/overlay/etc/systemd/system/getty@tty1.service.d/autologin.conf`: + + [Service] + Type=idle + ExecStart= + ExecStart=-/usr/bin/agetty --autologin root --noclear %I 38400 linux + diff --git a/docs/manual/user/advanced/BUILDING.adoc b/docs/manual/user/advanced/BUILDING.adoc new file mode 100644 index 0000000..3910837 --- /dev/null +++ b/docs/manual/user/advanced/BUILDING.adoc @@ -0,0 +1,3 @@ +=== Changing the Build Process +If you want to make modifications that can't be managed by arbitrary file inclusion or changing the software package lists, you may want to introduce additional changes to the image configuration that's run during the chroot. This is fairly easy to do. Simply modify `/extra/pre-build.d/root/pre-build.sh` with the changes you desire. Note that this has a `.sh` file extension, but it can be any type of script you want -- Bash, Perl, Python, etc. -- it just needs the shebang line at the beginning of the script. + diff --git a/docs/manual/user/advanced/DESKTOP.adoc b/docs/manual/user/advanced/DESKTOP.adoc new file mode 100644 index 0000000..3fd68f7 --- /dev/null +++ b/docs/manual/user/advanced/DESKTOP.adoc @@ -0,0 +1,30 @@ +=== Starting a Desktop Environment +You can install any desktop environment or window manager you would like via <>! From there, it's simply a matter of setting the correct Systemd unit to start automatically. The https://wiki.archlinux.org/index.php/[Arch wiki^] has a lot of useful information here. As an example, I'll include http://lxde.org/[LXDE^] instructions here. + +Simply create a symlink for the target. In the `/overlay/etc/systemd/system/` directory: + + ln -s /usr/lib/systemd/system/lxdm.service display-manager.service + +==== Autologin (LXDE) +Many desktop environments even offer an automatic login feature directly through the desktop manager (LXDM, in LXDE's case). + +Again, using LXDE as an example, create a file at `/overlay/etc/lxdm/lxdm.conf`: + + [base] + autologin=bdisk + greeter=/usr/lib/lxdm/lxdm-greeter-gtk + [server] + arg=/usr/bin/X -background vt1 + [display] + gtk_theme=Adwaita + bottom_pane=1 + lang=1 + keyboard=0 + theme=Industrial + [input] + [userlist] + disable=0 + white= + black= + +LXDE will then automatically log in with the user `bdisk` (note the second line, right under `[base]`) whenever started. \ No newline at end of file diff --git a/docs/manual/user/advanced/SOFTWARE.adoc b/docs/manual/user/advanced/SOFTWARE.adoc new file mode 100644 index 0000000..3148b5e --- /dev/null +++ b/docs/manual/user/advanced/SOFTWARE.adoc @@ -0,0 +1,20 @@ +=== Changing the Installed Software +BDisk comes with a large https://bdisk.square-r00t.net/packages/[list of software^] installed in the build instance by default, ranging from data recovery (such as _foremost_, _scalpel_, _ddrescue_, etc.), security and data wiping (_nwipe_, _scrub_, etc.), penetration testing (_wifite_, _aircrack-ng_, etc.) and a slew of others. Seriously, if you're looking for a tool, changes are it's on it. + +However, this leads to a fairly long build time- even with a local repository mirror (many of the packages are from the AUR). You may want to replace the list with a smaller subset. + +The `iso.pkgs.\*` files are not files you should modify- they contain software necessary to the building of BDisk and are the basic necessary files to build a bootable image. However, the `packages.*` files are where you would add or remove software to be installed. + +NOTE: The package lists can contain both https://www.archlinux.org/packages/[Arch repository packages^] *and* https://aur.archlinux.org/[AUR^] packages. + +NOTE: Blank lines are ignored, and you can comment out lines by prefixing the line with the `#` character. + +==== `/extra/pre-build.d/i686/root/packages.arch` +This list contains packages to *only* be installed for the i686 image. + +==== `/extra/pre-build.d/x86_64/root/packages.arch` +This list contains packages you *only* want installed in the x86_64 image. + +==== `/extra/pre-build.d/root/packages.both` +This file contains packages for both architectures (i686 and x86_64). + diff --git a/docs/manual/user/advanced/SSH.adoc b/docs/manual/user/advanced/SSH.adoc new file mode 100644 index 0000000..a599be0 --- /dev/null +++ b/docs/manual/user/advanced/SSH.adoc @@ -0,0 +1,74 @@ +=== SSH Pubkey Authentication +To start with, you'll want to secure SSH a little more than normal. + +I highly recommend https://stribika.github.io/2015/01/04/secure-secure-shell.html[this article^], which we'll be following in this process. + +First, create a file: `/overlay/etc/ssh/sshd_config` using the following. Comments and blank lines have been stripped out for brevity. + + PermitRootLogin prohibit-password + HostKey /etc/ssh/ssh_host_ed25519_key + HostKey /etc/ssh/ssh_host_rsa_key + AuthorizedKeysFile .ssh/authorized_keys + PasswordAuthentication no + PermitEmptyPasswords no + ChallengeResponseAuthentication no + UsePAM yes + PrintMotd no # pam does that + Subsystem sftp /usr/lib/ssh/sftp-server + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 + Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com + +We'll also want to implement a more secure `ssh_config` file to avoid possible leaks. The following is `/overlay/etc/ssh/ssh_config`: + + Host * + KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 + PasswordAuthentication no + ChallengeResponseAuthentication no + PubkeyAuthentication yes + HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa + Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr + MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com + +We'll want to create our own moduli. This can take a long time, but only needs to be done once -- it doesn't need to be done for every build. The following commands should be run in `/overlay/etc/ssh/`: + + ssh-keygen -G moduli.all -b 4096 + ssh-keygen -T moduli.safe -f moduli.all + mv moduli.safe moduli + rm moduli.all + +Then we generate hostkeys. This isn't strictly necessary as the live media will create them automatically when starting SSH if they're missing, but this does provide some verification that the host you're SSHing to is, in fact, running the BDisk instance that you yourself built. The following commands should be run in `/overlay/etc/ssh/`: + + ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N "" < /dev/null + ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key -N "" < /dev/null + +Make sure you have keys on your host workstation generated so you can SSH into BDisk. If you don't have any ED25519 or RSA SSH keys, this will create them for you. The following should be run as the host (build machine, or what have you) user you want to be able to SSH into BDisk as: + + ssh-keygen -t ed25519 -o -a 100 + ssh-keygen -t rsa -b 4096 -o -a 100 + +The defaults are fine. Adding a password to your private key is not necessary, but recommended (though note that doing so will inhibit automated SSHing). You should now have in `~/.ssh/` the following files (assuming you kept the defaults above): + + id_ed25519 + id_ed25519.pub + id_rsa + id_rsa.pub + +WARNING: The files ending in *.pub* are _public_ -- they can be published anywhere. However, the ones that are not appended with *.pub* are your _private keys_ and should not be shared with anyone, whether they're password-protected or not! + +Now you'll want to get the public key of your SSH keys so you can add them to your BDisk build. The following commands should be run in `/overlay/`: + + mkdir -p root/.ssh + chmod 700 root/.ssh + touch root/.ssh/authorized_keys + chmod 600 root/.ssh/authorized_keys + cat ~/.ssh/id_{ed25519,rsa}.pub > root/.ssh/authorized_keys + +If you decided to <> in your build, you'll want to perform the same steps above for the regular user as well (or forego the above and just enable SSH for the user you create). Remember to replace `root/` with `home/<<_code_username_code,>>/`! + +Lastly, we need to enable SSH to start on boot. Run the following command in `/overlay/etc/systemd/system/multi-user.target.wants/`: + + ln -s /usr/lib/systemd/system/sshd.service sshd.service + +You should now have SSH automatically start once the instance boots. + diff --git a/docs/manual/user/advanced/VPN.adoc b/docs/manual/user/advanced/VPN.adoc new file mode 100644 index 0000000..b07cbbf --- /dev/null +++ b/docs/manual/user/advanced/VPN.adoc @@ -0,0 +1,13 @@ +=== VPN Configuration +For this example we'll set up an https://openvpn.net/[OpenVPN^] client to start automatically on boot. + +Setting up an OpenVPN server is outside the scope of this section, but there are a https://openvpn.net/index.php/open-source/documentation/howto.html[multitude^] of https://openvpn.net/index.php/open-source/documentation/examples.html[useful^] https://wiki.archlinux.org/index.php/OpenVPN[documentation^] https://wiki.gentoo.org/wiki/Openvpn[sources^] out there that will help you with that. + +However, once you have your client .ovpn file (in our example, we'll call it `client.ovpn`) you can add it to the build relatively easily. + +Copy `client.ovpn` as `/overlay/etc/openvpn/client/client.conf` -- note the changed file extension. Then, in the `/overlay/etc/systemd/system/multi-user.target.wants/` directory, issue these commands: + + ln -s /usr/lib/systemd/system/openvpn-client\@.service openvpn-client\@client.service + +OpenVPN will then start on boot in the built BDisk instance. + diff --git a/docs/manual/user/fslayout/BDISK.adoc b/docs/manual/user/fslayout/BDISK.adoc new file mode 100644 index 0000000..fa122be --- /dev/null +++ b/docs/manual/user/fslayout/BDISK.adoc @@ -0,0 +1,13 @@ +=== bdisk/ +This directory contains the "heart" of BDisk. It essentially is a Python module package. It contains several python "subpackages" split into different files that provide different functions for BDisk. Chances are you won't ever need to touch anything in here. + +* <> +* <> +* <> +* <> +* <> +* <> +* <> +* <> +* <> + diff --git a/docs/manual/user/fslayout/DOCS.adoc b/docs/manual/user/fslayout/DOCS.adoc new file mode 100644 index 0000000..42cf6c4 --- /dev/null +++ b/docs/manual/user/fslayout/DOCS.adoc @@ -0,0 +1,15 @@ +=== docs/ +This directory contains various documentation and other helpful text. + +==== COPYING +This contains BDisk's license, the GPLv3. + +==== LICENSE +This is simply a link to `COPYING`. + +==== manual/ +This directory contains the documentation source you're reading right now! It's written in http://asciidoc.org/[asciidoc^] (well, to be more precise it's written in/has some http://asciidoctor.org/[asciidoctor^]-isms). I'd recommend reading the rendered version, as the source (while perfectly human-readable) is written in a very modular fashion so it may be inconvenient to read each source file and following include directives. + +==== README +This is a placeholder for common convention; it simply tells you to read the manual (and where to find it/build it). + diff --git a/docs/manual/user/fslayout/EXAMPLES.adoc b/docs/manual/user/fslayout/EXAMPLES.adoc new file mode 100644 index 0000000..7b1553e --- /dev/null +++ b/docs/manual/user/fslayout/EXAMPLES.adoc @@ -0,0 +1,3 @@ +=== examples/ +This directory contains example filesystem layouts for e.g. your webserver (for iPXE), or your PXE server via TFTP. + diff --git a/docs/manual/user/fslayout/EXTRA.adoc b/docs/manual/user/fslayout/EXTRA.adoc new file mode 100644 index 0000000..d65d468 --- /dev/null +++ b/docs/manual/user/fslayout/EXTRA.adoc @@ -0,0 +1,21 @@ +=== extra/ +This directory contains multiple "support files" for BDisk building. + +==== bdisk.png +This file is used for bootloader graphics. If you change the name of the project, this can be named something different -- see <>. + +==== bin/ +This directory contains sample code or extra tools that don't have anything to do with BDisk normal operation but are useful in building a BDisk distribution. + +==== dist.build.ini +This is the "source-provided"/upstream example <>. It will be sourced for any missing configuration options or the like. + +==== external/ +This directory contains external source code for use with extra features in BDisk that would otherwise be inconvenient to fetch and build dynamically. + +==== pkg.build.ini +This is the recommended default <> file for packagers of distro repositories to use when packaging BDisk for inclusion in a package manager. + +include::PREBUILD.adoc[] + +include::TEMPLATES.adoc[] diff --git a/docs/manual/user/fslayout/OVERLAY.adoc b/docs/manual/user/fslayout/OVERLAY.adoc new file mode 100644 index 0000000..85f347d --- /dev/null +++ b/docs/manual/user/fslayout/OVERLAY.adoc @@ -0,0 +1,13 @@ +=== overlay/ +This directory follows similar rules to the <> directory, except it is applied *after* the chroots are prepared (as it is designed to be user-centric rather than core functionality). We'll go more into this later in-depth, as this is where most of your customizations will be done. + +For files that should be included in both chroots, simply recreate the path with the desired file. For instance, if you want a file `/etc/foo/bar.conf` to exist in both i686 and x86_64 versions, it would exist as the path `overlay/etc/foo/bar.conf`. + +It follows the following structure: + +==== i686/ +This contains modifications that should be applied to the i686 version only. If you wanted a file to exist only in the i686 version at `/etc/a/b.conf`, it would be placed in `overlay/i686/etc/a/b.conf`. + +==== x86_64/ +This contains modifications that should be applied to the x86_64 version only. If you wanted a file to exist only in the x86_64 version at `/etc/z/y.conf`, it would be placed in `overlay/x86_64/etc/z/y.conf`. + diff --git a/docs/manual/user/fslayout/PREBUILD.adoc b/docs/manual/user/fslayout/PREBUILD.adoc new file mode 100644 index 0000000..dc84ec2 --- /dev/null +++ b/docs/manual/user/fslayout/PREBUILD.adoc @@ -0,0 +1,13 @@ +==== pre-build.d/ +This file contains a "core" overlay. Generally these files shouldn't be modified unless you know what you're doing, but there are some interesting things you can do in here. Generally speaking, though, you'll want to place your modifications in the <> directory. + +For files that should be included in both chroots, simply recreate the path with the desired file. For instance, if you want a file `/etc/foo/bar.conf` to exist in both i686 and x86_64 versions, it would exist as the path `pre-build.d/etc/foo/bar.conf`. + +It follows the following structure: + +===== i686/ +This contains modifications that should be applied to the i686 version *only*. If you wanted a file to exist only in the i686 version at `/etc/a/b.conf`, it would be placed in `pre-build.d/i686/etc/a/b.conf`. + +===== x86_64/ +This contains modifications that should be applied to the x86_64 version *only*. If you wanted a file to exist only in the x86_64 version at `/etc/z/y.conf`, it would be placed in `pre-build.d/x86_64/etc/z/y.conf`. + diff --git a/docs/manual/user/fslayout/TEMPLATES.adoc b/docs/manual/user/fslayout/TEMPLATES.adoc new file mode 100644 index 0000000..d036545 --- /dev/null +++ b/docs/manual/user/fslayout/TEMPLATES.adoc @@ -0,0 +1,48 @@ +==== templates/ +This directory contains dynamic templates used for dynamic configuration building and other such things. They are written in http://jinja.pocoo.org/[Jinja2^]. If you haven't used Jinja2 before, the http://jinja.pocoo.org/docs/dev/templates/[templating documentation^] will prove to be very useful. + +This allows you to customize low-level behaviour of BDisk without modifying the source. + +===== BIOS/ +The `isolinux.cfg.arch.j2` template controls boot options for the single-arch versions of BDisk. In other words if you only build an i686 or only an x86_64 version, this is the template that would be used for BIOS boot mode. + +The `isolinux.cfg.multi.j2` is used for multi-arch. It manages booting for both i686 and x86_64 versions. + +These files will let you change the behaviour of booting in BIOS systems. The menu colour, the menu entries, the menu default, etc. + +===== EFI/ +The files in here are https://www.freedesktop.org/wiki/Software/systemd/systemd-boot/[systemd-boot^] configurations. The distributed defaults are: + +`base.conf.j2`, which controls the "main"/default entry. + +`loader.conf.j2`, the meta configuration file which tells the loader which entry to load by default and which entries to include. + +`ram.conf.j2` which allows BDisk to run entirely from RAM. + +`uefi1.conf.j2` which provides a UEFI shell (for older UEFI systems). + +`uefi2.conf.j2` which provides a UEFI shell (for newer UEFI systems). + +===== GPG.j2 +This file contains default parameters for the https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html[GPG key generation], if we need to automatically generate a key. + +===== iPXE/ +This directory holds templates for iPXE/mini builds. + +The `BIOS/` directory is similar to <> mentioned above, but it only needs one configuration file and is a much more minimal design (since its entire purpose is to chainload to the iPXE loader). + +The `EFI/` directory is similar to <> above also, but needs fewer configuration files (its only purpose is to bootstrap iPXE). + +`EMBED.j2` is the iPXE http://ipxe.org/scripting[embedded script^] (http://ipxe.org/embed[more info^]). This is what chainloads the remote resources (kernel, intird, squashed filesystem images, and so forth). + +The `patches/` directory largely control branding of the mini ISO. They are in https://www.gnu.org/software/diffutils/manual/html_node/Unified-Format.html[unified diff^] (or "patch") format. + +===== overlay/ +This directory contains *templated* overlays. These are intended to be templated by the user. See <> for more information on how to use this. Remember to suffix your template files with the `.j2` extension. + +===== pre-build.d/ +This directory contains *templated* overlays. These are intended to not be managed by the user, as they handle configuration necessary for building an ISO. See <> for more information on this. + +===== VERSION_INFO.txt.j2 +This template specifies a VERSION_INFO.txt file placed in various locations throughout the builds to help identify which version, build, etc. the ISO is. +