--- /dev/null
+# Generated by etckeeper. Do not edit.
+
+mkdir -p './X11/xkb'
+mkdir -p './apparmor.d/force-complain'
+mkdir -p './apt/preferences.d'
+mkdir -p './bind/dyn'
+mkdir -p './bind/zones'
+mkdir -p './ca-certificates/update.d'
+mkdir -p './console'
+mkdir -p './dpkg/dpkg.cfg.d'
+mkdir -p './fail2ban/fail2ban.d'
+mkdir -p './initramfs-tools/conf.d'
+mkdir -p './initramfs-tools/hooks'
+mkdir -p './initramfs-tools/scripts/init-bottom'
+mkdir -p './initramfs-tools/scripts/init-premount'
+mkdir -p './initramfs-tools/scripts/init-top'
+mkdir -p './initramfs-tools/scripts/local-bottom'
+mkdir -p './initramfs-tools/scripts/local-premount'
+mkdir -p './initramfs-tools/scripts/local-top'
+mkdir -p './initramfs-tools/scripts/nfs-bottom'
+mkdir -p './initramfs-tools/scripts/nfs-premount'
+mkdir -p './initramfs-tools/scripts/nfs-top'
+mkdir -p './initramfs-tools/scripts/panic'
+mkdir -p './insserv/overrides'
+mkdir -p './logwatch/conf/logfiles'
+mkdir -p './logwatch/conf/services'
+mkdir -p './logwatch/scripts/services'
+mkdir -p './network/if-post-down.d'
+mkdir -p './network/if-pre-up.d'
+mkdir -p './network/interfaces.d'
+mkdir -p './opt'
+mkdir -p './perl/CPAN'
+mkdir -p './postfix/sasl'
+mkdir -p './security/limits.d'
+mkdir -p './security/namespace.d'
+mkdir -p './udev/hwdb.d'
+maybe chmod 0755 '.'
+maybe chmod 0700 '.etckeeper'
+maybe chmod 0644 '.gitignore'
+maybe chmod 0755 'X11'
+maybe chmod 0755 'X11/xkb'
+maybe chmod 0755 'acpi'
+maybe chmod 0755 'acpi/events'
+maybe chmod 0644 'acpi/events/powerbtn-acpi-support'
+maybe chmod 0755 'acpi/powerbtn-acpi-support.sh'
+maybe chmod 0644 'adduser.conf'
+maybe chmod 0600 'aiccu.conf'
+maybe chmod 0644 'aliases'
+maybe chmod 0644 'aliases.db'
+maybe chmod 0755 'alternatives'
+maybe chmod 0644 'alternatives/README'
+maybe chmod 0755 'apache2'
+maybe chmod 0644 'apache2/apache2.conf'
+maybe chmod 0755 'apache2/conf-available'
+maybe chmod 0644 'apache2/conf-available/charset.conf'
+maybe chmod 0755 'apache2/conf-available/custom-log.conf'
+maybe chmod 0644 'apache2/conf-available/localized-error-pages.conf'
+maybe chmod 0644 'apache2/conf-available/other-vhosts-access-log.conf'
+maybe chmod 0644 'apache2/conf-available/security.conf'
+maybe chmod 0644 'apache2/conf-available/serve-cgi-bin.conf'
+maybe chmod 0755 'apache2/conf-enabled'
+maybe chmod 0644 'apache2/envvars'
+maybe chmod 0644 'apache2/magic'
+maybe chmod 0755 'apache2/mods-available'
+maybe chmod 0644 'apache2/mods-available/access_compat.load'
+maybe chmod 0644 'apache2/mods-available/actions.conf'
+maybe chmod 0644 'apache2/mods-available/actions.load'
+maybe chmod 0644 'apache2/mods-available/alias.conf'
+maybe chmod 0644 'apache2/mods-available/alias.load'
+maybe chmod 0644 'apache2/mods-available/allowmethods.load'
+maybe chmod 0644 'apache2/mods-available/asis.load'
+maybe chmod 0644 'apache2/mods-available/auth_basic.load'
+maybe chmod 0644 'apache2/mods-available/auth_digest.load'
+maybe chmod 0644 'apache2/mods-available/auth_form.load'
+maybe chmod 0644 'apache2/mods-available/authn_anon.load'
+maybe chmod 0644 'apache2/mods-available/authn_core.load'
+maybe chmod 0644 'apache2/mods-available/authn_dbd.load'
+maybe chmod 0644 'apache2/mods-available/authn_dbm.load'
+maybe chmod 0644 'apache2/mods-available/authn_file.load'
+maybe chmod 0644 'apache2/mods-available/authn_socache.load'
+maybe chmod 0644 'apache2/mods-available/authnz_fcgi.load'
+maybe chmod 0644 'apache2/mods-available/authnz_ldap.load'
+maybe chmod 0644 'apache2/mods-available/authz_core.load'
+maybe chmod 0644 'apache2/mods-available/authz_dbd.load'
+maybe chmod 0644 'apache2/mods-available/authz_dbm.load'
+maybe chmod 0644 'apache2/mods-available/authz_groupfile.load'
+maybe chmod 0644 'apache2/mods-available/authz_host.load'
+maybe chmod 0644 'apache2/mods-available/authz_owner.load'
+maybe chmod 0644 'apache2/mods-available/authz_user.load'
+maybe chmod 0644 'apache2/mods-available/autoindex.conf'
+maybe chmod 0644 'apache2/mods-available/autoindex.load'
+maybe chmod 0644 'apache2/mods-available/buffer.load'
+maybe chmod 0644 'apache2/mods-available/cache.load'
+maybe chmod 0644 'apache2/mods-available/cache_disk.conf'
+maybe chmod 0644 'apache2/mods-available/cache_disk.load'
+maybe chmod 0644 'apache2/mods-available/cache_socache.load'
+maybe chmod 0644 'apache2/mods-available/cgi.load'
+maybe chmod 0644 'apache2/mods-available/cgid.conf'
+maybe chmod 0644 'apache2/mods-available/cgid.load'
+maybe chmod 0644 'apache2/mods-available/charset_lite.load'
+maybe chmod 0644 'apache2/mods-available/data.load'
+maybe chmod 0644 'apache2/mods-available/dav.load'
+maybe chmod 0644 'apache2/mods-available/dav_fs.conf'
+maybe chmod 0644 'apache2/mods-available/dav_fs.load'
+maybe chmod 0644 'apache2/mods-available/dav_lock.load'
+maybe chmod 0644 'apache2/mods-available/dbd.load'
+maybe chmod 0644 'apache2/mods-available/deflate.conf'
+maybe chmod 0644 'apache2/mods-available/deflate.load'
+maybe chmod 0644 'apache2/mods-available/dialup.load'
+maybe chmod 0644 'apache2/mods-available/dir.conf'
+maybe chmod 0644 'apache2/mods-available/dir.load'
+maybe chmod 0644 'apache2/mods-available/dump_io.load'
+maybe chmod 0644 'apache2/mods-available/echo.load'
+maybe chmod 0644 'apache2/mods-available/env.load'
+maybe chmod 0644 'apache2/mods-available/expires.load'
+maybe chmod 0644 'apache2/mods-available/ext_filter.load'
+maybe chmod 0644 'apache2/mods-available/file_cache.load'
+maybe chmod 0644 'apache2/mods-available/filter.load'
+maybe chmod 0644 'apache2/mods-available/headers.load'
+maybe chmod 0644 'apache2/mods-available/heartbeat.load'
+maybe chmod 0644 'apache2/mods-available/heartmonitor.load'
+maybe chmod 0644 'apache2/mods-available/ident.load'
+maybe chmod 0644 'apache2/mods-available/include.load'
+maybe chmod 0644 'apache2/mods-available/info.conf'
+maybe chmod 0644 'apache2/mods-available/info.load'
+maybe chmod 0644 'apache2/mods-available/lbmethod_bybusyness.load'
+maybe chmod 0644 'apache2/mods-available/lbmethod_byrequests.load'
+maybe chmod 0644 'apache2/mods-available/lbmethod_bytraffic.load'
+maybe chmod 0644 'apache2/mods-available/lbmethod_heartbeat.load'
+maybe chmod 0644 'apache2/mods-available/ldap.conf'
+maybe chmod 0644 'apache2/mods-available/ldap.load'
+maybe chmod 0644 'apache2/mods-available/log_debug.load'
+maybe chmod 0644 'apache2/mods-available/log_forensic.load'
+maybe chmod 0644 'apache2/mods-available/lua.load'
+maybe chmod 0644 'apache2/mods-available/macro.load'
+maybe chmod 0644 'apache2/mods-available/mime.conf'
+maybe chmod 0644 'apache2/mods-available/mime.load'
+maybe chmod 0644 'apache2/mods-available/mime_magic.conf'
+maybe chmod 0644 'apache2/mods-available/mime_magic.load'
+maybe chmod 0644 'apache2/mods-available/mpm_event.conf'
+maybe chmod 0644 'apache2/mods-available/mpm_event.load'
+maybe chmod 0644 'apache2/mods-available/mpm_prefork.conf'
+maybe chmod 0644 'apache2/mods-available/mpm_prefork.load'
+maybe chmod 0644 'apache2/mods-available/mpm_worker.conf'
+maybe chmod 0644 'apache2/mods-available/mpm_worker.load'
+maybe chmod 0644 'apache2/mods-available/negotiation.conf'
+maybe chmod 0644 'apache2/mods-available/negotiation.load'
+maybe chmod 0644 'apache2/mods-available/proxy.conf'
+maybe chmod 0644 'apache2/mods-available/proxy.load'
+maybe chmod 0644 'apache2/mods-available/proxy_ajp.load'
+maybe chmod 0644 'apache2/mods-available/proxy_balancer.conf'
+maybe chmod 0644 'apache2/mods-available/proxy_balancer.load'
+maybe chmod 0644 'apache2/mods-available/proxy_connect.load'
+maybe chmod 0644 'apache2/mods-available/proxy_express.load'
+maybe chmod 0644 'apache2/mods-available/proxy_fcgi.load'
+maybe chmod 0644 'apache2/mods-available/proxy_fdpass.load'
+maybe chmod 0644 'apache2/mods-available/proxy_ftp.conf'
+maybe chmod 0644 'apache2/mods-available/proxy_ftp.load'
+maybe chmod 0644 'apache2/mods-available/proxy_html.conf'
+maybe chmod 0644 'apache2/mods-available/proxy_html.load'
+maybe chmod 0644 'apache2/mods-available/proxy_http.load'
+maybe chmod 0644 'apache2/mods-available/proxy_scgi.load'
+maybe chmod 0644 'apache2/mods-available/proxy_wstunnel.load'
+maybe chmod 0644 'apache2/mods-available/ratelimit.load'
+maybe chmod 0644 'apache2/mods-available/reflector.load'
+maybe chmod 0644 'apache2/mods-available/remoteip.load'
+maybe chmod 0644 'apache2/mods-available/reqtimeout.conf'
+maybe chmod 0644 'apache2/mods-available/reqtimeout.load'
+maybe chmod 0644 'apache2/mods-available/request.load'
+maybe chmod 0644 'apache2/mods-available/rewrite.load'
+maybe chmod 0644 'apache2/mods-available/sed.load'
+maybe chmod 0644 'apache2/mods-available/session.load'
+maybe chmod 0644 'apache2/mods-available/session_cookie.load'
+maybe chmod 0644 'apache2/mods-available/session_crypto.load'
+maybe chmod 0644 'apache2/mods-available/session_dbd.load'
+maybe chmod 0644 'apache2/mods-available/setenvif.conf'
+maybe chmod 0644 'apache2/mods-available/setenvif.load'
+maybe chmod 0644 'apache2/mods-available/slotmem_plain.load'
+maybe chmod 0644 'apache2/mods-available/slotmem_shm.load'
+maybe chmod 0644 'apache2/mods-available/socache_dbm.load'
+maybe chmod 0644 'apache2/mods-available/socache_memcache.load'
+maybe chmod 0644 'apache2/mods-available/socache_shmcb.load'
+maybe chmod 0644 'apache2/mods-available/speling.load'
+maybe chmod 0644 'apache2/mods-available/ssl.conf'
+maybe chmod 0644 'apache2/mods-available/ssl.load'
+maybe chmod 0644 'apache2/mods-available/status.conf'
+maybe chmod 0644 'apache2/mods-available/status.load'
+maybe chmod 0644 'apache2/mods-available/substitute.load'
+maybe chmod 0644 'apache2/mods-available/suexec.load'
+maybe chmod 0644 'apache2/mods-available/unique_id.load'
+maybe chmod 0644 'apache2/mods-available/userdir.conf'
+maybe chmod 0644 'apache2/mods-available/userdir.load'
+maybe chmod 0644 'apache2/mods-available/usertrack.load'
+maybe chmod 0644 'apache2/mods-available/vhost_alias.load'
+maybe chmod 0644 'apache2/mods-available/xml2enc.load'
+maybe chmod 0755 'apache2/mods-enabled'
+maybe chmod 0644 'apache2/ports.conf'
+maybe chmod 0755 'apache2/sites-available'
+maybe chmod 0644 'apache2/sites-available/000-default.conf'
+maybe chmod 0644 'apache2/sites-available/default-include.conf'
+maybe chmod 0644 'apache2/sites-available/default-ssl.conf'
+maybe chmod 0755 'apache2/sites-enabled'
+maybe chmod 0755 'apm'
+maybe chmod 0755 'apm/event.d'
+maybe chmod 0755 'apm/event.d/01chrony'
+maybe chmod 0755 'apparmor.d'
+maybe chmod 0755 'apparmor.d/force-complain'
+maybe chmod 0755 'apparmor.d/local'
+maybe chmod 0644 'apparmor.d/local/usr.sbin.named'
+maybe chmod 0644 'apparmor.d/usr.sbin.named'
+maybe chmod 0755 'apt'
+maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub'
+maybe chmod 0755 'apt/apt.conf.d'
+maybe chmod 0644 'apt/apt.conf.d/00recommends'
+maybe chmod 0644 'apt/apt.conf.d/00trustcdrom'
+maybe chmod 0644 'apt/apt.conf.d/01autoremove'
+maybe chmod 0644 'apt/apt.conf.d/01autoremove-kernels'
+maybe chmod 0644 'apt/apt.conf.d/05etckeeper'
+maybe chmod 0644 'apt/apt.conf.d/70debconf'
+maybe chmod 0755 'apt/preferences.d'
+maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key.pub'
+maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key2.pub'
+maybe chmod 0644 'apt/sources.list'
+maybe chmod 0755 'apt/sources.list.d'
+maybe chmod 0644 'apt/sources.list.d/fbrehm.list'
+maybe chmod 0644 'apt/sources.list.d/salt.list'
+maybe chmod 0644 'apt/trusted.gpg'
+maybe chmod 0755 'apt/trusted.gpg.d'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-stable.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg'
+maybe chmod 0755 'apticron'
+maybe chmod 0644 'apticron/apticron.conf'
+maybe chmod 0644 'bash.bashrc'
+maybe chmod 0644 'bash_completion'
+maybe chmod 0755 'bash_completion.d'
+maybe chmod 0644 'bash_completion.d/apache2'
+maybe chmod 0644 'bash_completion.d/debconf'
+maybe chmod 0644 'bash_completion.d/etckeeper'
+maybe chmod 0644 'bash_completion.d/fail2ban'
+maybe chmod 0644 'bash_completion.d/git-prompt'
+maybe chmod 0644 'bash_completion.d/grub'
+maybe chmod 0644 'bash_completion.d/initramfs-tools'
+maybe chmod 0644 'bash_completion.d/insserv'
+maybe chmod 0644 'bash_completion.d/isoquery'
+maybe chmod 0644 'bash_completion.d/salt-common'
+maybe chmod 0644 'bash_completion.d/whiptail'
+maybe chgrp 'bind' 'bind'
+maybe chmod 2755 'bind'
+maybe chmod 0644 'bind/bind.keys'
+maybe chmod 0644 'bind/db.0'
+maybe chmod 0644 'bind/db.127'
+maybe chmod 0644 'bind/db.255'
+maybe chmod 0644 'bind/db.empty'
+maybe chmod 0644 'bind/db.local'
+maybe chmod 0644 'bind/db.root'
+maybe chmod 0700 'bind/dnssec'
+maybe chmod 0600 'bind/dnssec/Kdns-uhu-banane.+157+21915.key'
+maybe chmod 0600 'bind/dnssec/Kdns-uhu-banane.+157+21915.private'
+maybe chmod 0600 'bind/dnssec/Kdyn-dns-updater.+157+29290.key'
+maybe chmod 0600 'bind/dnssec/Kdyn-dns-updater.+157+29290.private'
+maybe chown 'bind' 'bind/dyn'
+maybe chgrp 'bind' 'bind/dyn'
+maybe chmod 0770 'bind/dyn'
+maybe chmod 0644 'bind/named-acl.conf'
+maybe chmod 0644 'bind/named-dyn.conf'
+maybe chmod 0644 'bind/named-log.conf'
+maybe chmod 0644 'bind/named-pri.conf'
+maybe chmod 0644 'bind/named-sec.conf'
+maybe chmod 0644 'bind/named.conf'
+maybe chmod 0644 'bind/named.conf.default-zones'
+maybe chmod 0644 'bind/named.conf.local'
+maybe chmod 0644 'bind/named.conf.options'
+maybe chown 'bind' 'bind/rndc.key'
+maybe chgrp 'bind' 'bind/rndc.key'
+maybe chmod 0640 'bind/rndc.key'
+maybe chgrp 'bind' 'bind/zones'
+maybe chmod 0755 'bind/zones'
+maybe chmod 0644 'bind/zones.rfc1918'
+maybe chmod 0644 'bindresvport.blacklist'
+maybe chmod 0755 'byobu'
+maybe chmod 0644 'byobu/backend'
+maybe chmod 0644 'byobu/socketdir'
+maybe chmod 0755 'ca-certificates'
+maybe chmod 0644 'ca-certificates.conf'
+maybe chmod 0755 'ca-certificates/update.d'
+maybe chmod 0755 'calendar'
+maybe chmod 0644 'calendar/default'
+maybe chmod 0755 'chrony'
+maybe chmod 0644 'chrony/chrony.conf'
+maybe chmod 0640 'chrony/chrony.keys'
+maybe chmod 0644 'colordiffrc'
+maybe chmod 0755 'console'
+maybe chmod 0755 'console-setup'
+maybe chmod 0644 'console-setup/cached_Lat15-Fixed16.psf.gz'
+maybe chmod 0644 'console-setup/cached_UTF-8_del.kmap.gz'
+maybe chmod 0644 'console-setup/compose.ARMSCII-8.inc'
+maybe chmod 0644 'console-setup/compose.CP1251.inc'
+maybe chmod 0644 'console-setup/compose.CP1255.inc'
+maybe chmod 0644 'console-setup/compose.CP1256.inc'
+maybe chmod 0644 'console-setup/compose.GEORGIAN-ACADEMY.inc'
+maybe chmod 0644 'console-setup/compose.GEORGIAN-PS.inc'
+maybe chmod 0644 'console-setup/compose.IBM1133.inc'
+maybe chmod 0644 'console-setup/compose.ISIRI-3342.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-1.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-10.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-11.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-13.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-14.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-15.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-16.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-2.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-3.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-4.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-5.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-6.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-7.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-8.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-9.inc'
+maybe chmod 0644 'console-setup/compose.KOI8-R.inc'
+maybe chmod 0644 'console-setup/compose.KOI8-U.inc'
+maybe chmod 0644 'console-setup/compose.TIS-620.inc'
+maybe chmod 0644 'console-setup/compose.VISCII.inc'
+maybe chmod 0644 'console-setup/remap.inc'
+maybe chmod 0755 'cron.d'
+maybe chmod 0644 'cron.d/.placeholder'
+maybe chmod 0644 'cron.d/apticron'
+maybe chmod 0644 'cron.d/certbot'
+maybe chmod 0644 'cron.d/greetings'
+maybe chmod 0644 'cron.d/sync-pkgs'
+maybe chmod 0755 'cron.daily'
+maybe chmod 0644 'cron.daily/.placeholder'
+maybe chmod 0755 'cron.daily/00logwatch'
+maybe chmod 0755 'cron.daily/apache2'
+maybe chmod 0755 'cron.daily/apt'
+maybe chmod 0755 'cron.daily/aptitude'
+maybe chmod 0755 'cron.daily/bsdmainutils'
+maybe chmod 0755 'cron.daily/dpkg'
+maybe chmod 0755 'cron.daily/etckeeper'
+maybe chmod 0755 'cron.daily/exim4-base'
+maybe chmod 0755 'cron.daily/logrotate'
+maybe chmod 0755 'cron.daily/man-db'
+maybe chmod 0755 'cron.daily/mlocate'
+maybe chmod 0755 'cron.daily/passwd'
+maybe chmod 0755 'cron.hourly'
+maybe chmod 0644 'cron.hourly/.placeholder'
+maybe chmod 0755 'cron.monthly'
+maybe chmod 0644 'cron.monthly/.placeholder'
+maybe chmod 0755 'cron.weekly'
+maybe chmod 0644 'cron.weekly/.placeholder'
+maybe chmod 0755 'cron.weekly/man-db'
+maybe chmod 0644 'crontab'
+maybe chmod 0755 'cruft'
+maybe chmod 0755 'cruft/filters-unex'
+maybe chmod 0644 'cruft/filters-unex/etckeeper'
+maybe chmod 0755 'dbus-1'
+maybe chmod 0755 'dbus-1/system.d'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.hostname1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.locale1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.login1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.machine1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.systemd1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.timedate1.conf'
+maybe chmod 0644 'debconf.conf'
+maybe chmod 0644 'debian_version'
+maybe chmod 0755 'default'
+maybe chmod 0644 'default/acpid'
+maybe chmod 0644 'default/aiccu'
+maybe chmod 0644 'default/apache2'
+maybe chmod 0644 'default/bind9'
+maybe chmod 0644 'default/bsdmainutils'
+maybe chmod 0644 'default/console-setup'
+maybe chmod 0644 'default/cron'
+maybe chmod 0644 'default/devpts'
+maybe chmod 0644 'default/exim4'
+maybe chmod 0644 'default/fail2ban'
+maybe chmod 0644 'default/grub'
+maybe chmod 0644 'default/halt'
+maybe chmod 0644 'default/haveged'
+maybe chmod 0644 'default/hwclock'
+maybe chmod 0644 'default/keyboard'
+maybe chmod 0644 'default/locale'
+maybe chmod 0644 'default/locale.bak'
+maybe chmod 0644 'default/netfilter-persistent'
+maybe chmod 0644 'default/networking'
+maybe chmod 0644 'default/nss'
+maybe chmod 0644 'default/rcS'
+maybe chmod 0644 'default/rsync'
+maybe chmod 0644 'default/rsyslog'
+maybe chmod 0644 'default/salt-minion.environment'
+maybe chmod 0644 'default/ssh'
+maybe chmod 0644 'default/tmpfs'
+maybe chmod 0644 'default/useradd'
+maybe chmod 0644 'deluser.conf'
+maybe chmod 0755 'dhcp'
+maybe chmod 0755 'dhcp/dhclient-enter-hooks.d'
+maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/debug'
+maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/nodnsupdate'
+maybe chmod 0755 'dhcp/dhclient-exit-hooks.d'
+maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/debug'
+maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes'
+maybe chmod 0644 'dhcp/dhclient.conf'
+maybe chmod 0755 'dictionaries-common'
+maybe chmod 0644 'discover-modprobe.conf'
+maybe chmod 0755 'discover.conf.d'
+maybe chmod 0644 'discover.conf.d/00discover'
+maybe chmod 0755 'dpkg'
+maybe chmod 0644 'dpkg/dpkg.cfg'
+maybe chmod 0755 'dpkg/dpkg.cfg.d'
+maybe chmod 0755 'dpkg/origins'
+maybe chmod 0644 'dpkg/origins/debian'
+maybe chmod 0755 'emacs'
+maybe chmod 0755 'emacs/site-start.d'
+maybe chmod 0644 'emacs/site-start.d/00debian-vars.el'
+maybe chmod 0644 'emacs/site-start.d/50dictionaries-common.el'
+maybe chmod 0644 'emacs/site-start.el'
+maybe chmod 0644 'email-addresses'
+maybe chmod 0644 'environment'
+maybe chmod 0755 'etckeeper'
+maybe chmod 0755 'etckeeper/commit.d'
+maybe chmod 0755 'etckeeper/commit.d/10vcs-test'
+maybe chmod 0755 'etckeeper/commit.d/30bzr-add'
+maybe chmod 0755 'etckeeper/commit.d/30darcs-add'
+maybe chmod 0755 'etckeeper/commit.d/30git-add'
+maybe chmod 0755 'etckeeper/commit.d/30hg-addremove'
+maybe chmod 0755 'etckeeper/commit.d/50vcs-commit'
+maybe chmod 0755 'etckeeper/commit.d/99push'
+maybe chmod 0644 'etckeeper/commit.d/README'
+maybe chmod 0644 'etckeeper/etckeeper.conf'
+maybe chmod 0755 'etckeeper/init.d'
+maybe chmod 0755 'etckeeper/init.d/10restore-metadata'
+maybe chmod 0755 'etckeeper/init.d/20restore-etckeeper'
+maybe chmod 0755 'etckeeper/init.d/40vcs-init'
+maybe chmod 0755 'etckeeper/init.d/50vcs-ignore'
+maybe chmod 0755 'etckeeper/init.d/50vcs-perm'
+maybe chmod 0755 'etckeeper/init.d/50vcs-pre-commit-hook'
+maybe chmod 0755 'etckeeper/init.d/60darcs-deleted-symlinks'
+maybe chmod 0755 'etckeeper/init.d/70vcs-add'
+maybe chmod 0644 'etckeeper/init.d/README'
+maybe chmod 0755 'etckeeper/list-installed.d'
+maybe chmod 0755 'etckeeper/list-installed.d/50list-installed'
+maybe chmod 0755 'etckeeper/post-install.d'
+maybe chmod 0755 'etckeeper/post-install.d/50vcs-commit'
+maybe chmod 0644 'etckeeper/post-install.d/README'
+maybe chmod 0755 'etckeeper/pre-commit.d'
+maybe chmod 0755 'etckeeper/pre-commit.d/20warn-problem-files'
+maybe chmod 0755 'etckeeper/pre-commit.d/30store-metadata'
+maybe chmod 0644 'etckeeper/pre-commit.d/README'
+maybe chmod 0755 'etckeeper/pre-install.d'
+maybe chmod 0755 'etckeeper/pre-install.d/10packagelist'
+maybe chmod 0755 'etckeeper/pre-install.d/50uncommitted-changes'
+maybe chmod 0644 'etckeeper/pre-install.d/README'
+maybe chmod 0755 'etckeeper/unclean.d'
+maybe chmod 0755 'etckeeper/unclean.d/50test'
+maybe chmod 0644 'etckeeper/unclean.d/README'
+maybe chmod 0755 'etckeeper/uninit.d'
+maybe chmod 0755 'etckeeper/uninit.d/01prompt'
+maybe chmod 0755 'etckeeper/uninit.d/50remove-metadata'
+maybe chmod 0755 'etckeeper/uninit.d/50vcs-uninit'
+maybe chmod 0644 'etckeeper/uninit.d/README'
+maybe chmod 0755 'etckeeper/update-ignore.d'
+maybe chmod 0755 'etckeeper/update-ignore.d/01update-ignore'
+maybe chmod 0644 'etckeeper/update-ignore.d/README'
+maybe chmod 0755 'etckeeper/vcs.d'
+maybe chmod 0755 'etckeeper/vcs.d/50vcs-cmd'
+maybe chmod 0755 'exim4'
+maybe chmod 0755 'exim4/conf.d'
+maybe chmod 0755 'exim4/conf.d/acl'
+maybe chmod 0644 'exim4/conf.d/acl/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/acl/20_exim4-config_local_deny_exceptions'
+maybe chmod 0644 'exim4/conf.d/acl/30_exim4-config_check_mail'
+maybe chmod 0644 'exim4/conf.d/acl/30_exim4-config_check_rcpt'
+maybe chmod 0644 'exim4/conf.d/acl/40_exim4-config_check_data'
+maybe chmod 0755 'exim4/conf.d/auth'
+maybe chmod 0644 'exim4/conf.d/auth/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/auth/30_exim4-config_examples'
+maybe chmod 0755 'exim4/conf.d/main'
+maybe chmod 0644 'exim4/conf.d/main/01_exim4-config_listmacrosdefs'
+maybe chmod 0644 'exim4/conf.d/main/02_exim4-config_options'
+maybe chmod 0644 'exim4/conf.d/main/03_exim4-config_tlsoptions'
+maybe chmod 0644 'exim4/conf.d/main/90_exim4-config_log_selector'
+maybe chmod 0755 'exim4/conf.d/retry'
+maybe chmod 0644 'exim4/conf.d/retry/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/retry/30_exim4-config'
+maybe chmod 0755 'exim4/conf.d/rewrite'
+maybe chmod 0644 'exim4/conf.d/rewrite/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/rewrite/31_exim4-config_rewriting'
+maybe chmod 0755 'exim4/conf.d/router'
+maybe chmod 0644 'exim4/conf.d/router/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/router/100_exim4-config_domain_literal'
+maybe chmod 0644 'exim4/conf.d/router/150_exim4-config_hubbed_hosts'
+maybe chmod 0644 'exim4/conf.d/router/200_exim4-config_primary'
+maybe chmod 0644 'exim4/conf.d/router/300_exim4-config_real_local'
+maybe chmod 0644 'exim4/conf.d/router/400_exim4-config_system_aliases'
+maybe chmod 0644 'exim4/conf.d/router/500_exim4-config_hubuser'
+maybe chmod 0644 'exim4/conf.d/router/600_exim4-config_userforward'
+maybe chmod 0644 'exim4/conf.d/router/700_exim4-config_procmail'
+maybe chmod 0644 'exim4/conf.d/router/800_exim4-config_maildrop'
+maybe chmod 0644 'exim4/conf.d/router/850_exim4-config_lowuid'
+maybe chmod 0644 'exim4/conf.d/router/900_exim4-config_local_user'
+maybe chmod 0644 'exim4/conf.d/router/mmm_mail4root'
+maybe chmod 0755 'exim4/conf.d/transport'
+maybe chmod 0644 'exim4/conf.d/transport/00_exim4-config_header'
+maybe chmod 0644 'exim4/conf.d/transport/10_exim4-config_transport-macros'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_address_file'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_address_pipe'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_address_reply'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_mail_spool'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_maildir_home'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_maildrop_pipe'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_procmail_pipe'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_remote_smtp'
+maybe chmod 0644 'exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost'
+maybe chmod 0644 'exim4/conf.d/transport/35_exim4-config_address_directory'
+maybe chmod 0644 'exim4/exim4.conf.template'
+maybe chgrp 'Debian-exim' 'exim4/passwd.client'
+maybe chmod 0640 'exim4/passwd.client'
+maybe chmod 0644 'exim4/update-exim4.conf.conf'
+maybe chmod 0755 'fail2ban'
+maybe chmod 0755 'fail2ban/action.d'
+maybe chmod 0644 'fail2ban/action.d/apf.conf'
+maybe chmod 0644 'fail2ban/action.d/badips.conf'
+maybe chmod 0644 'fail2ban/action.d/blocklist_de.conf'
+maybe chmod 0644 'fail2ban/action.d/bsd-ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/complain.conf'
+maybe chmod 0644 'fail2ban/action.d/dshield.conf'
+maybe chmod 0644 'fail2ban/action.d/dummy.conf'
+maybe chmod 0644 'fail2ban/action.d/firewallcmd-ipset.conf'
+maybe chmod 0644 'fail2ban/action.d/firewallcmd-new.conf'
+maybe chmod 0644 'fail2ban/action.d/hostsdeny.conf'
+maybe chmod 0644 'fail2ban/action.d/ipfilter.conf'
+maybe chmod 0644 'fail2ban/action.d/ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-allports.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-blocktype.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto4.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6-allports.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-multiport-log.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-multiport.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-new.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-xt_recent-echo.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-buffered.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-whois-lines.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-whois.conf'
+maybe chmod 0644 'fail2ban/action.d/mail.conf'
+maybe chmod 0644 'fail2ban/action.d/mynetwatchman.conf'
+maybe chmod 0644 'fail2ban/action.d/osx-afctl.conf'
+maybe chmod 0644 'fail2ban/action.d/osx-ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/pf.conf'
+maybe chmod 0644 'fail2ban/action.d/route.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-buffered.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-common.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-whois-lines.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-whois.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail.conf'
+maybe chmod 0644 'fail2ban/action.d/shorewall.conf'
+maybe chmod 0644 'fail2ban/action.d/ufw.conf'
+maybe chmod 0644 'fail2ban/fail2ban.conf'
+maybe chmod 0755 'fail2ban/fail2ban.d'
+maybe chmod 0755 'fail2ban/filter.d'
+maybe chmod 0644 'fail2ban/filter.d/3proxy.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-badbots.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-modsecurity.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-nohome.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-noscript.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-overflows.conf'
+maybe chmod 0644 'fail2ban/filter.d/assp.conf'
+maybe chmod 0644 'fail2ban/filter.d/asterisk.conf'
+maybe chmod 0644 'fail2ban/filter.d/common.conf'
+maybe chmod 0644 'fail2ban/filter.d/courierlogin.conf'
+maybe chmod 0644 'fail2ban/filter.d/couriersmtp.conf'
+maybe chmod 0644 'fail2ban/filter.d/cyrus-imap.conf'
+maybe chmod 0644 'fail2ban/filter.d/dovecot.conf'
+maybe chmod 0644 'fail2ban/filter.d/dropbear.conf'
+maybe chmod 0644 'fail2ban/filter.d/ejabberd-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim-spam.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim.conf'
+maybe chmod 0644 'fail2ban/filter.d/freeswitch.conf'
+maybe chmod 0644 'fail2ban/filter.d/groupoffice.conf'
+maybe chmod 0644 'fail2ban/filter.d/gssftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/horde.conf'
+maybe chmod 0644 'fail2ban/filter.d/lighttpd-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/mysqld-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/nagios.conf'
+maybe chmod 0644 'fail2ban/filter.d/named-refused.conf'
+maybe chmod 0644 'fail2ban/filter.d/nginx-http-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/nsd.conf'
+maybe chmod 0644 'fail2ban/filter.d/openwebmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/pam-generic.conf'
+maybe chmod 0644 'fail2ban/filter.d/perdition.conf'
+maybe chmod 0644 'fail2ban/filter.d/php-url-fopen.conf'
+maybe chmod 0644 'fail2ban/filter.d/postfix-sasl.conf'
+maybe chmod 0644 'fail2ban/filter.d/postfix.conf'
+maybe chmod 0644 'fail2ban/filter.d/proftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/pure-ftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/qmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/recidive.conf'
+maybe chmod 0644 'fail2ban/filter.d/roundcube-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/selinux-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/selinux-ssh.conf'
+maybe chmod 0644 'fail2ban/filter.d/sendmail-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/sendmail-reject.conf'
+maybe chmod 0644 'fail2ban/filter.d/sieve.conf'
+maybe chmod 0644 'fail2ban/filter.d/sogo-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/solid-pop3d.conf'
+maybe chmod 0644 'fail2ban/filter.d/squid.conf'
+maybe chmod 0644 'fail2ban/filter.d/sshd-ddos.conf'
+maybe chmod 0644 'fail2ban/filter.d/sshd.conf'
+maybe chmod 0644 'fail2ban/filter.d/suhosin.conf'
+maybe chmod 0644 'fail2ban/filter.d/uwimap-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/vsftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/webmin-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/wuftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/xinetd-fail.conf'
+maybe chmod 0644 'fail2ban/jail.conf'
+maybe chmod 0755 'fail2ban/jail.d'
+maybe chmod 0644 'fail2ban/jail.d/apache-jail.conf'
+maybe chmod 0644 'fail2ban/jail.d/postfix.conf'
+maybe chmod 0644 'fail2ban/jail.d/ssh.conf'
+maybe chmod 0644 'fstab'
+maybe chmod 0755 'ftp-backup'
+maybe chmod 0644 'ftp-backup/backup-per-ftp.cfg'
+maybe chown '1017' 'ftp-backup/backup-per-sftp.cfg'
+maybe chgrp 'users' 'ftp-backup/backup-per-sftp.cfg'
+maybe chmod 0644 'ftp-backup/backup-per-sftp.cfg'
+maybe chown '1017' 'ftp-backup/id_rsa'
+maybe chgrp 'users' 'ftp-backup/id_rsa'
+maybe chmod 0600 'ftp-backup/id_rsa'
+maybe chown '1017' 'ftp-backup/id_rsa.pub'
+maybe chgrp 'users' 'ftp-backup/id_rsa.pub'
+maybe chmod 0644 'ftp-backup/id_rsa.pub'
+maybe chmod 0644 'gai.conf'
+maybe chmod 0755 'groff'
+maybe chmod 0644 'groff/man.local'
+maybe chmod 0644 'groff/mdoc.local'
+maybe chmod 0644 'group'
+maybe chmod 0600 'group-'
+maybe chmod 0755 'grub.d'
+maybe chmod 0755 'grub.d/00_header'
+maybe chmod 0755 'grub.d/05_debian_theme'
+maybe chmod 0755 'grub.d/10_linux'
+maybe chmod 0755 'grub.d/20_linux_xen'
+maybe chmod 0755 'grub.d/30_os-prober'
+maybe chmod 0755 'grub.d/30_uefi-firmware'
+maybe chmod 0755 'grub.d/40_custom'
+maybe chmod 0755 'grub.d/41_custom'
+maybe chmod 0644 'grub.d/README'
+maybe chgrp 'shadow' 'gshadow'
+maybe chmod 0640 'gshadow'
+maybe chmod 0600 'gshadow-'
+maybe chmod 0755 'gss'
+maybe chmod 0755 'gss/mech.d'
+maybe chmod 0644 'gss/mech.d/README'
+maybe chmod 0644 'host.conf'
+maybe chmod 0644 'hostname'
+maybe chmod 0644 'hosts'
+maybe chmod 0644 'hosts.allow'
+maybe chmod 0644 'hosts.deny'
+maybe chmod 0755 'init'
+maybe chmod 0755 'init.d'
+maybe chmod 0644 'init.d/README'
+maybe chmod 0755 'init.d/acpid'
+maybe chmod 0755 'init.d/aiccu'
+maybe chmod 0755 'init.d/apache2'
+maybe chmod 0755 'init.d/bind9'
+maybe chmod 0755 'init.d/bootlogs'
+maybe chmod 0755 'init.d/bootmisc.sh'
+maybe chmod 0755 'init.d/checkfs.sh'
+maybe chmod 0755 'init.d/checkroot-bootclean.sh'
+maybe chmod 0755 'init.d/checkroot.sh'
+maybe chmod 0755 'init.d/chrony'
+maybe chmod 0755 'init.d/console-setup'
+maybe chmod 0755 'init.d/cron'
+maybe chmod 0755 'init.d/exim4'
+maybe chmod 0755 'init.d/fail2ban'
+maybe chmod 0755 'init.d/halt'
+maybe chmod 0755 'init.d/haveged'
+maybe chmod 0755 'init.d/hostname.sh'
+maybe chmod 0755 'init.d/hwclock.sh'
+maybe chmod 0755 'init.d/kbd'
+maybe chmod 0755 'init.d/keyboard-setup'
+maybe chmod 0755 'init.d/keymap.sh'
+maybe chmod 0755 'init.d/killprocs'
+maybe chmod 0755 'init.d/kmod'
+maybe chmod 0755 'init.d/lvm2'
+maybe chmod 0755 'init.d/motd'
+maybe chmod 0755 'init.d/mountall-bootclean.sh'
+maybe chmod 0755 'init.d/mountall.sh'
+maybe chmod 0755 'init.d/mountdevsubfs.sh'
+maybe chmod 0755 'init.d/mountkernfs.sh'
+maybe chmod 0755 'init.d/mountnfs-bootclean.sh'
+maybe chmod 0755 'init.d/mountnfs.sh'
+maybe chmod 0755 'init.d/netfilter-persistent'
+maybe chmod 0755 'init.d/networking'
+maybe chmod 0755 'init.d/postfix'
+maybe chmod 0755 'init.d/procps'
+maybe chmod 0755 'init.d/rc'
+maybe chmod 0755 'init.d/rc.local'
+maybe chmod 0755 'init.d/rcS'
+maybe chmod 0755 'init.d/reboot'
+maybe chmod 0755 'init.d/rmnologin'
+maybe chmod 0755 'init.d/rsync'
+maybe chmod 0755 'init.d/rsyslog'
+maybe chmod 0755 'init.d/salt-minion'
+maybe chmod 0755 'init.d/sendsigs'
+maybe chmod 0755 'init.d/single'
+maybe chmod 0644 'init.d/skeleton'
+maybe chmod 0755 'init.d/ssh'
+maybe chmod 0755 'init.d/sudo'
+maybe chmod 0755 'init.d/udev'
+maybe chmod 0755 'init.d/udev-finish'
+maybe chmod 0755 'init.d/ulogd2'
+maybe chmod 0755 'init.d/umountfs'
+maybe chmod 0755 'init.d/umountnfs.sh'
+maybe chmod 0755 'init.d/umountroot'
+maybe chmod 0755 'init.d/urandom'
+maybe chmod 0644 'init/network-interface-container.conf'
+maybe chmod 0644 'init/network-interface-security.conf'
+maybe chmod 0644 'init/network-interface.conf'
+maybe chmod 0644 'init/networking.conf'
+maybe chmod 0644 'init/salt-minion.conf'
+maybe chmod 0644 'init/ssh.conf'
+maybe chmod 0644 'init/startpar-bridge.conf'
+maybe chmod 0644 'init/udev-fallback-graphics.conf'
+maybe chmod 0644 'init/udev-finish.conf'
+maybe chmod 0644 'init/udev.conf'
+maybe chmod 0644 'init/udevmonitor.conf'
+maybe chmod 0644 'init/udevtrigger.conf'
+maybe chmod 0644 'init/ulogd2.conf'
+maybe chmod 0755 'initramfs-tools'
+maybe chmod 0755 'initramfs-tools/conf.d'
+maybe chmod 0755 'initramfs-tools/hooks'
+maybe chmod 0644 'initramfs-tools/initramfs.conf'
+maybe chmod 0644 'initramfs-tools/modules'
+maybe chmod 0755 'initramfs-tools/scripts'
+maybe chmod 0755 'initramfs-tools/scripts/init-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/init-premount'
+maybe chmod 0755 'initramfs-tools/scripts/init-top'
+maybe chmod 0755 'initramfs-tools/scripts/local-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/local-premount'
+maybe chmod 0755 'initramfs-tools/scripts/local-top'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-premount'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-top'
+maybe chmod 0755 'initramfs-tools/scripts/panic'
+maybe chmod 0644 'initramfs-tools/update-initramfs.conf'
+maybe chmod 0644 'inittab'
+maybe chmod 0644 'inittabminion'
+maybe chmod 0644 'inputrc'
+maybe chmod 0644 'inputrc.bak'
+maybe chmod 0755 'insserv'
+maybe chmod 0644 'insserv.conf'
+maybe chmod 0755 'insserv.conf.d'
+maybe chmod 0644 'insserv.conf.d/postfix'
+maybe chmod 0755 'insserv/overrides'
+maybe chmod 0755 'iproute2'
+maybe chmod 0644 'iproute2/ematch_map'
+maybe chmod 0644 'iproute2/group'
+maybe chmod 0644 'iproute2/rt_dsfield'
+maybe chmod 0644 'iproute2/rt_protos'
+maybe chmod 0644 'iproute2/rt_realms'
+maybe chmod 0644 'iproute2/rt_scopes'
+maybe chmod 0644 'iproute2/rt_tables'
+maybe chmod 0755 'iptables'
+maybe chmod 0640 'iptables/rules.v4'
+maybe chmod 0640 'iptables/rules.v6'
+maybe chmod 0755 'iscsi'
+maybe chmod 0600 'iscsi/iscsid.conf'
+maybe chmod 0644 'issue'
+maybe chmod 0644 'issue.net'
+maybe chmod 0755 'kbd'
+maybe chmod 0644 'kbd/config'
+maybe chmod 0644 'kbd/remap'
+maybe chmod 0755 'kernel'
+maybe chmod 0644 'kernel-img.conf'
+maybe chmod 0755 'kernel/postinst.d'
+maybe chmod 0755 'kernel/postinst.d/apt-auto-removal'
+maybe chmod 0755 'kernel/postinst.d/initramfs-tools'
+maybe chmod 0755 'kernel/postinst.d/zz-update-grub'
+maybe chmod 0755 'kernel/postrm.d'
+maybe chmod 0755 'kernel/postrm.d/initramfs-tools'
+maybe chmod 0755 'kernel/postrm.d/zz-update-grub'
+maybe chmod 0644 'ld.so.conf'
+maybe chmod 0755 'ld.so.conf.d'
+maybe chmod 0644 'ld.so.conf.d/libc.conf'
+maybe chmod 0644 'ld.so.conf.d/x86_64-linux-gnu.conf'
+maybe chmod 0755 'ldap'
+maybe chmod 0644 'ldap/ldap.conf'
+maybe chmod 0755 'letsencrypt'
+maybe chmod 0700 'letsencrypt/accounts'
+maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org'
+maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory'
+maybe chmod 0700 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/3de664d2ee4d2a37de88887e1ed54531'
+maybe chmod 0644 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/3de664d2ee4d2a37de88887e1ed54531/meta.json'
+maybe chmod 0400 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/3de664d2ee4d2a37de88887e1ed54531/private_key.json'
+maybe chmod 0644 'letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/3de664d2ee4d2a37de88887e1ed54531/regr.json'
+maybe chmod 0700 'letsencrypt/archive'
+maybe chmod 0755 'letsencrypt/archive/ns1.uhu-banane.de'
+maybe chmod 0644 'letsencrypt/archive/ns1.uhu-banane.de/cert1.pem'
+maybe chmod 0644 'letsencrypt/archive/ns1.uhu-banane.de/chain1.pem'
+maybe chmod 0644 'letsencrypt/archive/ns1.uhu-banane.de/fullchain1.pem'
+maybe chmod 0644 'letsencrypt/archive/ns1.uhu-banane.de/privkey1.pem'
+maybe chmod 0755 'letsencrypt/csr'
+maybe chmod 0644 'letsencrypt/csr/0000_csr-certbot.pem'
+maybe chmod 0700 'letsencrypt/keys'
+maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem'
+maybe chmod 0700 'letsencrypt/live'
+maybe chmod 0755 'letsencrypt/live/ns1.uhu-banane.de'
+maybe chmod 0644 'letsencrypt/options-ssl-apache.conf'
+maybe chmod 0755 'letsencrypt/renewal'
+maybe chmod 0755 'letsencrypt/renewal/ns1.uhu-banane.de.conf'
+maybe chmod 0644 'lftp.conf'
+maybe chmod 0644 'libaudit.conf'
+maybe chmod 0644 'locale.alias'
+maybe chmod 0644 'locale.gen'
+maybe chmod 0644 'locale.gen.bak'
+maybe chmod 0644 'localtime'
+maybe chmod 0755 'logcheck'
+maybe chmod 0755 'logcheck/ignore.d.server'
+maybe chmod 0755 'logcheck/ignore.d.server/libsasl2-modules'
+maybe chmod 0644 'logcheck/ignore.d.server/rsyslog'
+maybe chmod 0644 'login.defs'
+maybe chmod 0644 'logrotate.conf'
+maybe chmod 0755 'logrotate.d'
+maybe chmod 0644 'logrotate.d/apache2'
+maybe chmod 0644 'logrotate.d/apt'
+maybe chmod 0644 'logrotate.d/aptitude'
+maybe chmod 0644 'logrotate.d/bind'
+maybe chmod 0644 'logrotate.d/chrony'
+maybe chmod 0644 'logrotate.d/dpkg'
+maybe chmod 0644 'logrotate.d/exim4-base'
+maybe chmod 0644 'logrotate.d/exim4-paniclog'
+maybe chmod 0644 'logrotate.d/fail2ban'
+maybe chmod 0644 'logrotate.d/rsyslog'
+maybe chmod 0644 'logrotate.d/salt-common'
+maybe chmod 0644 'logrotate.d/ulogd2'
+maybe chmod 0755 'logwatch'
+maybe chmod 0755 'logwatch/conf'
+maybe chmod 0755 'logwatch/conf/logfiles'
+maybe chmod 0755 'logwatch/conf/services'
+maybe chmod 0755 'logwatch/scripts'
+maybe chmod 0755 'logwatch/scripts/services'
+maybe chmod 0755 'lvm'
+maybe chmod 0700 'lvm/archive'
+maybe chmod 0700 'lvm/backup'
+maybe chmod 0600 'lvm/backup/vg00'
+maybe chmod 0644 'lvm/lvm.conf'
+maybe chmod 0444 'machine-id'
+maybe chmod 0644 'magic'
+maybe chmod 0644 'magic.mime'
+maybe chmod 0644 'mail.rc'
+maybe chmod 0644 'mailcap'
+maybe chmod 0644 'mailcap.order'
+maybe chmod 0644 'mailname'
+maybe chmod 0644 'manpath.config'
+maybe chmod 0644 'mime.types'
+maybe chmod 0644 'mke2fs.conf'
+maybe chmod 0755 'modprobe.d'
+maybe chmod 0644 'modprobe.d/fbdev-blacklist.conf'
+maybe chmod 0644 'modules'
+maybe chmod 0644 'motd'
+maybe chmod 0644 'motd.tail'
+maybe chmod 0755 'mysql'
+maybe chmod 0755 'mysql/conf.d'
+maybe chmod 0644 'mysql/conf.d/.keepme'
+maybe chmod 0644 'mysql/conf.d/mariadb.cnf'
+maybe chmod 0644 'mysql/my.cnf'
+maybe chmod 0644 'nanorc'
+maybe chmod 0755 'network'
+maybe chmod 0755 'network/if-down.d'
+maybe chmod 0755 'network/if-down.d/bind9'
+maybe chmod 0755 'network/if-down.d/postfix'
+maybe chmod 0755 'network/if-down.d/upstart'
+maybe chmod 0755 'network/if-post-down.d'
+maybe chmod 0755 'network/if-pre-up.d'
+maybe chmod 0755 'network/if-up.d'
+maybe chmod 0755 'network/if-up.d/bind9'
+maybe chmod 0755 'network/if-up.d/mountnfs'
+maybe chmod 0755 'network/if-up.d/openssh-server'
+maybe chmod 0755 'network/if-up.d/postfix'
+maybe chmod 0755 'network/if-up.d/upstart'
+maybe chmod 0644 'network/interfaces'
+maybe chmod 0755 'network/interfaces.d'
+maybe chmod 0644 'networks'
+maybe chmod 0755 'newt'
+maybe chmod 0644 'newt/palette.original'
+maybe chmod 0644 'nsswitch.conf'
+maybe chmod 0755 'opt'
+maybe chmod 0644 'pam.conf'
+maybe chmod 0755 'pam.d'
+maybe chmod 0644 'pam.d/chfn'
+maybe chmod 0644 'pam.d/chpasswd'
+maybe chmod 0644 'pam.d/chsh'
+maybe chmod 0644 'pam.d/common-account'
+maybe chmod 0644 'pam.d/common-auth'
+maybe chmod 0644 'pam.d/common-password'
+maybe chmod 0644 'pam.d/common-session'
+maybe chmod 0644 'pam.d/common-session-noninteractive'
+maybe chmod 0644 'pam.d/cron'
+maybe chmod 0644 'pam.d/login'
+maybe chmod 0644 'pam.d/newusers'
+maybe chmod 0644 'pam.d/other'
+maybe chmod 0644 'pam.d/passwd'
+maybe chmod 0644 'pam.d/runuser'
+maybe chmod 0644 'pam.d/runuser-l'
+maybe chmod 0644 'pam.d/sshd'
+maybe chmod 0644 'pam.d/su'
+maybe chmod 0644 'pam.d/sudo'
+maybe chmod 0644 'pam.d/systemd-user'
+maybe chmod 0644 'passwd'
+maybe chmod 0644 'passwd-'
+maybe chmod 0755 'perl'
+maybe chmod 0755 'perl/CPAN'
+maybe chmod 0755 'perl/Net'
+maybe chmod 0644 'perl/Net/libnet.cfg'
+maybe chmod 0644 'perl/sitecustomize.pl'
+maybe chmod 0755 'pm'
+maybe chmod 0755 'pm/sleep.d'
+maybe chmod 0755 'pm/sleep.d/60aiccu'
+maybe chmod 0755 'postfix'
+maybe chmod 0644 'postfix/dynamicmaps.cf'
+maybe chmod 0644 'postfix/main.cf'
+maybe chmod 0644 'postfix/master.cf'
+maybe chmod 0744 'postfix/mkpostfixcert'
+maybe chmod 0755 'postfix/post-install'
+maybe chmod 0644 'postfix/postfix-cert.cnf'
+maybe chmod 0644 'postfix/postfix-files'
+maybe chmod 0755 'postfix/postfix-script'
+maybe chmod 0600 'postfix/postfix.pem'
+maybe chmod 0755 'postfix/sasl'
+maybe chmod 0600 'postfix/smtp_auth'
+maybe chmod 0600 'postfix/smtp_auth.db'
+maybe chmod 0755 'ppp'
+maybe chmod 0755 'ppp/ip-down.d'
+maybe chmod 0755 'ppp/ip-down.d/bind9'
+maybe chmod 0755 'ppp/ip-down.d/chrony'
+maybe chmod 0755 'ppp/ip-down.d/postfix'
+maybe chmod 0755 'ppp/ip-up.d'
+maybe chmod 0755 'ppp/ip-up.d/bind9'
+maybe chmod 0755 'ppp/ip-up.d/chrony'
+maybe chmod 0755 'ppp/ip-up.d/exim4'
+maybe chmod 0755 'ppp/ip-up.d/postfix'
+maybe chmod 0644 'profile'
+maybe chmod 0755 'profile.d'
+maybe chmod 0644 'profile.d/Z97-byobu.sh'
+maybe chmod 0644 'profile.d/bash_completion.sh'
+maybe chmod 0644 'profile.d/fbrehm.sh'
+maybe chmod 0644 'protocols'
+maybe chmod 0755 'python'
+maybe chmod 0644 'python/debian_config'
+maybe chmod 0755 'python2.7'
+maybe chmod 0644 'python2.7/sitecustomize.py'
+maybe chmod 0755 'python3'
+maybe chmod 0755 'python3.4'
+maybe chmod 0644 'python3.4/sitecustomize.py'
+maybe chmod 0644 'python3/debian_config'
+maybe chmod 0755 'rc.local'
+maybe chmod 0755 'rc0.d'
+maybe chmod 0644 'rc0.d/README'
+maybe chmod 0755 'rc1.d'
+maybe chmod 0644 'rc1.d/README'
+maybe chmod 0755 'rc2.d'
+maybe chmod 0644 'rc2.d/README'
+maybe chmod 0755 'rc3.d'
+maybe chmod 0644 'rc3.d/README'
+maybe chmod 0755 'rc4.d'
+maybe chmod 0644 'rc4.d/README'
+maybe chmod 0755 'rc5.d'
+maybe chmod 0644 'rc5.d/README'
+maybe chmod 0755 'rc6.d'
+maybe chmod 0644 'rc6.d/README'
+maybe chmod 0755 'rcS.d'
+maybe chmod 0644 'rcS.d/README'
+maybe chmod 0644 'resolv.conf'
+maybe chmod 0755 'resolvconf'
+maybe chmod 0755 'resolvconf/update-libc.d'
+maybe chmod 0755 'resolvconf/update-libc.d/postfix'
+maybe chmod 0755 'rmt'
+maybe chmod 0644 'rpc'
+maybe chmod 0644 'rsyslog.conf'
+maybe chmod 0755 'rsyslog.d'
+maybe chmod 0644 'rsyslog.d/60-default.conf'
+maybe chmod 0644 'rsyslog.d/70-pb.conf'
+maybe chmod 0644 'rsyslog.d/postfix.conf'
+maybe chmod 0755 'salt'
+maybe chmod 0644 'salt/minion'
+maybe chmod 0755 'salt/minion.d'
+maybe chmod 0644 'salt/minion.d/_schedule.conf'
+maybe chmod 0644 'salt/minion_id'
+maybe chmod 0755 'salt/pki'
+maybe chmod 0700 'salt/pki/minion'
+maybe chmod 0400 'salt/pki/minion/minion.pem'
+maybe chmod 0644 'salt/pki/minion/minion.pub'
+maybe chmod 0644 'salt/pki/minion/minion_master.pub'
+maybe chmod 0644 'salt/proxy'
+maybe chmod 0644 'securetty'
+maybe chmod 0755 'security'
+maybe chmod 0644 'security/access.conf'
+maybe chmod 0644 'security/group.conf'
+maybe chmod 0644 'security/limits.conf'
+maybe chmod 0755 'security/limits.d'
+maybe chmod 0644 'security/namespace.conf'
+maybe chmod 0755 'security/namespace.d'
+maybe chmod 0755 'security/namespace.init'
+maybe chmod 0600 'security/opasswd'
+maybe chmod 0644 'security/pam_env.conf'
+maybe chmod 0644 'security/sepermit.conf'
+maybe chmod 0644 'security/time.conf'
+maybe chmod 0755 'selinux'
+maybe chmod 0644 'selinux/semanage.conf'
+maybe chmod 0644 'services'
+maybe chmod 0755 'sgml'
+maybe chmod 0644 'sgml/xml-core.cat'
+maybe chgrp 'shadow' 'shadow'
+maybe chmod 0640 'shadow'
+maybe chmod 0600 'shadow-'
+maybe chmod 0644 'shells'
+maybe chmod 0755 'skel'
+maybe chmod 0644 'skel/.bash_logout'
+maybe chmod 0644 'skel/.bashrc'
+maybe chmod 0644 'skel/.profile'
+maybe chmod 0755 'ssh'
+maybe chmod 0644 'ssh/moduli'
+maybe chmod 0644 'ssh/ssh_config'
+maybe chmod 0600 'ssh/ssh_host_dsa_key'
+maybe chmod 0644 'ssh/ssh_host_dsa_key.pub'
+maybe chmod 0600 'ssh/ssh_host_ecdsa_key'
+maybe chmod 0644 'ssh/ssh_host_ecdsa_key.pub'
+maybe chmod 0600 'ssh/ssh_host_ed25519_key'
+maybe chmod 0644 'ssh/ssh_host_ed25519_key.pub'
+maybe chmod 0600 'ssh/ssh_host_rsa_key'
+maybe chmod 0644 'ssh/ssh_host_rsa_key.pub'
+maybe chmod 0644 'ssh/sshd_config'
+maybe chmod 0755 'ssl'
+maybe chmod 0755 'ssl/certs'
+maybe chmod 0644 'ssl/certs/ca-certificates.crt'
+maybe chmod 0644 'ssl/certs/ssl-cert-snakeoil.pem'
+maybe chmod 0644 'ssl/openssl.cnf'
+maybe chgrp 'ssl-cert' 'ssl/private'
+maybe chmod 0710 'ssl/private'
+maybe chgrp 'ssl-cert' 'ssl/private/ssl-cert-snakeoil.key'
+maybe chmod 0640 'ssl/private/ssl-cert-snakeoil.key'
+maybe chmod 0644 'staff-group-for-usr-local'
+maybe chmod 0644 'subgid'
+maybe chmod 0600 'subgid-'
+maybe chmod 0644 'subuid'
+maybe chmod 0600 'subuid-'
+maybe chmod 0440 'sudoers'
+maybe chmod 0755 'sudoers.d'
+maybe chmod 0440 'sudoers.d/README'
+maybe chmod 0644 'sysctl.conf'
+maybe chmod 0755 'sysctl.d'
+maybe chmod 0644 'sysctl.d/README.sysctl'
+maybe chmod 0755 'systemd'
+maybe chmod 0644 'systemd/bootchart.conf'
+maybe chmod 0644 'systemd/journald.conf'
+maybe chmod 0644 'systemd/logind.conf'
+maybe chmod 0644 'systemd/resolved.conf'
+maybe chmod 0755 'systemd/system'
+maybe chmod 0644 'systemd/system.conf'
+maybe chmod 0755 'systemd/system/default.target.wants'
+maybe chmod 0755 'systemd/system/getty.target.wants'
+maybe chmod 0755 'systemd/system/halt.target.wants'
+maybe chmod 0755 'systemd/system/local-fs.target.wants'
+maybe chmod 0755 'systemd/system/multi-user.target.wants'
+maybe chmod 0755 'systemd/system/paths.target.wants'
+maybe chmod 0755 'systemd/system/poweroff.target.wants'
+maybe chmod 0755 'systemd/system/reboot.target.wants'
+maybe chmod 0755 'systemd/system/sockets.target.wants'
+maybe chmod 0755 'systemd/system/sysinit.target.wants'
+maybe chmod 0644 'systemd/timesyncd.conf'
+maybe chmod 0644 'systemd/user.conf'
+maybe chmod 0755 'terminfo'
+maybe chmod 0644 'terminfo/README'
+maybe chmod 0644 'timezone'
+maybe chmod 0644 'ucf.conf'
+maybe chmod 0755 'udev'
+maybe chmod 0755 'udev/hwdb.d'
+maybe chmod 0755 'udev/rules.d'
+maybe chmod 0644 'udev/rules.d/80-cpu-hotplug.rules'
+maybe chmod 0644 'udev/rules.d/90-memory-hotplug.rules'
+maybe chmod 0644 'udev/udev.conf'
+maybe chmod 0755 'ufw'
+maybe chmod 0755 'ufw/applications.d'
+maybe chmod 0644 'ufw/applications.d/bind9'
+maybe chmod 0644 'ufw/applications.d/openssh-server'
+maybe chmod 0644 'ufw/applications.d/postfix'
+maybe chmod 0600 'ulogd.conf'
+maybe chmod 0644 'updatedb.conf'
+maybe chmod 0755 'vim'
+maybe chmod 0644 'vim/vimrc'
+maybe chmod 0644 'vim/vimrc.local'
+maybe chmod 0644 'vim/vimrc.tiny'
+maybe chmod 0644 'wgetrc'
+maybe chmod 0755 'xml'
+maybe chmod 0644 'xml/catalog'
+maybe chmod 0644 'xml/xml-core.xml'
+maybe chmod 0755 'zsh'
+maybe chmod 0644 'zsh/newuser.zshrc.recommended'
+maybe chmod 0644 'zsh/zlogin'
+maybe chmod 0644 'zsh/zlogout'
+maybe chmod 0644 'zsh/zprofile'
+maybe chmod 0644 'zsh/zshenv'
+maybe chmod 0644 'zsh/zshrc'
--- /dev/null
+# begin section managed by etckeeper (do not edit this section by hand)
+
+# new and old versions of conffiles, stored by dpkg
+*.dpkg-*
+# new and old versions of conffiles, stored by ucf
+*.ucf-*
+
+# old versions of files
+*.old
+
+# mount(8) records system state here, no need to store these
+blkid.tab
+blkid.tab.old
+
+# some other files in /etc that typically do not need to be tracked
+nologin
+ld.so.cache
+prelink.cache
+mtab
+mtab.fuselock
+.pwd.lock
+*.LOCK
+network/run
+adjtime
+lvm/cache
+lvm/archive
+X11/xdm/authdir/authfiles/*
+ntp.conf.dhcp
+.initctl
+webmin/fsdump/*.status
+webmin/webmin/oscache
+apparmor.d/cache/*
+service/*/supervise/*
+service/*/log/supervise/*
+sv/*/supervise/*
+sv/*/log/supervise/*
+*.elc
+*.pyc
+*.pyo
+init.d/.depend.*
+openvpn/openvpn-status.log
+cups/subscriptions.conf
+cups/subscriptions.conf.O
+fake-hwclock.data
+check_mk/logwatch.state
+
+# editor temp files
+*~
+.*.sw?
+.sw?
+\#*\#
+DEADJOE
+
+# end section managed by etckeeper
--- /dev/null
+event=button[ /]power
+action=/etc/acpi/powerbtn-acpi-support.sh
--- /dev/null
+#!/bin/sh
+
+# This script initiates a shutdown when the power putton has been
+# pressed. Loosely based on the sample that ships with the acpid package.
+# If the acpid sample is present as a real config file (as it was in earlier
+# versions of acpid), we skip this script. (Purging and reinstalling acpid
+# resolves this situation, or simply deleting /etc/acpi/events/powerbtn.)
+
+if [ -f /etc/acpi/events/powerbtn -o -f /etc/acpi/events/powerbtn.dpkg-bak ] ; then
+ logger Acpi-support not handling power button, acpid handler exists at /etc/acpi/events/powerbtn or /etc/acpi/events/powerbtn.dpkg-bak.
+ exit 0
+fi
+
+[ -e /usr/share/acpi-support/policy-funcs ] || exit 0
+
+. /usr/share/acpi-support/policy-funcs
+
+if { CheckPolicy || HasLogindAndSystemd1Manager; }; then
+ exit 0
+fi
+
+if [ -x /etc/acpi/powerbtn.sh ] ; then
+ # Compatibility with old config script from acpid package
+ /etc/acpi/powerbtn.sh
+elif [ -x /etc/acpi/powerbtn.sh.dpkg-bak ] ; then
+ # Compatibility with old config script from acpid package
+ # which is still around because it was changed by the admin
+ /etc/acpi/powerbtn.sh.dpkg-bak
+else
+ # Normal handling.
+ /sbin/shutdown -h -P now "Power button pressed"
+fi
+
--- /dev/null
+# /etc/adduser.conf: `adduser' configuration.
+# See adduser(8) and adduser.conf(5) for full documentation.
+
+# The DSHELL variable specifies the default login shell on your
+# system.
+DSHELL=/bin/bash
+
+# The DHOME variable specifies the directory containing users' home
+# directories.
+DHOME=/home
+
+# If GROUPHOMES is "yes", then the home directories will be created as
+# /home/groupname/user.
+GROUPHOMES=no
+
+# If LETTERHOMES is "yes", then the created home directories will have
+# an extra directory - the first letter of the user name. For example:
+# /home/u/user.
+LETTERHOMES=no
+
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+
+# FIRST_SYSTEM_[GU]ID to LAST_SYSTEM_[GU]ID inclusive is the range for UIDs
+# for dynamically allocated administrative and system accounts/groups.
+# Please note that system software, such as the users allocated by the base-passwd
+# package, may assume that UIDs less than 100 are unallocated.
+FIRST_SYSTEM_UID=100
+LAST_SYSTEM_UID=999
+
+FIRST_SYSTEM_GID=100
+LAST_SYSTEM_GID=999
+
+# FIRST_[GU]ID to LAST_[GU]ID inclusive is the range of UIDs of dynamically
+# allocated user accounts/groups.
+FIRST_UID=1000
+LAST_UID=29999
+
+FIRST_GID=1000
+LAST_GID=29999
+
+# The USERGROUPS variable can be either "yes" or "no". If "yes" each
+# created user will be given their own group to use as a default. If
+# "no", each created user will be placed in the group whose gid is
+# USERS_GID (see below).
+USERGROUPS=yes
+
+# If USERGROUPS is "no", then USERS_GID should be the GID of the group
+# `users' (or the equivalent group) on your system.
+USERS_GID=100
+
+# If DIR_MODE is set, directories will be created with the specified
+# mode. Otherwise the default mode 0755 will be used.
+DIR_MODE=0755
+
+# If SETGID_HOME is "yes" home directories for users with their own
+# group the setgid bit will be set. This was the default for
+# versions << 3.13 of adduser. Because it has some bad side effects we
+# no longer do this per default. If you want it nevertheless you can
+# still set it here.
+SETGID_HOME=no
+
+# If QUOTAUSER is set, a default quota will be set from that user with
+# `edquota -p QUOTAUSER newuser'
+QUOTAUSER=""
+
+# If SKEL_IGNORE_REGEX is set, adduser will ignore files matching this
+# regular expression when creating a new home directory
+SKEL_IGNORE_REGEX="dpkg-(old|new|dist|save)"
+
+# Set this if you want the --add_extra_groups option to adduser to add
+# new users to other groups.
+# This is the list of groups that new non-system users will be added to
+# Default:
+#EXTRA_GROUPS="dialout cdrom floppy audio video plugdev users"
+
+# If ADD_EXTRA_GROUPS is set to something non-zero, the EXTRA_GROUPS
+# option above will be default behavior for adding new, non-system users
+#ADD_EXTRA_GROUPS=1
+
+
+# check user and group names also against this regular expression.
+#NAME_REGEX="^[a-z][-a-z0-9_]*\$"
--- /dev/null
+# Under control from debconf, please use 'dpkg-reconfigure aiccu' to reconfigure
+# AICCU Configuration
+
+# Login information (defaults: none)
+username FBT6-SIXXS
+password EMsiWgsus
+
+# Protocol and server to use for setting up the tunnel (defaults: none)
+protocol tic
+server tic.sixxs.net
+
+# Interface names to use (default: aiccu)
+# ipv6_interface is the name of the interface that will be used as a tunnel interface.
+# On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels
+# or tunX (eg tun0) for AYIYA tunnels.
+ipv6_interface sixxs
+
+# The tunnel_id to use (default: none)
+# (only required when there are multiple tunnels in the list)
+tunnel_id T50297
+
+# Be verbose? (default: false)
+verbose false
+
+# Daemonize? (default: true)
+# Set to false if you want to see any output
+# When true output goes to syslog
+#
+# WARNING: never run AICCU from DaemonTools or a similar automated
+# 'restart' tool/script. When AICCU does not start, it has a reason
+# not to start which it gives on either the stdout or in the (sys)log
+# file. The TIC server *will* automatically disable accounts which
+# are detected to run in this mode.
+#
+daemonize true
+
+# Automatic Login and Tunnel activation?
+automatic true
+
+# Require TLS?
+# When set to true, if TLS is not supported on the server
+# the TIC transaction will fail.
+# When set to false, it will try a starttls, when that is
+# not supported it will continue.
+# In any case if AICCU is build with TLS support it will
+# try to do a 'starttls' to the TIC server to see if that
+# is supported.
+requiretls false
+
+# PID File
+#pidfile /var/run/aiccu.pid
+
+# Add a default route (default: true)
+#defaultroute true
+
+# Script to run after setting up the interfaces (default: none)
+#setupscript /usr/local/etc/aiccu-subnets.sh
+
+# Make heartbeats (default true)
+# In general you don't want to turn this off
+# Of course only applies to AYIYA and heartbeat tunnels not to static ones
+#makebeats true
+
+# Don't configure anything (default: false)
+#noconfigure true
+
+# Behind NAT (default: false)
+# Notify the user that a NAT-kind network is detected
+#behindnat true
+
+# Local IPv4 Override (default: none)
+# Overrides the IPv4 parameter received from TIC
+# This allows one to configure a NAT into "DMZ" mode and then
+# forwarding the proto-41 packets to an internal host.
+#
+# This is only needed for static proto-41 tunnels!
+# AYIYA and heartbeat tunnels don't require this.
+#local_ipv4_override
+
--- /dev/null
+# See man 5 aliases for format
+MAILER-DAEMON: postmaster
+postmaster: root
+root: frank
+
+# General redirections for pseudo accounts.
+adm: root
+bin: root
+daemon: root
+exim: root
+lp: root
+mail: root
+named: root
+nobody: root
+postfix: root
+
+# Well-known aliases -- these should be filled in!
+# root:
+# operator:
+
+# Standard RFC2142 aliases
+abuse: postmaster
+ftp: root
+hostmaster: root
+news: usenet
+noc: root
+security: root
+usenet: root
+uucp: root
+webmaster: root
+www: webmaster
+
+# trap decode to catch security attacks
+# decode: /dev/null
+
+# Persönliche Aliase
+
+# Frank Brehm
+frank: frank@brehm-online.com
+fbr: frank
+brehm: frank
+fbrehm: frank
+f.brehm: frank
+f-brehm: frank
+frank.brehm: frank
+frank-brehm: frank
+
+
+
--- /dev/null
+/usr/bin/bsd-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-mailx.1.gz
\ No newline at end of file
--- /dev/null
+Please read the update-alternatives(8) man page for information on this
+directory and its contents.
--- /dev/null
+/usr/bin/aptitude-curses
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/cs/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/de/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/es/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fi/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/gl/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/gawk
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/gawk.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man7/bash-builtins.7.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/figlet-figlet
\ No newline at end of file
--- /dev/null
+/usr/share/man/man6/figlet-figlet.6.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-from
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-from.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/netkit-ftp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/netkit-ftp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/lft.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/lft.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/mlocate
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mlocate.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzcat
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzcat.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzcmp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzcmp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzdiff
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzdiff.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzegrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzegrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzfgrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzfgrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzgrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzgrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzless
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzless.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xz.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzmore
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzmore.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-mailx.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-mailx.1.gz
\ No newline at end of file
--- /dev/null
+/bin/mt-gnu
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mt-gnu.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/gawk
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/gawk.1.gz
\ No newline at end of file
--- /dev/null
+/bin/nc.traditional
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nc.traditional.1.gz
\ No newline at end of file
--- /dev/null
+/bin/nc.traditional
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nc.traditional.1.gz
\ No newline at end of file
--- /dev/null
+/bin/less
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/less.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/python2-pbr
\ No newline at end of file
--- /dev/null
+/bin/nano
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nano.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/scp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/scp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/file-rename
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/file-rename.1p.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/slogin
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/slogin.1.gz
\ No newline at end of file
--- /dev/null
+/usr/sbin/rmt-tar
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/rmt-tar.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/ssh
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/ssh.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/zsh.1.gz
\ No newline at end of file
--- /dev/null
+/usr/sbin/tcptraceroute.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/tcptraceroute.db.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceproto.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceproto.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceroute.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute.db
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute6.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceroute6.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/unxz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/unxz.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/updatedb.mlocate
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/w.procps
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/w.procps.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-write
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-write.1.gz
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+# This is the main Apache server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See http://httpd.apache.org/docs/2.4/ for detailed information about
+# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
+# hints.
+#
+#
+# Summary of how the Apache 2 configuration works in Debian:
+# The Apache 2 web server configuration in Debian is quite different to
+# upstream's suggested way to configure the web server. This is because Debian's
+# default Apache2 installation attempts to make adding and removing modules,
+# virtual hosts, and extra configuration directives as flexible as possible, in
+# order to make automating the changes and administering the server as easy as
+# possible.
+
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `-- ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf-enabled
+# | `-- *.conf
+# `-- sites-enabled
+# `-- *.conf
+#
+#
+# * apache2.conf is the main configuration file (this file). It puts the pieces
+# together by including all remaining configuration files when starting up the
+# web server.
+#
+# * ports.conf is always included from the main configuration file. It is
+# supposed to determine listening ports for incoming connections which can be
+# customized anytime.
+#
+# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
+# directories contain particular configuration snippets which manage modules,
+# global configuration fragments, or virtual host configurations,
+# respectively.
+#
+# They are activated by symlinking available configuration files from their
+# respective *-available/ counterparts. These should be managed by using our
+# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
+# their respective man pages for detailed information.
+#
+# * The binary is called apache2. Due to the use of environment variables, in
+# the default configuration, apache2 needs to be started/stopped with
+# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
+# work with the default configuration.
+
+
+# Global configuration
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE! If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the Mutex documentation (available
+# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+#ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+Mutex file:${APACHE_LOCK_DIR} default
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the severity of messages logged to the error_log.
+# Available values: trace8, ..., trace1, debug, info, notice, warn,
+# error, crit, alert, emerg.
+# It is also possible to configure the log level for particular modules, e.g.
+# "LogLevel info ssl:warn"
+#
+LogLevel warn
+
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem outside of /usr/share and /var/www.
+# The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server. If
+# your system is serving content from a sub-directory in /srv you must allow
+# access here, or in any related virtual host.
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Require all denied
+</Directory>
+
+<Directory /usr/share>
+ AllowOverride None
+ Require all granted
+</Directory>
+
+<Directory /var/www/>
+ Options Indexes FollowSymLinks
+ AllowOverride None
+ Require all granted
+</Directory>
+
+#<Directory /srv/>
+# Options Indexes FollowSymLinks
+# AllowOverride None
+# Require all granted
+#</Directory>
+
+
+
+
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<FilesMatch "^\.ht">
+ Require all denied
+</FilesMatch>
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive.
+#
+# These deviate from the Common Log Format definitions in that they use %O
+# (the actual bytes sent including headers) instead of %b (the size of the
+# requested file), because the latter makes it impossible to detect partial
+# requests.
+#
+# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
+# Use mod_remoteip instead.
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see README.Debian for details.
+
+# Include generic snippets of statements
+IncludeOptional conf-enabled/*.conf
+
+# Include the virtual host configurations:
+IncludeOptional sites-enabled/*.conf
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Read the documentation before enabling AddDefaultCharset.
+# In general, it is only a good idea if you know that all your files
+# have this encoding. It will override any encoding given in the files
+# in meta http-equiv or xml encoding tags.
+
+#AddDefaultCharset UTF-8
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\"" full_combined
+
+<IfModule logio_module>
+ # You need to enable mod_logio.c to use %I and %O
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%T\" \"%v\" \"%f\" %I %O" full_io
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+ LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio
+</IfModule>
+
+# vim: filetype=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Customizable error responses come in three flavors:
+# 1) plain text
+# 2) local redirects
+# 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# Putting this all together, we can internationalize error responses.
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections. We use
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+#Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
+# even on a per-VirtualHost basis. If you include the Alias in the global server
+# context, is has to come _before_ the 'Alias /error/ ...' line.
+#
+# The default include files will display your Apache version number and your
+# ServerAdmin email address regardless of the setting of ServerSignature.
+#
+# WARNING: The configuration below will NOT work out of the box if you have a
+# SetHandler directive in a <Location /> context somewhere. Adding
+# the following three lines AFTER the <Location /> context should
+# make it work in most cases:
+# <Location /error/>
+# SetHandler none
+# </Location>
+#
+# The internationalized error documents require mod_alias, mod_include
+# and mod_negotiation. To activate them, uncomment the following 37 lines.
+
+#<IfModule mod_negotiation.c>
+# <IfModule mod_include.c>
+# <IfModule mod_alias.c>
+#
+# Alias /error/ "/usr/share/apache2/error/"
+#
+# <Directory "/usr/share/apache2/error">
+# Options IncludesNoExec
+# AddOutputFilter Includes html
+# AddHandler type-map var
+# Order allow,deny
+# Allow from all
+# LanguagePriority en cs de es fr it nl sv pt-br ro
+# ForceLanguagePriority Prefer Fallback
+# </Directory>
+#
+# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+# ErrorDocument 410 /error/HTTP_GONE.html.var
+# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+# </IfModule>
+# </IfModule>
+#</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Define an access log for VirtualHosts that don't define their own logfile
+CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+#
+# Disable access to the entire file system except for the directories that
+# are explicitly allowed later.
+#
+# This currently breaks the configurations that come with some web application
+# Debian packages.
+#
+#<Directory />
+# AllowOverride None
+# Order Deny,Allow
+# Deny from all
+#</Directory>
+
+
+# Changing the following options will not really affect the security of the
+# server, but might make attacks slightly more difficult in some cases.
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of: Full | OS | Minimal | Minor | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#ServerTokens Minimal
+ServerTokens OS
+#ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of: On | Off | EMail
+#ServerSignature Off
+ServerSignature On
+
+#
+# Allow TRACE method
+#
+# Set to "extended" to also reflect the request body (only for testing and
+# diagnostic purposes).
+#
+# Set to one of: On | Off | extended
+TraceEnable Off
+#TraceEnable On
+
+#
+# Forbid access to version control directories
+#
+# If you use version control systems in your document root, you should
+# probably deny access to their directories. For example, for subversion:
+#
+#<DirectoryMatch "/\.svn">
+# Require all denied
+#</DirectoryMatch>
+
+#
+# Setting this header will prevent MSIE from interpreting files as something
+# else than declared by the content type in the HTTP headers.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Content-Type-Options: "nosniff"
+
+#
+# Setting this header will prevent other sites from embedding pages from this
+# site as frames. This defends against clickjacking attacks.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Frame-Options: "sameorigin"
+
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+<IfModule mod_alias.c>
+ <IfModule mod_cgi.c>
+ Define ENABLE_USR_LIB_CGI_BIN
+ </IfModule>
+
+ <IfModule mod_cgid.c>
+ Define ENABLE_USR_LIB_CGI_BIN
+ </IfModule>
+
+ <IfDefine ENABLE_USR_LIB_CGI_BIN>
+ ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+ <Directory "/usr/lib/cgi-bin">
+ AllowOverride None
+ Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+ Require all granted
+ </Directory>
+ </IfDefine>
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+../conf-available/charset.conf
\ No newline at end of file
--- /dev/null
+../conf-available/custom-log.conf
\ No newline at end of file
--- /dev/null
+../conf-available/localized-error-pages.conf
\ No newline at end of file
--- /dev/null
+../conf-available/other-vhosts-access-log.conf
\ No newline at end of file
--- /dev/null
+../conf-available/security.conf
\ No newline at end of file
--- /dev/null
+../conf-available/serve-cgi-bin.conf
\ No newline at end of file
--- /dev/null
+# envvars - default environment variables for apache2ctl
+
+# this won't be correct after changing uid
+unset HOME
+
+# for supporting multiple apache2 instances
+if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
+ SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
+else
+ SUFFIX=
+fi
+
+# Since there is no sane way to get the parsed apache2 config in scripts, some
+# settings are defined via environment variables and then used in apache2ctl,
+# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
+export APACHE_RUN_USER=www-data
+export APACHE_RUN_GROUP=www-data
+# temporary state file location. This might be changed to /run in Wheezy+1
+export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid
+export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
+export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
+# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
+export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
+
+## The locale used by some modules like mod_dav
+export LANG=C
+## Uncomment the following line to use the system default locale instead:
+#. /etc/default/locale
+
+export LANG
+
+## The command to get the status for 'apache2ctl status'.
+## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
+#export APACHE_LYNX='www-browser -dump'
+
+## If you need a higher file descriptor limit, uncomment and adjust the
+## following line (default is 8192):
+#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'
+
+## If you would like to pass arguments to the web server, add them below
+## to the APACHE_ARGUMENTS environment.
+#export APACHE_ARGUMENTS=''
+
+## Enable the debug mode for maintainer scripts.
+## This will produce a verbose output on package installations of web server modules and web application
+## installations which interact with Apache
+#export APACHE2_MAINTSCRIPT_DEBUG=1
--- /dev/null
+# Magic data for mod_mime_magic (originally for file(1) command)
+#
+# The format is 4-5 columns:
+# Column #1: byte number to begin checking from, ">" indicates continuation
+# Column #2: type of data to match
+# Column #3: contents of data to match
+# Column #4: MIME type of result
+# Column #5: MIME encoding of result (optional)
+
+#------------------------------------------------------------------------------
+# Localstuff: file(1) magic for locally observed files
+# Add any locally observed files here.
+
+# Real Audio (Magic .ra\0375)
+0 belong 0x2e7261fd audio/x-pn-realaudio
+0 string .RMF application/vnd.rn-realmedia
+
+#video/x-pn-realvideo
+#video/vnd.rn-realvideo
+#application/vnd.rn-realmedia
+# sigh, there are many mimes for that but the above are the most common.
+
+# Taken from magic, converted to magic.mime
+# mime types according to http://www.geocities.com/nevilo/mod.htm:
+# audio/it .it
+# audio/x-zipped-it .itz
+# audio/xm fasttracker modules
+# audio/x-s3m screamtracker modules
+# audio/s3m screamtracker modules
+# audio/x-zipped-mod mdz
+# audio/mod mod
+# audio/x-mod All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z)
+
+# Taken from loader code from mikmod version 2.14
+# by Steve McIntyre (stevem@chiark.greenend.org.uk)
+# <doj@cubic.org> added title printing on 2003-06-24
+0 string MAS_UTrack_V00
+>14 string >/0 audio/x-mod
+#audio/x-tracker-module
+
+#0 string UN05 MikMod UNI format module sound data
+
+0 string Extended\ Module: audio/x-mod
+#audio/x-tracker-module
+##>17 string >\0 Title: "%s"
+
+21 string/c \!SCREAM! audio/x-mod
+#audio/x-screamtracker-module
+21 string BMOD2STM audio/x-mod
+#audio/x-screamtracker-module
+1080 string M.K. audio/x-mod
+#audio/x-protracker-module
+#>0 string >\0 Title: "%s"
+1080 string M!K! audio/x-mod
+#audio/x-protracker-module
+#>0 string >\0 Title: "%s"
+1080 string FLT4 audio/x-mod
+#audio/x-startracker-module
+#>0 string >\0 Title: "%s"
+1080 string FLT8 audio/x-mod
+#audio/x-startracker-module
+#>0 string >\0 Title: "%s"
+1080 string 4CHN audio/x-mod
+#audio/x-fasttracker-module
+#>0 string >\0 Title: "%s"
+1080 string 6CHN audio/x-mod
+#audio/x-fasttracker-module
+#>0 string >\0 Title: "%s"
+1080 string 8CHN audio/x-mod
+#audio/x-fasttracker-module
+#>0 string >\0 Title: "%s"
+1080 string CD81 audio/x-mod
+#audio/x-oktalyzer-tracker-module
+#>0 string >\0 Title: "%s"
+1080 string OKTA audio/x-mod
+#audio/x-oktalyzer-tracker-module
+#>0 string >\0 Title: "%s"
+# Not good enough.
+#1082 string CH
+#>1080 string >/0 %.2s-channel Fasttracker "oktalyzer" module sound data
+1080 string 16CN audio/x-mod
+#audio/x-taketracker-module
+#>0 string >\0 Title: "%s"
+1080 string 32CN audio/x-mod
+#audio/x-taketracker-module
+#>0 string >\0 Title: "%s"
+
+# Impuse tracker module (it)
+0 string IMPM audio/x-mod
+#>4 string >\0 "%s"
+#>40 leshort !0 compatible w/ITv%x
+#>42 leshort !0 created w/ITv%x
+
+#------------------------------------------------------------------------------
+# end local stuff
+#------------------------------------------------------------------------------
+
+# xml based formats!
+
+# svg
+
+0 string \<?xml
+# text/xml
+>38 string \<\!DOCTYPE\040svg image/svg+xml
+
+
+# xml
+0 string \<?xml text/xml
+
+
+#------------------------------------------------------------------------------
+# Java
+
+0 short 0xcafe
+>2 short 0xbabe application/java
+
+#------------------------------------------------------------------------------
+# audio: file(1) magic for sound formats
+#
+# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
+#
+
+# Sun/NeXT audio data
+0 string .snd
+>12 belong 1 audio/basic
+>12 belong 2 audio/basic
+>12 belong 3 audio/basic
+>12 belong 4 audio/basic
+>12 belong 5 audio/basic
+>12 belong 6 audio/basic
+>12 belong 7 audio/basic
+
+>12 belong 23 audio/x-adpcm
+
+# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
+# that uses little-endian encoding and has a different magic number
+# (0x0064732E in little-endian encoding).
+0 lelong 0x0064732E
+>12 lelong 1 audio/x-dec-basic
+>12 lelong 2 audio/x-dec-basic
+>12 lelong 3 audio/x-dec-basic
+>12 lelong 4 audio/x-dec-basic
+>12 lelong 5 audio/x-dec-basic
+>12 lelong 6 audio/x-dec-basic
+>12 lelong 7 audio/x-dec-basic
+# compressed (G.721 ADPCM)
+>12 lelong 23 audio/x-dec-adpcm
+
+# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
+# AIFF audio data
+8 string AIFF audio/x-aiff
+# AIFF-C audio data
+8 string AIFC audio/x-aiff
+# IFF/8SVX audio data
+8 string 8SVX audio/x-aiff
+
+
+
+# Creative Labs AUDIO stuff
+# Standard MIDI data
+0 string MThd audio/unknown
+#>9 byte >0 (format %d)
+#>11 byte >1 using %d channels
+# Creative Music (CMF) data
+0 string CTMF audio/unknown
+# SoundBlaster instrument data
+0 string SBI audio/unknown
+# Creative Labs voice data
+0 string Creative\ Voice\ File audio/unknown
+## is this next line right? it came this way...
+#>19 byte 0x1A
+#>23 byte >0 - version %d
+#>22 byte >0 \b.%d
+
+# [GRR 950115: is this also Creative Labs? Guessing that first line
+# should be string instead of unknown-endian long...]
+#0 long 0x4e54524b MultiTrack sound data
+#0 string NTRK MultiTrack sound data
+#>4 long x - version %ld
+
+# Microsoft WAVE format (*.wav)
+# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
+# Microsoft RIFF
+0 string RIFF
+# - WAVE format
+>8 string WAVE audio/x-wav
+>8 string/B AVI video/x-msvideo
+#
+>8 string CDRA image/x-coreldraw
+
+# AAC (aka MPEG-2 NBC)
+0 beshort&0xfff6 0xfff0 audio/X-HX-AAC-ADTS
+0 string ADIF audio/X-HX-AAC-ADIF
+0 beshort&0xffe0 0x56e0 audio/MP4A-LATM
+0 beshort 0x4De1 audio/MP4A-LATM
+
+# MPEG Layer 3 sound files
+0 beshort&0xfffe =0xfffa audio/mpeg
+#MP3 with ID3 tag
+0 string ID3 audio/mpeg
+# Ogg/Vorbis
+0 string OggS application/ogg
+
+#------------------------------------------------------------------------------
+# c-lang: file(1) magic for C programs or various scripts
+#
+
+# XPM icons (Greg Roelofs, newt@uchicago.edu)
+# ideally should go into "images", but entries below would tag XPM as C source
+0 string /*\ XPM image/x-xpmi 7bit
+
+# 3DS (3d Studio files)
+#16 beshort 0x3d3d image/x-3ds
+
+# this first will upset you if you're a PL/1 shop... (are there any left?)
+# in which case rm it; ascmagic will catch real C programs
+# C or REXX program text
+#0 string /* text/x-c
+# C++ program text
+#0 string // text/x-c++
+
+#------------------------------------------------------------------------------
+# commands: file(1) magic for various shells and interpreters
+#
+#0 string :\ shell archive or commands for antique kernel text
+0 string #!/bin/sh application/x-shellscript
+0 string #!\ /bin/sh application/x-shellscript
+0 string #!/bin/csh application/x-shellscript
+0 string #!\ /bin/csh application/x-shellscript
+# korn shell magic, sent by George Wu, gwu@clyde.att.com
+0 string #!/bin/ksh application/x-shellscript
+0 string #!\ /bin/ksh application/x-shellscript
+0 string #!/bin/tcsh application/x-shellscript
+0 string #!\ /bin/tcsh application/x-shellscript
+0 string #!/usr/local/tcsh application/x-shellscript
+0 string #!\ /usr/local/tcsh application/x-shellscript
+0 string #!/usr/local/bin/tcsh application/x-shellscript
+0 string #!\ /usr/local/bin/tcsh application/x-shellscript
+# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+0 string #!/bin/bash application/x-shellscript
+0 string #!\ /bin/bash application/x-shellscript
+0 string #!/usr/local/bin/bash application/x-shellscript
+0 string #!\ /usr/local/bin/bash application/x-shellscript
+
+#
+# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson)
+0 string #!/bin/zsh application/x-shellscript
+0 string #!/usr/bin/zsh application/x-shellscript
+0 string #!/usr/local/bin/zsh application/x-shellscript
+0 string #!\ /usr/local/bin/zsh application/x-shellscript
+0 string #!/usr/local/bin/ash application/x-shellscript
+0 string #!\ /usr/local/bin/ash application/x-shellscript
+#0 string #!/usr/local/bin/ae Neil Brown's ae
+#0 string #!\ /usr/local/bin/ae Neil Brown's ae
+0 string #!/bin/nawk application/x-nawk
+0 string #!\ /bin/nawk application/x-nawk
+0 string #!/usr/bin/nawk application/x-nawk
+0 string #!\ /usr/bin/nawk application/x-nawk
+0 string #!/usr/local/bin/nawk application/x-nawk
+0 string #!\ /usr/local/bin/nawk application/x-nawk
+0 string #!/bin/gawk application/x-gawk
+0 string #!\ /bin/gawk application/x-gawk
+0 string #!/usr/bin/gawk application/x-gawk
+0 string #!\ /usr/bin/gawk application/x-gawk
+0 string #!/usr/local/bin/gawk application/x-gawk
+0 string #!\ /usr/local/bin/gawk application/x-gawk
+#
+0 string #!/bin/awk application/x-awk
+0 string #!\ /bin/awk application/x-awk
+0 string #!/usr/bin/awk application/x-awk
+0 string #!\ /usr/bin/awk application/x-awk
+# update to distinguish from *.vcf files by Joerg Jenderek: joerg dot jenderek at web dot de
+#0 regex BEGIN[[:space:]]*[{] application/x-awk
+
+# For Larry Wall's perl language. The ``eval'' line recognizes an
+# outrageously clever hack for USG systems.
+# Keith Waclena <keith@cerberus.uchicago.edu>
+0 string #!/bin/perl application/x-perl
+0 string #!\ /bin/perl application/x-perl
+0 string eval\ "exec\ /bin/perl application/x-perl
+0 string #!/usr/bin/perl application/x-perl
+0 string #!\ /usr/bin/perl application/x-perl
+0 string eval\ "exec\ /usr/bin/perl application/x-perl
+0 string #!/usr/local/bin/perl application/x-perl
+0 string #!\ /usr/local/bin/perl application/x-perl
+0 string eval\ "exec\ /usr/local/bin/perl application/x-perl
+
+#------------------------------------------------------------------------------
+# compress: file(1) magic for pure-compression formats (no archives)
+#
+# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
+#
+# Formats for various forms of compressed data
+# Formats for "compress" proper have been moved into "compress.c",
+# because it tries to uncompress it to figure out what's inside.
+
+# standard unix compress
+#0 string \037\235 application/x-compress
+
+# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
+#0 string \037\213 application/x-gzip
+
+0 string PK\003\004 application/x-zip
+
+# RAR archiver (Greg Roelofs, newt@uchicago.edu)
+0 string Rar! application/x-rar
+
+# According to gzip.h, this is the correct byte order for packed data.
+0 string \037\036 application/octet-stream
+#
+# This magic number is byte-order-independent.
+#
+0 short 017437 application/octet-stream
+
+# XXX - why *two* entries for "compacted data", one of which is
+# byte-order independent, and one of which is byte-order dependent?
+#
+# compacted data
+0 short 0x1fff application/octet-stream
+0 string \377\037 application/octet-stream
+# huf output
+0 short 0145405 application/octet-stream
+
+# Squeeze and Crunch...
+# These numbers were gleaned from the Unix versions of the programs to
+# handle these formats. Note that I can only uncrunch, not crunch, and
+# I didn't have a crunched file handy, so the crunch number is untested.
+# Keith Waclena <keith@cerberus.uchicago.edu>
+#0 leshort 0x76FF squeezed data (CP/M, DOS)
+#0 leshort 0x76FE crunched data (CP/M, DOS)
+
+# Freeze
+#0 string \037\237 Frozen file 2.1
+#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
+
+# lzh?
+#0 string \037\240 LZH compressed data
+
+257 string ustar\0 application/x-tar posix
+257 string ustar\040\040\0 application/x-tar gnu
+
+0 short 070707 application/x-cpio
+0 short 0143561 application/x-cpio swapped
+
+0 string =<ar> application/x-archive
+0 string \!<arch> application/x-archive
+>8 string debian application/x-debian-package
+
+#------------------------------------------------------------------------------
+#
+# RPM: file(1) magic for Red Hat Packages Erik Troan (ewt@redhat.com)
+#
+0 beshort 0xedab
+>2 beshort 0xeedb application/x-rpm
+
+0 lelong&0x8080ffff 0x0000081a application/x-arc lzw
+0 lelong&0x8080ffff 0x0000091a application/x-arc squashed
+0 lelong&0x8080ffff 0x0000021a application/x-arc uncompressed
+0 lelong&0x8080ffff 0x0000031a application/x-arc packed
+0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed
+0 lelong&0x8080ffff 0x0000061a application/x-arc crunched
+
+0 leshort 0xea60 application/x-arj
+
+# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
+2 string -lh0- application/x-lharc lh0
+2 string -lh1- application/x-lharc lh1
+2 string -lz4- application/x-lharc lz4
+2 string -lz5- application/x-lharc lz5
+# [never seen any but the last; -lh4- reported in comp.compression:]
+2 string -lzs- application/x-lha lzs
+2 string -lh\ - application/x-lha lh
+2 string -lhd- application/x-lha lhd
+2 string -lh2- application/x-lha lh2
+2 string -lh3- application/x-lha lh3
+2 string -lh4- application/x-lha lh4
+2 string -lh5- application/x-lha lh5
+2 string -lh6- application/x-lha lh6
+2 string -lh7- application/x-lha lh7
+# Shell archives
+10 string #\ This\ is\ a\ shell\ archive application/octet-stream x-shell
+
+#------------------------------------------------------------------------------
+# frame: file(1) magic for FrameMaker files
+#
+# This stuff came on a FrameMaker demo tape, most of which is
+# copyright, but this file is "published" as witness the following:
+#
+0 string \<MakerFile application/x-frame
+0 string \<MIFFile application/x-frame
+0 string \<MakerDictionary application/x-frame
+0 string \<MakerScreenFon application/x-frame
+0 string \<MML application/x-frame
+0 string \<Book application/x-frame
+0 string \<Maker application/x-frame
+
+#------------------------------------------------------------------------------
+# html: file(1) magic for HTML (HyperText Markup Language) docs
+#
+# from Daniel Quinlan <quinlan@yggdrasil.com>
+#
+0 string/cB \<!DOCTYPE\ html text/html
+0 string/cb \<head text/html
+0 string/cb \<title text/html
+0 string/bc \<html text/html
+0 string \<!-- text/html
+0 string/c \<h1 text/html
+
+0 string \<?xml text/xml
+
+#------------------------------------------------------------------------------
+# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
+#
+# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
+# additions by janl@ifi.uio.no as well as others. Jan also suggested
+# merging several one- and two-line files into here.
+#
+# XXX - byte order for GIF and TIFF fields?
+# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
+#
+
+# [GRR: what the hell is this doing in here?]
+#0 string xbtoa btoa'd file
+
+# PBMPLUS
+# PBM file
+0 string P1 image/x-portable-bitmap 7bit
+# PGM file
+0 string P2 image/x-portable-greymap 7bit
+# PPM file
+0 string P3 image/x-portable-pixmap 7bit
+# PBM "rawbits" file
+0 string P4 image/x-portable-bitmap
+# PGM "rawbits" file
+0 string P5 image/x-portable-greymap
+# PPM "rawbits" file
+0 string P6 image/x-portable-pixmap
+
+# NIFF (Navy Interchange File Format, a modification of TIFF)
+# [GRR: this *must* go before TIFF]
+0 string IIN1 image/x-niff
+
+# TIFF and friends
+# TIFF file, big-endian
+0 string MM image/tiff
+# TIFF file, little-endian
+0 string II image/tiff
+
+# possible GIF replacements; none yet released!
+# (Greg Roelofs, newt@uchicago.edu)
+#
+# GRR 950115: this was mine ("Zip GIF"):
+# ZIF image (GIF+deflate alpha)
+0 string GIF94z image/unknown
+#
+# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
+# FGF image (GIF+deflate beta)
+0 string FGF95a image/unknown
+#
+# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
+# (best; not yet implemented):
+# PBF image (deflate compression)
+0 string PBF image/unknown
+
+# GIF
+0 string GIF image/gif
+
+# JPEG images
+0 beshort 0xffd8 image/jpeg
+
+# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
+0 string BM image/x-ms-bmp
+#>14 byte 12 (OS/2 1.x format)
+#>14 byte 64 (OS/2 2.x format)
+#>14 byte 40 (Windows 3.x format)
+#0 string IC icon
+#0 string PI pointer
+#0 string CI color icon
+#0 string CP color pointer
+#0 string BA bitmap array
+
+# CDROM Filesystems
+32769 string CD001 application/x-iso9660
+
+# Newer StuffIt archives (grant@netbsd.org)
+0 string StuffIt application/x-stuffit
+#>162 string >0 : %s
+
+# BinHex is the Macintosh ASCII-encoded file format (see also "apple")
+# Daniel Quinlan, quinlan@yggdrasil.com
+11 string must\ be\ converted\ with\ BinHex\ 4 application/mac-binhex40
+##>41 string x \b, version %.3s
+
+
+#------------------------------------------------------------------------------
+# lisp: file(1) magic for lisp programs
+#
+# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
+0 string ;; text/plain 8bit
+# Emacs 18 - this is always correct, but not very magical.
+0 string \012( application/x-elc
+# Emacs 19
+0 string ;ELC\023\000\000\000 application/x-elc
+
+#------------------------------------------------------------------------------
+# mail.news: file(1) magic for mail and news
+#
+# There are tests to ascmagic.c to cope with mail and news.
+0 string Relay-Version: message/rfc822 7bit
+0 string #!\ rnews message/rfc822 7bit
+0 string N#!\ rnews message/rfc822 7bit
+0 string Forward\ to message/rfc822 7bit
+0 string Pipe\ to message/rfc822 7bit
+0 string Return-Path: message/rfc822 7bit
+0 string Received: message/rfc822
+0 string Path: message/news 8bit
+0 string Xref: message/news 8bit
+0 string From: message/rfc822 7bit
+0 string Article message/news 8bit
+#------------------------------------------------------------------------------
+# msword: file(1) magic for MS Word files
+#
+# Contributor claims:
+# Reversed-engineered MS Word magic numbers
+#
+
+0 string \376\067\0\043 application/msword
+0 string \320\317\021\340\241\261 application/msword
+0 string \333\245-\0\0\0 application/msword
+
+
+
+#------------------------------------------------------------------------------
+# printer: file(1) magic for printer-formatted files
+#
+
+# PostScript
+0 string %! application/postscript
+0 string \004%! application/postscript
+
+# Acrobat
+# (due to clamen@cs.cmu.edu)
+0 string %PDF- application/pdf
+
+#------------------------------------------------------------------------------
+# sc: file(1) magic for "sc" spreadsheet
+#
+38 string Spreadsheet application/x-sc
+
+#------------------------------------------------------------------------------
+# tex: file(1) magic for TeX files
+#
+# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
+#
+# From <conklin@talisman.kaleida.com>
+
+# Although we may know the offset of certain text fields in TeX DVI
+# and font files, we can't use them reliably because they are not
+# zero terminated. [but we do anyway, christos]
+0 string \367\002 application/x-dvi
+#0 string \367\203 TeX generic font data
+#0 string \367\131 TeX packed font data
+#0 string \367\312 TeX virtual font data
+#0 string This\ is\ TeX, TeX transcript text
+#0 string This\ is\ METAFONT, METAFONT transcript text
+
+# There is no way to detect TeX Font Metric (*.tfm) files without
+# breaking them apart and reading the data. The following patterns
+# match most *.tfm files generated by METAFONT or afm2tfm.
+2 string \000\021 application/x-tex-tfm
+2 string \000\022 application/x-tex-tfm
+#>34 string >\0 (%s)
+
+# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
+0 string \\input\ texinfo text/x-texinfo
+0 string This\ is\ Info\ file text/x-info
+
+# correct TeX magic for Linux (and maybe more)
+# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+#
+0 leshort 0x02f7 application/x-dvi
+
+# RTF - Rich Text Format
+0 string {\\rtf text/rtf
+
+#------------------------------------------------------------------------------
+# animation: file(1) magic for animation/movie formats
+#
+# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+# MPEG file
+# MPEG sequences
+0 belong 0x000001BA
+>4 byte &0x40 video/mp2p
+>4 byte ^0x40 video/mpeg
+0 belong 0x000001BB video/mpeg
+0 belong 0x000001B0 video/mp4v-es
+0 belong 0x000001B5 video/mp4v-es
+0 belong 0x000001B3 video/mpv
+0 belong&0xFF5FFF1F 0x47400010 video/mp2t
+0 belong 0x00000001
+>4 byte&0x1F 0x07 video/h264
+
+# FLI animation format
+0 leshort 0xAF11 video/fli
+# FLC animation format
+0 leshort 0xAF12 video/flc
+#
+# SGI and Apple formats
+# Added ISO mimes
+0 string MOVI video/sgi
+4 string moov video/quicktime
+4 string mdat video/quicktime
+4 string wide video/quicktime
+4 string skip video/quicktime
+4 string free video/quicktime
+4 string idsc image/x-quicktime
+4 string idat image/x-quicktime
+4 string pckg application/x-quicktime
+4 string/B jP image/jp2
+4 string ftyp
+>8 string isom video/mp4
+>8 string mp41 video/mp4
+>8 string mp42 video/mp4
+>8 string/B jp2 image/jp2
+>8 string 3gp video/3gpp
+>8 string avc1 video/3gpp
+>8 string mmp4 video/mp4
+>8 string/B M4A audio/mp4
+>8 string/B qt video/quicktime
+# The contributor claims:
+# I couldn't find a real magic number for these, however, this
+# -appears- to work. Note that it might catch other files, too,
+# so BE CAREFUL!
+#
+# Note that title and author appear in the two 20-byte chunks
+# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
+# 255 (hex FF)! DL format SUCKS BIG ROCKS.
+#
+# DL file version 1 , medium format (160x100, 4 images/screen)
+0 byte 1 video/unknown
+0 byte 2 video/unknown
+#
+# Databases
+#
+# GDBM magic numbers
+# Will be maintained as part of the GDBM distribution in the future.
+# <downsj@teeny.org>
+0 belong 0x13579ace application/x-gdbm
+0 lelong 0x13579ace application/x-gdbm
+0 string GDBM application/x-gdbm
+#
+0 belong 0x061561 application/x-dbm
+#
+# Executables
+#
+0 string \177ELF
+>16 leshort 0 application/octet-stream
+>16 leshort 1 application/x-object
+>16 leshort 2 application/x-executable
+>16 leshort 3 application/x-sharedlib
+>16 leshort 4 application/x-coredump
+>16 beshort 0 application/octet-stream
+>16 beshort 1 application/x-object
+>16 beshort 2 application/x-executable
+>16 beshort 3 application/x-sharedlib
+>16 beshort 4 application/x-coredump
+#
+# DOS
+0 string MZ application/x-dosexec
+#
+# KDE
+0 string [KDE\ Desktop\ Entry] application/x-kdelnk
+0 string \#\ KDE\ Config\ File application/x-kdelnk
+# xmcd database file for kscd
+0 string \#\ xmcd text/xmcd
+
+#------------------------------------------------------------------------------
+# pkgadd: file(1) magic for SysV R4 PKG Datastreams
+#
+0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package
+
+#PNG Image Format
+0 string \x89PNG image/png
+
+# MNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/>
+0 string \x8aMNG video/x-mng
+0 string \x8aJNG video/x-jng
+
+#------------------------------------------------------------------------------
+# Hierarchical Data Format, used to facilitate scientific data exchange
+# specifications at http://hdf.ncsa.uiuc.edu/
+#Hierarchical Data Format (version 4) data
+0 belong 0x0e031301 application/x-hdf
+#Hierarchical Data Format (version 5) data
+0 string \211HDF\r\n\032 application/x-hdf
+
+# Adobe Photoshop
+0 string 8BPS image/x-photoshop
+
+# Felix von Leitner <felix-file@fefe.de>
+0 string d8:announce application/x-bittorrent
+
+
+# lotus 1-2-3 document
+0 belong 0x00001a00 application/x-123
+0 belong 0x00000200 application/x-123
+
+# MS Access database
+4 string Standard\ Jet\ DB application/msaccess
+
+## magic for XBase files
+#0 byte 0x02
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x03
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x04
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x05
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x30
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x43
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x7b
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x83
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x8b
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0x8e
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0xb3
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 byte 0xf5
+#>8 leshort >0
+#>>12 leshort 0 application/x-dbf
+#
+#0 leshort 0x0006 application/x-dbt
+
+# Debian has entries for the old PGP formats:
+# pgp: file(1) magic for Pretty Good Privacy
+# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
+#text/PGP key public ring
+0 beshort 0x9900 application/pgp
+#text/PGP key security ring
+0 beshort 0x9501 application/pgp
+#text/PGP key security ring
+0 beshort 0x9500 application/pgp
+#text/PGP encrypted data
+0 beshort 0xa600 application/pgp-encrypted
+#text/PGP armored data
+##public key block
+2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- application/pgp-keys
+0 string -----BEGIN\040PGP\40MESSAGE- application/pgp
+0 string -----BEGIN\040PGP\40SIGNATURE- application/pgp-signature
+#
+# GnuPG Magic:
+#
+#
+#text/GnuPG key public ring
+0 beshort 0x9901 application/pgp
+#text/OpenPGP data
+0 beshort 0x8501 application/pgp-encrypted
+
+# flash: file(1) magic for Macromedia Flash file format
+#
+# See
+#
+# http://www.macromedia.com/software/flash/open/
+#
+0 string FWS
+>3 byte x application/x-shockwave-flash
+
+# The following paramaters are created for Namazu.
+# <http://www.namazu.org/>
+#
+# 1999/08/13
+#0 string \<!--\ MHonArc text/html; x-type=mhonarc
+0 string BZh application/x-bzip2
+
+# 1999/09/09
+# VRML (suggested by Masao Takaku)
+0 string #VRML\ V1.0\ ascii model/vrml
+0 string #VRML\ V2.0\ utf8 model/vrml
+
+#------------------------------------------------------------------------------
+# ichitaro456: file(1) magic for Just System Word Processor Ichitaro
+#
+# Contributor kenzo-:
+# Reversed-engineered JS Ichitaro magic numbers
+#
+
+0 string DOC
+>43 byte 0x14 application/ichitaro4
+>144 string JDASH application/ichitaro4
+
+0 string DOC
+>43 byte 0x15 application/ichitaro5
+
+0 string DOC
+>43 byte 0x16 application/ichitaro6
+
+#------------------------------------------------------------------------------
+# office97: file(1) magic for MicroSoft Office files
+#
+# Contributor kenzo-:
+# Reversed-engineered MS Office magic numbers
+#
+
+#0 string \320\317\021\340\241\261\032\341
+#>48 byte 0x1B application/excel
+
+2080 string Microsoft\ Excel\ 5.0\ Worksheet application/excel
+2114 string Biff5 application/excel
+
+0 string \224\246\056 application/msword
+
+0 belong 0x31be0000 application/msword
+
+0 string PO^Q` application/msword
+
+0 string \320\317\021\340\241\261\032\341
+>546 string bjbj application/msword
+>546 string jbjb application/msword
+
+512 string R\0o\0o\0t\0\ \0E\0n\0t\0r\0y application/msword
+
+2080 string Microsoft\ Word\ 6.0\ Document application/msword
+2080 string Documento\ Microsoft\ Word\ 6 application/msword
+2112 string MSWordDoc application/msword
+
+#0 string \320\317\021\340\241\261\032\341 application/powerpoint
+0 string \320\317\021\340\241\261\032\341 application/msword
+
+0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package
+
+
+# WinNT/WinCE PE files (Warner Losh, imp@village.org)
+#
+128 string PE\000\000 application/octet-stream
+0 string PE\000\000 application/octet-stream
+
+# miscellaneous formats
+0 string LZ application/octet-stream
+
+
+# .EXE formats (Greg Roelofs, newt@uchicago.edu)
+#
+0 string MZ
+>24 string @ application/octet-stream
+
+0 string MZ
+>30 string Copyright\ 1989-1990\ PKWARE\ Inc. application/x-zip
+
+0 string MZ
+>30 string PKLITE\ Copr. application/x-zip
+
+0 string MZ
+>36 string LHa's\ SFX application/x-lha
+
+0 string MZ application/octet-stream
+
+# LHA archiver
+2 string -lh
+>6 string - application/x-lha
+
+
+# Zoo archiver
+20 lelong 0xfdc4a7dc application/x-zoo
+
+# ARC archiver
+0 lelong&0x8080ffff 0x0000081a application/x-arc
+0 lelong&0x8080ffff 0x0000091a application/x-arc
+0 lelong&0x8080ffff 0x0000021a application/x-arc
+0 lelong&0x8080ffff 0x0000031a application/x-arc
+0 lelong&0x8080ffff 0x0000041a application/x-arc
+0 lelong&0x8080ffff 0x0000061a application/x-arc
+
+# Microsoft Outlook's Transport Neutral Encapsulation Format (TNEF)
+0 lelong 0x223e9f78 application/ms-tnef
+
+# From: stephane.loeuillet@tiscali.f
+# http://www.djvuzone.org/
+0 string AT&TFORM image/x.djvu
+
+# Danny Milosavljevic <danny.milo@gmx.net>
+# this are adrift (adventure game standard) game files, extension .taf
+# depending on version magic continues with 0x93453E6139FA (V 4.0)
+# 0x9445376139FA (V 3.90)
+# 0x9445366139FA (V 3.80)
+# this is from source (http://www.adrift.org.uk/) and I have some taf
+# files, and checked them.
+#0 belong 0x3C423FC9
+#>4 belong 0x6A87C2CF application/x-adrift
+#0 string \000\000\001\000 image/x-ico
+
+# Quark Xpress 3 Files:
+# (made the mimetype up)
+0 string \0\0MMXPR3\0 application/x-quark-xpress-3
+
+# EET archive
+# From: Tilman Sauerbeck <tilman@code-monkey.de>
+0 belong 0x1ee7ff00 application/x-eet
+
+# From: Denis Knauf, via gentoo.
+0 string fLaC audio/x-flac
+0 string CWS application/x-shockwave-flash
+
+# Gnumeric spreadsheet
+# This entry is only semi-helpful, as Gnumeric compresses its files, so
+# they will ordinarily reported as "compressed", but at least -z helps
+39 string =<gmr:Workbook application/x-gnumeric
+
--- /dev/null
+# Depends: authn_core
+LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
--- /dev/null
+# a2enmod-note: needs-configuration
+
+#
+# Action lets you define media types that will execute a script whenever
+# a matching file is called. This eliminates the need for repeated URL
+# pathnames for oft-used CGI file processors.
+# Format: Action media/type /cgi-script/location
+# Format: Action handler-name /cgi-script/location
+#
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule actions_module /usr/lib/apache2/modules/mod_actions.so
--- /dev/null
+<IfModule alias_module>
+ # Aliases: Add here as many aliases as you need (with no limit). The format is
+ # Alias fakename realname
+ #
+ # Note that if you include a trailing / on fakename then the server will
+ # require it to be present in the URL. So "/icons" isn't aliased in this
+ # example, only "/icons/". If the fakename is slash-terminated, then the
+ # realname must also be slash terminated, and if the fakename omits the
+ # trailing slash, the realname must also omit it.
+ #
+ # We include the /icons/ alias for FancyIndexed directory listings. If
+ # you do not use FancyIndexing, you may comment this out.
+
+ Alias /icons/ "/usr/share/apache2/icons/"
+
+ <Directory "/usr/share/apache2/icons">
+ Options FollowSymlinks
+ AllowOverride None
+ Require all granted
+ </Directory>
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so
--- /dev/null
+LoadModule allowmethods_module /usr/lib/apache2/modules/mod_allowmethods.so
--- /dev/null
+# Depends: mime
+LoadModule asis_module /usr/lib/apache2/modules/mod_asis.so
--- /dev/null
+# Depends: authn_core
+LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so
--- /dev/null
+# Depends: authn_core
+LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so
--- /dev/null
+# Depends: session authn_core
+LoadModule auth_form_module /usr/lib/apache2/modules/mod_auth_form.so
--- /dev/null
+LoadModule authn_anon_module /usr/lib/apache2/modules/mod_authn_anon.so
--- /dev/null
+LoadModule authn_core_module /usr/lib/apache2/modules/mod_authn_core.so
--- /dev/null
+# Depends: dbd
+LoadModule authn_dbd_module /usr/lib/apache2/modules/mod_authn_dbd.so
--- /dev/null
+LoadModule authn_dbm_module /usr/lib/apache2/modules/mod_authn_dbm.so
--- /dev/null
+LoadModule authn_file_module /usr/lib/apache2/modules/mod_authn_file.so
--- /dev/null
+LoadModule authn_socache_module /usr/lib/apache2/modules/mod_authn_socache.so
--- /dev/null
+LoadModule authnz_fcgi_module /usr/lib/apache2/modules/mod_authnz_fcgi.so
--- /dev/null
+# Depends: ldap
+LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so
--- /dev/null
+LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
--- /dev/null
+# Depends: dbd authz_core
+LoadModule authz_dbd_module /usr/lib/apache2/modules/mod_authz_dbd.so
--- /dev/null
+# Depends: authz_core
+LoadModule authz_dbm_module /usr/lib/apache2/modules/mod_authz_dbm.so
--- /dev/null
+# Depends: authz_core
+LoadModule authz_groupfile_module /usr/lib/apache2/modules/mod_authz_groupfile.so
--- /dev/null
+# Depends: authz_core
+LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so
--- /dev/null
+LoadModule authz_owner_module /usr/lib/apache2/modules/mod_authz_owner.so
--- /dev/null
+# Depends: authz_core
+LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.so
--- /dev/null
+<IfModule mod_autoindex.c>
+ # Directives controlling the display of server-generated directory listings.
+
+ #
+ # IndexOptions: Controls the appearance of server-generated directory
+ # listings.
+ # Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
+ IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
+
+ #
+ # AddIcon* directives tell the server which icon to show for different
+ # files or filename extensions. These are only displayed for
+ # FancyIndexed directories.
+ AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
+
+ AddIconByType (TXT,/icons/text.gif) text/*
+ AddIconByType (IMG,/icons/image2.gif) image/*
+ AddIconByType (SND,/icons/sound2.gif) audio/*
+ AddIconByType (VID,/icons/movie.gif) video/*
+
+ AddIcon /icons/binary.gif .bin .exe
+ AddIcon /icons/binhex.gif .hqx
+ AddIcon /icons/tar.gif .tar
+ AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+ AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+ AddIcon /icons/a.gif .ps .ai .eps
+ AddIcon /icons/layout.gif .html .shtml .htm .pdf
+ AddIcon /icons/text.gif .txt
+ AddIcon /icons/c.gif .c
+ AddIcon /icons/p.gif .pl .py
+ AddIcon /icons/f.gif .for
+ AddIcon /icons/dvi.gif .dvi
+ AddIcon /icons/uuencoded.gif .uu
+ AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+ AddIcon /icons/tex.gif .tex
+ # It's a suffix rule, so simply matching "core" matches "score" as well !
+ AddIcon /icons/bomb.gif /core
+ AddIcon (SND,/icons/sound2.gif) .ogg
+ AddIcon (VID,/icons/movie.gif) .ogm
+
+ AddIcon /icons/back.gif ..
+ AddIcon /icons/hand.right.gif README
+ AddIcon /icons/folder.gif ^^DIRECTORY^^
+ AddIcon /icons/blank.gif ^^BLANKICON^^
+
+ # Default icons for OpenDocument format
+ AddIcon /icons/odf6odt-20x22.png .odt
+ AddIcon /icons/odf6ods-20x22.png .ods
+ AddIcon /icons/odf6odp-20x22.png .odp
+ AddIcon /icons/odf6odg-20x22.png .odg
+ AddIcon /icons/odf6odc-20x22.png .odc
+ AddIcon /icons/odf6odf-20x22.png .odf
+ AddIcon /icons/odf6odb-20x22.png .odb
+ AddIcon /icons/odf6odi-20x22.png .odi
+ AddIcon /icons/odf6odm-20x22.png .odm
+
+ AddIcon /icons/odf6ott-20x22.png .ott
+ AddIcon /icons/odf6ots-20x22.png .ots
+ AddIcon /icons/odf6otp-20x22.png .otp
+ AddIcon /icons/odf6otg-20x22.png .otg
+ AddIcon /icons/odf6otc-20x22.png .otc
+ AddIcon /icons/odf6otf-20x22.png .otf
+ AddIcon /icons/odf6oti-20x22.png .oti
+ AddIcon /icons/odf6oth-20x22.png .oth
+
+ #
+ # DefaultIcon is which icon to show for files which do not have an icon
+ # explicitly set.
+ DefaultIcon /icons/unknown.gif
+
+ #
+ # AddDescription allows you to place a short description after a file in
+ # server-generated indexes. These are only displayed for FancyIndexed
+ # directories.
+ # Format: AddDescription "description" filename
+ #AddDescription "GZIP compressed document" .gz
+ #AddDescription "tar archive" .tar
+ #AddDescription "GZIP compressed tar archive" .tgz
+
+ #
+ # ReadmeName is the name of the README file the server will look for by
+ # default, and append to directory listings.
+ #
+ # HeaderName is the name of a file which should be prepended to
+ # directory indexes
+ ReadmeName README.html
+ HeaderName HEADER.html
+
+ #
+ # IndexIgnore is a set of filenames which directory indexing should ignore
+ # and not include in the listing. Shell-style wildcarding is permitted.
+ IndexIgnore .??* *~ *# RCS CVS *,v *,t
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule autoindex_module /usr/lib/apache2/modules/mod_autoindex.so
--- /dev/null
+LoadModule buffer_module /usr/lib/apache2/modules/mod_buffer.so
--- /dev/null
+LoadModule cache_module /usr/lib/apache2/modules/mod_cache.so
--- /dev/null
+<IfModule mod_cache_disk.c>
+
+ # cache cleaning is done by htcacheclean, which can be configured in
+ # /etc/default/apache2
+ #
+ # For further information, see the comments in that file,
+ # /usr/share/doc/apache2/README.Debian, and the htcacheclean(8)
+ # man page.
+
+ # This path must be the same as the one in /etc/default/apache2
+ CacheRoot /var/cache/apache2/mod_cache_disk
+
+ # This will also cache local documents. It usually makes more sense to
+ # put this into the configuration for just one virtual host.
+ #CacheEnable disk /
+
+
+ # The result of CacheDirLevels * CacheDirLength must not be higher than
+ # 20. Moreover, pay attention on file system limits. Some file systems
+ # do not support more than a certain number of inodes and
+ # subdirectories (e.g. 32000 for ext3)
+ CacheDirLevels 2
+ CacheDirLength 1
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: cache
+LoadModule cache_disk_module /usr/lib/apache2/modules/mod_cache_disk.so
--- /dev/null
+# Depends: cache
+LoadModule cache_socache_module /usr/lib/apache2/modules/mod_cache_socache.so
--- /dev/null
+LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
--- /dev/null
+# Socket for cgid communication
+ScriptSock ${APACHE_RUN_DIR}/cgisock
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule cgid_module /usr/lib/apache2/modules/mod_cgid.so
--- /dev/null
+LoadModule charset_lite_module /usr/lib/apache2/modules/mod_charset_lite.so
--- /dev/null
+LoadModule data_module /usr/lib/apache2/modules/mod_data.so
--- /dev/null
+LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so
--- /dev/null
+DAVLockDB ${APACHE_LOCK_DIR}/DAVLock
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: dav
+LoadModule dav_fs_module /usr/lib/apache2/modules/mod_dav_fs.so
--- /dev/null
+LoadModule dav_lock_module /usr/lib/apache2/modules/mod_dav_lock.so
--- /dev/null
+LoadModule dbd_module /usr/lib/apache2/modules/mod_dbd.so
--- /dev/null
+<IfModule mod_deflate.c>
+ <IfModule mod_filter.c>
+ # these are known to be safe with MSIE 6
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml
+
+ # everything else may cause problems with MSIE 6
+ AddOutputFilterByType DEFLATE text/css
+ AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
+ AddOutputFilterByType DEFLATE application/rss+xml
+ AddOutputFilterByType DEFLATE application/xml
+ </IfModule>
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: filter
+LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
--- /dev/null
+LoadModule dialup_module /usr/lib/apache2/modules/mod_dialup.so
--- /dev/null
+<IfModule mod_dir.c>
+ DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
--- /dev/null
+LoadModule dumpio_module /usr/lib/apache2/modules/mod_dumpio.so
--- /dev/null
+LoadModule echo_module /usr/lib/apache2/modules/mod_echo.so
--- /dev/null
+LoadModule env_module /usr/lib/apache2/modules/mod_env.so
--- /dev/null
+LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so
--- /dev/null
+LoadModule ext_filter_module /usr/lib/apache2/modules/mod_ext_filter.so
--- /dev/null
+# Depends: cache
+LoadModule file_cache_module /usr/lib/apache2/modules/mod_file_cache.so
--- /dev/null
+LoadModule filter_module /usr/lib/apache2/modules/mod_filter.so
--- /dev/null
+LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
--- /dev/null
+# This module depends on mod_watchdog to be loaded before. In Debian, this
+# module is statically linked.
+LoadModule heartbeat_module /usr/lib/apache2/modules/mod_heartbeat.so
--- /dev/null
+# This module depends on mod_watchdog to be loaded before. In Debian, this
+# module is statically linked.
+LoadModule heartmonitor_module /usr/lib/apache2/modules/mod_heartmonitor.so
--- /dev/null
+LoadModule ident_module /usr/lib/apache2/modules/mod_ident.so
--- /dev/null
+# Depends: mime
+LoadModule include_module /usr/lib/apache2/modules/mod_include.so
--- /dev/null
+<IfModule mod_info.c>
+
+ # Allow remote server configuration reports, with the URL of
+ # http://servername/server-info (requires that mod_info.c be loaded).
+ # Uncomment and change the "192.0.2.0/24" to allow access from other hosts.
+ #
+ <Location /server-info>
+ SetHandler server-info
+ Require local
+ #Require ip 192.0.2.0/24
+ </Location>
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule info_module /usr/lib/apache2/modules/mod_info.so
--- /dev/null
+# Depends: proxy_balancer
+LoadModule lbmethod_bybusyness_module /usr/lib/apache2/modules/mod_lbmethod_bybusyness.so
--- /dev/null
+# Depends: proxy_balancer
+LoadModule lbmethod_byrequests_module /usr/lib/apache2/modules/mod_lbmethod_byrequests.so
--- /dev/null
+# Depends: proxy_balancer
+LoadModule lbmethod_bytraffic_module /usr/lib/apache2/modules/mod_lbmethod_bytraffic.so
--- /dev/null
+# Depends: proxy_balancer
+LoadModule lbmethod_heartbeat_module /usr/lib/apache2/modules/mod_lbmethod_heartbeat.so
--- /dev/null
+<Location /ldap-status>
+ SetHandler ldap-status
+ Require local
+</Location>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so
--- /dev/null
+LoadModule log_debug_module /usr/lib/apache2/modules/mod_log_debug.so
--- /dev/null
+LoadModule log_forensic_module /usr/lib/apache2/modules/mod_log_forensic.so
--- /dev/null
+LoadModule lua_module /usr/lib/apache2/modules/mod_lua.so
--- /dev/null
+LoadModule macro_module /usr/lib/apache2/modules/mod_macro.so
--- /dev/null
+<IfModule mod_mime.c>
+
+ #
+ # TypesConfig points to the file containing the list of mappings from
+ # filename extension to MIME-type.
+ #
+ TypesConfig /etc/mime.types
+
+ #
+ # AddType allows you to add to or override the MIME configuration
+ # file mime.types for specific file types.
+ #
+ #AddType application/x-gzip .tgz
+ #
+ # AddEncoding allows you to have certain browsers uncompress
+ # information on the fly. Note: Not all browsers support this.
+ # Despite the name similarity, the following Add* directives have
+ # nothing to do with the FancyIndexing customization directives above.
+ #
+ #AddEncoding x-compress .Z
+ #AddEncoding x-gzip .gz .tgz
+ #AddEncoding x-bzip2 .bz2
+ #
+ # If the AddEncoding directives above are commented-out, then you
+ # probably should define those extensions to indicate media types:
+ #
+ AddType application/x-compress .Z
+ AddType application/x-gzip .gz .tgz
+ AddType application/x-bzip2 .bz2
+
+ #
+ # DefaultLanguage and AddLanguage allows you to specify the language of
+ # a document. You can then use content negotiation to give a browser a
+ # file in a language the user can understand.
+ #
+ # Specify a default language. This means that all data
+ # going out without a specific language tag (see below) will
+ # be marked with this one. You probably do NOT want to set
+ # this unless you are sure it is correct for all cases.
+ #
+ # * It is generally better to not mark a page as
+ # * being a certain language than marking it with the wrong
+ # * language!
+ #
+ # DefaultLanguage nl
+ #
+ # Note 1: The suffix does not have to be the same as the language
+ # keyword --- those with documents in Polish (whose net-standard
+ # language code is pl) may wish to use "AddLanguage pl .po" to
+ # avoid the ambiguity with the common suffix for perl scripts.
+ #
+ # Note 2: The example entries below illustrate that in some cases
+ # the two character 'Language' abbreviation is not identical to
+ # the two character 'Country' code for its country,
+ # E.g. 'Danmark/dk' versus 'Danish/da'.
+ #
+ # Note 3: In the case of 'ltz' we violate the RFC by using a three char
+ # specifier. There is 'work in progress' to fix this and get
+ # the reference data for rfc1766 cleaned up.
+ #
+ # Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+ # English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+ # Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+ # Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+ # Norwegian (no) - Polish (pl) - Portugese (pt)
+ # Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+ # Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
+ #
+ AddLanguage am .amh
+ AddLanguage ar .ara
+ AddLanguage be .be
+ AddLanguage bg .bg
+ AddLanguage bn .bn
+ AddLanguage br .br
+ AddLanguage bs .bs
+ AddLanguage ca .ca
+ AddLanguage cs .cz .cs
+ AddLanguage cy .cy
+ AddLanguage da .dk
+ AddLanguage de .de
+ AddLanguage dz .dz
+ AddLanguage el .el
+ AddLanguage en .en
+ AddLanguage eo .eo
+ # es is ecmascript in /etc/mime.types
+ RemoveType es
+ AddLanguage es .es
+ AddLanguage et .et
+ AddLanguage eu .eu
+ AddLanguage fa .fa
+ AddLanguage fi .fi
+ AddLanguage fr .fr
+ AddLanguage ga .ga
+ AddLanguage gl .glg
+ AddLanguage gu .gu
+ AddLanguage he .he
+ AddLanguage hi .hi
+ AddLanguage hr .hr
+ AddLanguage hu .hu
+ AddLanguage hy .hy
+ AddLanguage id .id
+ AddLanguage is .is
+ AddLanguage it .it
+ AddLanguage ja .ja
+ AddLanguage ka .ka
+ AddLanguage kk .kk
+ AddLanguage km .km
+ AddLanguage kn .kn
+ AddLanguage ko .ko
+ AddLanguage ku .ku
+ AddLanguage lo .lo
+ AddLanguage lt .lt
+ AddLanguage ltz .ltz
+ AddLanguage lv .lv
+ AddLanguage mg .mg
+ AddLanguage mk .mk
+ AddLanguage ml .ml
+ AddLanguage mr .mr
+ AddLanguage ms .msa
+ AddLanguage nb .nob
+ AddLanguage ne .ne
+ AddLanguage nl .nl
+ AddLanguage nn .nn
+ AddLanguage no .no
+ AddLanguage pa .pa
+ AddLanguage pl .po
+ AddLanguage pt-BR .pt-br
+ AddLanguage pt .pt
+ AddLanguage ro .ro
+ AddLanguage ru .ru
+ AddLanguage sa .sa
+ AddLanguage se .se
+ AddLanguage si .si
+ AddLanguage sk .sk
+ AddLanguage sl .sl
+ AddLanguage sq .sq
+ AddLanguage sr .sr
+ AddLanguage sv .sv
+ AddLanguage ta .ta
+ AddLanguage te .te
+ AddLanguage th .th
+ AddLanguage tl .tl
+ RemoveType tr
+ # tr is troff in /etc/mime.types
+ AddLanguage tr .tr
+ AddLanguage uk .uk
+ AddLanguage ur .ur
+ AddLanguage vi .vi
+ AddLanguage wo .wo
+ AddLanguage xh .xh
+ AddLanguage zh-CN .zh-cn
+ AddLanguage zh-TW .zh-tw
+
+ #
+ # Commonly used filename extensions to character sets. You probably
+ # want to avoid clashes with the language extensions, unless you
+ # are good at carefully testing your setup after each change.
+ # See http://www.iana.org/assignments/character-sets for the
+ # official list of charset names and their respective RFCs.
+ #
+ AddCharset us-ascii .ascii .us-ascii
+ AddCharset ISO-8859-1 .iso8859-1 .latin1
+ AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
+ AddCharset ISO-8859-3 .iso8859-3 .latin3
+ AddCharset ISO-8859-4 .iso8859-4 .latin4
+ AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
+ AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
+ AddCharset ISO-8859-7 .iso8859-7 .grk .greek
+ AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
+ AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
+ AddCharset ISO-8859-10 .iso8859-10 .latin6
+ AddCharset ISO-8859-13 .iso8859-13
+ AddCharset ISO-8859-14 .iso8859-14 .latin8
+ AddCharset ISO-8859-15 .iso8859-15 .latin9
+ AddCharset ISO-8859-16 .iso8859-16 .latin10
+ AddCharset ISO-2022-JP .iso2022-jp .jis
+ AddCharset ISO-2022-KR .iso2022-kr .kis
+ AddCharset ISO-2022-CN .iso2022-cn .cis
+ AddCharset Big5 .Big5 .big5 .b5
+ AddCharset cn-Big5 .cn-big5
+ # For russian, more than one charset is used (depends on client, mostly):
+ AddCharset WINDOWS-1251 .cp-1251 .win-1251
+ AddCharset CP866 .cp866
+ AddCharset KOI8 .koi8
+ AddCharset KOI8-E .koi8-e
+ AddCharset KOI8-r .koi8-r .koi8-ru
+ AddCharset KOI8-U .koi8-u
+ AddCharset KOI8-ru .koi8-uk .ua
+ AddCharset ISO-10646-UCS-2 .ucs2
+ AddCharset ISO-10646-UCS-4 .ucs4
+ AddCharset UTF-7 .utf7
+ AddCharset UTF-8 .utf8
+ AddCharset UTF-16 .utf16
+ AddCharset UTF-16BE .utf16be
+ AddCharset UTF-16LE .utf16le
+ AddCharset UTF-32 .utf32
+ AddCharset UTF-32BE .utf32be
+ AddCharset UTF-32LE .utf32le
+ AddCharset euc-cn .euc-cn
+ AddCharset euc-gb .euc-gb
+ AddCharset euc-jp .euc-jp
+ AddCharset euc-kr .euc-kr
+ #Not sure how euc-tw got in - IANA doesn't list it???
+ AddCharset EUC-TW .euc-tw
+ AddCharset gb2312 .gb2312 .gb
+ AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+ AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+ AddCharset shift_jis .shift_jis .sjis
+ AddCharset BRF .brf
+
+ #
+ # AddHandler allows you to map certain file extensions to "handlers":
+ # actions unrelated to filetype. These can be either built into the server
+ # or added with the Action directive (see below)
+ #
+ # To use CGI scripts outside of ScriptAliased directories:
+ # (You will also need to add "ExecCGI" to the "Options" directive.)
+ #
+ #AddHandler cgi-script .cgi
+
+ #
+ # For files that include their own HTTP headers:
+ #
+ #AddHandler send-as-is asis
+
+ #
+ # For server-parsed imagemap files:
+ #
+ #AddHandler imap-file map
+
+ #
+ # For type maps (negotiated resources):
+ # (This is enabled by default to allow the Apache "It Worked" page
+ # to be distributed in multiple languages.)
+ #
+ AddHandler type-map var
+
+ #
+ # Filters allow you to process content before it is sent to the client.
+ #
+ # To parse .shtml files for server-side includes (SSI):
+ # (You will also need to add "Includes" to the "Options" directive.)
+ #
+ AddType text/html .shtml
+ AddOutputFilter INCLUDES .shtml
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
--- /dev/null
+<IfModule mod_mime_magic.c>
+ MIMEMagicFile /etc/apache2/magic
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so
--- /dev/null
+# event MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestWorkers: maximum number of worker threads
+# MaxConnectionsPerChild: maximum number of requests a server process serves
+<IfModule mpm_event_module>
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 0
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Conflicts: mpm_worker mpm_prefork
+LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so
--- /dev/null
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxRequestWorkers: maximum number of server processes allowed to start
+# MaxConnectionsPerChild: maximum number of requests a server process serves
+
+<IfModule mpm_prefork_module>
+ StartServers 5
+ MinSpareServers 5
+ MaxSpareServers 10
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 0
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Conflicts: mpm_event mpm_worker
+LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so
--- /dev/null
+# worker MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
+# graceful restart. ThreadLimit can only be changed by stopping
+# and starting Apache.
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestWorkers: maximum number of threads
+# MaxConnectionsPerChild: maximum number of requests a server process serves
+
+<IfModule mpm_worker_module>
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 0
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Conflicts: mpm_event mpm_prefork
+LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
--- /dev/null
+<IfModule mod_negotiation.c>
+
+ # LanguagePriority allows you to give precedence to some languages
+ # in case of a tie during content negotiation.
+ #
+ # Just list the languages in decreasing order of preference. We have
+ # more or less alphabetized them here. You probably want to change this.
+ #
+ LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
+
+ #
+ # ForceLanguagePriority allows you to serve a result page rather than
+ # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+ # [in case no accepted languages matched the available variants]
+ #
+ ForceLanguagePriority Prefer Fallback
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule negotiation_module /usr/lib/apache2/modules/mod_negotiation.so
--- /dev/null
+<IfModule mod_proxy.c>
+
+ # If you want to use apache2 as a forward proxy, uncomment the
+ # 'ProxyRequests On' line and the <Proxy *> block below.
+ # WARNING: Be careful to restrict access inside the <Proxy *> block.
+ # Open proxy servers are dangerous both to your network and to the
+ # Internet at large.
+ #
+ # If you only want to use apache2 as a reverse proxy/gateway in
+ # front of some web application server, you DON'T need
+ # 'ProxyRequests On'.
+
+ #ProxyRequests On
+ #<Proxy *>
+ # AddDefaultCharset off
+ # Require all denied
+ # #Require local
+ #</Proxy>
+
+ # Enable/disable the handling of HTTP/1.1 "Via:" headers.
+ # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
+ # Set to one of: Off | On | Full | Block
+ #ProxyVia Off
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_ajp_module /usr/lib/apache2/modules/mod_proxy_ajp.so
--- /dev/null
+<IfModule mod_proxy_balancer.c>
+
+ # Balancer manager enables dynamic update of balancer members
+ # (needs mod_status). Uncomment to enable.
+ #
+ #<IfModule mod_status.c>
+ # <Location /balancer-manager>
+ # SetHandler balancer-manager
+ # Require local
+ # </Location>
+ #</IfModule>
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: proxy alias slotmem_shm
+LoadModule proxy_balancer_module /usr/lib/apache2/modules/mod_proxy_balancer.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_connect_module /usr/lib/apache2/modules/mod_proxy_connect.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_express_module /usr/lib/apache2/modules/mod_proxy_express.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_fdpass_module /usr/lib/apache2/modules/mod_proxy_fdpass.so
--- /dev/null
+<IfModule mod_proxy_ftp.c>
+
+ # Define the character set for proxied FTP listings. Default is ISO-8859-1
+ ProxyFtpDirCharset UTF-8
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: proxy
+LoadModule proxy_ftp_module /usr/lib/apache2/modules/mod_proxy_ftp.so
--- /dev/null
+# Configuration example.
+#
+# For detailed information about these directives see
+# <URL:http://httpd.apache.org/docs/2.4/mod/mod_proxy_html.html>
+# and for mod_xml2enc see
+# <URL:http://httpd.apache.org/docs/2.4/mod/mod_xml2enc.html>
+#
+
+# All knowledge of HTML links has been removed from the mod_proxy_html
+# code itself, and is instead read from httpd.conf (or included file)
+# at server startup. So you MUST declare it. This will normally be
+# at top level, but can also be used in a <Location>.
+#
+# Here's the declaration for W3C HTML 4.01 and XHTML 1.0
+
+ProxyHTMLLinks a href
+ProxyHTMLLinks area href
+ProxyHTMLLinks link href
+ProxyHTMLLinks img src longdesc usemap
+ProxyHTMLLinks object classid codebase data usemap
+ProxyHTMLLinks q cite
+ProxyHTMLLinks blockquote cite
+ProxyHTMLLinks ins cite
+ProxyHTMLLinks del cite
+ProxyHTMLLinks form action
+ProxyHTMLLinks input src usemap
+ProxyHTMLLinks head profile
+ProxyHTMLLinks base href
+ProxyHTMLLinks script src for
+
+# To support scripting events (with ProxyHTMLExtended On),
+# you'll need to declare them too.
+
+ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \
+ onmouseover onmousemove onmouseout onkeypress \
+ onkeydown onkeyup onfocus onblur onload \
+ onunload onsubmit onreset onselect onchange
+
+# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML,
+# you'll need to uncomment the following deprecated link attributes.
+# Note that these are enabled in earlier mod_proxy_html versions
+#
+# ProxyHTMLLinks frame src longdesc
+# ProxyHTMLLinks iframe src longdesc
+# ProxyHTMLLinks body background
+# ProxyHTMLLinks applet codebase
+#
+# If you're dealing with proprietary HTML variants,
+# declare your own URL attributes here as required.
+#
+# ProxyHTMLLinks myelement myattr otherattr
+#
+###########
+# EXAMPLE #
+###########
+#
+# To define the URL /my-gateway/ as a gateway to an appserver with address
+# http://some.app.intranet/ on a private network, after loading the
+# modules and including this configuration file:
+#
+# ProxyRequests Off <-- this is an important security setting
+# ProxyPass /my-gateway/ http://some.app.intranet/
+# <Location /my-gateway/>
+# ProxyPassReverse /
+# ProxyHTMLEnable On
+# ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/
+# ProxyHTMLURLMap / /my-gateway/
+# </Location>
+#
+# Many (though not all) real-life setups are more complex.
+#
+# See the documentation at
+# http://apache.webthing.com/mod_proxy_html/
+# and the tutorial at
+# http://www.apachetutor.org/admin/reverseproxies
--- /dev/null
+# Depends: proxy
+LoadModule proxy_html_module /usr/lib/apache2/modules/mod_proxy_html.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_scgi_module /usr/lib/apache2/modules/mod_proxy_scgi.so
--- /dev/null
+# Depends: proxy
+LoadModule proxy_wstunnel_module /usr/lib/apache2/modules/mod_proxy_wstunnel.so
--- /dev/null
+# Depends: env
+LoadModule ratelimit_module /usr/lib/apache2/modules/mod_ratelimit.so
--- /dev/null
+LoadModule reflector_module /usr/lib/apache2/modules/mod_reflector.so
--- /dev/null
+LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so
--- /dev/null
+<IfModule reqtimeout_module>
+
+ # mod_reqtimeout limits the time waiting on the client to prevent an
+ # attacker from causing a denial of service by opening many connections
+ # but not sending requests. This file tries to give a sensible default
+ # configuration, but it may be necessary to tune the timeout values to
+ # the actual situation. Note that it is also possible to configure
+ # mod_reqtimeout per virtual host.
+
+
+ # Wait max 20 seconds for the first byte of the request line+headers
+ # From then, require a minimum data rate of 500 bytes/s, but don't
+ # wait longer than 40 seconds in total.
+ # Note: Lower timeouts may make sense on non-ssl virtual hosts but can
+ # cause problem with ssl enabled virtual hosts: This timeout includes
+ # the time a browser may need to fetch the CRL for the certificate. If
+ # the CRL server is not reachable, it may take more than 10 seconds
+ # until the browser gives up.
+ RequestReadTimeout header=20-40,minrate=500
+
+ # Wait max 10 seconds for the first byte of the request body (if any)
+ # From then, require a minimum data rate of 500 bytes/s
+ RequestReadTimeout body=10,minrate=500
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule reqtimeout_module /usr/lib/apache2/modules/mod_reqtimeout.so
--- /dev/null
+LoadModule request_module /usr/lib/apache2/modules/mod_request.so
--- /dev/null
+LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
--- /dev/null
+LoadModule sed_module /usr/lib/apache2/modules/mod_sed.so
--- /dev/null
+LoadModule session_module /usr/lib/apache2/modules/mod_session.so
--- /dev/null
+# Depends: session
+LoadModule session_cookie_module /usr/lib/apache2/modules/mod_session_cookie.so
--- /dev/null
+# Depends: session
+LoadModule session_crypto_module /usr/lib/apache2/modules/mod_session_crypto.so
--- /dev/null
+# Depends: session
+LoadModule session_dbd_module /usr/lib/apache2/modules/mod_session_dbd.so
--- /dev/null
+<IfModule mod_setenvif.c>
+
+ #
+ # The following directives modify normal HTTP response behavior to
+ # handle known problems with browser implementations.
+ #
+ BrowserMatch "Mozilla/2" nokeepalive
+ BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+ BrowserMatch "RealPlayer 4\.0" force-response-1.0
+ BrowserMatch "Java/1\.0" force-response-1.0
+ BrowserMatch "JDK/1\.0" force-response-1.0
+
+ #
+ # The following directive disables redirects on non-GET requests for
+ # a directory that does not include the trailing slash. This fixes a
+ # problem with Microsoft WebFolders which does not appropriately handle
+ # redirects for folders with DAV methods.
+ # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
+ #
+ BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+ BrowserMatch "MS FrontPage" redirect-carefully
+ BrowserMatch "^WebDrive" redirect-carefully
+ BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
+ BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+ BrowserMatch "^gvfs/1" redirect-carefully
+ BrowserMatch "^XML Spy" redirect-carefully
+ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+ BrowserMatch " Konqueror/4" redirect-carefully
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule setenvif_module /usr/lib/apache2/modules/mod_setenvif.so
--- /dev/null
+LoadModule slotmem_plain_module /usr/lib/apache2/modules/mod_slotmem_plain.so
--- /dev/null
+LoadModule slotmem_shm_module /usr/lib/apache2/modules/mod_slotmem_shm.so
--- /dev/null
+LoadModule socache_dbm_module /usr/lib/apache2/modules/mod_socache_dbm.so
--- /dev/null
+LoadModule socache_memcache_module /usr/lib/apache2/modules/mod_socache_memcache.so
--- /dev/null
+LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so
--- /dev/null
+LoadModule speling_module /usr/lib/apache2/modules/mod_speling.so
--- /dev/null
+<IfModule mod_ssl.c>
+
+ # Pseudo Random Number Generator (PRNG):
+ # Configure one or more sources to seed the PRNG of the SSL library.
+ # The seed data should be of good random quality.
+ # WARNING! On some platforms /dev/random blocks if not enough entropy
+ # is available. This means you then cannot use the /dev/random device
+ # because it would lead to very long connection times (as long as
+ # it requires to make more entropy available). But usually those
+ # platforms additionally provide a /dev/urandom device which doesn't
+ # block. So, if available, use this one instead. Read the mod_ssl User
+ # Manual for more details.
+ #
+ SSLRandomSeed startup builtin
+ SSLRandomSeed startup file:/dev/urandom 512
+ SSLRandomSeed connect builtin
+ SSLRandomSeed connect file:/dev/urandom 512
+
+ ##
+ ## SSL Global Context
+ ##
+ ## All SSL configuration in this context applies both to
+ ## the main server and all SSL-enabled virtual hosts.
+ ##
+
+ #
+ # Some MIME-types for downloading Certificates and CRLs
+ #
+ AddType application/x-x509-ca-cert .crt
+ AddType application/x-pkcs7-crl .crl
+
+ # Pass Phrase Dialog:
+ # Configure the pass phrase gathering process.
+ # The filtering dialog program (`builtin' is a internal
+ # terminal dialog) has to provide the pass phrase on stdout.
+ SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase
+
+ # Inter-Process Session Cache:
+ # Configure the SSL Session Cache: First the mechanism
+ # to use and second the expiring timeout (in seconds).
+ # (The mechanism dbm has known memory leaks and should not be used).
+ #SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache
+ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
+ SSLSessionCacheTimeout 300
+
+ # Semaphore:
+ # Configure the path to the mutual exclusion semaphore the
+ # SSL engine uses internally for inter-process synchronization.
+ # (Disabled by default, the global Mutex directive consolidates by default
+ # this)
+ #Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache
+
+
+ # SSL Cipher Suite:
+ # List the ciphers that the client is permitted to negotiate. See the
+ # ciphers(1) man page from the openssl package for list of all available
+ # options.
+ # Enable only secure ciphers:
+ SSLCipherSuite HIGH:!aNULL
+
+ # SSL server cipher order preference:
+ # Use server priorities for cipher algorithm choice.
+ # Clients may prefer lower grade encryption. You should enable this
+ # option if you want to enforce stronger encryption, and can afford
+ # the CPU cost, and did not override SSLCipherSuite in a way that puts
+ # insecure ciphers first.
+ # Default: Off
+ #SSLHonorCipherOrder on
+
+ # The protocols to enable.
+ # Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
+ # SSL v2 is no longer supported
+ SSLProtocol all -SSLv3
+
+ # Allow insecure renegotiation with clients which do not yet support the
+ # secure renegotiation protocol. Default: Off
+ #SSLInsecureRenegotiation on
+
+ # Whether to forbid non-SNI clients to access name based virtual hosts.
+ # Default: Off
+ #SSLStrictSNIVHostCheck On
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+# Depends: setenvif mime socache_shmcb
+LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
--- /dev/null
+<IfModule mod_status.c>
+ # Allow server status reports generated by mod_status,
+ # with the URL of http://servername/server-status
+ # Uncomment and change the "192.0.2.0/24" to allow access from other hosts.
+
+ <Location /server-status>
+ SetHandler server-status
+ Require local
+ #Require ip 192.0.2.0/24
+ </Location>
+
+ # Keep track of extended status information for each request
+ ExtendedStatus On
+
+ # Determine if mod_status displays the first 63 characters of a request or
+ # the last 63, assuming the request itself is greater than 63 chars.
+ # Default: Off
+ #SeeRequestTail On
+
+
+ <IfModule mod_proxy.c>
+ # Show Proxy LoadBalancer status in mod_status
+ ProxyStatus On
+ </IfModule>
+
+
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule status_module /usr/lib/apache2/modules/mod_status.so
--- /dev/null
+LoadModule substitute_module /usr/lib/apache2/modules/mod_substitute.so
--- /dev/null
+LoadModule suexec_module /usr/lib/apache2/modules/mod_suexec.so
--- /dev/null
+LoadModule unique_id_module /usr/lib/apache2/modules/mod_unique_id.so
--- /dev/null
+<IfModule mod_userdir.c>
+ UserDir public_html
+ UserDir disabled root
+
+ <Directory /home/*/public_html>
+ AllowOverride FileInfo AuthConfig Limit Indexes
+ Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+ <Limit GET POST OPTIONS>
+ Require all granted
+ </Limit>
+ <LimitExcept GET POST OPTIONS>
+ Require all denied
+ </LimitExcept>
+ </Directory>
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+LoadModule userdir_module /usr/lib/apache2/modules/mod_userdir.so
--- /dev/null
+LoadModule usertrack_module /usr/lib/apache2/modules/mod_usertrack.so
--- /dev/null
+LoadModule vhost_alias_module /usr/lib/apache2/modules/mod_vhost_alias.so
--- /dev/null
+LoadModule xml2enc_module /usr/lib/apache2/modules/mod_xml2enc.so
--- /dev/null
+../mods-available/access_compat.load
\ No newline at end of file
--- /dev/null
+../mods-available/alias.conf
\ No newline at end of file
--- /dev/null
+../mods-available/alias.load
\ No newline at end of file
--- /dev/null
+../mods-available/auth_basic.load
\ No newline at end of file
--- /dev/null
+../mods-available/authn_core.load
\ No newline at end of file
--- /dev/null
+../mods-available/authn_file.load
\ No newline at end of file
--- /dev/null
+../mods-available/authz_core.load
\ No newline at end of file
--- /dev/null
+../mods-available/authz_host.load
\ No newline at end of file
--- /dev/null
+../mods-available/authz_user.load
\ No newline at end of file
--- /dev/null
+../mods-available/autoindex.conf
\ No newline at end of file
--- /dev/null
+../mods-available/autoindex.load
\ No newline at end of file
--- /dev/null
+../mods-available/deflate.conf
\ No newline at end of file
--- /dev/null
+../mods-available/deflate.load
\ No newline at end of file
--- /dev/null
+../mods-available/dir.conf
\ No newline at end of file
--- /dev/null
+../mods-available/dir.load
\ No newline at end of file
--- /dev/null
+../mods-available/env.load
\ No newline at end of file
--- /dev/null
+../mods-available/filter.load
\ No newline at end of file
--- /dev/null
+../mods-available/mime.conf
\ No newline at end of file
--- /dev/null
+../mods-available/mime.load
\ No newline at end of file
--- /dev/null
+../mods-available/mpm_event.conf
\ No newline at end of file
--- /dev/null
+../mods-available/mpm_event.load
\ No newline at end of file
--- /dev/null
+../mods-available/negotiation.conf
\ No newline at end of file
--- /dev/null
+../mods-available/negotiation.load
\ No newline at end of file
--- /dev/null
+../mods-available/setenvif.conf
\ No newline at end of file
--- /dev/null
+../mods-available/setenvif.load
\ No newline at end of file
--- /dev/null
+../mods-available/status.conf
\ No newline at end of file
--- /dev/null
+../mods-available/status.load
\ No newline at end of file
--- /dev/null
+# If you just change the port or add more ports here, you will likely also
+# have to change the VirtualHost statement in
+# /etc/apache2/sites-enabled/000-default.conf
+
+Listen 80
+
+<IfModule ssl_module>
+ Listen 443
+</IfModule>
+
+<IfModule mod_gnutls.c>
+ Listen 443
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+<VirtualHost *:80>
+
+ Include sites-available/default-include.conf
+
+</VirtualHost>
+
+# vim: filetype=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+
+#ServerName www.example.com
+
+ServerAdmin frank@brehm-online.com
+DocumentRoot /var/www/html
+
+#LogLevel info ssl:warn
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log full_combined
+
+#Include conf-available/serve-cgi-bin.conf
+
+#Alias /Debian/ /home/repo/repos/Debian/
+#<Directory "/home/repo/repos/Debian">
+# Options Indexes FollowSymLinks
+# AllowOverride All
+# Order allow,deny
+# Allow from all
+#</Directory>
+
+#Alias /Ubuntu/ /home/repo/repos/Ubuntu/
+#<Directory "/home/repo/repos/Ubuntu">
+# Options Indexes FollowSymLinks
+# AllowOverride All
+# Order allow,deny
+# Allow from all
+#</Directory>
+
+#Alias /public/ /home/repo/public/
+#<Directory "/home/repo/public">
+# Options Indexes FollowSymLinks
+# AllowOverride All
+# Order allow,deny
+# Allow from all
+#</Directory>
+
+
+# vim: filetype=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+<IfModule mod_ssl.c>
+ <VirtualHost _default_:443>
+
+ Include sites-available/default-include.conf
+
+ SSLEngine on
+
+ SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+ SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+ #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+
+ #SSLCACertificatePath /etc/ssl/certs/
+ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+ #SSLCARevocationPath /etc/apache2/ssl.crl/
+ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
+
+ #SSLVerifyClient require
+ #SSLVerifyDepth 10
+
+ #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+
+ <FilesMatch "\.(cgi|shtml|phtml|php)$">
+ SSLOptions +StdEnvVars
+ </FilesMatch>
+ <Directory /usr/lib/cgi-bin>
+ SSLOptions +StdEnvVars
+ </Directory>
+
+ BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+ # MSIE 7 and newer should be able to use keepalive
+ BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+ </VirtualHost>
+</IfModule>
+
+# vim: filetype=apache ts=4 sw=4 sts=4 sr noet
--- /dev/null
+../sites-available/000-default.conf
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+
+# Placed in /etc/apm/event.d by the chrony package at the instruction of
+# the apmd maintainer. If you don't have apm and don't intend to install
+# apmd you may remove it. It needs to run after 00hwclock but before any
+# other scripts.
+
+
+[ -x /usr/sbin/chronyd ] || exit 0
+
+if [ "$1" = suspend ]; then
+ invoke-rc.d chrony stop
+elif [ "$1" = standby ]; then
+ invoke-rc.d chrony stop
+elif [ "$1" = resume ]; then
+ invoke-rc.d chrony start
+fi
--- /dev/null
+# Site-specific additions and overrides for usr.sbin.named.
+# For more details, please see /etc/apparmor.d/local/README.
--- /dev/null
+# vim:syntax=apparmor
+# Last Modified: Fri Jun 1 16:43:22 2007
+#include <tunables/global>
+
+/usr/sbin/named {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+
+ capability net_bind_service,
+ capability setgid,
+ capability setuid,
+ capability sys_chroot,
+ capability sys_resource,
+
+ # /etc/bind should be read-only for bind
+ # /var/lib/bind is for dynamically updated zone (and journal) files.
+ # /var/cache/bind is for slave/stub data, since we're not the origin of it.
+ # See /usr/share/doc/bind9/README.Debian.gz
+ /etc/bind/** r,
+ /var/lib/bind/** rw,
+ /var/lib/bind/ rw,
+ /var/cache/bind/** lrw,
+ /var/cache/bind/ rw,
+
+ # gssapi
+ /etc/krb5.keytab kr,
+ /etc/bind/krb5.keytab kr,
+
+ # ssl
+ /etc/ssl/openssl.cnf r,
+
+ # GeoIP data files for GeoIP ACLs
+ /usr/share/GeoIP/** r,
+
+ # dnscvsutil package
+ /var/lib/dnscvsutil/compiled/** rw,
+
+ /proc/net/if_inet6 r,
+ /proc/*/net/if_inet6 r,
+ /usr/sbin/named mr,
+ /{,var/}run/named/named.pid w,
+ /{,var/}run/named/session.key w,
+ # support for resolvconf
+ /{,var/}run/named/named.options r,
+
+ # some people like to put logs in /var/log/named/ instead of having
+ # syslog do the heavy lifting.
+ /var/log/named/** rw,
+ /var/log/named/ rw,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.sbin.named>
+}
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9
+m38kb0OS2DDrEdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fW
+tArNR18V+2jkwcG26m8AxIrT+m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVw
+WbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5h+3vWeV4gvxS3Xu6v1IlIpLDwUts
+kT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEcBsKGha+bXO+m2tHA
+gNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQYWNr
+YWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJT
+qb6YAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0Q
+WzELZf4d87WApzolLG+zpsJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1
+yE66wCya7V8hjNn2lkLXboOUd1UTErlRg1GYbIt++VPscTxHxwpjDGxDB1/fiX2o
+nK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQLGlnOu9ulEAejwAKt9CU
+4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBuMux62tjA
+/NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q
+9oNR31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb
+9aZ0xbZV8V/8pnuU7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUx
+uhgxttMArXm2c22OSy1hpsnVG68G32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJ
+zv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdWB5yCYpWlZJXBKzlYz/gwD/Fr
+GL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2GmoRD3ALjmCvN1E
+PsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ
+AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cK
+WWcgjnRuOHd4rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4
+vdRFH9jMtP+rrLt6+3c9j0M8SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5f
+T9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3sdQNU/MmTVV4jPFWXxh4oRDDR+8N
+1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ7Za+zhPaQlzAOZlx
+fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS
+MA==
+=dtMN
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+APT::Install-Recommends "false";
+Aptitude::Recommends-Important "false";
--- /dev/null
+APT::Authentication::TrustCDROM "true";
--- /dev/null
+APT
+{
+ NeverAutoRemove
+ {
+ "^firmware-linux.*";
+ "^linux-firmware$";
+ };
+
+ VersionedKernelPackages
+ {
+ # linux kernels
+ "linux-image";
+ "linux-headers";
+ "linux-image-extra";
+ "linux-signed-image";
+ # kfreebsd kernels
+ "kfreebsd-image";
+ "kfreebsd-headers";
+ # hurd kernels
+ "gnumach-image";
+ # (out-of-tree) modules
+ ".*-modules";
+ ".*-kernel";
+ "linux-backports-modules-.*";
+ # tools
+ "linux-tools";
+ };
+
+ Never-MarkAuto-Sections
+ {
+ "metapackages";
+ "restricted/metapackages";
+ "universe/metapackages";
+ "multiverse/metapackages";
+ "oldlibs";
+ "restricted/oldlibs";
+ "universe/oldlibs";
+ "multiverse/oldlibs";
+ };
+};
--- /dev/null
+// DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
+APT::NeverAutoRemove
+{
+ "^linux-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-image-4\.7\.0-0\.bpo\.1-amd64$";
+ "^linux-headers-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-headers-4\.7\.0-0\.bpo\.1-amd64$";
+ "^linux-image-extra-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-image-extra-4\.7\.0-0\.bpo\.1-amd64$";
+ "^linux-signed-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-signed-image-4\.7\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-image-4\.7\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-headers-4\.6\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-headers-4\.7\.0-0\.bpo\.1-amd64$";
+ "^gnumach-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^gnumach-image-4\.7\.0-0\.bpo\.1-amd64$";
+ "^.*-modules-4\.6\.0-0\.bpo\.1-amd64$";
+ "^.*-modules-4\.7\.0-0\.bpo\.1-amd64$";
+ "^.*-kernel-4\.6\.0-0\.bpo\.1-amd64$";
+ "^.*-kernel-4\.7\.0-0\.bpo\.1-amd64$";
+ "^linux-backports-modules-.*-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-backports-modules-.*-4\.7\.0-0\.bpo\.1-amd64$";
+ "^linux-tools-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-tools-4\.7\.0-0\.bpo\.1-amd64$";
+};
--- /dev/null
+DPkg::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; };
+DPkg::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; };
+
+RPM::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; };
+RPM::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; };
--- /dev/null
+// Pre-configure all packages with debconf before they are installed.
+// If you don't like it, comment it out.
+DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";};
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBFavlWMBEAC+YKENyf64sRtMCDUmbe14mY+35YHaXDLZfM73DXf/ueQawY2U
+hUEcG9adiGP/n7f5E2UMckWc21TqwM5ALXhUcdnFbkpayyPTMLrp3/2SsBVVTOO5
+j+RVrAEuVl7dBwcrcN51n3Q5E1rsBnVX+5kZ+B1wCSpk7kY8j2T7Ou+79HjBwEfQ
+X04nFIvpPZnM1Hq4ZYpomynADarWLu16WS86LkumC9Fs35bDmtQGEifDuEG8yr9k
+E0ocmNZMLfOS6OaHQMN6RYBsnF8nSrGznXvp0KQYs86YPdbjoZKpRUq3zqSsaJqv
+HgJzonZuadHI6A5Yj5CBsTwneMR3X5RPXtGmiHO/PG+G0c9ZtC5T0pTMvEx5q/o1
+HW8HilGboFxIz01Lf783F82GLA2rwGdeig4hrtgkdBddZCm5GOev7PvhTgnQ5Koc
+llUhxiyh0YlrkM1Mv7Q76lWRX3z0UtzrMDdMNt52DnO8vkm0RMYvRWeebTA74N7j
+n0/Oh8LjVh8lTdTdxruviV6+8hxDHcUy3T2Nc2knasxRdxcJ5hlwuKJ9YCeb5Pya
+LFW6e+KrdxlYnsnYBnpmbi2fFZtLEXv1q7L9wfC37BT6AQNFgjgd8lgVsnQJOTsm
+oexUinvzpuc5m/N9z9Pt6Wr4KYZ/Kh4l39Lzjlssn+I+VlXrp3ql/DRK6QARAQAB
+tDxSZXBvc2l0b3J5IEFkbWluIGZvciBGcmFuayBCcmVobSA8cGFja2FnZXNAYnJl
+aG0tb25saW5lLmNvbT6JAj4EEwECACgFAlavlWMCGwMFCRLMAwAGCwkIBwMCBhUI
+AgkKCwQWAgMBAh4BAheAAAoJELqtpQR6P8vU0GIQAKp/pJ4ArqnHoaP2OGG14B8P
+ivh7YaeZRx5HmZyJdsXLbdMJ8FM/dLvx0wqNM7HtzN11zEqroLeULPJcURiwavF0
+RndFkS9+0QIxCCYZrgpSyR+2UJgGeSzbOipND71elZQ3U6QlDJT/90XsZQwfJNUh
+Ibd3SeT1iW6ARvvZucFmcqgla67IG88Hq80RyZGoepqb73jGDsgw9/3c+Qtv7VBt
+lOZ+pgQksZHMhTWOpQ/JqOocDk6vfqzHOs+0QwbdaBxdBmRtLkBf0/uvkFvqC/R8
+JANdWvoCJqFnnI8QskbtvcnPiSLjqLtxcL+VGn5PjLD6cU8L+WyXfHMiBRZMetuw
+PFlo+Apz9o6Nh7Pg6N875zVSoJFko/w5hTqUBVIFGKCypLJEhOXfFMbTTx/b1/Gi
+yP6vp3V+n3QoxMt99THXSGOrzMu3TfDyNZGDgcq8N6T0MvOM0H0iMIZga6gbqgIm
+qPz2pSpAvZxe5/T48JpYOKiLqTd+Abx6I2scx5VqKrS9tINJWXEwAL0/oR8hcEzO
+QFgFwjwaj7RD3WSLWKy+dwhGVguLKGdPqkOuHj0yl/S6Wcfc3tNZZIm2kauvLI1l
+qp7qk+qMqeJVD0zqL1SyGSNT9YCndCewuso5VMKHyvTVL62X/xGhwAFgsK7qLFj/
+7sftZtXBk8CMv6UvxF0ouQINBFavlWMBEAC4P5+Miz+VbsFss0RHKiSs/+PgusQg
+85lk4J7zQj2S2MseJ35sJSqNX0MUSQ6BCoem+nQSwa1P4enCVonBRyWGRSbUurG/
+ip+WfrsFzHMZmr0JXw8gh/a3Zt9qwz5irERX0p6EDvwPwY411aCm4o+vdj0dPV/T
+CUX6s2dbrl2E2SAsjTzNi7bvKrPPUlufPHVp9o/LZolW40BL4C3r+1PwQFJN/0Np
+DMoKKIVdpmQcz/Ndz7+vFg4YlaeGfIOBt3kzcjt+AiSv+8L0XmtkM/W498VwkSzv
+rqUafJYPK+JtnWxgA7VyGj2fG9BncLONSAs+L1bSKKVQAt8G0H92MWIIUGDNry0b
+fM33xspNmB/7a3Bb9Cfq9eH3FWcMnBjZTGuPbKUEgVRUjyXCqIaDVvrGZBp8MLzZ
+Rg8qybxXMe9liwGdbytf34LMczO1rJN/zDkGf4mIx9LbaNFgcYCRXcb2SIpoW9F6
+hjKPf0+pRQmrelh8KMIevR1MJka3mV0tTN26gG+NBVkR8JjR766VOr5N/ebOAkcP
+GB/oBvmR4TEcqVZnYcDxmhr3Wvv4JjzbwNf0B+TYemq/9w1/IxCsNmx6WoJrdldO
+vk/iZrcF0qCTPeY0i8p+TorZfXkE6lzBqOg6YlTERPdbF1erXPkloRe7fp2iiHTF
+HVTe+0SOhSYUDwARAQABiQIlBBgBAgAPBQJWr5VjAhsMBQkSzAMAAAoJELqtpQR6
+P8vUwLsP+wcduVskRjvL5GzFoYv1fvq/V63x66s3ujWYkxYL0l5VVkcoavNl9BN8
+Ob8G1tfbSazODO8BQchqDxoD0RjZuR3E1AM8Qxx9UEP6jqhGYVAuutesRHeotkua
+QZOcpnVZ5E9SrBTt9xNu6IN8aOMN5TSwqvJsnCLQYUJtluM9luawO7d7ByGWWCpT
+oVjZ2hs4tqZXYz44pCj+TKfRZ1trYdEiQmv3hTY/LhZN3OszZZ/U7ED7UGPxdZ/D
+yCfNRIwhsTeGhB/JnxgamMShcV6p6VJWO3d2ST5wmTV+hgc12EDonAcOaL1W4gM+
+agmxoSg4utzNRK5yxBdIG/cwSeaGhvVK/PVAnfyeckm4esdgvFX0+lYbq58g/c0n
+VmVsy8sTCK7bWzw83CqQ8a4AydjGKQ5Y8aV87IyDsKnxM57l5+/bjL/eCOAolzFO
+hdoNuTkC94vB6WmIqN1FlvL9aSYpUtu+UxiF301t7WmBkuMatCvlqk4gikkY55dh
+oNAuJQCnlv5eqTJzHm41Xc0mPxVuy9shCXY3okuCPoub1pZOGtpDYaoEha34sHLl
+Iqnb4/+OaY2g4pJzevoQzRDPlPI0knUk0LRtjTyt1JpMgfr2+3EF/oFEyd4nPpgx
+EbsYN/rGbaX6tQzDFkFrUA61rjn9C2vr+LYoGcHmWX1oeyVV2OS5
+=1kpZ
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBFdj9dcBEADfCy/wCwo2Nbu3wT6Rg3GInCx8E8QSUtNg2sPUisKD3M9dxp0z
+2ygy9ssL4p1u7h4QK0koQW7ciuauTx31Y7Zvs7hybiOTsh9lI+5DZaz4R5whCmJb
+3FICK7jN9UmRSrh2ztJsgkbDU67SRGwtel8OuPow1O/2nOT2EGPzeaToSoctZeBN
+et/zksOs1wyghbXMEgplQBspaKfr9UAYwKwYcQer7Kw9TaD2QHt370WFV14uMD7S
+GGbD+JUNo8u4vhpjjOfEwB3IAbCAKM62WFbx0mxV+h0EcOwJ0F5vr7Q4xJgOSQXh
+V1ATi91qSRkcu1qZjrT5sdkPqBkUcnBvXlzIMbDmgB7e94OJwA9RW9n44clJe6ok
+PIdKmKfurmrssB6o0JKI3f3DXwOF4T3K7KGTKAzUexQHFe8yAQb/2h/woqzMFWVK
+qXR85S5VGfyofGLtjD8/kKPoOf1nAG7TRaJI3T7neOHncIl7gc9D8GQP+b0gpbtG
+NmFilyQAs7ygBZHF0YoUmOgInDOgizBoNCBJm5jSfdjpvzzo9IuoaN6sHMjxmwoH
+UV0M+t3L6/zNuh+r6By0ao/iyghsyh8Fcum8uHUuziLhUgJfJUidn1RFbTt0rbhk
+vzd/EuUYwwq5a01Z4qJXMHWry7JuUfgQN9B3OybZGfHmriwjcRJa5uZbxQARAQAB
+tDxSZXBvc2l0b3J5IEFkbWluIGZvciBGcmFuayBCcmVobSA8cGFja2FnZXNAYnJl
+aG0tb25saW5lLmNvbT6JAjcEEwEIACECGwMCHgECF4AFAldj/m0FCwkIBwMFFQoJ
+CAsFFgIDAQAACgkQh6jb1reW4Sq40RAA1bzL6v0PqApIlY8DTkSADKBq+7oV2mBV
+e1ZO4sj6KBolWkVlGhgUvqOUjEyNmN4NsGH2lY2n5dfwC3EIW5rz8BCC8nxWflp1
+8+YUvkKiF3SMxRVqCVvDnxDLCG4JfwCX+GTBj7FiFMHJHQIJZH9gCdYt60fxY1TL
+sDOgf8WVKZ/YF7L5IRDvPD4FpA5qV7fo/w8yWWY4ctm3iZyCYuOLo9nXY+PcJuc4
+FN+sb66blHE0Q53GgHtIZPu73mfmdrqhtGUhwgPAM+6mEyAiRwxRssrgfmyjd/ZG
+j7Uo22mUcBYs97K7/7qujNpMmxsVRm0yC3ImnciS0NHfqEU5dm6nbILqA897uyac
+Ps5CC/bzV0kFirp6oaOXFXXERC46WdU0w7+rjimpsIML+IwLy4TmWsfCR3V3Pfys
+7JrSLN2QNh3aKMloWTK0TzYcl5OzRzqzCUfUy2+GPl6j232i0jFwrbPrOpNY81Pj
+V1Cmcgtijk4u5N8tii5l4eGrb1U2Pw6dORg6su27brb9N0ouDNiRtLpagwYLnNpf
+CDTjVN3o0bGf+PnZDOf1Y4Bt22KYujTcDHzN8sozRQM05MaJj5QVbz+lrEtsRfoQ
+zZDGokvL3PxDqDkBX/1i6cx3dGFhZx0EvDgcU5+x4f33VV2dvpOoyQRbvAC2qxue
+rBwR5qJzGwy5Ag0EV2P11wEQAKkgfEIJwhnlWxWCX8/TMIH0MbdMN5j9CKk88E9/
+XCL4x9AsgkX7gqy2FlDMecq/QdgjnE5RsQNOPHLloPZoIyIKdGrHxff14iUyQT4Z
+oJAeHgVyiZRsjlJy0dicPaOD20WV5bkf2Qa8XmQ3qj791Yi5l8MuadopyaLXzOD1
+GpL5PI4bmJuWQ91ew4gQqygjc4gMzgWgQUDdpTGsPLDm1g0fEzGeQ4RwBBFb6374
+d/oghdaMM4+1KeoN+5TyCurOwZW/+mH2ex89xdx0+dRl0gShnOC9AhI6zGz9yijX
+ZFA48I53JV3pYaUEtFyGD/UDwoXnWW6ZdVIW38xrNrVxO6ZuJ3haV7jzQKm2JSkP
+u1uCvjr6avyx8EQ6O9xX+APx7XjEFVvdEkqwv2LA3swdDDKiLUTYZeMiHpzI4aD3
+s1XcWgGT5hSdvavH3390kQwRPmK8bdGT9ZFsiRrH+vp7ndUi1S49UDWKQkNHIPeW
+f61hX16EJhYxeK7Fchzqo0/mBBWpIv0WRP7iwt1C3b8Vq4FFuPG4vkmAMzEfuK23
+5IcRVHhFz6qEMxcV5PXRkUAKJGmgfBqJzBVrc3KdrVcxvdBVSDX8bzfL45nuaipp
+xbBQTruHbmSJCkLGWWLFfvm7kRT+WGVoOYxca0a9MkrzVZBTYl8FJOFIFysQDTyW
++iF7ABEBAAGJAh8EGAEIAAkFAldj9dcCGwwACgkQh6jb1reW4Sq3/g//UZ7qjNkz
+EAWsMTqzD2BsAW2rSlWJfJ5+aqTb4ilPX2lOL1q7h1JQKZ0ZJweelyIuIItVlWwm
+Cuu5fwDsmgkWflZtKkNdQ7pYiibUEMKxymILhTHn5UusfsASs8YiO/9eJtVmbuzg
+nUoSvjdhoUGDYmztmvJtQkfCJnf2fBNnnTTbHOB75M5WHPBcdKEhOHv91q3z+0nC
+OOLyIkLZ4Xwdy7zzGZSg1NOmhN59DTEqnIxA7TVAHZwh1OiY76TRfIcc9Y8LZf/t
+73z39I+lnysppfuS8CuYHGg4/AXqfVTqq5HOsVBpszIpkicd5i9dkBSwCFK/rz4s
+y4l66ft/QLg8J20EMuoIalJExFhR9svOf5jO4sjWjtjjz3QLafjAafGZjftKj6Ys
+COzn2ccQFyxT6LOCj1sYb2ZzGfPMIVf1N2iXJ4COV4ugVKE0364mEx/xwae189wd
+9ThPXCqg3K4IErNFi2hHsP08a0M9ICF+iWydQqode8q8ogFthqFY/NEzM29AUYyK
+m9AbzCBIh9DCDljnevBQ31BLt+Q0Dr0ZvG21W9yPVQrkYBR2iJ/vol3d+E8FEpiN
+3X+GofRaN3Ix1+qwIhxyT8DWtbGBVQwUQId2QuUFNZKAooWpfaoWASJNkzutJM9n
+og4IHx4/ewCHpZw0I5gSrvEl8ClADzV82g8=
+=XuBr
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+# deb http://ftp-stud.hs-esslingen.de/debian jessie main
+
+# main jessie repositories
+deb http://ftp-stud.hs-esslingen.de/debian jessie main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian jessie main contrib non-free
+
+# jessie security updates
+deb http://security.debian.org/ jessie/updates main contrib non-free
+deb-src http://security.debian.org/ jessie/updates main contrib non-free
+
+# jessie-updates, previously known as 'volatile'
+deb http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free
+
+# jessie-backports, previously on backports.debian.org
+deb http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free
+
+# vim: noet ts=8
--- /dev/null
+# Packages Frank Brehm
+# ---------------------
+
+#deb http://www.brehm-online.com/debian/jessie ./
+deb http://repo.uhu-banane.de/Debian/jessie ./
+deb-src http://repo.uhu-banane.de/Sources ./
--- /dev/null
+deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main
--- /dev/null
+# apticron.conf
+#
+# set EMAIL to a space separated list of addresses which will be notified of
+# impending updates
+#
+EMAIL="root"
+
+#
+# Set DIFF_ONLY to "1" to only output the difference of the current run
+# compared to the last run (ie. only new upgrades since the last run). If there
+# are no differences, no output/email will be generated. By default, apticron
+# will output everything that needs to be upgraded.
+#
+# DIFF_ONLY="1"
+
+#
+# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges
+# with the --profile option. You should add a corresponding profile to
+# /etc/apt/listchanges.conf
+#
+# LISTCHANGES_PROFILE="apticron"
+
+#
+# From hostname manpage: "Displays all FQDNs of the machine. This option
+# enumerates all configured network addresses on all configured network inter‐
+# faces, and translates them to DNS domain names. Addresses that cannot be
+# translated (i.e. because they do not have an appro‐ priate reverse DNS
+# entry) are skipped. Note that different addresses may resolve to the same
+# name, therefore the output may contain duplicate entries. Do not make any
+# assumptions about the order of the output."
+#
+# ALL_FQDNS="1"
+
+#
+# Set SYSTEM if you would like apticron to use something other than the output
+# of "hostname -f" for the system name in the mails it generates. This option
+# overrides the ALL_FQDNS above.
+#
+# SYSTEM="foobar.example.com"
+
+#
+# Set IPADDRESSNUM if you would like to configure the maximal number of IP
+# addresses apticron displays. The default is to display 1 address of each
+# family type (inet, inet6), if available.
+#
+# IPADDRESSNUM="1"
+
+#
+# Set IPADDRESSES to a whitespace separated list of reachable addresses for
+# this system. By default, apticron will try to work these out using the
+# "ip" command
+#
+# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
+
+#
+# Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of
+# packages on hold in your system. The default behavior is downloading and
+# listing them as any other package.
+#
+# NOTIFY_HOLDS="0"
+
+#
+# Set NOTIFY_NEW="0" if you don't want to be notified about packages which
+# are not installed in your system. Yes, it's possible! There are some issues
+# related to systems which have mixed stable/unstable sources. In these cases
+# apt-get will consider for example that packages with "Priority:
+# required"/"Essential: yes" in unstable but not in stable should be installed,
+# so they will be listed in dist-upgrade output. Please take a look at
+# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44
+#
+# NOTIFY_NEW="0"
+
+#
+# Set NOTIFY_NO_UPDATES="0" if you don't want to be notified when there is no
+# new versions. Set to 1 could assure you that apticron works well.
+#
+# NOTIFY_NO_UPDATES="0"
+
+#
+# Set CUSTOM_SUBJECT if you want to replace the default subject used in
+# the notification e-mails. This may help filtering/sorting client-side e-mail.
+# If you want to use internal vars please use single quotes here. Ex:
+# $CUSTOM_SUBJECT='[apticron] $SYSTEM: $NUM_PACKAGES package update(s)'
+#
+# CUSTOM_SUBJECT=""
+
+# Set CUSTOM_NO_UPDATES_SUBJECT if you want to replace the default subject used
+# in the no update notification e-mails. This may help filtering/sorting
+# client-side e-mail.
+# If you want to use internal vars please use single quotes here. Ex:
+# $CUSTOM_NO_UPDATES_SUBJECT='[apticron] $SYSTEM: no updates'
+#
+# CUSTOM_NO_UPDATES_SUBJECT=""
+
+#
+# Set CUSTOM_FROM if you want to replace the default sender by changing the
+# 'From:' field used in the notification e-mails. Your default sender will
+# be something like root@ns1.uhu-banane.de.
+#
+# CUSTOM_FROM=""
--- /dev/null
+# System-wide .bashrc file for interactive bash(1) shells.
+
+# To enable the settings / commands in this file for login shells as well,
+# this file has to be sourced in /etc/profile.
+
+# If not running interactively, don't do anything
+[ -z "$PS1" ] && return
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+ debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, overwrite the one in /etc/profile)
+PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+
+# Commented out, don't overwrite xterm -T "title" -n "icontitle" by default.
+# If this is an xterm set the title to user@host:dir
+#case "$TERM" in
+#xterm*|rxvt*)
+# PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
+# ;;
+#*)
+# ;;
+#esac
+
+# enable bash completion in interactive shells
+#if ! shopt -oq posix; then
+# if [ -f /usr/share/bash-completion/bash_completion ]; then
+# . /usr/share/bash-completion/bash_completion
+# elif [ -f /etc/bash_completion ]; then
+# . /etc/bash_completion
+# fi
+#fi
+
+# if the command-not-found package is installed, use it
+if [ -x /usr/lib/command-not-found -o -x /usr/share/command-not-found/command-not-found ]; then
+ function command_not_found_handle {
+ # check because c-n-f could've been removed in the meantime
+ if [ -x /usr/lib/command-not-found ]; then
+ /usr/lib/command-not-found -- "$1"
+ return $?
+ elif [ -x /usr/share/command-not-found/command-not-found ]; then
+ /usr/share/command-not-found/command-not-found -- "$1"
+ return $?
+ else
+ printf "%s: command not found\n" "$1" >&2
+ return 127
+ fi
+ }
+fi
--- /dev/null
+. /usr/share/bash-completion/bash_completion
--- /dev/null
+# bash completion for Debian apache2 configuration tools
+
+_apache2_allcomp()
+{
+ command ls /etc/apache2/$1 2>/dev/null
+}
+
+_apache2_mods()
+{
+ COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 \
+ | sed -e 's/[.]load$//' -e 's/[.]conf$//' )' -- $cur ) )
+}
+
+_apache2_sites()
+{
+ COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 )' -- $cur ) )
+}
+
+_apache2_conf()
+{
+ COMPREPLY=( $( compgen -W '$( _apache2_allcomp $1 \
+ | sed -e 's/[.]conf$//' )' -- $cur ) )
+}
+
+_a2enmod()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_mods mods-available
+}
+complete -F _a2enmod a2enmod
+
+_a2ensite()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_sites sites-available
+}
+complete -F _a2ensite a2ensite
+
+_a2enconf()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_conf conf-available
+}
+complete -F _a2enconf a2enconf
+
+_a2dismod()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_mods mods-enabled
+}
+complete -F _a2dismod a2dismod
+
+_a2dissite()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_sites sites-enabled
+}
+complete -F _a2dissite a2dissite
+
+_a2disconf()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_conf conf-enabled
+}
+complete -F _a2disconf a2disconf
--- /dev/null
+have debconf-show &&
+_debconf_show()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+ COMPREPLY=($( compgen -W '--listowners --listdbs --db=' -- $cur ) \
+ $( apt-cache pkgnames -- $cur ) )
+}
+complete -F _debconf_show debconf-show
+
--- /dev/null
+_etckeeper() {
+ local cur;
+ COMPREPLY=();
+ cur=${COMP_WORDS[COMP_CWORD]};
+ COMPREPLY=( $( compgen -W '$(cd /etc/etckeeper/; for i in *.d/; do echo ${i%.d/}; done)' -- $cur ) );
+}
+
+complete -F _etckeeper etckeeper
--- /dev/null
+# fail2ban bash-completion -*- shell-script -*-
+#
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+__fail2ban_jails () {
+ "$1" status 2>/dev/null | awk -F"\t+" '/Jail list/{print $2}' | sed 's/, / /g'
+}
+
+_fail2ban () {
+ local cur prev words cword
+ _init_completion || return
+
+ case $prev in
+ -V|--version|-h|--help)
+ return 0 # No further completion valid
+ ;;
+ -c)
+ _filedir -d # Directories
+ return 0
+ ;;
+ -s|-p)
+ _filedir # Files
+ return 0
+ ;;
+ *)
+ if [[ "$cur" == "-"* ]];then
+ COMPREPLY=( $( compgen -W \
+ "$( _parse_help "$1" --help 2>/dev/null) -V" \
+ -- "$cur") )
+ return 0
+ fi
+ ;;
+ esac
+
+ if [[ "$1" == *"fail2ban-regex" ]];then
+ _filedir
+ return 0
+ elif [[ "$1" == *"fail2ban-client" ]];then
+ local cmd jail
+ case $prev in
+ "$1")
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ [a-z]+/{print $1}')" \
+ -- "$cur") )
+ return 0
+ ;;
+ start|reload|stop|status)
+ COMPREPLY=( $(compgen -W "$(__fail2ban_jails "$1")" -- "$cur" ) )
+ return 0
+ ;;
+ set|get)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ '$prev' [^<]/{print $2}')" \
+ -- "$cur") )
+ COMPREPLY+=( $(compgen -W "$(__fail2ban_jails "$1")" -- "$cur" ) )
+ return 0
+ ;;
+ *)
+ if [[ "${words[$cword-2]}" == "add" ]];then
+ COMPREPLY=( $( compgen -W "auto polling gamin pyinotify" -- "$cur" ) )
+ return 0
+ elif [[ "${words[$cword-2]}" == "set" || "${words[$cword-2]}" == "get" ]];then
+ cmd="${words[cword-2]}"
+ # Handle in section below
+ elif [[ "${words[$cword-3]}" == "set" || "${words[$cword-3]}" == "get" ]];then
+ cmd="${words[$cword-3]}"
+ jail="${words[$cword-2]}"
+ # Handle in section below
+ fi
+ ;;
+ esac
+
+ if [[ -z "$jail" && -n "$cmd" ]];then
+ case $prev in
+ loglevel)
+ if [[ "$cmd" == "set" ]];then
+ COMPREPLY=( $( compgen -W "0 1 2 3 4" -- "$cur" ) )
+ fi
+ return 0
+ ;;
+ logtarget)
+ if [[ "$cmd" == "set" ]];then
+ COMPREPLY=( $( compgen -W "STDOUT STDERR SYSLOG" -- "$cur" ) )
+ _filedir # And files
+ fi
+ return 0
+ ;;
+ *) # Jail name
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ '${cmd}' <JAIL>/{print $3}')" \
+ -- "$cur") )
+ return 0
+ ;;
+ esac
+ elif [[ -n "$jail" && "$cmd" == "set" ]];then
+ case $prev in
+ addlogpath)
+ _filedir
+ return 0
+ ;;
+ dellogpath|delignoreip)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F- '{print $2}')" \
+ -- "$cur" ) )
+ if [[ -z "$COMPREPLY" && "$prev" == "dellogpath" ]];then
+ _filedir
+ fi
+ return 0
+ ;;
+ delfailregex|delignoregex)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F"[][]" '{print $2}')" \
+ -- "$cur" ) )
+ return 0
+ ;;
+ unbanip)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" status "$jail" 2>/dev/null | awk -F"\t+" '/IP list:/{print $2}')" \
+ -- "$cur" ) )
+ return 0
+ ;;
+ idle)
+ COMPREPLY=( $( compgen -W "on off" -- "$cur" ) )
+ return 0
+ ;;
+ usedns)
+ COMPREPLY=( $( compgen -W "yes no warn" -- "$cur" ) )
+ return 0
+ ;;
+ esac
+ fi
+
+ fi # fail2ban-client
+} &&
+complete -F _fail2ban fail2ban-client fail2ban-server fail2ban-regex
--- /dev/null
+# In git versions < 1.7.12, this shell library was part of the
+# git completion script.
+#
+# Some users rely on the __git_ps1 function becoming available
+# when bash-completion is loaded. Continue to load this library
+# at bash-completion startup for now, to ease the transition to a
+# world order where the prompt function is requested separately.
+#
+if [[ -e /usr/lib/git-core/git-sh-prompt ]]; then
+ . /usr/lib/git-core/git-sh-prompt
+fi
--- /dev/null
+#
+# Bash completion for grub
+#
+# Copyright (C) 2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+# bash completion for grub
+
+__grub_dir() {
+ local i c=1 boot_dir
+
+ for (( c=1; c <= ${#COMP_WORDS[@]}; c++ )); do
+ i="${COMP_WORDS[c]}"
+ case "$i" in
+ --boot-directory)
+ c=$((++c))
+ i="${COMP_WORDS[c]}"
+ boot_dir="${i##*=}";
+ break
+ ;;
+ esac
+ done
+ boot_dir=${boot_dir-/boot}
+ echo "${boot_dir%/}/grub"
+}
+
+
+# This function generates completion reply with compgen
+# - arg: accepts 1, 2, 3, or 4 arguments
+# $1 wordlist separate by space, tab or newline
+# $2 (optional) prefix to add
+# $3 (optional) current word to complete
+# $4 (optional) suffix to add
+__grubcomp () {
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ if [ $# -gt 2 ]; then
+ cur="$3"
+ fi
+ case "$cur" in
+ --*=)
+ COMPREPLY=()
+ ;;
+ *)
+ local IFS=' '$'\t'$'\n'
+ COMPREPLY=($(compgen -P "${2-}" -W "${1-}" -S "${4-}" -- "$cur"))
+ ;;
+ esac
+}
+
+# Function that return long options from the help of the command
+# - arg: $1 (optional) command to get the long options from
+__grub_get_options_from_help () {
+ local prog
+
+ if [ $# -ge 1 ]; then
+ prog="$1"
+ else
+ prog="${COMP_WORDS[0]}"
+ fi
+
+ local i IFS=" "$'\t'$'\n'
+ for i in $(LC_ALL=C $prog --help)
+ do
+ case $i in
+ --*) echo "${i%=*}";;
+ esac
+ done
+}
+
+# Function that return long options from the usage of the command
+# - arg: $1 (optional) command to get the long options from
+__grub_get_options_from_usage () {
+ local prog
+
+ if [ $# -ge 1 ]; then
+ prog="$1"
+ else
+ prog="${COMP_WORDS[0]}"
+ fi
+
+ local i IFS=" "$'\t'$'\n'
+ for i in $(LC_ALL=C $prog --usage)
+ do
+ case $i in
+ \[--*\]) i=${i#[} # Remove leading [
+ echo ${i%%?(=*)]} # Remove optional value and trailing ]
+ ;;
+ esac
+ done
+}
+
+__grub_get_last_option () {
+ local i
+ for (( i=$COMP_CWORD-1; i > 0; i-- )); do
+ if [[ "${COMP_WORDS[i]}" == -* ]]; then
+ echo "${COMP_WORDS[i]}"
+ break;
+ fi
+ done
+}
+
+__grub_list_menuentries () {
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ local config_file=$(__grub_dir)/grub.cfg
+
+ if [ -f "$config_file" ];then
+ local IFS=$'\n'
+ COMPREPLY=( $(compgen \
+ -W "$( awk -F "[\"']" '/menuentry/ { print $2 }' $config_file )" \
+ -- "$cur" )) #'# Help emacs syntax highlighting
+ fi
+}
+
+__grub_list_modules () {
+ local grub_dir=$(__grub_dir)
+ local IFS=$'\n'
+ COMPREPLY=( $( compgen -f -X '!*/*.mod' -- "${grub_dir}/$cur" | {
+ while read -r tmp; do
+ [ -n $tmp ] && {
+ tmp=${tmp##*/}
+ printf '%s\n' ${tmp%.mod}
+ }
+ done
+ }
+ ))
+}
+
+#
+# grub-set-default & grub-reboot
+#
+_grub_set_entry () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ --boot-directory)
+ _filedir -d
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a menuentry
+ __grub_list_menuentries
+ fi
+}
+
+__grub_set_default_program="grub-set-default"
+have ${__grub_set_default_program} && \
+ complete -F _grub_set_entry -o filenames ${__grub_set_default_program}
+unset __grub_set_default_program
+
+__grub_reboot_program="grub-reboot"
+have ${__grub_reboot_program} && \
+ complete -F _grub_set_entry -o filenames ${__grub_reboot_program}
+unset __grub_reboot_program
+
+
+#
+# grub-editenv
+#
+_grub_editenv () {
+ local cur prev
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ case "$prev" in
+ create|list|set|unset)
+ COMPREPLY=( "" )
+ return
+ ;;
+ esac
+
+ __grubcomp "$(__grub_get_options_from_help)
+ create list set unset"
+}
+
+__grub_editenv_program="grub-editenv"
+have ${__grub_editenv_program} && \
+ complete -F _grub_editenv -o filenames ${__grub_editenv_program}
+unset __grub_editenv_program
+
+
+#
+# grub-mkconfig
+#
+_grub_mkconfig () {
+ local cur prev
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ _filedir
+ fi
+}
+__grub_mkconfig_program="grub-mkconfig"
+have ${__grub_mkconfig_program} && \
+ complete -F _grub_mkconfig -o filenames ${__grub_mkconfig_program}
+unset __grub_mkconfig_program
+
+
+#
+# grub-setup
+#
+_grub_setup () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -d|--directory)
+ _filedir -d
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+
+__grub_bios_setup_program="grub-bios-setup"
+have ${__grub_bios_setup_program} && \
+ complete -F _grub_setup -o filenames ${__grub_bios_setup_program}
+unset __grub_bios_setup_program
+
+__grub_sparc64_setup_program="grub-sparc64-setup"
+have ${__grub_sparc64_setup_program} && \
+ complete -F _grub_setup -o filenames ${__grub_sparc64_setup_program}
+unset __grub_sparc64_setup_program
+
+
+#
+# grub-install
+#
+_grub_install () {
+ local cur prev last split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ last=$(__grub_get_last_option)
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ --boot-directory)
+ _filedir -d
+ return
+ ;;
+ --disk-module)
+ __grubcomp "biosdisk ata"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ case "$last" in
+ --modules)
+ __grub_list_modules
+ return
+ ;;
+ esac
+
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_install_program="grub-install"
+have ${__grub_install_program} && \
+ complete -F _grub_install -o filenames ${__grub_install_program}
+unset __grub_install_program
+
+
+#
+# grub-mkfont
+#
+_grub_mkfont () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkfont_program="grub-mkfont"
+have ${__grub_mkfont_program} && \
+ complete -F _grub_mkfont -o filenames ${__grub_mkfont_program}
+unset __grub_mkfont_program
+
+
+#
+# grub-mkrescue
+#
+_grub_mkrescue () {
+ local cur prev last
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ last=$(__grub_get_last_option)
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ case "$last" in
+ --modules)
+ __grub_list_modules
+ return
+ ;;
+ esac
+
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkrescue_program="grub-mkrescue"
+have ${__grub_mkrescue_program} && \
+ complete -F _grub_mkrescue -o filenames ${__grub_mkrescue_program}
+unset __grub_mkrescue_program
+
+
+#
+# grub-mkimage
+#
+_grub_mkimage () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -d|--directory|-p|--prefix)
+ _filedir -d
+ return
+ ;;
+ -O|--format)
+ # Get available format from help
+ local prog=${COMP_WORDS[0]}
+ __grubcomp "$(LC_ALL=C $prog --help | \
+ awk -F ":" '/available formats/ { print $2 }' | \
+ sed 's/, / /g')"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkimage_program="grub-mkimage"
+have ${__grub_mkimage_program} && \
+ complete -F _grub_mkimage -o filenames ${__grub_mkimage_program}
+unset __grub_mkimage_program
+
+
+#
+# grub-mkpasswd-pbkdf2
+#
+_grub_mkpasswd_pbkdf2 () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkpasswd_pbkdf2_program="grub-mkpasswd-pbkdf2"
+have ${__grub_mkpasswd_pbkdf2_program} && \
+ complete -F _grub_mkpasswd_pbkdf2 -o filenames ${__grub_mkpasswd_pbkdf2_program}
+unset __grub_mkpasswd_pbkdf2_program
+
+
+#
+# grub-probe
+#
+_grub_probe () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -t|--target)
+ # Get target type from help
+ local prog=${COMP_WORDS[0]}
+ __grubcomp "$(LC_ALL=C $prog --help | \
+ awk -F "[()]" '/--target=/ { print $2 }' | \
+ sed 's/|/ /g')"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_probe_program="grub-probe"
+have ${__grub_probe_program} && \
+ complete -F _grub_probe -o filenames ${__grub_probe_program}
+unset __grub_probe_program
+
+
+#
+# grub-script-check
+#
+_grub_script_check () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_script_check_program="grub-script-check"
+have ${__grub_script_check_program} && \
+ complete -F _grub_script_check -o filenames ${__grub_script_check_program}
+
+
+# Local variables:
+# mode: shell-script
+# sh-basic-offset: 4
+# sh-indent-comment: t
+# indent-tabs-mode: nil
+# End:
+# ex: ts=4 sw=4 et filetype=sh
--- /dev/null
+# update-initramfs(8) completion
+
+_update_initramfs()
+{
+ local cur prev valid_options
+
+ # TODO: this can be "_get_comp_words_by_ref cur prev" once
+ # bash-completion >= 1.2 is available, see #537139
+ cur=$(_get_cword)
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ # The only option that takes an argument is -k
+ if [[ "$prev" == '-k' ]]; then
+ # Complete with kernel versions
+ _kernel_versions
+ COMPREPLY=( $( compgen -W '${COMPREPLY[@]} all' -- "$cur" ) )
+ return;
+ fi
+
+ # Complete with available options (obtained from -h)
+ valid_options=$( update-initramfs -h 2>&1 | \
+ sed -e '/^ -/!d;s/^ \(-\w\+\).*/\1/' )
+ COMPREPLY=( $( compgen -W "$valid_options" -- $cur ) )
+}
+
+complete -F _update_initramfs update-initramfs
--- /dev/null
+# insserv(8) completion
+#
+# Copyright (c) 2009 Kel Modderman <kel@otaku42.de>
+#
+
+have insserv &&
+_insserv()
+{
+ local cur prev sysvdir services options
+
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ [ -d /etc/rc.d/init.d ] && sysvdir=/etc/rc.d/init.d \
+ || sysvdir=/etc/init.d
+
+ services=( $(echo $sysvdir/!(README*|*.dpkg*|*.rpm@(orig|new|save))) )
+ services=( ${services[@]#$sysvdir/} )
+ options=( -c --config -d -f -n -o --override -p --path -r -v )
+
+ case "$prev" in
+ -c|--config)
+ _filedir
+ ;;
+ -o|--override|-p|--path)
+ _filedir -d
+ ;;
+ *)
+ COMPREPLY=( $( compgen -W '${options[@]} ${services[@]}' -- \
+ $cur ) )
+ ;;
+ esac
+
+ return 0
+} &&
+complete -F _insserv insserv
--- /dev/null
+# /etc/bash_completion.d/isoquery
+# Programmable Bash command completion for the ‘isoquery’ command.
+
+shopt -s progcomp
+
+_isoquery_completion () {
+ local cur prev opts
+
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+
+ opts="-h --help -v --version"
+ opts="${opts} -i --iso -x --xmlfile -l --locale -0 --null"
+ opts="${opts} -n --name -o --official_name -c --common_name"
+
+ case "${prev}" in
+ -i|--iso)
+ local standards=(639 639-3 639-5 3166 3166-2 4217 15924)
+ COMPREPLY=( $(compgen -W "${standards[*]}" -- ${cur}) )
+ ;;
+
+ -x|--xmlfile)
+ COMPREPLY=( $(compgen -A file -- ${cur}) )
+ ;;
+
+ -l|--locale)
+ local locale_names=$(locale --all-locales)
+ COMPREPLY=( $(compgen -W "${locale_names}" -- ${cur}) )
+ ;;
+
+ *)
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ ;;
+ esac
+}
+
+complete -F _isoquery_completion isoquery
+
+
+# Local variables:
+# coding: utf-8
+# mode: shell-script
+# End:
+# vim: fileencoding=utf-8 filetype=bash :
--- /dev/null
+# written by David Pravec
+# - feel free to /msg alekibango on IRC if you want to talk about this file
+
+# TODO: check if --config|-c was used and use configured config file for queries
+# TODO: solve somehow completion for salt -G pythonversion:[tab]
+# (not sure what to do with lists)
+# TODO: --range[tab] -- how?
+# TODO: -E --exsel[tab] -- how?
+# TODO: --compound[tab] -- how?
+# TODO: use history to extract some words, esp. if ${cur} is empty
+# TODO: TEST EVERYTING a lot
+# TODO: cache results of some functions? where? how long?
+# TODO: is it ok to use '--timeout 2' ?
+
+
+_salt_get_grains(){
+ if [ "$1" = 'local' ] ; then
+ salt-call --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d ",']" |sed 's:\([a-z0-9]\) :\1\: :g'
+ else
+ salt '*' --timeout 2 --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d ",']" |sed 's:\([a-z0-9]\) :\1\: :g'
+ fi
+}
+
+_salt_get_grain_values(){
+ if [ "$1" = 'local' ] ; then
+ salt-call --out=txt -- grains.item $1 |sed 's/^\S*:\s//' |grep -v '^\s*$'
+ else
+ salt '*' --timeout 2 --out=txt -- grains.item $1 |sed 's/^\S*:\s//' |grep -v '^\s*$'
+ fi
+}
+
+
+_salt(){
+ local cur prev opts _salt_grains _salt_coms pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+
+ opts="-h --help -d --doc --documentation --version --versions-report -c \
+ --config-dir= -v --verbose -t --timeout= -s --static -b --batch= \
+ --batch-size= -E --pcre -L --list -G --grain --grain-pcre -N \
+ --nodegroup -R --range -C --compound -X --exsel -I --pillar \
+ --return= -a --auth= --eauth= --extended-auth= -T --make-token -S \
+ --ipcidr --out=pprint --out=yaml --out=overstatestage --out=json \
+ --out=raw --out=highstate --out=key --out=txt --no-color --out-indent= "
+
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ # 2 special cases for filling up grain values
+ case "${pprev}" in
+ -G|--grain|--grain-pcre)
+ if [ "${cur}" = ":" ]; then
+ COMPREPLY=($(compgen -W "`_salt_get_grain_values ${prev}`" ))
+ return 0
+ fi
+ ;;
+ esac
+ case "${ppprev}" in
+ -G|--grain|--grain-pcre)
+ if [ "${prev}" = ":" ]; then
+ COMPREPLY=( $(compgen -W "`_salt_get_grain_values ${pprev}`" -- ${cur}) )
+ return 0
+ fi
+ ;;
+ esac
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case "${prev}" in
+
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ salt)
+ COMPREPLY=($(compgen -W "\'*\' ${opts} `salt-key --no-color -l acc`" -- ${cur}))
+ return 0
+ ;;
+ -E|--pcre)
+ COMPREPLY=($(compgen -W "`salt-key --no-color -l acc`" -- ${cur}))
+ return 0
+ ;;
+ -G|--grain|--grain-pcre)
+ COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur}))
+ return 0
+ ;;
+ -C|--compound)
+ COMPREPLY=() # TODO: finish this one? how?
+ return 0
+ ;;
+ -t|--timeout)
+ COMPREPLY=($( compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 60 90 120 180" -- ${cur}))
+ return 0
+ ;;
+ -b|--batch|--batch-size)
+ COMPREPLY=($(compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 50 60 70 80 90 100 120 150 200"))
+ return 0
+ ;;
+ -X|--exsel) # TODO: finish this one? how?
+ return 0
+ ;;
+ -N|--nodegroup)
+ MASTER_CONFIG='/etc/salt/master'
+ COMPREPLY=($(compgen -W "`awk -F ':' 'BEGIN {print_line = 0}; /^nodegroups/ {print_line = 1;getline } print_line && /^ */ {print $1} /^[^ ]/ {print_line = 0}' <${MASTER_CONFIG}`" -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ _salt_coms="$(salt '*' --timeout 2 --out=txt -- sys.list_functions | sed 's/^.*\[//' | tr -d ",']" )"
+ all="${opts} ${_salt_coms}"
+ COMPREPLY=( $(compgen -W "${all}" -- ${cur}) )
+
+ return 0
+}
+
+complete -F _salt salt
+
+
+_saltkey(){
+ local cur prev opts prev pprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-c --config-dir= -h --help --version --versions-report -q --quiet \
+ -y --yes --gen-keys= --gen-keys-dir= --keysize= --key-logfile= \
+ -l --list= -L --list-all -a --accept= -A --accept-all \
+ -r --reject= -R --reject-all -p --print= -P --print-all \
+ -d --delete= -D --delete-all -f --finger= -F --finger-all \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case "${prev}" in
+ -a|--accept)
+ COMPREPLY=($(compgen -W "$(salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -r|--reject)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -d|--delete)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ --keysize)
+ COMPREPLY=($(compgen -W "2048 3072 4096 5120 6144" -- ${cur}))
+ return 0
+ ;;
+ --gen-keys)
+ return 0
+ ;;
+ --gen-keys-dir)
+ COMPREPLY=($(compgen -d -- ${cur}))
+ return 0
+ ;;
+ -p|--print)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -l|--list)
+ COMPREPLY=($(compgen -W "pre un acc accepted unaccepted rej rejected all" -- ${cur}))
+ return 0
+ ;;
+ --accept-all)
+ return 0
+ ;;
+ esac
+ COMPREPLY=($(compgen -W "${opts} " -- ${cur}))
+ return 0
+}
+
+complete -F _saltkey salt-key
+
+_saltcall(){
+ local cur prev opts _salt_coms pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-h --help -d --doc --documentation --version --versions-report \
+ -m --module-dirs= -g --grains --return= --local -c --config-dir= -l --log-level= \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ ${prev} == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ ${pprev} == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case ${prev} in
+ -m|--module-dirs)
+ COMPREPLY=( $(compgen -d ${cur} ))
+ return 0
+ ;;
+ -l|--log-level)
+ COMPREPLY=( $(compgen -W "info none garbage trace warning error debug" -- ${cur}))
+ return 0
+ ;;
+ -g|grains)
+ return 0
+ ;;
+ salt-call)
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ _salt_coms="$(salt-call --out=txt -- sys.list_functions|sed 's/^.*\[//' | tr -d ",']" )"
+ COMPREPLY=( $(compgen -W "${opts} ${_salt_coms}" -- ${cur} ))
+ return 0
+}
+
+complete -F _saltcall salt-call
+
+
+_saltcp(){
+ local cur prev opts target prefpart postpart helper filt pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-t --timeout= -s --static -b --batch= --batch-size= \
+ -h --help --version --versions-report -c --config-dir= \
+ -E --pcre -L --list -G --grain --grain-pcre -N --nodegroup \
+ -R --range -C --compound -X --exsel -I --pillar \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev=${pprev}
+ fi
+
+ case ${prev} in
+ salt-cp)
+ COMPREPLY=($(compgen -W "${opts} `salt-key -l acc --no-color`" -- ${cur}))
+ return 0
+ ;;
+ -t|--timeout)
+ # those numbers are just a hint
+ COMPREPLY=($(compgen -W "2 3 4 8 10 15 20 25 30 40 60 90 120 180 240 300" -- ${cur} ))
+ return 0
+ ;;
+ -E|--pcre)
+ COMPREPLY=($(compgen -W "`salt-key -l acc --no-color`" -- ${cur}))
+ return 0
+ ;;
+ -L|--list)
+ # IMPROVEMENTS ARE WELCOME
+ prefpart="${cur%,*},"
+ postpart=${cur##*,}
+ filt="^\($(echo ${cur}| sed 's:,:\\|:g')\)$"
+ helper=($(salt-key -l acc --no-color | grep -v "${filt}" | sed "s/^/${prefpart}/"))
+ COMPREPLY=($(compgen -W "${helper[*]}" -- ${cur}))
+
+ return 0
+ ;;
+ -G|--grain|--grain-pcre)
+ COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur}))
+ return 0
+ ;;
+ # FIXME
+ -R|--range)
+ # FIXME ??
+ return 0
+ ;;
+ -C|--compound)
+ # FIXME ??
+ return 0
+ ;;
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ # default is using opts:
+ COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
+}
+
+complete -F _saltcp salt-cp
--- /dev/null
+complete -W "--msgbox --yesno --infobox --inputbox --passwordbox --textbox --menu --checklist \
+ --radiochecklist --gauge --clear --defaultno --default-item \
+ --fb --nocancel --yes-button --no-button --ok-button \
+ --cancel-button -noitem --separate-output --output-fd \
+ --title --backtitle -scrolltext --toplefti \
+ --help" -f whiptail
--- /dev/null
+/* $Id: bind.keys,v 1.7 2011/01/03 23:45:07 each Exp $ */
+# The bind.keys file is used to override the built-in DNSSEC trust anchors
+# which are included as part of BIND 9. As of the current release, the only
+# trust anchors it contains are those for the DNS root zone ("."), and for
+# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors
+# for any other zones MUST be configured elsewhere; if they are configured
+# here, they will not be recognized or used by named.
+#
+# The built-in trust anchors are provided for convenience of configuration.
+# They are not activated within named.conf unless specifically switched on.
+# To use the built-in root key, set "dnssec-validation auto;" in
+# named.conf options. To use the built-in DLV key, set
+# "dnssec-lookaside auto;". Without these options being set,
+# the keys in this file are ignored.
+#
+# This file is NOT expected to be user-configured.
+#
+# These keys are current as of January 2011. If any key fails to
+# initialize correctly, it may have expired. In that event you should
+# replace this file with a current version. The latest version of
+# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys.
+
+managed-keys {
+ # ISC DLV: See https://www.isc.org/solutions/dlv for details.
+ # NOTE: This key is activated by setting "dnssec-lookaside auto;"
+ # in named.conf.
+ dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2
+ brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+
+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5
+ ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk
+ Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM
+ QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt
+ TDN0YUuWrBNh";
+
+ # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml
+ # for current trust anchor information.
+ # NOTE: This key is activated by setting "dnssec-validation auto;"
+ # in named.conf.
+ . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
+ FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
+ bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
+ X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
+ W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
+ Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
+ QxA+Uk1ihz0=";
+};
--- /dev/null
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+1.0.0 IN PTR localhost.
--- /dev/null
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL 86400
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 86400 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+;
+; BIND data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 2 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+@ IN A 127.0.0.1
+@ IN AAAA ::1
--- /dev/null
+; This file holds the information on root name servers needed to
+; initialize cache of Internet domain name servers
+; (e.g. reference this file in the "cache . <file>"
+; configuration file of BIND domain name servers).
+;
+; This file is made available by InterNIC
+; under anonymous FTP as
+; file /domain/named.cache
+; on server FTP.INTERNIC.NET
+; -OR- RS.INTERNIC.NET
+;
+; last update: Jan 3, 2013
+; related version of root zone: 2013010300
+;
+; formerly NS.INTERNIC.NET
+;
+. 3600000 IN NS A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
+;
+; FORMERLY NS1.ISI.EDU
+;
+. 3600000 NS B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
+;
+; FORMERLY C.PSI.NET
+;
+. 3600000 NS C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
+;
+; FORMERLY TERP.UMD.EDU
+;
+. 3600000 NS D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
+;
+; FORMERLY NS.NASA.GOV
+;
+. 3600000 NS E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
+;
+; FORMERLY NS.ISC.ORG
+;
+. 3600000 NS F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
+;
+; FORMERLY NS.NIC.DDN.MIL
+;
+. 3600000 NS G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
+;
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+. 3600000 NS H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
+;
+; FORMERLY NIC.NORDU.NET
+;
+. 3600000 NS I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
+;
+; OPERATED BY VERISIGN, INC.
+;
+. 3600000 NS J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
+;
+; OPERATED BY RIPE NCC
+;
+. 3600000 NS K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
+;
+; OPERATED BY ICANN
+;
+. 3600000 NS L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
+;
+; OPERATED BY WIDE
+;
+. 3600000 NS M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
+; End of File
--- /dev/null
+dns-uhu-banane. IN KEY 512 3 157 eMhLmrsWxS28+oUnhbjwE6xYhMCvDKtsEBEc6TzD62mPMQ3R57xDb6McBAduXo56/a1xOtrX/tFs4CVnDnYdMw==
--- /dev/null
+Private-key-format: v1.3
+Algorithm: 157 (HMAC_MD5)
+Key: eMhLmrsWxS28+oUnhbjwE6xYhMCvDKtsEBEc6TzD62mPMQ3R57xDb6McBAduXo56/a1xOtrX/tFs4CVnDnYdMw==
+Bits: AAA=
+Created: 20160308220200
+Publish: 20160308220200
+Activate: 20160308220200
--- /dev/null
+dyn-dns-updater. IN KEY 0 3 157 gi69Yjzo1OSPVQ/oTTgw+Q==
--- /dev/null
+Private-key-format: v1.2
+Algorithm: 157 (HMAC_MD5)
+Key: gi69Yjzo1OSPVQ/oTTgw+Q==
+Bits: AAA=
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Access-Control-Listen
+//# /etc/bind/named-acl.conf
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Access-Control-Listen
+
+#----------------------------------------
+acl allow-dyn-update {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 85.214.134.152;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl allow-notify {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 85.214.134.152;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl allow-recursion {
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 85.214.134.152;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 138.201.28.135;
+ 138.201.28.184;
+ 138.201.28.185;
+ 138.201.28.186;
+ 2a01:4f8:171:3006::/64;
+ 127.0.0.0/8;
+ ::1/128;
+ fe80::/10;
+};
+
+#----------------------------------------
+acl also-notify-acwain {
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+};
+
+#----------------------------------------
+acl also-notify-boreus {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+};
+
+#----------------------------------------
+acl also-notify-uhu-banane {
+ 185.48.118.128;
+ 162.254.24.33;
+};
+
+#----------------------------------------
+acl common-allow-transfer {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 85.214.134.152;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+ 144.76.221.169;
+ 2a01:4f8:200:94a8::2;
+ 138.201.28.135;
+ 2a01:4f8:171:3006::2;
+ 185.48.118.128;
+ 162.254.24.33;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 127.0.0.1;
+ ::1;
+};
+
+#----------------------------------------
+acl local-host-ips {
+ 127.0.0.1/8;
+ ::1/128;
+};
+
+#----------------------------------------
+acl local-net-ips {
+ 127.0.0.0/8;
+ 10.0.0.0/8;
+ 172.16.0.0/12;
+ 192.168.0.0/16;
+ ::1/128;
+ fe80::/10;
+};
+
+#----------------------------------------
+acl private-net-ips {
+ 10.12.11.0/24;
+ 46.16.73.175;
+ 2001:4dd0:ff00:cd3::2;
+ 2a02:8109:ae3f:fa04:5604:a6ff:fe38:99f9;
+ 85.214.134.152;
+ 2a01:238:4225:6e00:8f8c:808a:7fb8:88df;
+ 185.102.95.107;
+ 2a06:2380:0:1::3a;
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Dynamische Zonen
+//# /etc/bind/named-dyn.conf
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+
+zone "dyn.brehm-online.com" {
+ type slave;
+ file "dyn.brehm-online.com.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "dyn.uhu-banane.de" {
+ type slave;
+ file "dyn.uhu-banane.de.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Logging
+//# /etc/bind/named-log.conf
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Angaben zum Logging
+
+logging {
+
+ //---------------------------------------
+ // Channels
+
+ channel complete_debug {
+ file "/var/log/bind/complete-debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 99;
+ };
+
+ channel logtofile {
+ file "/var/log/bind/named.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity info;
+ };
+
+ channel moderate_debug {
+ file "/var/log/bind/debug.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity debug 1;
+ };
+
+ channel query_logging {
+ file "/var/log/bind/query.log";
+ print-time yes;
+ };
+
+ channel security_file {
+ file "/var/log/bind/security.log";
+ print-category yes;
+ print-severity yes;
+ print-time yes;
+ severity dynamic;
+ };
+
+ channel syslog-warning {
+ syslog daemon;
+ severity warning;
+ };
+
+
+ //---------------------------------------
+ // Categories
+
+ category default {
+ default_debug;
+ logtofile;
+ };
+
+ category general {
+ logtofile;
+ syslog-warning;
+ };
+
+ category lame-servers {
+ null;
+ };
+
+ category queries {
+ query_logging;
+ };
+
+ category security {
+ security_file;
+ };
+
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Primaere Zonen
+//# /etc/bind/named-pri.conf
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Master-Zonen (Primary)
+
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei - Sekundaere Zonen
+//# /etc/bind/named-sec
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+//###############################################################
+//# Slave-Zonen (Secondary)
+
+
+zone "0.0.0.0.7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ file "rev.2001-6f8-1db7-0.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "0.0.0.1.6.0.0.3.1.7.1.0.8.f.4.0.1.0.a.2.ip6.arpa" {
+ type slave;
+ file "rev.2a01-4f8-171-3006-1000.zone";
+ masters {
+ 138.201.28.135;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "0.29.172.in-addr.arpa" {
+ type slave;
+ file "rev.172.29.0.zone";
+ masters {
+ 144.76.221.169;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "0.31.172.in-addr.arpa" {
+ type slave;
+ file "rev.172.31.0.zone";
+ masters {
+ 138.201.28.135;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "11.12.10.in-addr.arpa" {
+ type slave;
+ file "rev.10.12.11.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "20.12.10.in-addr.arpa" {
+ type slave;
+ file "rev.10.12.20.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "7.b.d.1.8.f.6.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ file "rev.2001-6f8-1db7.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "brehm-berlin.de" {
+ type slave;
+ file "brehm-berlin.de.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "brehm-online.eu" {
+ type slave;
+ file "brehm-online.eu.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "frankepedia.eu" {
+ type slave;
+ file "frankepedia.eu.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "home.brehm-online.com" {
+ type slave;
+ file "home.brehm-online.com.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "nexunus.com" {
+ type slave;
+ file "nexunus.com.zone";
+ masters {
+ 138.201.28.135;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "nexunus.de" {
+ type slave;
+ file "nexunus.de.zone";
+ masters {
+ 138.201.28.135;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "nexunus.net" {
+ type slave;
+ file "nexunus.net.zone";
+ masters {
+ 138.201.28.135;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "planetec.de" {
+ type slave;
+ file "planetec.de.zone";
+ masters {
+ 144.76.221.169;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "uhu-banane.com" {
+ type slave;
+ file "uhu-banane.com.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "uhu-banane.eu" {
+ type slave;
+ file "uhu-banane.eu.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "uhu-banane.net" {
+ type slave;
+ file "uhu-banane.net.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+zone "uhu-banane.org" {
+ type slave;
+ file "uhu-banane.org.zone";
+ masters {
+ 185.102.95.107;
+ };
+ allow-transfer {
+ common-allow-transfer;
+ };
+};
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei
+//# /etc/bind/named.conf
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+// access control lists
+include "/etc/bind/named-acl.conf";
+
+// global options
+include "/etc/bind/named.conf.options";
+
+// logging configuration
+include "/etc/bind/named-log.conf";
+
+// local configuration
+include "/etc/bind/named.conf.local";
+
+// Default zones
+include "/etc/bind/named.conf.default-zones";
+
+// master zones
+include "/etc/bind/named-pri.conf";
+
+// dynamic zones
+include "/etc/bind/named-dyn.conf";
+
+// slave zones
+include "/etc/bind/named-sec.conf";
+
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Default zones
+//# /etc/bind/named.conf.default-zones
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+// prime the server with knowledge of the root servers
+zone "." {
+ type hint;
+ file "/etc/bind/db.root";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+ type master;
+ file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.255";
+};
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Lokeles Geruempel
+//# /etc/bind/named.conf.local
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+include "/etc/bind/zones.rfc1918";
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei for general options
+//# /etc/bind/named.conf.options
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+
+//###############################################################
+//# Allgemeine Optionen
+
+options {
+
+ directory "/var/cache/bind";
+
+ // If there is a firewall between you and nameservers you want
+ // to talk to, you may need to fix the firewall to allow multiple
+ // ports to talk. See http://www.kb.cert.org/vuls/id/800113
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+ // forwarders {
+ // 0.0.0.0;
+ // };
+
+ /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */
+ //bindkeys-file "/etc/bind/bind.keys";
+
+ listen-on-v6 { any; };
+ listen-on { any; };
+
+ allow-notify {
+ allow-notify;
+ };
+
+ allow-recursion {
+ allow-recursion;
+ };
+
+ //========================================================================
+ // If BIND logs error messages about the root key being expired,
+ // you will need to update your keys. See https://www.isc.org/bind-keys
+ //========================================================================
+ //dnssec-enable yes;
+ dnssec-validation auto;
+
+ /*
+ * As of bind 9.8.0:
+ * "If the root key provided has expired,
+ * named will log the expiration and validation will not work."
+ */
+ //dnssec-validation auto;
+
+ /* if you have problems and are behind a firewall: */
+ //query-source address * port 53;
+
+ // pid-file "/var/run/named/named.pid";
+
+ version "none";
+
+};
+
+// Managed Keys
+include "/etc/bind/bind.keys";
+
+key "dyn-dns-updater" {
+ algorithm hmac-md5;
+ secret "gi69Yjzo1OSPVQ/oTTgw+Q==";
+};
+
+//###############################################################
+//# Kontrollkanäle für RNDC
+
+include "/etc/bind/rndc.key";
+
+controls {
+ inet 127.0.0.1 port 953 allow {
+ 127.0.0.1;
+ ::1/128;
+ } keys {
+ "rndc-key";
+ };
+};
+
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+key "rndc-key" {
+ algorithm hmac-md5;
+ secret "eMhLmrsWxS28+oUnhbjwE6xYhMCvDKtsEBEc6TzD62mPMQ3R57xDb6McBAduXo56/a1xOtrX/tFs4CVnDnYdMw==";
+};
--- /dev/null
+//###############################################################
+//# Bind9-Konfigurationsdatei Default zones RFC 1918
+//# /etc/bind/zones.rfc1918
+//#
+//# Host ns1.uhu-banane.de
+//#
+//###############################################################
+
+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+
+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+
+# vim: ts=4 filetype=named noai
--- /dev/null
+#
+# This file contains a list of port numbers between 600 and 1024,
+# which should not be used by bindresvport. bindresvport is mostly
+# called by RPC services. This mostly solves the problem, that a
+# RPC service uses a well known port of another service.
+#
+631 # cups
+636 # ldaps
+655 # tinc
+774 # rpasswd
+783 # spamd
+873 # rsync
+921 # lwresd
+993 # imaps
+995 # pops
--- /dev/null
+# BYOBU_BACKEND can currently be "screen" or "tmux"
+# Override this on a per-user basis by editing "$BYOBU_CONFIG_DIR/backend"
+# or by launching either "byobu-screen" or "byobu-tmux" instead of "byobu".
+BYOBU_BACKEND="tmux"
--- /dev/null
+# Set the location of the socket directory that byobu will use.
+# On Debian/Ubuntu systems, this is in /var/run/screen, but on
+# other distros, it might be elsewhere, such as /tmp/screens
+# depending on your compilation.
+#
+# This file will be sourced by both shell scripts and python code,
+# so please ensure that:
+# * the variable name is SOCKETDIR
+# * there is no space around the "="
+# * and that the path value is quoted
+SOCKETDIR="/var/run/screen"
--- /dev/null
+# This file lists certificates that you wish to use or to ignore to be
+# installed in /etc/ssl/certs.
+# update-ca-certificates(8) will update /etc/ssl/certs by reading this file.
+#
+# This is autogenerated by dpkg-reconfigure ca-certificates.
+# Certificates should be installed under /usr/share/ca-certificates
+# and files with extension '.crt' is recognized as available certs.
+#
+# line begins with # is comment.
+# line begins with ! is certificate filename to be deselected.
+#
+mozilla/ACCVRAIZ1.crt
+mozilla/ACEDICOM_Root.crt
+mozilla/AC_Raíz_Certicámara_S.A..crt
+mozilla/Actalis_Authentication_Root_CA.crt
+mozilla/AddTrust_External_Root.crt
+mozilla/AddTrust_Low-Value_Services_Root.crt
+mozilla/AddTrust_Public_Services_Root.crt
+mozilla/AddTrust_Qualified_Certificates_Root.crt
+mozilla/AffirmTrust_Commercial.crt
+mozilla/AffirmTrust_Networking.crt
+mozilla/AffirmTrust_Premium.crt
+mozilla/AffirmTrust_Premium_ECC.crt
+mozilla/ApplicationCA_-_Japanese_Government.crt
+mozilla/Atos_TrustedRoot_2011.crt
+mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
+mozilla/Baltimore_CyberTrust_Root.crt
+mozilla/Buypass_Class_2_CA_1.crt
+mozilla/Buypass_Class_2_Root_CA.crt
+mozilla/Buypass_Class_3_Root_CA.crt
+mozilla/CA_Disig.crt
+mozilla/CA_Disig_Root_R1.crt
+mozilla/CA_Disig_Root_R2.crt
+mozilla/Camerfirma_Chambers_of_Commerce_Root.crt
+mozilla/Camerfirma_Global_Chambersign_Root.crt
+mozilla/CA_WoSign_ECC_Root.crt
+mozilla/Certification_Authority_of_WoSign_G2.crt
+mozilla/Certigna.crt
+mozilla/Certinomis_-_Autorité_Racine.crt
+mozilla/Certinomis_-_Root_CA.crt
+mozilla/Certplus_Class_2_Primary_CA.crt
+mozilla/certSIGN_ROOT_CA.crt
+mozilla/Certum_Root_CA.crt
+mozilla/Certum_Trusted_Network_CA.crt
+mozilla/CFCA_EV_ROOT.crt
+mozilla/Chambers_of_Commerce_Root_-_2008.crt
+mozilla/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
+mozilla/CNNIC_ROOT.crt
+mozilla/Comodo_AAA_Services_root.crt
+mozilla/COMODO_Certification_Authority.crt
+mozilla/COMODO_ECC_Certification_Authority.crt
+mozilla/COMODO_RSA_Certification_Authority.crt
+mozilla/Comodo_Secure_Services_root.crt
+mozilla/Comodo_Trusted_Services_root.crt
+mozilla/ComSign_CA.crt
+mozilla/Cybertrust_Global_Root.crt
+mozilla/Deutsche_Telekom_Root_CA_2.crt
+mozilla/DigiCert_Assured_ID_Root_CA.crt
+mozilla/DigiCert_Assured_ID_Root_G2.crt
+mozilla/DigiCert_Assured_ID_Root_G3.crt
+mozilla/DigiCert_Global_Root_CA.crt
+mozilla/DigiCert_Global_Root_G2.crt
+mozilla/DigiCert_Global_Root_G3.crt
+mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
+mozilla/DigiCert_Trusted_Root_G4.crt
+mozilla/DST_ACES_CA_X6.crt
+mozilla/DST_Root_CA_X3.crt
+mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
+mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
+mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
+mozilla/EC-ACC.crt
+mozilla/EE_Certification_Centre_Root_CA.crt
+mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
+mozilla/Entrust_Root_Certification_Authority.crt
+mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
+mozilla/Entrust_Root_Certification_Authority_-_G2.crt
+mozilla/ePKI_Root_Certification_Authority.crt
+mozilla/Equifax_Secure_CA.crt
+mozilla/Equifax_Secure_eBusiness_CA_1.crt
+mozilla/Equifax_Secure_Global_eBusiness_CA.crt
+mozilla/E-Tugra_Certification_Authority.crt
+mozilla/GeoTrust_Global_CA_2.crt
+mozilla/GeoTrust_Global_CA.crt
+mozilla/GeoTrust_Primary_Certification_Authority.crt
+mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
+mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt
+mozilla/GeoTrust_Universal_CA_2.crt
+mozilla/GeoTrust_Universal_CA.crt
+mozilla/Global_Chambersign_Root_-_2008.crt
+mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
+mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
+mozilla/GlobalSign_Root_CA.crt
+mozilla/GlobalSign_Root_CA_-_R2.crt
+mozilla/GlobalSign_Root_CA_-_R3.crt
+mozilla/Go_Daddy_Class_2_CA.crt
+mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
+mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
+mozilla/Hongkong_Post_Root_CA_1.crt
+mozilla/IdenTrust_Commercial_Root_CA_1.crt
+mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
+mozilla/IGC_A.crt
+mozilla/Izenpe.com.crt
+mozilla/Juur-SK.crt
+mozilla/Microsec_e-Szigno_Root_CA_2009.crt
+mozilla/Microsec_e-Szigno_Root_CA.crt
+mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
+mozilla/NetLock_Business_=Class_B=_Root.crt
+mozilla/NetLock_Express_=Class_C=_Root.crt
+mozilla/NetLock_Notary_=Class_A=_Root.crt
+mozilla/NetLock_Qualified_=Class_QA=_Root.crt
+mozilla/Network_Solutions_Certificate_Authority.crt
+mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt
+mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
+mozilla/PSCProcert.crt
+mozilla/QuoVadis_Root_CA_1_G3.crt
+mozilla/QuoVadis_Root_CA_2.crt
+mozilla/QuoVadis_Root_CA_2_G3.crt
+mozilla/QuoVadis_Root_CA_3.crt
+mozilla/QuoVadis_Root_CA_3_G3.crt
+mozilla/QuoVadis_Root_CA.crt
+mozilla/Root_CA_Generalitat_Valenciana.crt
+mozilla/RSA_Security_2048_v3.crt
+mozilla/Secure_Global_CA.crt
+mozilla/SecureSign_RootCA11.crt
+mozilla/SecureTrust_CA.crt
+mozilla/Security_Communication_EV_RootCA1.crt
+mozilla/Security_Communication_RootCA2.crt
+mozilla/Security_Communication_Root_CA.crt
+mozilla/Sonera_Class_1_Root_CA.crt
+mozilla/Sonera_Class_2_Root_CA.crt
+mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
+mozilla/Staat_der_Nederlanden_Root_CA.crt
+mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
+mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
+mozilla/Starfield_Class_2_CA.crt
+mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
+mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
+mozilla/StartCom_Certification_Authority_2.crt
+mozilla/StartCom_Certification_Authority.crt
+mozilla/StartCom_Certification_Authority_G2.crt
+mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
+mozilla/S-TRUST_Universal_Root_CA.crt
+mozilla/Swisscom_Root_CA_1.crt
+mozilla/Swisscom_Root_CA_2.crt
+mozilla/Swisscom_Root_EV_CA_2.crt
+mozilla/SwissSign_Gold_CA_-_G2.crt
+mozilla/SwissSign_Platinum_CA_-_G2.crt
+mozilla/SwissSign_Silver_CA_-_G2.crt
+mozilla/Taiwan_GRCA.crt
+mozilla/TC_TrustCenter_Class_3_CA_II.crt
+mozilla/TeliaSonera_Root_CA_v1.crt
+mozilla/thawte_Primary_Root_CA.crt
+mozilla/thawte_Primary_Root_CA_-_G2.crt
+mozilla/thawte_Primary_Root_CA_-_G3.crt
+mozilla/Trustis_FPS_Root_CA.crt
+mozilla/T-TeleSec_GlobalRoot_Class_2.crt
+mozilla/T-TeleSec_GlobalRoot_Class_3.crt
+mozilla/TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
+mozilla/TURKTRUST_Certificate_Services_Provider_Root_2007.crt
+mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt
+mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt
+mozilla/TWCA_Global_Root_CA.crt
+mozilla/TWCA_Root_Certification_Authority.crt
+mozilla/USERTrust_ECC_Certification_Authority.crt
+mozilla/USERTrust_RSA_Certification_Authority.crt
+mozilla/UTN_USERFirst_Email_Root_CA.crt
+mozilla/UTN_USERFirst_Hardware_Root_CA.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
+mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt
+mozilla/VeriSign_Universal_Root_Certification_Authority.crt
+mozilla/Visa_eCommerce_Root.crt
+mozilla/WellsSecure_Public_Root_Certificate_Authority.crt
+mozilla/WoSign_China.crt
+mozilla/WoSign.crt
+mozilla/XRamp_Global_CA_Root.crt
+spi-inc.org/spi-cacert-2008.crt
--- /dev/null
+/* This is the system-wide default calendar file, used if calendar(1)
+ * is invoked by a user without a ~/calendar or ~/.calendar/calendar file.
+ * It may be edited or even deleted to reflect local policy.
+ *
+ * In the standard setup, we simply include the default calendar
+ * definitions from /usr/share/calendar/calendar.all. If you want
+ * only some of those definitions, copy calendar.all to /etc/calendar
+ * and edit it there. That way, your changes will be kept next time
+ * you upgrade.
+ *
+ * The search path for include files is:
+ * /etc/calendar
+ * /usr/share/calendar
+ */
+#include "calendar.all"
--- /dev/null
+# This the default chrony.conf file for the Debian chrony package. After
+# editing this file use the command 'invoke-rc.d chrony restart' to make
+# your changes take effect. John Hasler <jhasler@debian.org> 1998-2008
+
+# See www.pool.ntp.org for an explanation of these servers. Please
+# consider joining the project if possible. If you can't or don't want to
+# use these servers I suggest that you try your ISP's nameservers. We mark
+# the servers 'offline' so that chronyd won't try to connect when the link
+# is down. Scripts in /etc/ppp/ip-up.d and /etc/ppp/ip-down.d use chronyc
+# commands to switch it on when a dialup link comes up and off when it goes
+# down. Code in /etc/init.d/chrony attempts to determine whether or not
+# the link is up at boot time and set the online status accordingly. If
+# you have an always-on connection such as cable omit the 'offline'
+# directive and chronyd will default to online.
+#
+# Note that if Chrony tries to go "online" and dns lookup of the servers
+# fails they will be discarded. Thus under some circumstances it is
+# better to use IP numbers than host names.
+
+server 0.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 1.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 2.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 3.debian.pool.ntp.org auto_offline iburst minpoll 8
+
+# Look here for the admin password needed for chronyc. The initial
+# password is generated by a random process at install time. You may
+# change it if you wish.
+
+keyfile /etc/chrony/chrony.keys
+
+# Set runtime command key. Note that if you change the key (not the
+# password) to anything other than 1 you will need to edit
+# /etc/ppp/ip-up.d/chrony, /etc/ppp/ip-down.d/chrony, /etc/init.d/chrony
+# and /etc/cron.weekly/chrony as these scripts use it to get the password.
+
+commandkey 1
+
+# I moved the driftfile to /var/lib/chrony to comply with the Debian
+# filesystem standard.
+
+driftfile /var/lib/chrony/chrony.drift
+
+# Comment this line out to turn off logging.
+
+log tracking measurements statistics
+logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+
+maxupdateskew 100.0
+
+# Dump measurements when daemon exits.
+
+dumponexit
+
+# Specify directory for dumping measurements.
+
+dumpdir /var/lib/chrony
+
+# Let computer be a server when it is unsynchronised.
+
+local stratum 10
+
+# GRIDSCALE - Disable server functionality and only bind on localhost
+bindcmdaddress 127.0.0.1
+bindcmdaddress ::1
+port 0
+
+# GRIDSCALE - Allow stepping the clock. Normally, it’s recommended to allow the step only in
+# the first few updates, but in some cases (a virtual machine which can be suspended and resumed
+# with incorrect time) it may be necessary to allow the step at any clock update.
+makestep 1 -1
+
+# Allow computers on the unrouted nets to use the server.
+
+allow 10/8
+allow 192.168/16
+allow 172.16/12
+
+# This directive forces `chronyd' to send a message to syslog if it
+# makes a system clock adjustment larger than a threshold value in seconds.
+
+logchange 0.5
+
+# This directive defines an email address to which mail should be sent
+# if chronyd applies a correction exceeding a particular threshold to the
+# system clock.
+
+# mailonchange root@localhost 0.5
+
+# This directive tells chrony to regulate the real-time clock and tells it
+# Where to store related data. It may not work on some newer motherboards
+# that use the HPET real-time clock. It requires enhanced real-time
+# support in the kernel. I've commented it out because with certain
+# combinations of motherboard and kernel it is reported to cause lockups.
+
+# rtcfile /var/lib/chrony/chrony.rtc
+
+# If the last line of this file reads 'rtconutc' chrony will assume that
+# the CMOS clock is on UTC (GMT). If it reads '# rtconutc' or is absent
+# chrony will assume local time. The line (if any) was written by the
+# chrony postinst based on what it found in /etc/default/rcS. You may
+# change it if necessary.
+rtconutc
--- /dev/null
+1 MGQe7DjC
--- /dev/null
+# Example colordiffrc file for dark backgrounds
+#
+# Set banner=no to suppress authorship info at top of
+# colordiff output
+banner=no
+# By default, when colordiff output is being redirected
+# to a file, it detects this and does not colour-highlight
+# To make the patch file *include* colours, change the option
+# below to 'yes'
+color_patches=no
+# Sometimes it can be useful to specify which diff command to
+# use: that can be specified here
+diff_cmd=diff
+#
+# available colours are: white, yellow, green, blue,
+# cyan, red, magenta, black,
+# darkwhite, darkyellow, darkgreen,
+# darkblue, darkcyan, darkred,
+# darkmagenta, darkblack
+#
+# Can also specify 'none', 'normal' or 'off' which are all
+# aliases for the same thing, namely "don't colour highlight
+# this, use the default output colour"
+#
+plain=off
+newtext=blue
+oldtext=red
+diffstuff=magenta
+cvsstuff=green
--- /dev/null
+# Compose sequences for ARMSCII-8
--- /dev/null
+# Compose sequences for CP1251
--- /dev/null
+# Compose sequences for CP1255
--- /dev/null
+# Compose sequences for CP1256
--- /dev/null
+# Compose sequences for GEORGIAN-ACADEMY
--- /dev/null
+# Compose sequences for GEORGIAN-PS
--- /dev/null
+# Compose sequences for IBM1133
--- /dev/null
+# Compose sequences for ISIRI-3342
--- /dev/null
+# Compose sequences for ISO-8859-1
+compose '!' '!' to '¡'
+compose '!' '^' to '¦'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' ',' to '¸'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose '1' '2' to '½'
+compose '1' '4' to '¼'
+compose '1' 's' to '¹'
+compose '2' 's' to '²'
+compose '3' '4' to '¾'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'A' 'O' to 'Å'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Ç'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'ç'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '!' to '¦'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 'o' 'x' to '¤'
+compose 's' '0' to '§'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'b' to '¦'
+compose 'x' '0' to '¤'
+compose '|' 'c' to '¢'
+compose '|' '|' to '¦'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-10
--- /dev/null
+# Compose sequences for ISO-8859-11
--- /dev/null
+# Compose sequences for ISO-8859-13
+compose '!' '^' to '¦'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '<' to '´'
+compose '"' '>' to '¡'
+compose '"' 'A' to 'Ä'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose ',' '>' to '¥'
+compose ',' 'A' to 'À'
+compose ',' 'E' to 'Æ'
+compose ',' 'G' to 'Ì'
+compose ',' 'I' to 'Á'
+compose ',' 'K' to 'Í'
+compose ',' 'L' to 'Ï'
+compose ',' 'N' to 'Ò'
+compose ',' 'R' to 'ª'
+compose ',' 'U' to 'Ø'
+compose ',' 'a' to 'à'
+compose ',' 'e' to 'æ'
+compose ',' 'g' to 'ì'
+compose ',' 'i' to 'á'
+compose ',' 'k' to 'í'
+compose ',' 'l' to 'ï'
+compose ',' 'n' to 'ò'
+compose ',' 'r' to 'º'
+compose ',' 'u' to 'ø'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Â'
+compose '-' 'E' to 'Ç'
+compose '-' 'I' to 'Î'
+compose '-' 'L' to 'Ù'
+compose '-' 'O' to 'Ô'
+compose '-' 'U' to 'Û'
+compose '-' 'a' to 'â'
+compose '-' 'e' to 'ç'
+compose '-' 'i' to 'î'
+compose '-' 'l' to 'ù'
+compose '-' 'o' to 'ô'
+compose '-' 'u' to 'û'
+compose '.' '.' to '·'
+compose '.' 'A' to 'Å'
+compose '.' 'E' to 'Ë'
+compose '.' 'Z' to 'Ý'
+compose '.' '^' to '·'
+compose '.' 'a' to 'å'
+compose '.' 'e' to 'ë'
+compose '.' 'z' to 'ý'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'L' to 'Ù'
+compose '/' 'O' to '¨'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'l' to 'ù'
+compose '/' 'o' to '¸'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose '1' '2' to '½'
+compose '1' '4' to '¼'
+compose '2' 's' to '²'
+compose '3' '4' to '¾'
+compose ':' '-' to '÷'
+compose ';' 'A' to 'À'
+compose ';' 'E' to 'Æ'
+compose ';' 'I' to 'Á'
+compose ';' 'U' to 'Ø'
+compose ';' 'a' to 'à'
+compose ';' 'e' to 'æ'
+compose ';' 'i' to 'á'
+compose ';' 'u' to 'ø'
+compose '<' '"' to '´'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'C' to 'È'
+compose '<' 'S' to 'Ð'
+compose '<' 'Z' to 'Þ'
+compose '<' '\'' to '`'
+compose '<' 'c' to 'è'
+compose '<' 's' to 'ð'
+compose '<' 'z' to 'þ'
+compose '=' 'l' to '£'
+compose '>' '"' to '¡'
+compose '>' ',' to '¥'
+compose '>' '>' to '»'
+compose '>' '\'' to 'ÿ'
+compose '?' '?' to '¿'
+compose 'A' 'E' to '¯'
+compose 'A' 'O' to 'Å'
+compose '\'' '<' to '`'
+compose '\'' '>' to 'ÿ'
+compose '\'' 'C' to 'Ã'
+compose '\'' 'E' to 'É'
+compose '\'' 'N' to 'Ñ'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'S' to 'Ú'
+compose '\'' 'Z' to 'Ê'
+compose '\'' '\'' to 'ÿ'
+compose '\'' 'c' to 'ã'
+compose '\'' 'e' to 'é'
+compose '\'' 'n' to 'ñ'
+compose '\'' 'o' to 'ó'
+compose '\'' 's' to 'ú'
+compose '\'' 'z' to 'ê'
+compose '^' '!' to '¦'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '_' 'A' to 'Â'
+compose '_' 'E' to 'Ç'
+compose '_' 'I' to 'Î'
+compose '_' 'O' to 'Ô'
+compose '_' 'U' to 'Û'
+compose '_' 'a' to 'â'
+compose '_' 'e' to 'ç'
+compose '_' 'i' to 'î'
+compose '_' 'o' to 'ô'
+compose '_' 'u' to 'û'
+compose 'a' 'e' to '¿'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' 'o' to '©'
+compose 'm' 'u' to 'µ'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose '|' 'c' to '¢'
+compose '|' '|' to '¦'
+compose '~' 'O' to 'Õ'
+compose '~' 'o' to 'õ'
+compose '°' 'A' to 'Å'
+compose '°' 'E' to 'Ë'
+compose '°' 'Z' to 'Ý'
+compose '°' 'a' to 'å'
+compose '°' 'e' to 'ë'
+compose '°' 'z' to 'ý'
--- /dev/null
+# Compose sequences for ISO-8859-14
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'W' to '½'
+compose '"' 'Y' to '¯'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'w' to '¾'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' 'A' to 'Ã'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' 'a' to 'ã'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '.' 'B' to '¡'
+compose '.' 'D' to '¦'
+compose '.' 'F' to '°'
+compose '.' 'G' to '²'
+compose '.' 'M' to '´'
+compose '.' 'P' to '·'
+compose '.' 'S' to '»'
+compose '.' 'T' to '×'
+compose '.' 'b' to '¢'
+compose '.' 'c' to '¥'
+compose '.' 'd' to '«'
+compose '.' 'f' to '±'
+compose '.' 'g' to '³'
+compose '.' 'm' to 'µ'
+compose '.' 'p' to '¹'
+compose '.' 's' to '¿'
+compose '.' 't' to '÷'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'o' to 'ø'
+compose '0' 'c' to '©'
+compose '0' 'r' to '®'
+compose '0' 's' to '§'
+compose '<' '/' to '\\'
+compose '=' 'l' to '£'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose 'A' 'E' to 'Æ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'W' to 'ª'
+compose '\'' 'Y' to 'Ý'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'w' to 'º'
+compose '\'' 'y' to 'ý'
+compose '^' '/' to '|'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' 'W' to 'Ð'
+compose '^' 'Y' to 'Þ'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '^' 'w' to 'ð'
+compose '^' 'y' to 'þ'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'W' to '¨'
+compose '`' 'Y' to '¬'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose '`' 'w' to '¸'
+compose '`' 'y' to '¼'
+compose 'a' 'e' to 'æ'
+compose 'a' 't' to '@'
+compose 'c' 'o' to '©'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 'r' '0' to '®'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
--- /dev/null
+# Compose sequences for ISO-8859-15
+compose '!' '!' to '¡'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '"'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '1' 's' to '¹'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'S' to '¦'
+compose '<' 'Z' to '´'
+compose '<' 's' to '¨'
+compose '<' 'z' to '¸'
+compose '=' 'c' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'A' 'O' to 'Å'
+compose 'O' 'E' to '¼'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Ç'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '\''
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'ç'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'e' '=' to '¤'
+compose 'o' 'c' to '©'
+compose 'o' 'e' to '½'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'l' to '|'
+compose '|' 'c' to '¢'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-16
--- /dev/null
+# Compose sequences for ISO-8859-2
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'U' to 'Ù'
+compose '*' 'u' to 'ù'
+compose '+' '+' to '#'
+compose ',' ',' to '¸'
+compose ',' 'A' to '¡'
+compose ',' 'C' to 'Ç'
+compose ',' 'E' to 'Ê'
+compose ',' 'S' to 'ª'
+compose ',' 'T' to 'Þ'
+compose ',' 'a' to '±'
+compose ',' 'c' to 'ç'
+compose ',' 'e' to 'ê'
+compose ',' 's' to 'º'
+compose ',' 't' to 'þ'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'D' to 'Ð'
+compose '-' 'd' to 'ð'
+compose '.' '.' to 'ÿ'
+compose '.' 'C' to 'Å'
+compose '.' 'E' to 'Ì'
+compose '.' 'I' to '©'
+compose '.' 'U' to 'Ù'
+compose '.' 'Z' to '¯'
+compose '.' 'c' to 'å'
+compose '.' 'e' to 'ì'
+compose '.' 'i' to '¹'
+compose '.' 'u' to 'ù'
+compose '.' 'z' to '¿'
+compose '.' ' ' to 'ÿ'
+compose '.' 'ÿ' to 'ÿ'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '·'
+compose '<' 'C' to 'È'
+compose '<' 'D' to 'Ï'
+compose '<' 'E' to 'Ì'
+compose '<' 'L' to '¥'
+compose '<' 'N' to 'Ò'
+compose '<' 'R' to 'Ø'
+compose '<' 'S' to '©'
+compose '<' 'T' to '«'
+compose '<' 'Z' to '®'
+compose '<' 'c' to 'è'
+compose '<' 'd' to 'ï'
+compose '<' 'e' to 'ì'
+compose '<' 'l' to 'µ'
+compose '<' 'n' to 'ò'
+compose '<' 'r' to 'ø'
+compose '<' 's' to '¹'
+compose '<' 't' to '»'
+compose '<' 'z' to '¾'
+compose '>' 'A' to 'Â'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'a' to 'â'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose 'A' 'U' to 'Ã'
+compose 'L' '-' to '£'
+compose 'O' 'E' to '¼'
+compose 'Z' '.' to '¯'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Æ'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'L' to 'Å'
+compose '\'' 'N' to 'Ñ'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'R' to 'À'
+compose '\'' 'S' to '¦'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' 'Z' to '¬'
+compose '\'' '\'' to '½'
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'æ'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'l' to 'å'
+compose '\'' 'n' to 'ñ'
+compose '\'' 'o' to 'ó'
+compose '\'' 'r' to 'à'
+compose '\'' 's' to '¶'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '\'' 'z' to '¼'
+compose '^' '/' to '|'
+compose '^' 'A' to 'Â'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'a' to 'â'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '_' ' ' to '¯'
+compose 'a' 'U' to 'ã'
+compose 'l' '-' to '³'
+compose 'o' 'e' to '½'
+compose 'o' 'x' to '¤'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose 'v' 'l' to '|'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose 'z' '.' to '¿'
+compose '¢' 'A' to 'Ã'
+compose '¢' 'a' to 'ã'
+compose '°' 'A' to 'Å'
+compose '°' 'U' to 'Ù'
+compose '°' 'a' to 'å'
+compose '°' 'u' to 'ù'
+compose '°' ' ' to '°'
+compose '°' '°' to '°'
+compose '²' 'A' to '¡'
+compose '²' 'E' to 'Ê'
+compose '²' 'a' to '±'
+compose '²' 'e' to 'ê'
+compose '·' 'C' to 'È'
+compose '·' 'D' to 'Ï'
+compose '·' 'E' to 'Ì'
+compose '·' 'L' to '¥'
+compose '·' 'N' to 'Ò'
+compose '·' 'R' to 'Ø'
+compose '·' 'S' to '©'
+compose '·' 'T' to '«'
+compose '·' 'Z' to '®'
+compose '·' 'c' to 'è'
+compose '·' 'd' to 'ï'
+compose '·' 'e' to 'ì'
+compose '·' 'l' to 'µ'
+compose '·' 'n' to 'ò'
+compose '·' 'r' to 'ø'
+compose '·' 's' to '¹'
+compose '·' 't' to '»'
+compose '·' 'z' to '¾'
+compose '¸' 'C' to 'Ç'
+compose '¸' 'S' to 'ª'
+compose '¸' 'T' to 'Þ'
+compose '¸' 'c' to 'ç'
+compose '¸' 's' to 'º'
+compose '¸' 't' to 'þ'
--- /dev/null
+# Compose sequences for ISO-8859-3
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'G' to '«'
+compose '(' 'U' to 'Ý'
+compose '(' 'g' to '»'
+compose '(' 'r' to '®'
+compose '(' 'u' to 'ý'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '+' '+' to '#'
+compose ',' ',' to '¸'
+compose ',' 'C' to 'Ç'
+compose ',' 'S' to 'ª'
+compose ',' 'c' to 'ç'
+compose ',' 's' to 'º'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'H' to '¡'
+compose '-' 'O' to 'Õ'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'h' to '±'
+compose '-' 'l' to '£'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' 'C' to 'Å'
+compose '.' 'G' to 'Õ'
+compose '.' 'I' to '©'
+compose '.' 'Z' to '¯'
+compose '.' '^' to '·'
+compose '.' 'c' to 'å'
+compose '.' 'g' to 'õ'
+compose '.' 'i' to '¹'
+compose '.' 'z' to '¿'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '/' 'u' to 'µ'
+compose '0' 's' to '§'
+compose '2' 's' to '²'
+compose '3' 's' to '³'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '=' 'c' to '¤'
+compose '=' 'e' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' 'A' to 'Â'
+compose '>' 'C' to 'Æ'
+compose '>' 'E' to 'Ê'
+compose '>' 'G' to 'Ø'
+compose '>' 'H' to '¦'
+compose '>' 'I' to 'Î'
+compose '>' 'J' to '¬'
+compose '>' 'O' to 'Ô'
+compose '>' 'S' to 'Þ'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'c' to 'æ'
+compose '>' 'e' to 'ê'
+compose '>' 'g' to 'ø'
+compose '>' 'h' to '¶'
+compose '>' 'i' to 'î'
+compose '>' 'j' to '¼'
+compose '>' 'o' to 'ô'
+compose '>' 's' to 'þ'
+compose '>' 'u' to 'û'
+compose 'G' 'U' to '«'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'C' to 'Æ'
+compose '^' 'E' to 'Ê'
+compose '^' 'G' to 'Ø'
+compose '^' 'H' to '¦'
+compose '^' 'I' to 'Î'
+compose '^' 'J' to '¬'
+compose '^' 'O' to 'Ô'
+compose '^' 'S' to 'Þ'
+compose '^' 'U' to 'Û'
+compose '^' 'a' to 'â'
+compose '^' 'c' to 'æ'
+compose '^' 'e' to 'ê'
+compose '^' 'g' to 'ø'
+compose '^' 'h' to '¶'
+compose '^' 'i' to 'î'
+compose '^' 'j' to '¼'
+compose '^' 'o' to 'ô'
+compose '^' 's' to 'þ'
+compose '^' 'u' to 'û'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'g' 'U' to '»'
+compose 'o' 'r' to '®'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose 'u' 'u' to 'ý'
+compose 'v' 'l' to '|'
+compose '~' 'A' to 'Ã'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'o' to 'õ'
+compose '¢' 'G' to '«'
+compose '¢' 'U' to 'Ý'
+compose '¢' 'g' to '»'
+compose '¢' 'u' to 'ý'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'Y' to '¾'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
+compose '¸' 'S' to 'ª'
+compose '¸' 's' to 'º'
--- /dev/null
+# Compose sequences for ISO-8859-4
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose ',' ',' to '¸'
+compose ',' 'A' to '¡'
+compose ',' 'E' to 'Ê'
+compose ',' 'G' to '«'
+compose ',' 'I' to 'Ç'
+compose ',' 'K' to 'Ó'
+compose ',' 'L' to '¦'
+compose ',' 'N' to 'Ñ'
+compose ',' 'R' to '£'
+compose ',' 'U' to 'Ù'
+compose ',' 'a' to '±'
+compose ',' 'e' to 'ê'
+compose ',' 'g' to '»'
+compose ',' 'i' to 'ç'
+compose ',' 'k' to 'ó'
+compose ',' 'l' to '¶'
+compose ',' 'n' to 'ñ'
+compose ',' 'r' to '³'
+compose ',' 'u' to 'ù'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'À'
+compose '-' 'D' to 'Ð'
+compose '-' 'E' to 'ª'
+compose '-' 'I' to 'Ï'
+compose '-' 'O' to 'Ò'
+compose '-' 'U' to 'Þ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'à'
+compose '-' 'd' to 'ð'
+compose '-' 'e' to 'º'
+compose '-' 'i' to 'ï'
+compose '-' 'o' to 'ò'
+compose '-' 'u' to 'þ'
+compose '.' '.' to 'ÿ'
+compose '.' 'E' to 'Ì'
+compose '.' 'e' to 'ì'
+compose '.' 'ÿ' to 'ÿ'
+compose '/' 'O' to 'Ø'
+compose '/' 'T' to '¬'
+compose '/' 'o' to 'ø'
+compose '/' 't' to '¼'
+compose '0' 's' to '§'
+compose ':' '-' to '÷'
+compose '<' '<' to '·'
+compose '<' 'C' to 'È'
+compose '<' 'S' to '©'
+compose '<' 'Z' to '®'
+compose '<' 'c' to 'è'
+compose '<' 's' to '¹'
+compose '<' 'z' to '¾'
+compose '>' 'A' to 'Â'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose 'A' 'E' to 'Æ'
+compose 'N' 'G' to '½'
+compose 'T' '-' to '¬'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'U' to 'Ú'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'u' to 'ú'
+compose '^' '-' to '¯'
+compose '^' 'A' to 'Â'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' 'A' to 'À'
+compose '_' 'E' to 'ª'
+compose '_' 'I' to 'Ï'
+compose '_' 'O' to 'Ò'
+compose '_' 'U' to 'Þ'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'à'
+compose '_' 'e' to 'º'
+compose '_' 'i' to 'ï'
+compose '_' 'o' to 'ò'
+compose '_' 'u' to 'þ'
+compose '_' '¯' to '¯'
+compose 'a' 'e' to 'æ'
+compose 'n' 'g' to '¿'
+compose 'o' 'x' to '¤'
+compose 's' 'o' to '§'
+compose 't' '-' to '¼'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose '~' 'A' to 'Ã'
+compose '~' 'I' to '¥'
+compose '~' 'O' to 'Õ'
+compose '~' 'U' to 'Ý'
+compose '~' 'a' to 'ã'
+compose '~' 'i' to 'µ'
+compose '~' 'o' to 'õ'
+compose '~' 'u' to 'ý'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-5
--- /dev/null
+# Compose sequences for ISO-8859-6
--- /dev/null
+# Compose sequences for ISO-8859-7
+compose '!' '^' to '¦'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'É' to 'Ú'
+compose '"' 'Õ' to 'Û'
+compose '"' 'é' to 'ú'
+compose '"' 'õ' to 'û'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' 'l' to '£'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '0' 's' to '§'
+compose '1' '2' to '½'
+compose '2' 's' to '²'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' '\'' to '¡'
+compose '=' 'l' to '£'
+compose '>' '>' to '»'
+compose '>' '\'' to '¢'
+compose '\'' '<' to '¡'
+compose '\'' '>' to '¢'
+compose '\'' '\'' to '´'
+compose '\'' 'Á' to '¶'
+compose '\'' 'Å' to '¸'
+compose '\'' 'Ç' to '¹'
+compose '\'' 'É' to 'º'
+compose '\'' 'Ï' to '¼'
+compose '\'' 'Õ' to '¾'
+compose '\'' 'Ù' to '¿'
+compose '\'' 'á' to 'Ü'
+compose '\'' 'å' to 'Ý'
+compose '\'' 'ç' to 'Þ'
+compose '\'' 'é' to 'ß'
+compose '\'' 'ï' to 'ü'
+compose '\'' 'õ' to 'ý'
+compose '\'' 'ù' to 'þ'
+compose '^' '!' to '¦'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'o' 'c' to '©'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 'v' 'b' to '¦'
+compose 'v' 'l' to '|'
+compose '|' '|' to '¦'
+compose '~' '~' to '¯'
+compose 'Á' '\'' to '¶'
+compose 'Å' '\'' to '¸'
+compose 'Ç' '\'' to '¹'
+compose 'É' '"' to 'Ú'
+compose 'É' '\'' to 'º'
+compose 'Ï' '\'' to '¼'
+compose 'Õ' '"' to 'Û'
+compose 'Õ' '\'' to '¾'
+compose 'Ù' '\'' to '¿'
+compose 'á' '\'' to 'Ü'
+compose 'å' '\'' to 'Ý'
+compose 'ç' '\'' to 'Þ'
+compose 'é' '"' to 'ú'
+compose 'é' '\'' to 'ß'
+compose 'ï' '\'' to 'ü'
+compose 'õ' '"' to 'û'
+compose 'õ' '\'' to 'ý'
+compose 'ù' '\'' to 'þ'
--- /dev/null
+# Compose sequences for ISO-8859-8
--- /dev/null
+# Compose sequences for ISO-8859-9
+compose '!' '!' to '¡'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'G' to 'Ð'
+compose '(' 'c' to '©'
+compose '(' 'g' to 'ð'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' ',' to '¸'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'S' to 'Þ'
+compose ',' 'c' to 'ç'
+compose ',' 's' to 'þ'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' 'I' to 'Ý'
+compose '.' '^' to '·'
+compose '.' 'i' to 'ý'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '3' 's' to '³'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'Z' to '´'
+compose '<' 'z' to '¸'
+compose '=' 'c' to '¤'
+compose '=' 'e' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'G' 'U' to 'Ð'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'g' 'U' to 'ð'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'e' to '¼'
+compose 'r' 'o' to '®'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'Z' to '´'
+compose 'v' 'l' to '|'
+compose 'v' 'z' to '¸'
+compose '|' 'c' to '¢'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'Y' to '¾'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
+compose '¸' 'S' to 'Þ'
+compose '¸' 's' to 'þ'
--- /dev/null
+# Compose sequences for KOI8-R
--- /dev/null
+# Compose sequences for KOI8-U
--- /dev/null
+# Compose sequences for TIS-620
--- /dev/null
+# Compose sequences for VISCII
--- /dev/null
+# The content of this file will be appended to the keyboard layout.
+# The following is an example how to make Alt+j switch to to the next
+# console and Alt+k switch to the previous console.
+
+# Uncomment the following lines for Linux. Notice that everything is
+# replicated for all possible values of the modifiers shiftl, shiftr
+# and ctrll (shiftl and shiftr are used for groups 1..4 of XKB and
+# ctrll is used to fix the broken CapsLock when Linux console is in
+# Unicode mode).
+
+# alt keycode 36 = Incr_Console
+# shiftl alt keycode 36 = Incr_Console
+# shiftr alt keycode 36 = Incr_Console
+# shiftr shiftl alt keycode 36 = Incr_Console
+# ctrll alt keycode 36 = Incr_Console
+# ctrll shiftl alt keycode 36 = Incr_Console
+# ctrll shiftr alt keycode 36 = Incr_Console
+# ctrll shiftr shiftl alt keycode 36 = Incr_Console
+#
+# alt keycode 37 = Decr_Console
+# shiftl alt keycode 37 = Decr_Console
+# shiftr alt keycode 37 = Decr_Console
+# shiftr shiftl alt keycode 37 = Decr_Console
+# ctrll alt keycode 37 = Decr_Console
+# ctrll shiftl alt keycode 37 = Decr_Console
+# ctrll shiftr alt keycode 37 = Decr_Console
+# ctrll shiftr shiftl alt keycode 37 = Decr_Console
+
+# For the same result on FreeBSD uncomment the following lines:
+
+# 036 'j' 'J' nl nl nscr nscr nl nl C
+# 037 'k' 'K' vt vt pscr pscr nl nl C
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+# cron entry for apticron
+
+13 * * * * root if test -x /usr/sbin/apticron; then /usr/sbin/apticron --cron; else true; fi
--- /dev/null
+# /etc/cron.d/certbot: crontab entries for the certbot package
+#
+# Upstream recommends attempting renewal twice a day
+#
+# Eventually, this will be an opportunity to validate certificates
+# haven't been revoked, etc. Renewal will only occur if expiration
+# is within 30 days.
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+0 */12 * * * root test -x /usr/bin/certbot && perl -e 'sleep int(rand(3600))' && certbot -q renew
--- /dev/null
+# Eine nette Begrüßung ...
+1,11,21,31,41,51 * * * * root test -x /root/bin/generate-motd.sh && /root/bin/generate-motd.sh >/dev/null
+@reboot root test -x /root/bin/generate-motd.sh && /root/bin/generate-motd.sh >/dev/null
--- /dev/null
+# Syncing all Debian and Ubuntu repositories
+
+SHELL=/bin/bash
+MAILTO=frank@brehm-online.com
+
+2 0-23/4 * * * root test -x /root/work/sync_repos && /root/work/sync_repos
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+#!/bin/bash
+
+#Check if removed-but-not-purged
+test -x /usr/share/logwatch/scripts/logwatch.pl || exit 0
+
+#execute
+/usr/sbin/logwatch --output mail
+
+#Note: It's possible to force the recipient in above command
+#Just pass --mailto address@a.com instead of --output mail
--- /dev/null
+#!/bin/sh
+
+# run htcacheclean
+
+set -e
+set -u
+
+type htcacheclean > /dev/null 2>&1 || exit 0
+[ -e /etc/default/apache2 ] || exit 0
+
+
+# edit /etc/default/apache2 to change this
+HTCACHECLEAN_MODE=daemon
+HTCACHECLEAN_RUN=auto
+HTCACHECLEAN_SIZE=300M
+HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
+HTCACHECLEAN_OPTIONS=""
+
+. /etc/default/apache2
+
+[ "$HTCACHECLEAN_MODE" = "cron" ] || exit 0
+
+[ "$HTCACHECLEAN_RUN" = "yes" ] ||
+( [ "$HTCACHECLEAN_RUN" = "auto" ] && \
+ [ -e /etc/apache2/mods-enabled/cache_disk.load ] ) || exit 0
+
+htcacheclean ${HTCACHECLEAN_OPTIONS} \
+ -p${HTCACHECLEAN_PATH} \
+ -l${HTCACHECLEAN_SIZE}
+
--- /dev/null
+#!/bin/sh
+#set -e
+#
+# This file understands the following apt configuration variables:
+# Values here are the default.
+# Create /etc/apt/apt.conf.d/02periodic file to set your preference.
+#
+# Dir "/";
+# - RootDir for all configuration files
+#
+# Dir::Cache "var/cache/apt/";
+# - Set apt package cache directory
+#
+# Dir::Cache::Archives "archives/";
+# - Set package archive directory
+#
+# APT::Periodic::Enable "1";
+# - Enable the update/upgrade script (0=disable)
+#
+# APT::Periodic::BackupArchiveInterval "0";
+# - Backup after n-days if archive contents changed.(0=disable)
+#
+# APT::Periodic::BackupLevel "3";
+# - Backup level.(0=disable), 1 is invalid.
+#
+# Dir::Cache::Backup "backup/";
+# - Set periodic package backup directory
+#
+# APT::Archives::MaxAge "0"; (old, deprecated)
+# APT::Periodic::MaxAge "0"; (new)
+# - Set maximum allowed age of a cache package file. If a cache
+# package file is older it is deleted (0=disable)
+#
+# APT::Archives::MinAge "2"; (old, deprecated)
+# APT::Periodic::MinAge "2"; (new)
+# - Set minimum age of a package file. If a file is younger it
+# will not be deleted (0=disable). Useful to prevent races
+# and to keep backups of the packages for emergency.
+#
+# APT::Archives::MaxSize "0"; (old, deprecated)
+# APT::Periodic::MaxSize "0"; (new)
+# - Set maximum size of the cache in MB (0=disable). If the cache
+# is bigger, cached package files are deleted until the size
+# requirement is met (the oldest packages will be deleted
+# first).
+#
+# APT::Periodic::Update-Package-Lists "0";
+# - Do "apt-get update" automatically every n-days (0=disable)
+#
+# APT::Periodic::Download-Upgradeable-Packages "0";
+# - Do "apt-get upgrade --download-only" every n-days (0=disable)
+#
+# APT::Periodic::Download-Upgradeable-Packages-Debdelta "1";
+# - Use debdelta-upgrade to download updates if available (0=disable)
+#
+# APT::Periodic::Unattended-Upgrade "0";
+# - Run the "unattended-upgrade" security upgrade script
+# every n-days (0=disabled)
+# Requires the package "unattended-upgrades" and will write
+# a log in /var/log/unattended-upgrades
+#
+# APT::Periodic::AutocleanInterval "0";
+# - Do "apt-get autoclean" every n-days (0=disable)
+#
+# APT::Periodic::Verbose "0";
+# - Send report mail to root
+# 0: no report (or null string)
+# 1: progress report (actually any string)
+# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d)
+# 3: + trace on
+
+check_stamp()
+{
+ stamp="$1"
+ interval="$2"
+
+ if [ $interval -eq 0 ]; then
+ debug_echo "check_stamp: interval=0"
+ # treat as no time has passed
+ return 1
+ fi
+
+ if [ ! -f $stamp ]; then
+ debug_echo "check_stamp: missing time stamp file: $stamp."
+ # treat as enough time has passed
+ return 0
+ fi
+
+ # compare midnight today to midnight the day the stamp was updated
+ stamp_file="$stamp"
+ stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null)
+ if [ "$?" != "0" ]; then
+ # Due to some timezones returning 'invalid date' for midnight on
+ # certain dates (e.g. America/Sao_Paulo), if date returns with error
+ # remove the stamp file and return 0. See coreutils bug:
+ # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html
+ rm -f "$stamp_file"
+ return 0
+ fi
+
+ now=$(date --date=$(date --iso-8601) +%s 2>/dev/null)
+ if [ "$?" != "0" ]; then
+ # As above, due to some timezones returning 'invalid date' for midnight
+ # on certain dates (e.g. America/Sao_Paulo), if date returns with error
+ # return 0.
+ return 0
+ fi
+
+ delta=$(($now-$stamp))
+
+ # interval is in days, convert to sec.
+ interval=$(($interval*60*60*24))
+ debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)"
+
+ # remove timestamps a day (or more) in the future and force re-check
+ if [ $stamp -gt $(($now+86400)) ]; then
+ echo "WARNING: file $stamp_file has a timestamp in the future: $stamp"
+ rm -f "$stamp_file"
+ return 0
+ fi
+
+ if [ $delta -ge $interval ]; then
+ return 0
+ fi
+
+ return 1
+}
+
+update_stamp()
+{
+ stamp="$1"
+ touch $stamp
+}
+
+# we check here if autoclean was enough sizewise
+check_size_constraints()
+{
+ MaxAge=0
+ eval $(apt-config shell MaxAge APT::Archives::MaxAge)
+ eval $(apt-config shell MaxAge APT::Periodic::MaxAge)
+
+ MinAge=2
+ eval $(apt-config shell MinAge APT::Archives::MinAge)
+ eval $(apt-config shell MinAge APT::Periodic::MinAge)
+
+ MaxSize=0
+ eval $(apt-config shell MaxSize APT::Archives::MaxSize)
+ eval $(apt-config shell MaxSize APT::Periodic::MaxSize)
+
+ Cache="/var/cache/apt/archives/"
+ eval $(apt-config shell Cache Dir::Cache::archives/d)
+
+ # sanity check
+ if [ -z "$Cache" ]; then
+ echo "empty Dir::Cache::archives, exiting"
+ exit
+ fi
+
+ # check age
+ if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then
+ debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge"
+ find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f
+ elif [ ! $MaxAge -eq 0 ]; then
+ debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only"
+ find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f
+ else
+ debug_echo "skip aging since MaxAge is 0"
+ fi
+
+ # check size
+ if [ ! $MaxSize -eq 0 ]; then
+ # maxSize is in MB
+ MaxSize=$(($MaxSize*1024))
+
+ #get current time
+ now=$(date --date=$(date --iso-8601) +%s)
+ MinAge=$(($MinAge*24*60*60))
+
+ # reverse-sort by mtime
+ for file in $(ls -rt $Cache/*.deb 2>/dev/null); do
+ du=$(du -s $Cache)
+ size=${du%%/*}
+ # check if the cache is small enough
+ if [ $size -lt $MaxSize ]; then
+ debug_echo "end remove by archive size: size=$size < $MaxSize"
+ break
+ fi
+
+ # check for MinAge of the file
+ if [ $MinAge -ne 0 ]; then
+ # check both ctime and mtime
+ mtime=$(stat -c %Y $file)
+ ctime=$(stat -c %Z $file)
+ if [ $mtime -gt $ctime ]; then
+ delta=$(($now-$mtime))
+ else
+ delta=$(($now-$ctime))
+ fi
+ if [ $delta -le $MinAge ]; then
+ debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge"
+ break
+ else
+ # delete oldest file
+ debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize"
+ rm -f $file
+ fi
+ fi
+ done
+ fi
+}
+
+# deal with the Apt::Periodic::BackupArchiveInterval
+do_cache_backup()
+{
+ BackupArchiveInterval="$1"
+ if [ $BackupArchiveInterval -eq 0 ]; then
+ return
+ fi
+
+ # Set default values and normalize
+ CacheDir="/var/cache/apt"
+ eval $(apt-config shell CacheDir Dir::Cache/d)
+ CacheDir=${CacheDir%/}
+ if [ -z "$CacheDir" ]; then
+ debug_echo "practically empty Dir::Cache, exiting"
+ return 0
+ fi
+
+ Cache="${CacheDir}/archives/"
+ eval $(apt-config shell Cache Dir::Cache::Archives/d)
+ if [ -z "$Cache" ]; then
+ debug_echo "practically empty Dir::Cache::archives, exiting"
+ return 0
+ fi
+
+ BackupLevel=3
+ eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel)
+ if [ $BackupLevel -le 1 ]; then
+ BackupLevel=2 ;
+ fi
+
+ Back="${CacheDir}/backup/"
+ eval $(apt-config shell Back Dir::Cache::Backup/d)
+ if [ -z "$Back" ]; then
+ echo "practically empty Dir::Cache::Backup, exiting" 1>&2
+ return
+ fi
+
+ CacheArchive="$(basename "${Cache}")"
+ test -n "${CacheArchive}" || CacheArchive="archives"
+ BackX="${Back}${CacheArchive}/"
+ for x in $(seq 0 1 $((${BackupLevel}-1))); do
+ eval "Back${x}=${Back}${x}/"
+ done
+
+ # backup after n-days if archive contents changed.
+ # (This uses hardlink to save disk space)
+ BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp
+ if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then
+ if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then
+ mkdir -p $Back
+ rm -rf $Back$((${BackupLevel}-1))
+ for y in $(seq $((${BackupLevel}-1)) -1 1); do
+ eval BackY=${Back}$y
+ eval BackZ=${Back}$(($y-1))
+ if [ -e $BackZ ]; then
+ mv -f $BackZ $BackY ;
+ fi
+ done
+ cp -la $Cache $Back ; mv -f $BackX $Back0
+ update_stamp $BACKUP_ARCHIVE_STAMP
+ debug_echo "backup with hardlinks. (success)"
+ else
+ debug_echo "skip backup since same content."
+ fi
+ else
+ debug_echo "skip backup since too new."
+ fi
+}
+
+# sleep for a random interval of time (default 30min)
+# (some code taken from cron-apt, thanks)
+random_sleep()
+{
+ RandomSleep=1800
+ eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep)
+ if [ $RandomSleep -eq 0 ]; then
+ return
+ fi
+ if [ -z "$RANDOM" ] ; then
+ # A fix for shells that do not have this bash feature.
+ RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 ))
+ fi
+ TIME=$(($RANDOM % $RandomSleep))
+ debug_echo "sleeping for $TIME seconds"
+ sleep $TIME
+}
+
+
+debug_echo()
+{
+ # Display message if $VERBOSE >= 1
+ if [ "$VERBOSE" -ge 1 ]; then
+ echo $1 1>&2
+ fi
+}
+
+check_power(){
+ # laptop check, on_ac_power returns:
+ # 0 (true) System is on main power
+ # 1 (false) System is not on main power
+ # 255 (false) Power status could not be determined
+ # Desktop systems always return 255 it seems
+ if which on_ac_power >/dev/null; then
+ on_ac_power
+ POWER=$?
+ if [ $POWER -eq 1 ]; then
+ debug_echo "exit: system NOT on main power"
+ return 1
+ elif [ $POWER -ne 0 ]; then
+ debug_echo "power status ($POWER) undetermined, continuing"
+ fi
+ debug_echo "system is on main power."
+ fi
+ return 0
+}
+
+# ------------------------ main ----------------------------
+
+if test -r /var/lib/apt/extended_states; then
+ # Backup the 7 last versions of APT's extended_states file
+ # shameless copy from dpkg cron
+ if cd /var/backups ; then
+ if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then
+ cp -p /var/lib/apt/extended_states apt.extended_states
+ savelog -c 7 apt.extended_states >/dev/null
+ fi
+ fi
+fi
+
+# check apt-config existence
+if ! which apt-config >/dev/null ; then
+ exit 0
+fi
+
+# check if the user really wants to do something
+AutoAptEnable=1 # default is yes
+eval $(apt-config shell AutoAptEnable APT::Periodic::Enable)
+
+if [ $AutoAptEnable -eq 0 ]; then
+ exit 0
+fi
+
+# Set VERBOSE mode from apt-config (or inherit from environment)
+VERBOSE=0
+eval $(apt-config shell VERBOSE APT::Periodic::Verbose)
+debug_echo "verbose level $VERBOSE"
+if [ "$VERBOSE" -le 2 ]; then
+ # quiet for 0,1,2
+ XSTDOUT=">/dev/null"
+ XSTDERR="2>/dev/null"
+ XAPTOPT="-qq"
+ XUUPOPT=""
+else
+ XSTDOUT=""
+ XSTDERR=""
+ XAPTOPT=""
+ XUUPOPT="-d"
+fi
+if [ "$VERBOSE" -ge 3 ]; then
+ # trace output
+ set -x
+fi
+
+check_power || exit 0
+
+# check if we can lock the cache and if the cache is clean
+if which apt-get >/dev/null && ! eval apt-get check $XAPTOPT $XSTDERR ; then
+ debug_echo "error encountered in cron job with \"apt-get check\"."
+ exit 0
+fi
+
+# Global current time in seconds since 1970-01-01 00:00:00 UTC
+now=$(date +%s)
+
+# Support old Archive for compatibility.
+# Document only Periodic for all controlling parameters of this script.
+
+UpdateInterval=0
+eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists)
+
+DownloadUpgradeableInterval=0
+eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages)
+
+UnattendedUpgradeInterval=0
+eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade)
+
+AutocleanInterval=0
+eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval)
+
+BackupArchiveInterval=0
+eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval)
+
+Debdelta=1
+eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta)
+
+# check if we actually have to do anything that requires locking the cache
+if [ $UpdateInterval -eq 0 ] &&
+ [ $DownloadUpgradeableInterval -eq 0 ] &&
+ [ $UnattendedUpgradeInterval -eq 0 ] &&
+ [ $BackupArchiveInterval -eq 0 ] &&
+ [ $AutocleanInterval -eq 0 ]; then
+
+ # check cache size
+ check_size_constraints
+
+ exit 0
+fi
+
+# deal with BackupArchiveInterval
+do_cache_backup $BackupArchiveInterval
+
+# sleep random amount of time to avoid hitting the
+# mirrors at the same time
+random_sleep
+check_power || exit 0
+
+# include default system language so that "apt-get update" will
+# fetch the right translated package descriptions
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG LANGUAGE LC_MESSAGES LC_ALL
+fi
+
+# update package lists
+UPDATED=0
+UPDATE_STAMP=/var/lib/apt/periodic/update-stamp
+if check_stamp $UPDATE_STAMP $UpdateInterval; then
+ if eval apt-get $XAPTOPT -y update $XSTDERR; then
+ debug_echo "download updated metadata (success)."
+ if which dbus-send >/dev/null && pidof dbus-daemon >/dev/null; then
+ if dbus-send --system / app.apt.dbus.updated boolean:true ; then
+ debug_echo "send dbus signal (success)"
+ else
+ debug_echo "send dbus signal (error)"
+ fi
+ else
+ debug_echo "dbus signal not send (command not available)"
+ fi
+ update_stamp $UPDATE_STAMP
+ UPDATED=1
+ else
+ debug_echo "download updated metadata (error)"
+ fi
+else
+ debug_echo "download updated metadata (not run)."
+fi
+
+# download all upgradeable packages (if it is requested)
+DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp
+if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then
+ if [ $Debdelta -eq 1 ]; then
+ debdelta-upgrade >/dev/null 2>&1 || true
+ fi
+ if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then
+ update_stamp $DOWNLOAD_UPGRADEABLE_STAMP
+ debug_echo "download upgradable (success)"
+ else
+ debug_echo "download upgradable (error)"
+ fi
+else
+ debug_echo "download upgradable (not run)"
+fi
+
+# auto upgrade all upgradeable packages
+UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp
+if which unattended-upgrade >/dev/null && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then
+ if unattended-upgrade $XUUPOPT; then
+ update_stamp $UPGRADE_STAMP
+ debug_echo "unattended-upgrade (success)"
+ else
+ debug_echo "unattended-upgrade (error)"
+ fi
+else
+ debug_echo "unattended-upgrade (not run)"
+fi
+
+# autoclean package archive
+AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp
+if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then
+ if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then
+ debug_echo "autoclean (success)."
+ update_stamp $AUTOCLEAN_STAMP
+ else
+ debug_echo "autoclean (error)"
+ fi
+else
+ debug_echo "autoclean (not run)"
+fi
+
+# check cache size
+check_size_constraints
+
+#
+# vim: set sts=4 ai :
+#
+
--- /dev/null
+#!/bin/sh
+
+bak=/var/backups
+
+# Shamelessly ripped from /etc/cron.daily/standard
+if test -f /var/lib/aptitude/pkgstates && cd $bak ; then
+ if ! cmp -s aptitude.pkgstates.0 /var/lib/aptitude/pkgstates ; then
+ cp -p /var/lib/aptitude/pkgstates aptitude.pkgstates
+ savelog -c 7 aptitude.pkgstates > /dev/null
+ fi
+fi
--- /dev/null
+#!/bin/sh
+# /etc/cron.daily/calendar: BSD mainutils calendar daily maintenance script
+# Written by Austin Donnelly <and1000@debian.org>
+
+. /etc/default/bsdmainutils
+
+[ x$RUN_DAILY = xtrue ] || exit 0
+
+[ -x /usr/sbin/sendmail ] || exit 0
+
+if [ ! -x /usr/bin/cpp ]; then
+ echo "The cpp package is needed to run calendar."
+ exit 1
+fi
+
+/usr/bin/calendar -a
--- /dev/null
+#!/bin/sh
+
+dbdir=/var/lib/dpkg
+
+# Backup the 7 last versions of dpkg databases containing user data.
+if cd /var/backups ; then
+ # We backup all relevant database files if any has changed, so that
+ # the rotation number always contains an internally consistent set.
+ dbchanged=no
+ dbfiles="arch status diversions statoverride"
+ for db in $dbfiles ; do
+ if ! cmp -s dpkg.${db}.0 $dbdir/$db ; then
+ dbchanged=yes
+ break;
+ fi
+ done
+ if [ "$dbchanged" = "yes" ] ; then
+ for db in $dbfiles ; do
+ [ -e $dbdir/$db ] || continue
+ cp -p $dbdir/$db dpkg.$db
+ savelog -c 7 dpkg.$db >/dev/null
+ done
+ fi
+
+ # The alternatives database is independent from the dpkg database.
+ dbalt=alternatives
+
+ # Switch the alternatives database backups from xz to gzip, as the latter
+ # is Essential and we can rely on it being always present, using xz here
+ # is not worth the trouble, disk space savings, or possible additional
+ # dependencies.
+ for dbseq in `seq 1 6` ; do
+ dbfile=${dbalt}.tar.${dbseq}
+ [ -e "${dbfile}.xz" ] || continue
+ unxz ${dbfile}.xz
+ gzip -9 $dbfile
+ done
+
+ # XXX: Ideally we'd use --warning=none instead of discarding stderr, but
+ # as of GNU tar 1.27.1, it does not seem to work reliably (see #749307).
+ if ! test -e ${dbalt}.tar.0 ||
+ ! tar -df ${dbalt}.tar.0 -C $dbdir $dbalt >/dev/null 2>&1 ;
+ then
+ tar -cf ${dbalt}.tar -C $dbdir $dbalt >/dev/null 2>&1
+ savelog -c 7 ${dbalt}.tar >/dev/null
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
+ . /etc/etckeeper/etckeeper.conf
+ if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then
+ # avoid autocommit if an install run is in progress
+ lockfile=/var/cache/etckeeper/packagelist.pre-install
+ if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then
+ rm -f "$lockfile" # stale
+ fi
+ if [ ! -e "$lockfile" ]; then
+ AVOID_SPECIAL_FILE_WARNING=1
+ export AVOID_SPECIAL_FILE_WARNING
+ if etckeeper unclean; then
+ etckeeper commit "daily autocommit" >/dev/null
+ fi
+ fi
+ fi
+fi
--- /dev/null
+#!/bin/sh
+
+if [ -n "$EX4DEBUG" ]; then
+ echo "now debugging $0 $@"
+ set -x
+fi
+
+
+# set this to some other value if you don't want the panic log to be
+# watched by this script, for example when you're using your own log
+# checking mechanisms or don't care.
+
+E4BCD_DAILY_REPORT_TO=""
+E4BCD_DAILY_REPORT_OPTIONS=""
+E4BCD_WATCH_PANICLOG="yes"
+# Number of lines of paniclog quoted in warning email.
+E4BCD_PANICLOG_LINES="10"
+E4BCD_PANICLOG_NOISE=""
+
+# Only do anything if exim4 is actually installed
+if [ ! -x /usr/lib/exim4/exim4 ]; then
+ exit 0
+fi
+
+[ -f /etc/default/exim4 ] && . /etc/default/exim4
+
+SPOOLDIR="$(exim4 -bP spool_directory | sed 's/.*=[[:space:]]\(.*\)/\1/')"
+
+# The log processing code used in this cron script is not very
+# sophisticated. It relies on this cron job being executed earlier than
+# the log rotation job, and will have false results if the log is not
+# rotated exactly once daily in the daily cron processing. Even in the
+# default configuration, it will ignore log entries made between this
+# cron job and the log rotation job.
+
+# Patches for more sophisticated processing are appreciated via the
+# Debian BTS.
+
+E4BCD_MAINLOG_NOISE="^[[:digit:][:space:]:-]\{20\}\(\(Start\|End\) queue run: pid=[[:digit:]]\+\|exim [[:digit:]\.]\+ daemon started: pid=[[:digit:]]\+, .*\)$"
+
+if [ -n "$E4BCD_DAILY_REPORT_TO" ]; then
+ if [ -x "$(command -v eximstats)" ] && [ -x "$(command -v mail)" ]; then
+ if [ "$(< /var/log/exim4/mainlog grep -v "$E4BCD_MAINLOG_NOISE" | wc -l)" -gt "0" ]; then
+ < /var/log/exim4/mainlog grep -v "$E4BCD_MAINLOG_NOISE" \
+ | eximstats $E4BCD_DAILY_REPORT_OPTIONS \
+ | mail -s"$(hostname --fqdn) Daily e-mail activity report" \
+ $E4BCD_DAILY_REPORT_TO
+ else
+ echo "no mail activity in this interval" \
+ | mail -s"$(hostname --fqdn) Daily e-mail activity report" \
+ $E4BCD_DAILY_REPORT_TO
+ fi
+ else
+ echo "The exim4 cron job is configured to send a daily report, but eximstats"
+ echo "and/or mail cannot be found. Please check and make sure that these two"
+ echo "binaries are available"
+ fi
+fi
+
+log_this() {
+ TEXT="$@"
+ if ! logger -t exim4 -p mail.alert $TEXT; then
+ RET="$?"
+ echo >&2 "ALERT: could not syslog $TEXT, logger return value $RET"
+ fi
+}
+
+if [ "$E4BCD_WATCH_PANICLOG" != "no" ]; then
+ if [ -s "/var/log/exim4/paniclog" ]; then
+ if [ -x "/usr/local/lib/exim4/nonzero_paniclog_hook" ]; then
+ /usr/local/lib/exim4/nonzero_paniclog_hook
+ fi
+ if [ -z "$E4BCD_PANICLOG_NOISE" ] || grep -vq "$E4BCD_PANICLOG_NOISE" /var/log/exim4/paniclog; then
+ log_this "ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken"
+ if ! printf "Subject: exim paniclog on %s has non-zero size\nTo: root\n\nexim paniclog /var/log/exim4/paniclog on %s has non-zero size, mail system might be broken. The last ${E4BCD_PANICLOG_LINES} lines are quoted below.\n\n%s\n" \
+ "$(hostname --fqdn)" "$(hostname --fqdn)" \
+ "$(tail -n "${E4BCD_PANICLOG_LINES}" /var/log/exim4/paniclog)" \
+ | exim4 root; then
+ log_this "PANIC: sending out e-mail warning has failed, exim has non-zero return code"
+ fi
+ if [ "$E4BCD_WATCH_PANICLOG" = "once" ]; then
+ logrotate -f /etc/logrotate.d/exim4-paniclog
+ fi
+ fi
+ fi
+fi
+
+# run tidydb as Debian-exim:Debian-exim.
+if [ -x /usr/sbin/exim_tidydb ]; then
+ cd $SPOOLDIR/db || exit 1
+ if ! find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
+ -or -type f -printf '%f\0' | \
+ xargs -0r -n 1 \
+ start-stop-daemon --start --exec /usr/sbin/exim_tidydb \
+ --chuid Debian-exim:Debian-exim -- $SPOOLDIR > /dev/null; then
+ # if we reach this, invoking exim_tidydb from start-stop-daemon has
+ # failed, most probably because of libpam-tmpdir being in use
+ # (see #373786 and #376165)
+ find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
+ -or -type f -printf '%f\0' | \
+ su - --shell /bin/bash \
+ --command "xargs -0r -n 1 /usr/sbin/exim_tidydb $SPOOLDIR > /dev/null" \
+ Debian-exim
+ fi
+fi
--- /dev/null
+#!/bin/bash
+
+test -x /usr/sbin/logrotate || exit 0
+LOG=/var/log/logrotate.log
+echo >> ${LOG}
+echo "################################################" >> ${LOG}
+echo "[$(date --rfc-3339=seconds )]: Start Logrotating" >> ${LOG}
+/usr/sbin/logrotate /etc/logrotate.conf >> ${LOG} 2>&1
+echo "[$(date --rfc-3339=seconds )]: End Logrotating" >> ${LOG}
--- /dev/null
+#!/bin/sh
+#
+# man-db cron daily
+
+set -e
+
+iosched_idle=
+# Don't try to change I/O priority in a vserver or OpenVZ.
+if ! egrep -q '(envID|VxID):.*[1-9]' /proc/self/status && \
+ ([ ! -d /proc/vz ] || [ -d /proc/bc ]); then
+ iosched_idle='--iosched idle'
+fi
+
+if ! [ -d /var/cache/man ]; then
+ # Recover from deletion, per FHS.
+ mkdir -p /var/cache/man
+ chown man:root /var/cache/man || true
+ chmod 2755 /var/cache/man
+fi
+
+# expunge old catman pages which have not been read in a week
+if [ ! -d /run/systemd/system ] && [ -d /var/cache/man ]; then
+ cd /
+ if ! dpkg-statoverride --list /var/cache/man >/dev/null 2>&1; then
+ find /var/cache/man -ignore_readdir_race ! -user man -print0 | \
+ xargs -r0 chown -f man || true
+ fi
+ start-stop-daemon --start --pidfile /dev/null --startas /bin/sh \
+ --oknodo --chuid man $iosched_idle -- -c \
+ "find /var/cache/man -type f -name '*.gz' -atime +6 -print0 | \
+ xargs -r0 rm -f"
+fi
+
+# regenerate man database
+if [ -x /usr/bin/mandb ]; then
+ # --pidfile /dev/null so it always starts; mandb isn't really a daemon,
+ # but we want to start it like one.
+ start-stop-daemon --start --pidfile /dev/null \
+ --startas /usr/bin/mandb --oknodo --chuid man \
+ $iosched_idle \
+ -- --no-purge --quiet
+fi
+
+exit 0
--- /dev/null
+#! /bin/bash
+
+set -e
+
+[ -x /usr/bin/updatedb.mlocate ] || exit 0
+
+if which on_ac_power >/dev/null 2>&1; then
+ ON_BATTERY=0
+ on_ac_power >/dev/null 2>&1 || ON_BATTERY=$?
+ if [ "$ON_BATTERY" -eq 1 ]; then
+ exit 0
+ fi
+fi
+
+# See ionice(1)
+if [ -x /usr/bin/ionice ] &&
+ /usr/bin/ionice -c3 true 2>/dev/null; then
+ IONICE="/usr/bin/ionice -c3"
+fi
+
+flock --nonblock /run/mlocate.daily.lock $IONICE /usr/bin/updatedb.mlocate
--- /dev/null
+#!/bin/sh
+
+cd /var/backups || exit 0
+
+for FILE in passwd group shadow gshadow; do
+ test -f /etc/$FILE || continue
+ cmp -s $FILE.bak /etc/$FILE && continue
+ cp -p /etc/$FILE $FILE.bak && chmod 600 $FILE.bak
+done
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+#!/bin/sh
+#
+# man-db cron weekly
+
+set -e
+
+iosched_idle=
+# Don't try to change I/O priority in a vserver or OpenVZ.
+if ! egrep -q '(envID|VxID):.*[1-9]' /proc/self/status && \
+ ([ ! -d /proc/vz ] || [ -d /proc/bc ]); then
+ iosched_idle='--iosched idle'
+fi
+
+if ! [ -d /var/cache/man ]; then
+ # Recover from deletion, per FHS.
+ mkdir -p /var/cache/man
+ chown man:root /var/cache/man || true
+ chmod 2755 /var/cache/man
+fi
+
+# regenerate man database
+if [ -x /usr/bin/mandb ]; then
+ # --pidfile /dev/null so it always starts; mandb isn't really a daemon,
+ # but we want to start it like one.
+ start-stop-daemon --start --pidfile /dev/null \
+ --startas /usr/bin/mandb --oknodo --chuid man \
+ $iosched_idle \
+ -- --quiet
+fi
+
+exit 0
--- /dev/null
+# /etc/crontab: system-wide crontab
+# Unlike any other crontab you don't have to run the `crontab'
+# command to install the new version when you edit this file
+# and files in /etc/cron.d. These files also have username fields,
+# that none of the other crontabs do.
+
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# m h dom mon dow user command
+17 * * * * root cd / && run-parts --report /etc/cron.hourly
+25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
+47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
+52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
+#
--- /dev/null
+/etc/.etckeeper
+/etc/.gitignore
+/etc/.git
+/etc/.git/**
+/etc/.hgignore
+/etc/.hg
+/etc/.hg/**
+/etc/.bzrignore
+/etc/.bzr
+/etc/.bzr/**
+/etc/.darcsignore
+/etc/_darcs
+/etc/_darcs/**
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.hostname1"/>
+ <allow send_destination="org.freedesktop.hostname1"/>
+ <allow receive_sender="org.freedesktop.hostname1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.hostname1"/>
+ <allow receive_sender="org.freedesktop.hostname1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.locale1"/>
+ <allow send_destination="org.freedesktop.locale1"/>
+ <allow receive_sender="org.freedesktop.locale1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.locale1"/>
+ <allow receive_sender="org.freedesktop.locale1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.login1"/>
+ <allow send_destination="org.freedesktop.login1"/>
+ <allow receive_sender="org.freedesktop.login1"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.login1"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSessionByPID"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetUser"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetUserByPID"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSeat"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListSessions"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListUsers"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListSeats"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListInhibitors"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Inhibit"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="SetUserLinger"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ActivateSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ActivateSessionOnSeat"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="PowerOff"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Reboot"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Suspend"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Hibernate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="HybridSleep"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanPowerOff"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanReboot"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanSuspend"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanHibernate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanHybridSleep"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="AttachDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="FlushDevices"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="ActivateSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchTo"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchToPrevious"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchToNext"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="Activate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="SetIdleHint"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="PauseDeviceComplete"/>
+
+ <allow receive_sender="org.freedesktop.login1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.machine1"/>
+ <allow send_destination="org.freedesktop.machine1"/>
+ <allow receive_sender="org.freedesktop.machine1"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.machine1"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="ListMachines"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachineAddresses"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachine"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachineByPID"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Machine"
+ send_member="GetAddresses"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Machine"
+ send_member="GetMachineOSRelease"/>
+
+ <allow receive_sender="org.freedesktop.machine1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.systemd1"/>
+
+ <!-- Root clients can do everything -->
+ <allow send_destination="org.freedesktop.systemd1"/>
+ <allow receive_sender="org.freedesktop.systemd1"/>
+
+ <!-- systemd may receive activator requests -->
+ <allow receive_interface="org.freedesktop.systemd1.Activator"
+ receive_member="ActivationRequest"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.systemd1"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnit"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnitByPID"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="LoadUnit"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetJob"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnits"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnitsFiltered"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnitFiles"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnitFileState"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListJobs"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Subscribe"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Unsubscribe"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Dump"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetDefaultTarget"/>
+
+ <allow receive_sender="org.freedesktop.systemd1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.timedate1"/>
+ <allow send_destination="org.freedesktop.timedate1"/>
+ <allow receive_sender="org.freedesktop.timedate1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.timedate1"/>
+ <allow receive_sender="org.freedesktop.timedate1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+# This is the main config file for debconf. It tells debconf where to
+# store data. The format of this file is a set of stanzas. Each stanza
+# except the first sets up a database for debconf to use. For details, see
+# debconf.conf(5) (in the debconf-doc package).
+#
+# So first things first. This first stanza gives the names of two databases.
+
+# Debconf will use this database to store the data you enter into it,
+# and some other dynamic data.
+Config: configdb
+# Debconf will use this database to store static template data.
+Templates: templatedb
+
+# World-readable, and accepts everything but passwords.
+Name: config
+Driver: File
+Mode: 644
+Reject-Type: password
+Filename: /var/cache/debconf/config.dat
+
+# Not world readable (the default), and accepts only passwords.
+Name: passwords
+Driver: File
+Mode: 600
+Backup: false
+Required: false
+Accept-Type: password
+Filename: /var/cache/debconf/passwords.dat
+
+# Set up the configdb database. By default, it consists of a stack of two
+# databases, one to hold passwords and one for everything else.
+Name: configdb
+Driver: Stack
+Stack: config, passwords
+
+# Set up the templatedb database, which is a single flat text file
+# by default.
+Name: templatedb
+Driver: File
+Mode: 644
+Filename: /var/cache/debconf/templates.dat
+
+# Well that was pretty straightforward, and it will be enough for most
+# people's needs, but debconf's database drivers can be used to do much
+# more interesting things. For example, suppose you want to use config
+# data from another host, which is mounted over nfs or perhaps the database
+# is accessed via LDAP. You don't want to write to the remote debconf database,
+# just read from it, so you still need a local database for local changes.
+#
+# A remote NFS mounted database, read-only. It is optional; if debconf
+# fails to use it it will not abort.
+#Name: remotedb
+#Driver: DirTree
+#Directory: /mnt/otherhost/var/cache/debconf/config
+#Readonly: true
+#Required: false
+#
+# A remote LDAP database. It is also read-only. The password is really
+# only necessary if the database is not accessible anonymously.
+# Option KeyByKey instructs the backend to retrieve keys from the LDAP
+# server individually (when they are requested), instead of loading all
+# keys at startup. The default is 0, and should only be enabled if you
+# want to track accesses to individual keys on the LDAP server side.
+#Name: remotedb
+#Driver: LDAP
+#Server: remotehost
+#BaseDN: cn=debconf,dc=domain,dc=com
+#BindDN: uid=admin,dc=domain,dc=com
+#BindPasswd: secret
+#KeyByKey: 0
+#
+# A stack consisting of two databases. Values will be read from
+# the first database in the stack to contain a value. In this example,
+# writes always go to the first database.
+#Name: fulldb
+#Driver: Stack
+#Stack: configdb, remotedb
+#
+# In this example, we'd use Config: fulldb at the top of the file
+# to make it use the combination of the databases.
+#
+# Even more complex and interesting setups are possible, see the
+# debconf.conf(5) page for details.
--- /dev/null
+# Options to pass to acpid
+#
+# OPTIONS are appended to the acpid command-line
+#OPTIONS=""
+
+# Linux kernel modules to load before starting acpid
+#
+# MODULES is a space separated list of modules to load, or "all" to load all
+# acpi drivers, or commented out to load no module
+#MODULES="battery ac processor button fan thermal video"
+#MODULES="all"
--- /dev/null
+# This is a configuration file for /etc/init.d/aiccu; it allows you to
+# perform common modifications to the behavior of the aiccu daemon
+# startup without editing the init script (and thus getting prompted
+# by dpkg on upgrades). We all love dpkg prompts.
+
+# Arguments to pass to aiccu daemon.
+DAEMON_ARGS=""
+
+# Run aiccu at startup ?
+AICCU_ENABLED=Yes
+
--- /dev/null
+### htcacheclean settings ###
+
+## run htcacheclean: yes, no, auto
+## auto means run if /etc/apache2/mods-enabled/cache_disk.load exists
+## default: auto
+HTCACHECLEAN_RUN=auto
+
+## run mode: cron, daemon
+## run in daemon mode or as daily cron job
+## default: daemon
+HTCACHECLEAN_MODE=daemon
+
+## cache size
+HTCACHECLEAN_SIZE=300M
+
+## interval: if in daemon mode, clean cache every x minutes
+HTCACHECLEAN_DAEMON_INTERVAL=120
+
+## path to cache
+## must be the same as in CacheRoot directive
+HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
+
+## additional options:
+## -n : be nice
+## -t : remove empty directories
+HTCACHECLEAN_OPTIONS="-n"
--- /dev/null
+# run resolvconf?
+RESOLVCONF=no
+
+# startup options for the server
+OPTIONS="-u bind"
--- /dev/null
+# Uncomment the following line if you'd like all of your users'
+# ~/calendar files to be checked daily. Calendar will send them mail
+# to remind them of upcoming events. See calendar(1) for more details.
+#RUN_DAILY=true
--- /dev/null
+# CONFIGURATION FILE FOR SETUPCON
+
+# Consult the console-setup(5) manual page.
+
+ACTIVE_CONSOLES="/dev/tty[1-6]"
+
+CHARMAP="UTF-8"
+
+CODESET="Lat15"
+FONTFACE="Fixed"
+FONTSIZE="8x16"
+
+VIDEOMODE=
+
+# The following is an example how to use a braille font
+# FONT='lat9w-08.psf.gz brl-8x8.psf'
--- /dev/null
+# Cron configuration options
+
+# Whether to read the system's default environment files (if present)
+# If set to "yes", cron will set a proper mail charset from the
+# locale information. If set to something other than 'yes', the default
+# charset 'C' (canonical name: ANSI_X3.4-1968) will be used.
+#
+# This has no effect on tasks running under cron; their environment can
+# only be changed via PAM or from within the crontab; see crontab(5).
+READ_ENV="yes"
+
+# Extra options for cron, see cron(8)
+#
+# For example, to enable LSB name support in /etc/cron.d/, use
+# EXTRA_OPTS='-l'
+#
+# Or, to log standard messages, plus jobs with exit status != 0:
+# EXTRA_OPTS='-L 5'
+#
+# For quick reference, the currently available log levels are:
+# 0 no logging (errors are logged regardless)
+# 1 log start of jobs
+# 2 log end of jobs
+# 4 log jobs with exit status != 0
+# 8 log the process identifier of child process (in all logs)
+#
+#EXTRA_OPTS=""
+
--- /dev/null
+# GID of the `tty' group
+TTYGRP=5
+
+# Set to 600 to have `mesg n' be the default
+TTYMODE=620
--- /dev/null
+# /etc/default/exim4
+EX4DEF_VERSION=''
+
+# 'combined' - one daemon running queue and listening on SMTP port
+# 'no' - no daemon running the queue
+# 'separate' - two separate daemons
+# 'ppp' - only run queue with /etc/ppp/ip-up.d/exim4.
+# 'nodaemon' - no daemon is started at all.
+# 'queueonly' - only a queue running daemon is started, no SMTP listener.
+# setting this to 'no' will also disable queueruns from /etc/ppp/ip-up.d/exim4
+QUEUERUNNER='combined'
+# how often should we run the queue
+QUEUEINTERVAL='30m'
+# options common to quez-runner and listening daemon
+COMMONOPTIONS=''
+# more options for the daemon/process running the queue (applies to the one
+# started in /etc/ppp/ip-up.d/exim4, too.
+QUEUERUNNEROPTIONS=''
+# special flags given to exim directly after the -q. See exim(8)
+QFLAGS=''
+# Options for the SMTP listener daemon. By default, it is listening on
+# port 25 only. To listen on more ports, it is recommended to use
+# -oX 25:587:10025 -oP /var/run/exim4/exim.pid
+SMTPLISTENEROPTIONS=''
--- /dev/null
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Author: Cyril Jaquier
+#
+# $Revision$
+
+# Command line options for Fail2Ban. Refer to "fail2ban-client -h" for
+# valid options.
+FAIL2BAN_OPTS=""
+
+# Run fail2ban as a different user. If not set, fail2ban
+# will run as root.
+#
+# The user is not created automatically.
+# The user can be created e.g. with
+# useradd --system --no-create-home --home-dir / --groups adm fail2ban
+# Log files are readable by group adm by default. Adding the fail2ban
+# user to this group allows it to read the logfiles.
+#
+# Another manual step that needs to be taken is to allow write access
+# for fail2ban user to fail2ban log files. The /etc/init.d/fail2ban
+# script will change the ownership when starting fail2ban. Logrotate
+# needs to be configured separately, see /etc/logrotate.d/fail2ban.
+#
+# FAIL2BAN_USER="fail2ban"
--- /dev/null
+# If you change this file, run 'update-grub' afterwards to update
+# /boot/grub/grub.cfg.
+# For full documentation of the options in this file, see:
+# info -f grub -n 'Simple configuration'
+
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=2
+GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
+GRUB_CMDLINE_LINUX_DEFAULT="quiet"
+GRUB_CMDLINE_LINUX=""
+
+# Uncomment to enable BadRAM filtering, modify to suit your needs
+# This works with Linux (no patch required) and with any kernel that obtains
+# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
+#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
+
+# Uncomment to disable graphical terminal (grub-pc only)
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE
+# you can see them in real GRUB with the command `vbeinfo'
+#GRUB_GFXMODE=640x480
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY="true"
+
+# Uncomment to get a beep at grub start
+#GRUB_INIT_TUNE="480 440 1"
--- /dev/null
+# Default behaviour of shutdown -h / halt. Set to "halt" or "poweroff".
+HALT=poweroff
--- /dev/null
+# Configuration file for haveged
+
+# Options to pass to haveged:
+# -w sets low entropy watermark (in bits)
+DAEMON_ARGS="-w 1024"
--- /dev/null
+# Defaults for the hwclock init script. See hwclock(5) and hwclock(8).
+
+# This is used to specify that the hardware clock incapable of storing
+# years outside the range of 1994-1999. Set to yes if the hardware is
+# broken or no if working correctly.
+#BADYEAR=no
+
+# Set this to yes if it is possible to access the hardware clock,
+# or no if it is not.
+#HWCLOCKACCESS=yes
+
+# Set this to any options you might need to give to hwclock, such
+# as machine hardware clock type for Alphas.
+#HWCLOCKPARS=
+
+# Set this to the hardware clock device you want to use, it should
+# probably match the CONFIG_RTC_HCTOSYS_DEVICE kernel config option.
+#HCTOSYS_DEVICE=rtc0
+
--- /dev/null
+# KEYBOARD CONFIGURATION FILE
+
+# Consult the keyboard(5) manual page.
+
+XKBMODEL="pc105"
+XKBLAYOUT="us"
+XKBVARIANT=""
+XKBOPTIONS=""
+
+BACKSPACE="guess"
--- /dev/null
+# File generated by update-locale
+LANG="de_DE.UTF-8"
--- /dev/null
+# File generated by update-locale
+LANG="en_US.UTF-8"
--- /dev/null
+# Configuration for netfilter-persistent
+# Plugins may extend this file or have their own
+
+FLUSH_ON_STOP=0
--- /dev/null
+# Configuration for networking init script being run during
+# the boot sequence
+
+# Set to 'no' to skip interfaces configuration on boot
+#CONFIGURE_INTERFACES=yes
+
+# Don't configure these interfaces. Shell wildcards supported/
+#EXCLUDE_INTERFACES=
+
+# Set to 'yes' to enable additional verbosity
+#VERBOSE=no
--- /dev/null
+# /etc/default/nss
+# This file can theoretically contain a bunch of customization variables
+# for Name Service Switch in the GNU C library. For now there are only
+# four variables:
+#
+# NETID_AUTHORITATIVE
+# If set to TRUE, the initgroups() function will accept the information
+# from the netid.byname NIS map as authoritative. This can speed up the
+# function significantly if the group.byname map is large. The content
+# of the netid.byname map is used AS IS. The system administrator has
+# to make sure it is correctly generated.
+#NETID_AUTHORITATIVE=TRUE
+#
+# SERVICES_AUTHORITATIVE
+# If set to TRUE, the getservbyname{,_r}() function will assume
+# services.byservicename NIS map exists and is authoritative, particularly
+# that it contains both keys with /proto and without /proto for both
+# primary service names and service aliases. The system administrator
+# has to make sure it is correctly generated.
+#SERVICES_AUTHORITATIVE=TRUE
+#
+# SETENT_BATCH_READ
+# If set to TRUE, various setXXent() functions will read the entire
+# database at once and then hand out the requests one by one from
+# memory with every getXXent() call. Otherwise each getXXent() call
+# might result into a network communication with the server to get
+# the next entry.
+#SETENT_BATCH_READ=TRUE
+#
+# ADJUNCT_AS_SHADOW
+# If set to TRUE, the passwd routines in the NIS NSS module will not
+# use the passwd.adjunct.byname tables to fill in the password data
+# in the passwd structure. This is a security problem if the NIS
+# server cannot be trusted to send the passwd.adjuct table only to
+# privileged clients. Instead the passwd.adjunct.byname table is
+# used to synthesize the shadow.byname table if it does not exist.
+ADJUNCT_AS_SHADOW=TRUE
--- /dev/null
+#
+# /etc/default/rcS
+#
+# Default settings for the scripts in /etc/rcS.d/
+#
+# For information about these variables see the rcS(5) manual page.
+#
+# This file belongs to the "initscripts" package.
+
+# delete files in /tmp during boot older than x days.
+# '0' means always, -1 or 'infinite' disables the feature
+#TMPTIME=0
+
+# spawn sulogin during boot, continue normal boot if not used in 30 seconds
+#SULOGIN=no
+
+# do not allow users to log in until the boot has completed
+#DELAYLOGIN=no
+
+# be more verbose during the boot process
+#VERBOSE=no
+
+# automatically repair filesystems with inconsistencies during boot
+#FSCKFIX=no
--- /dev/null
+# defaults file for rsync daemon mode
+
+# start rsync in daemon mode from init.d script?
+# only allowed values are "true", "false", and "inetd"
+# Use "inetd" if you want to start the rsyncd from inetd,
+# all this does is prevent the init.d script from printing a message
+# about not starting rsyncd (you still need to modify inetd's config yourself).
+RSYNC_ENABLE=false
+
+# which file should be used as the configuration file for rsync.
+# This file is used instead of the default /etc/rsyncd.conf
+# Warning: This option has no effect if the daemon is accessed
+# using a remote shell. When using a different file for
+# rsync you might want to symlink /etc/rsyncd.conf to
+# that file.
+# RSYNC_CONFIG_FILE=
+
+# what extra options to give rsync --daemon?
+# that excludes the --daemon; that's always done in the init.d script
+# Possibilities are:
+# --address=123.45.67.89 (bind to a specific IP address)
+# --port=8730 (bind to specified port; default 873)
+RSYNC_OPTS=''
+
+# run rsyncd at a nice level?
+# the rsync daemon can impact performance due to much I/O and CPU usage,
+# so you may want to run it at a nicer priority than the default priority.
+# Allowed values are 0 - 19 inclusive; 10 is a reasonable value.
+RSYNC_NICE=''
+
+# run rsyncd with ionice?
+# "ionice" does for IO load what "nice" does for CPU load.
+# As rsync is often used for backups which aren't all that time-critical,
+# reducing the rsync IO priority will benefit the rest of the system.
+# See the manpage for ionice for allowed options.
+# -c3 is recommended, this will run rsync IO at "idle" priority. Uncomment
+# the next line to activate this.
+# RSYNC_IONICE='-c3'
+
+# Don't forget to create an appropriate config file,
+# else the daemon will not start.
--- /dev/null
+# Options for rsyslogd
+# -x disables DNS lookups for remote messages
+# See rsyslogd(8) for more details
+RSYSLOGD_OPTIONS=""
--- /dev/null
+# Controls whether or not service is restarted automatically when it exits.
+# See the manpage for systemd.service(5) for possible values for the "Restart="
+# option.
+RESTART='no'
--- /dev/null
+# Default settings for openssh-server. This file is sourced by /bin/sh from
+# /etc/init.d/ssh.
+
+# Options to pass to sshd
+SSHD_OPTS=
--- /dev/null
+# Configuration for tmpfs filesystems mounted in early boot, before
+# filesystems from /etc/fstab are mounted. For information about
+# these variables see the tmpfs(5) manual page.
+
+# /run is always mounted as a tmpfs on systems which support tmpfs
+# mounts.
+
+# mount /run/lock as a tmpfs (separately from /run). Defaults to yes;
+# set to no to disable (/run/lock will then be part of the /run tmpfs,
+# if available).
+#RAMLOCK=yes
+
+# mount /run/shm as a tmpfs (separately from /run). Defaults to yes;
+# set to no to disable (/run/shm will then be part of the /run tmpfs,
+# if available).
+#RAMSHM=yes
+
+# mount /tmp as a tmpfs. Defaults to no; set to yes to enable (/tmp
+# will be part of the root filesystem if disabled). /tmp may also be
+# configured to be a separate mount in /etc/fstab.
+#RAMTMP=no
+
+# Size limits. Please see tmpfs(5) for details on how to configure
+# tmpfs size limits.
+#TMPFS_SIZE=20%VM
+#RUN_SIZE=10%
+#LOCK_SIZE=5242880 # 5MiB
+#SHM_SIZE=
+#TMP_SIZE=
+
+# Mount tmpfs on /tmp if there is less than the limit size (in kiB) on
+# the root filesystem (overriding RAMTMP).
+#TMP_OVERFLOW_LIMIT=1024
--- /dev/null
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
--- /dev/null
+# /etc/deluser.conf: `deluser' configuration.
+
+# Remove home directory and mail spool when user is removed
+REMOVE_HOME = 0
+
+# Remove all files on the system owned by the user to be removed
+REMOVE_ALL_FILES = 0
+
+# Backup files before removing them. This options has only an effect if
+# REMOVE_HOME or REMOVE_ALL_FILES is set.
+BACKUP = 0
+
+# target directory for the backup file
+BACKUP_TO = "."
+
+# delete a group even there are still users in this group
+ONLY_IF_EMPTY = 0
+
+# exclude these filesystem types when searching for files of a user to backup
+EXCLUDE_FSTYPES = "(proc|sysfs|usbfs|devpts|tmpfs|afs)"
--- /dev/null
+#
+# The purpose of this script is just to show the variables that are
+# available to all the scripts in this directory. All these scripts
+# are called from /etc/dhcp3/dhclient-script, which exports all the
+# variables shown before. If you want to debug a problem with your DHCP
+# setup you can enable this script and take a look at
+# /tmp/dhclient-script.debug.
+
+# To enable this script set the following variable to "yes"
+RUN="no"
+
+if [ "$RUN" = "yes" ]; then
+ echo $(date): entering ${0%/*}, dumping variables. \
+ >> /tmp/dhclient-script.debug
+
+ # loop over the 4 possible prefixes: (empty), cur_, new_, old_
+ for prefix in '' 'cur_' 'new_' 'old_'; do
+ # loop over the DHCP variables passed to dhclient-script
+ for basevar in reason interface medium alias_ip_address \
+ ip_address host_name network_number subnet_mask \
+ broadcast_address routers static_routes \
+ rfc3442_classless_static_routes \
+ domain_name domain_search domain_name_servers \
+ netbios_name_servers netbios_scope \
+ ntp_servers \
+ ip6_address ip6_prefix ip6_prefixlen \
+ dhcp6_domain_search dhcp6_name_servers ; do
+ var="${prefix}${basevar}"
+ eval "content=\$var"
+
+ # show only variables with values set
+ if [ -n "${content}" ]; then
+ echo "$var='${content}'" >> /tmp/dhclient-script.debug
+ fi
+ done
+ done
+
+ echo '--------------------------' >> /tmp/dhclient-script.debug
+fi
--- /dev/null
+#!/bin/sh
+
+# Don't overwrite /etc/resolv.conf
+make_resolv_conf() {
+ :
+}
--- /dev/null
+#
+# The purpose of this script is just to show the variables that are
+# available to all the scripts in this directory. All these scripts
+# are called from /etc/dhcp3/dhclient-script, which exports all the
+# variables shown before. If you want to debug a problem with your DHCP
+# setup you can enable this script and take a look at
+# /tmp/dhclient-script.debug.
+
+# To enable this script set the following variable to "yes"
+RUN="no"
+
+if [ "$RUN" = "yes" ]; then
+ echo $(date): entering ${0%/*}, dumping variables. \
+ >> /tmp/dhclient-script.debug
+
+ # loop over the 4 possible prefixes: (empty), cur_, new_, old_
+ for prefix in '' 'cur_' 'new_' 'old_'; do
+ # loop over the DHCP variables passed to dhclient-script
+ for basevar in reason interface medium alias_ip_address \
+ ip_address host_name network_number subnet_mask \
+ broadcast_address routers static_routes \
+ rfc3442_classless_static_routes \
+ domain_name domain_search domain_name_servers \
+ netbios_name_servers netbios_scope \
+ ntp_servers \
+ ip6_address ip6_prefix ip6_prefixlen \
+ dhcp6_domain_search dhcp6_name_servers ; do
+ var="${prefix}${basevar}"
+ eval "content=\$var"
+
+ # show only variables with values set
+ if [ -n "${content}" ]; then
+ echo "$var='${content}'" >> /tmp/dhclient-script.debug
+ fi
+ done
+ done
+
+ echo '--------------------------' >> /tmp/dhclient-script.debug
+fi
--- /dev/null
+# set classless routes based on the format specified in RFC3442
+# e.g.:
+# new_rfc3442_classless_static_routes='24 192 168 10 192 168 1 1 8 10 10 17 66 41'
+# specifies the routes:
+# 192.168.10.0/24 via 192.168.1.1
+# 10.0.0.0/8 via 10.10.17.66.41
+
+RUN="yes"
+
+
+if [ "$RUN" = "yes" ]; then
+ if [ -n "$new_rfc3442_classless_static_routes" ]; then
+ if [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then
+
+ set -- $new_rfc3442_classless_static_routes
+
+ while [ $# -gt 0 ]; do
+ net_length=$1
+ via_arg=''
+
+ case $net_length in
+ 32|31|30|29|28|27|26|25)
+ net_address="${2}.${3}.${4}.${5}"
+ gateway="${6}.${7}.${8}.${9}"
+ shift 9
+ ;;
+ 24|23|22|21|20|19|18|17)
+ net_address="${2}.${3}.${4}.0"
+ gateway="${5}.${6}.${7}.${8}"
+ shift 8
+ ;;
+ 16|15|14|13|12|11|10|9)
+ net_address="${2}.${3}.0.0"
+ gateway="${4}.${5}.${6}.${7}"
+ shift 7
+ ;;
+ 8|7|6|5|4|3|2|1)
+ net_address="${2}.0.0.0"
+ gateway="${3}.${4}.${5}.${6}"
+ shift 6
+ ;;
+ 0) # default route
+ net_address="0.0.0.0"
+ gateway="${2}.${3}.${4}.${5}"
+ shift 5
+ ;;
+ *) # error
+ return 1
+ ;;
+ esac
+
+ # take care of link-local routes
+ if [ "${gateway}" != '0.0.0.0' ]; then
+ via_arg="via ${gateway}"
+ fi
+
+ # set route (ip detects host routes automatically)
+ ip -4 route add "${net_address}/${net_length}" \
+ ${via_arg} dev "${interface}" >/dev/null 2>&1
+ done
+ fi
+ fi
+fi
--- /dev/null
+# Configuration file for /sbin/dhclient, which is included in Debian's
+# dhcp3-client package.
+#
+# This is a sample configuration file for dhclient. See dhclient.conf's
+# man page for more information about the syntax of this file
+# and a more comprehensive list of the parameters understood by
+# dhclient.
+#
+# Normally, if the DHCP server provides reasonable information and does
+# not leave anything out (like the domain name, for example), then
+# few changes must be made to this file, if any.
+#
+
+option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
+
+#send host-name "andare.fugue.com";
+send host-name = gethostname();
+#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
+#send dhcp-lease-time 3600;
+#supersede domain-name "fugue.com home.vix.com";
+#prepend domain-name-servers 127.0.0.1;
+request subnet-mask, broadcast-address, time-offset, routers,
+ domain-name, domain-name-servers, domain-search, host-name,
+ dhcp6.name-servers, dhcp6.domain-search,
+ netbios-name-servers, netbios-scope, interface-mtu,
+ rfc3442-classless-static-routes, ntp-servers;
+#require subnet-mask, domain-name-servers;
+#timeout 60;
+#retry 60;
+#reboot 10;
+#select-timeout 5;
+#initial-interval 2;
+#script "/etc/dhcp3/dhclient-script";
+#media "-link0 -link1 -link2", "link0 link1";
+#reject 192.33.137.209;
+
+#alias {
+# interface "eth0";
+# fixed-address 192.5.5.213;
+# option subnet-mask 255.255.255.255;
+#}
+
+#lease {
+# interface "eth0";
+# fixed-address 192.33.137.200;
+# medium "link0 link1";
+# option host-name "andare.swiftmedia.com";
+# option subnet-mask 255.255.255.0;
+# option broadcast-address 192.33.137.255;
+# option routers 192.33.137.250;
+# option domain-name-servers 127.0.0.1;
+# renew 2 2000/1/12 00:00:01;
+# rebind 2 2000/1/12 00:00:01;
+# expire 2 2000/1/12 00:00:01;
+#}
--- /dev/null
+/usr/lib/ispell/american.aff
\ No newline at end of file
--- /dev/null
+/usr/lib/ispell/american.hash
\ No newline at end of file
--- /dev/null
+/var/cache/dictionaries-common/ispell-default
\ No newline at end of file
--- /dev/null
+/usr/share/dict/american-english
\ No newline at end of file
--- /dev/null
+
+# $Progeny$
+
+# Load modules for the following device types. Specify "all"
+# to detect all device types.
+types="all"
+
+# Don't ever load the foo, bar, or baz modules.
+#skip="foo bar baz"
+
+# Lines below this point have been automatically added by
+# discover-modprobe(8) to disable the loading of modules that have
+# previously crashed the machine:
--- /dev/null
+<?xml version="1.0"?>
+
+<!-- $Progeny$ -->
+
+<!DOCTYPE conffile SYSTEM "conffile.dtd">
+
+<conffile>
+ <busscan scan="default">
+ <bus name="ata"/>
+ <bus name="pci"/>
+ <bus name="pcmcia"/>
+ <bus name="scsi"/>
+ <bus name="usb"/>
+ </busscan>
+</conffile>
--- /dev/null
+# dpkg configuration file
+#
+# This file can contain default options for dpkg. All command-line
+# options are allowed. Values can be specified by putting them after
+# the option, separated by whitespace and/or an `=' sign.
+#
+
+# Do not enable debsig-verify by default; since the distribution is not using
+# embedded signatures, debsig-verify would reject all packages.
+no-debsig
+
+# Log status changes and actions to a file.
+log /var/log/dpkg.log
--- /dev/null
+Vendor: Debian
+Vendor-URL: http://www.debian.org/
+Bugs: debbugs://bugs.debian.org
--- /dev/null
+debian
\ No newline at end of file
--- /dev/null
+;; 00debian-vars.el
+;;
+;; Initialize some emacs variables from debian policy files.
+;;
+;; Copyright (C) 1997, Frederic Lepied <Frederic.Lepied@sugix.frmug.org>
+;;
+;; original Author: Frederic Lepied <Frederic.Lepied@sugix.frmug.org>
+;; enhanced and documented by: Mark Eichin <eichin@kitten.gen.ma.us>
+
+;;=============================================================================
+;; Autoloaded section.
+;;=============================================================================
+
+\f
+;;;###
+
+(eval-when-compile
+ ;; Quiet byte compiler
+ (defvar gnus-nntpserver-file))
+
+;;;***
+\f
+
+;;=============================================================================
+;; Configuration section.
+;;=============================================================================
+(defun debian-file->string (name &optional func)
+ "Convert a file into a string"
+ (interactive "fFile name : ")
+ (let ((filename (expand-file-name name)))
+ (if (not (file-readable-p filename))
+ nil
+ (with-temp-buffer
+ ;; Do not run any user `find-file-hooks'
+ (insert-file-contents-literally filename)
+ (if func
+ (funcall func))
+ (buffer-string)))))
+
+(defun debian-clean-mailname ()
+ (while (search-forward "\n" nil t)
+ (replace-match "" nil t)))
+
+;; Particular variables, and their justification:
+;; policy/ch4.html, 4.3 Mail processing on Debian systems, /etc/mailname
+;; policy/ch-binarypkg.html, 3.5 Maintainer scripts, /etc/news/server
+
+(let ((mailname
+ (debian-file->string "/etc/mailname" (function debian-clean-mailname))))
+ (if mailname
+ (setq mail-host-address mailname)))
+
+;; Don't need to check NNTPSERVER for override, gnus does that for us.
+(if (file-readable-p "/etc/news/server")
+ (setq gnus-nntpserver-file "/etc/news/server"))
+
+;;; 00debian-vars.el ends here
--- /dev/null
+;; File: startup.el.in
+;; Description: Emacsen startup for dictionaries-common in Debian
+;; Authors: Rafael Laboissière <rafael@debian.org>
+;; Agustin Martin <agmartin@debian.org>
+;; Created on: Fri Oct 22 09:48:21 CEST 1999
+
+(let ((skip-emacs-flavors-list '(emacs19
+ emacs20
+ emacs21
+ emacs22
+ emacs-snapshot))
+ (debian-dict-entries "/var/cache/dictionaries-common/emacsen-ispell-dicts.el"))
+ (if (member debian-emacs-flavor skip-emacs-flavors-list)
+ (message "Skipping dictionaries-common setup for %s" debian-emacs-flavor)
+
+ (debian-pkg-add-load-path-item
+ (concat "/usr/share/"
+ (symbol-name debian-emacs-flavor)
+ "/site-lisp/dictionaries-common"))
+
+ (autoload 'flyspell-word "flyspell" nil t)
+ (autoload 'flyspell-mode "flyspell" nil t)
+ (autoload 'flyspell-prog-mode "flyspell" nil t)
+
+ ;; Load Debian emacsen cache file, with entries for installed dictionaries
+ ;; This might result in a call to debian-ispell, so do this only if
+ ;; a) It exists, that is, package is not removed.
+ ;; b) Not in installations under dpkg control, otherwise we might get some
+ ;; bogus errors on installation because of #132355 and friends.
+ (if (file-exists-p "/usr/share/emacs/site-lisp/dictionaries-common/debian-ispell.el")
+ (if (getenv "DPKG_RUNNING_VERSION")
+ (message "Info: Skip debian-el loading if run under dpkg control.")
+ (let ((coding-system-for-read 'raw-text)) ;; Read these as data streams
+ (load "debian-ispell" t)
+ (load debian-dict-entries t)))
+ (message "Info: Package dictionaries-common removed but not purged."))))
+
+;;; Previous code for loading ispell.el and refreshing spell-checking
+;;; pulldown menus has been removed from this file since it should no
+;;; longer be needed.
--- /dev/null
+;; Emacsen independent startup file. All of the various installed
+;; flavors of emacs (emacs22, emacs23, xemacs21) will load this file
+;; at startup. Make sure any code you put here is emacs flavor
+;; independent.
+
+;; Package maintainers: do not have Debian packages edit this file.
+;; See /usr/share/doc/emacsen-common/debian-emacs-policy.gz for the
+;; proper way to handle Emacs package initialization code.
--- /dev/null
+# This is /etc/email-addresses. It is part of the exim package
+#
+# This file contains email addresses to use for outgoing mail. Any local
+# part not in here will be qualified by the system domain as normal.
+#
+# It should contain lines of the form:
+#
+#user: someone@isp.com
+#otheruser: someoneelse@anotherisp.com
--- /dev/null
+#!/bin/sh
+set -e
+
+not_enabled_warning() {
+ echo "etckeeper warning: etckeeper is not yet enabled for $(pwd)" >&2
+ echo "etckeeper warning: run etckeeper init to enable it" >&2
+}
+
+if [ "$VCS" = git ] && [ ! -d .git ]; then
+ not_enabled_warning
+elif [ "$VCS" = hg ] && [ ! -d .hg ]; then
+ not_enabled_warning
+elif [ "$VCS" = bzr ] && [ ! -d .bzr ]; then
+ not_enabled_warning
+elif [ "$VCS" = darcs ] && [ ! -d _darcs ]; then
+ not_enabled_warning
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = bzr ] && [ -d .bzr ]; then
+ if ! bzr add -q .; then
+ echo "etckeeper warning: bzr add failed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = darcs ] && [ -d _darcs ]; then
+ rc=0
+ res=$( darcs add -qr . 2>&1 ) || rc=$?
+ if test $rc -ne 0; then
+ if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then
+ printf "%s" "$res"
+ echo "etckeeper warning: darcs add failed" >&2
+ fi
+ fi
+ unset rc res
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ] && [ -d .git ]; then
+ if ! git add --all; then
+ echo "etckeeper warning: git add --all" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = hg ] && [ -d .hg ]; then
+ if ! hg addremove .; then
+ echo "etckeeper warning: hg addremove failed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+cleanup () {
+ if [ -n "$logfile" ]; then
+ rm -f "$logfile"
+ fi
+}
+if [ -n "$1" ]; then
+ trap cleanup EXIT
+ logfile="$(mktemp -t etckeeper-$VCS.XXXXXXXXXX)"
+ if [ "x$1" = "x--stdin" ]; then
+ cat > "$logfile"
+ else
+ if [ "x$1" = "x-m" ]; then
+ shift 1
+ fi
+ echo "$1" > "$logfile"
+ fi
+else
+ logfile=""
+fi
+
+hostname=`hostname`
+hostname="${hostname%%.*}"
+dnsdomainname=`dnsdomainname 2>/dev/null || true`
+if [ -n "$dnsdomainname" ]; then
+ hostname="$hostname.$dnsdomainname"
+fi
+
+USER=
+if [ -n "$SUDO_USER" ]; then
+ USER="$SUDO_USER"
+else
+ # try to check tty ownership, in case user su'd to root
+ TTY="$(tty 2>/dev/null || true)"
+ if [ -n "$TTY" ] && [ -c "$TTY" ]; then
+ USER="$(find "$TTY" -printf "%u")"
+ fi
+fi
+
+if [ "$VCS" = git ] && [ -d .git ]; then
+ if [ -n "$USER" ]; then
+ # Use user.name and user.email from the gitconfig belonging
+ # to the user who became root.
+ USER_HOME="$(perl -e 'print ((getpwnam(shift()))[7])' "$USER")"
+ if [ -n "$USER_HOME" ] && [ -e "$USER_HOME/.gitconfig" ]; then
+ if [ -z "$GIT_AUTHOR_NAME" ]; then
+ GIT_AUTHOR_NAME="$(git config -f "$USER_HOME/.gitconfig" user.name)" || true
+ export GIT_AUTHOR_NAME
+ fi
+ if [ -z "$GIT_AUTHOR_EMAIL" ]; then
+ GIT_AUTHOR_EMAIL="$(git config -f "$USER_HOME/.gitconfig" user.email)" || true
+ export GIT_AUTHOR_EMAIL
+ fi
+ fi
+ if [ -z "$GIT_COMMITTER_EMAIL" ]; then
+ GIT_COMMITER_EMAIL="$(git config --global user.email)" || true
+ export GIT_COMMITER_EMAIL
+ fi
+
+ if [ -z "$GIT_AUTHOR_NAME" ]; then
+ GIT_AUTHOR_NAME="$USER"
+ export GIT_AUTHOR_NAME
+ fi
+ if [ -z "$GIT_AUTHOR_EMAIL" ]; then
+ GIT_AUTHOR_EMAIL="$USER@$hostname"
+ export GIT_AUTHOR_EMAIL
+ fi
+ if [ -z "$GIT_COMMITTER_EMAIL" ]; then
+ GIT_COMMITTER_EMAIL=`whoami`"@$hostname"
+ export GIT_COMMITTER_EMAIL
+ fi
+ fi
+ if [ -n "$logfile" ]; then
+ git commit $GIT_COMMIT_OPTIONS -F "$logfile"
+ else
+ git commit $GIT_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = hg ] && [ -d .hg ]; then
+ if [ -n "$USER" ]; then
+ LOGNAME="$USER"
+ export LOGNAME
+ fi
+ if [ -z "$HGUSER" ]; then
+ HGUSER="$USER@$hostname"
+ export HGUSER
+ fi
+ if [ -n "$logfile" ]; then
+ hg commit $HG_COMMIT_OPTIONS -l "$logfile"
+ else
+ hg commit $HG_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = bzr ] && [ -d .bzr ]; then
+ if [ -z "$EMAIL" ] && [ -n "$USER" ]; then
+ EMAIL="$USER <$USER@$hostname>"
+ export EMAIL
+ fi
+ if [ -n "$logfile" ]; then
+ bzr commit $BZR_COMMIT_OPTIONS -F "$logfile"
+ else
+ bzr commit $BZR_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = darcs ] && [ -d _darcs ]; then
+ if [ -z "$USER" ]; then
+ USER=root
+ fi
+ if [ -n "$logfile" ]; then
+ darcs record --author="$USER" $DARCS_COMMIT_OPTIONS --logfile="$logfile"
+ else
+ darcs record --author="$USER" $DARCS_COMMIT_OPTIONS
+ fi
+fi
--- /dev/null
+#!/bin/sh
+if [ -n "$PUSH_REMOTE" ]; then
+ if [ "$VCS" = git ] && [ -d .git ]; then
+ for REMOTE in $PUSH_REMOTE; do
+ git push "$REMOTE" master || true
+ done
+ elif [ "$VCS" = hg ] && [ -d .hg ]; then
+ for REMOTE in $PUSH_REMOTE; do
+ hg push "$REMOTE" || true
+ done
+ else
+ echo "PUSH_REMOTE not yet supported for $VCS" >&2
+ fi
+fi
--- /dev/null
+Files in this directory are run when there might be changes to commit.
+(Before and after packages are installed, upgraded, etc.)
+They should commit changes and new files in /etc to repository.
--- /dev/null
+# The VCS to use.
+#VCS="hg"
+VCS="git"
+#VCS="bzr"
+#VCS="darcs"
+
+# Options passed to git commit when run by etckeeper.
+GIT_COMMIT_OPTIONS=""
+
+# Options passed to hg commit when run by etckeeper.
+HG_COMMIT_OPTIONS=""
+
+# Options passed to bzr commit when run by etckeeper.
+BZR_COMMIT_OPTIONS=""
+
+# Options passed to darcs record when run by etckeeper.
+DARCS_COMMIT_OPTIONS="-a"
+
+# Uncomment to avoid etckeeper committing existing changes
+# to /etc automatically once per day.
+#AVOID_DAILY_AUTOCOMMITS=1
+
+# Uncomment the following to avoid special file warning
+# (the option is enabled automatically by cronjob regardless).
+#AVOID_SPECIAL_FILE_WARNING=1
+
+# Uncomment to avoid etckeeper committing existing changes to
+# /etc before installation. It will cancel the installation,
+# so you can commit the changes by hand.
+#AVOID_COMMIT_BEFORE_INSTALL=1
+
+# The high-level package manager that's being used.
+# (apt, pacman-g2, yum, zypper etc)
+HIGHLEVEL_PACKAGE_MANAGER=apt
+
+# The low-level package manager that's being used.
+# (dpkg, rpm, pacman, pacman-g2, etc)
+LOWLEVEL_PACKAGE_MANAGER=dpkg
+
+# To push each commit to a remote, put the name of the remote here.
+# (eg, "origin" for git). Space-separated lists of multiple remotes
+# also work (eg, "origin gitlab github" for git).
+PUSH_REMOTE=""
--- /dev/null
+#!/bin/sh
+set -e
+
+# Note that metastore doesn't check that the .metastore file only changes
+# perms of files in the current directory. It's ok to trust the .metastore
+# file won't do anything shady, because, as documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .metadata ]; then
+ if which metastore >/dev/null; then
+ metastore --apply --mtime
+ else
+ echo "etckeeper warning: legacy .metastore file is present but metastore is not installed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# Used by .etckeeper to run a command if the file it acts on
+# (the last parameter) exists.
+maybe () {
+ command="$1"
+ shift 1
+
+ if eval [ -e "\"\$$#\"" ]; then
+ "$command" "$@"
+ fi
+}
+
+# Yes, this runs code from the repository. As documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .etckeeper ]; then
+ . ./.etckeeper
+else
+ touch .etckeeper
+ chmod 600 .etckeeper
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ] && [ ! -e .git ]; then
+ git init
+ echo "$(hostname) /etc repository" > .git/description
+elif [ "$VCS" = hg ] && [ ! -e .hg ]; then
+ hg init
+ echo "[web]" > .hg/hgrc
+ echo "description = $(hostname) /etc repository" >> .hg/hgrc
+elif [ "$VCS" = bzr ] && [ ! -e .bzr ]; then
+ bzr init
+ bzr nick "$(hostname) /etc repository"
+elif [ "$VCS" = darcs ] && [ ! -e _darcs ]; then
+ darcs initialize
+ echo "$(hostname) /etc repository" > _darcs/prefs/motd
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+etckeeper update-ignore -a || true
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ chmod 700 .git
+elif [ "$VCS" = hg ]; then
+ chmod 700 .hg
+elif [ "$VCS" = bzr ]; then
+ chmod 700 .bzr
+elif [ "$VCS" = darcs ]; then
+ chmod 700 _darcs
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+case "$VCS" in
+ git)
+ if [ -x .git/hooks/pre-commit ]; then
+ if ! grep -q "etckeeper pre-commit" .git/hooks/pre-commit; then
+ echo "etckeeper warning: .git/hooks/pre-commit needs to be manually modified to run: etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ cat >.git/hooks/pre-commit <<EOF
+#!/bin/sh
+# pre-commit hook for etckeeper, to store metadata and do sanity checks
+set -e
+etckeeper pre-commit -d `pwd`
+EOF
+ chmod +x .git/hooks/pre-commit
+ fi
+ ;;
+ hg)
+ if [ -e .hg/hgrc ] && grep "^\[hooks\]" .hg/hgrc; then
+ if ! grep "^pre-commit" .hg/hgrc | grep -q "etckeeper pre-commit"; then
+ echo "etckeeper warning: [hooks] section in .hg/hgrc needs to be manually modified to contain: pre-commit = etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ touch .hg/hgrc
+ cat >>.hg/hgrc <<EOF
+[hooks]
+# pre-commit hook for etckeeper, to store metadata and do sanity checks
+pre-commit = etckeeper pre-commit -d `pwd`
+EOF
+ fi
+ ;;
+ darcs)
+ if [ -e _darcs/prefs/defaults ]; then
+ if ! ( grep -q "record prehook etckeeper pre-commit" _darcs/prefs/defaults &&
+ grep -q "whatsnew prehook etckeeper pre-commit" _darcs/prefs/defaults ); then
+ echo "etckeeper warning: _darcs/prefs/defaults needs to be manually modified to run: etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ cat >_darcs/prefs/defaults <<EOF
+record prehook etckeeper pre-commit -d `pwd`
+record run-prehook
+whatsnew prehook etckeeper pre-commit -d `pwd`
+whatsnew run-prehook
+EOF
+ fi
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+set -e
+
+filter_ignore() {
+ if [ "$VCS" = darcs ]; then
+ ignorefile=.darcsignore
+ fi
+
+ if [ "$VCS" = darcs ] && [ -e "$ignorefile" ]; then
+ # Spaces embedded into patterns would break it.
+ # But really, why would anyone want to use ' ' instead of '\s' ?
+ #patterns=$( grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" | xargs -n 1 printf " -e %s" )
+ #grep -Ev $patterns
+ #unset patterns
+ # Alternative using a temp file
+ patternsfile="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" > "$patternsfile" || true
+ grep -Evf "$patternsfile"
+ rm -f "$patternsfile"
+ unset patternsfile
+ else
+ cat -
+ fi
+}
+
+
+if [ "$VCS" = darcs ];then
+ NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o'
+
+ # We assume that if .etckeeper is empty this is the first run
+ if [ -s .etckeeper ]; then
+ linksindex="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ grep '^ln -s' .etckeeper | while IFS="'" read n n n link n; do
+ printf "%s\n" "$link" >> "$linksindex"
+ done
+
+ # Warn about symbolic links that shouldn't exist
+ if links=$( find $NOVCS -type l -print | filter_ignore | grep -vFf "$linksindex" ); then
+ printf "%s\n%s\n" \
+ "The following symbolic links should not exist:" \
+ "$links" >&2
+ fi
+
+ rm -f "$linksindex"
+ unset links linksindex
+ fi
+
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ if ! git add .; then
+ echo "etckeeper warning: git add failed" >&2
+ fi
+elif [ "$VCS" = hg ]; then
+ if ! hg add .; then
+ echo "etckeeper warning: hg add failed" >&2
+ fi
+elif [ "$VCS" = bzr ]; then
+ if ! bzr add .; then
+ echo "etckeeper warning: bzr add failed" >&2
+ fi
+elif [ "$VCS" = darcs ]; then
+ # Don't warn if all the files were already added.
+ rc=0
+ res=$( darcs add -qr . 2>&1 ) || rc=$?
+ if test $rc -ne 0; then
+ if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then
+ printf "%s" "$res"
+ echo "etckeeper warning: darcs add failed" >&2
+ fi
+ fi
+ unset rc res
+fi
--- /dev/null
+Executable files in this directory are run to initialise the working directory
+for use by etckeeper. If the working directory is not already in version
+control, that includes setting up the version control, but not actually
+committing anything. If the working directory is in version control,
+it includes applying stored metadata to the checked out files in the
+working directory.
+
+Please be careful to *never* overwrite existing files/directories
+in the working directory (or use absolute care when doing so). If a file
+you need to write already exists, check if its contents are sane, and
+if not, emit a warning on stderr.
+
+If initialisation fails, exit nonzero and no later files will be run.
--- /dev/null
+#!/bin/sh
+# Output to stdout a *sorted* list of all currently installed
+# (or removed but still with config-files) packages, in the
+# format "package version\n" (or something similar).
+if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then
+ dpkg-query -W -f '${Status}\t${Package} ${Version}\n' | \
+ egrep '(ok installed|ok config-files)' | cut -f2,3
+elif [ "$LOWLEVEL_PACKAGE_MANAGER" = rpm ]; then
+ rpm -qa --qf "%|epoch?{%{epoch}}:{0}|:%{name}-%{version}-%{release}.%{arch}\n" | sort
+elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pacman ]; then
+ pacman -Q
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+pl="/var/cache/etckeeper/packagelist"
+
+if etckeeper unclean; then
+ message="committing changes in /etc after $HIGHLEVEL_PACKAGE_MANAGER run"
+
+ set +e
+ if [ -e $pl.pre-install ]; then
+ (
+ echo "$message"
+ echo
+ echo "Package changes:"
+ etckeeper list-installed | diff -U0 $pl.pre-install - | tail -n+4 | egrep '^[-+]' || true
+ ) | etckeeper commit --stdin
+ else
+ etckeeper commit "$(printf "$message")"
+ fi
+ status=$?
+ set -e
+
+ if [ "$status" != 0 ]; then
+ echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2
+ fi
+fi
+
+if [ -e $pl.pre-install ]; then
+ rm -f $pl.pre-install
+fi
--- /dev/null
+Files in this directory are run after packages are installed, upgraded, etc.
+They should commit changes and new files in /etc to repository.
--- /dev/null
+#!/bin/sh
+set -e
+
+exclude_internal () {
+ egrep -v '(^|/)(.git|.hg|.bzr|_darcs)/'
+}
+
+if [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then
+ special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 | exclude_internal ) || true
+elif [ "$VCS" = hg ]; then
+ special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 -exec hg status {} \; | exclude_internal ) || true
+elif [ "$VCS" = git ]; then
+ special=$(find . ! -type d ! -type f ! -type l -exec git ls-files --exclude-standard --cached --others {} \; | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 -exec git ls-files --exclude-standard --cached --others {} \; | exclude_internal) || true
+else
+ special=""
+fi
+
+if [ -n "$special" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then
+ echo "etckeeper warning: special files could cause problems with $VCS:" >&2
+ echo "$special" >&2
+fi
+if [ -n "$hardlinks" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then
+ echo "etckeeper warning: hardlinked files could cause problems with $VCS:" >&2
+ echo "$hardlinks" >&2
+fi
+
+true
--- /dev/null
+#!/bin/sh
+set -e
+
+# Filters out UNKNOWN users and groups, prints a warning on stderr.
+filter_unknown() {
+ CMD=$1
+ while read line; do
+ # if the first n chars of $line equal "$CMD UNKNOWN "...
+ if [ "$(printf %.$((9+${#CMD}))s "$line")" = "$CMD UNKNOWN " ]; then
+ echo Bad "$2" for "$line" >&2
+ else
+ echo "$line"
+ fi
+ done
+}
+
+filter_ignore() {
+ case "$VCS" in
+ darcs) ignorefile=.darcsignore ;;
+ git) ignorefile=.gitignore ;;
+ esac
+
+ if [ -n "$ignorefile" ] && [ -e "$ignorefile" ]; then
+ listfile="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ case "$VCS" in
+ darcs)
+ grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" > "$listfile" || true
+ grep -Evf "$listfile"
+ ;;
+ git)
+ (git ls-files -oi --exclude-standard; git ls-files -oi --exclude-standard --directory) | sort | uniq > "$listfile" || true
+ sed 's/^\.\///' | grep -xFvf "$listfile"
+ ;;
+ esac
+ rm -f "$listfile"
+ unset listfile
+ else
+ cat -
+ fi
+}
+
+shellquote() {
+ # Single quotes text, escaping existing single quotes.
+ sed -e "s/'/'\"'\"'/g" -e "s/^/'/" -e "s/$/'/"
+}
+
+generate_metadata() {
+ # This function generates the script commands to fix any file
+ # ownerships that aren't owner=root, group=root, as well as to
+ # store the permissions of files.
+ # The script is produced on stdout. Errors go to stderr.
+ #
+ # The script can use a 'maybe' function, which only runs a command
+ # if the file in its last argument exists.
+
+ # We want files in the directory containing VCS data
+ # but we want find to ignore the VCS files themselves.
+ #
+ # (Note that when using this, the find expression must end with
+ # -print or -exec, else the excluded directories will actually be
+ # printed!)
+ NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o'
+
+ # Keep the sort order the same at all times.
+ LC_COLLATE=C
+ export LC_COLLATE
+
+ if [ "$VCS" = git ] || [ "$VCS" = hg ]; then
+ # These version control systems do not track directories,
+ # so empty directories must be stored specially.
+ find $NOVCS -type d -empty -print |
+ sort | shellquote | sed -e "s/^/mkdir -p /"
+ fi
+
+ if [ "$VCS" = darcs ]; then
+ # This version control system does not track symlinks,
+ # so they must be stored specially.
+ find $NOVCS -type l -print | sort | filter_ignore | while read link; do
+ dest=$( readlink "$link" )
+ printf "ln -sf '%s' '%s'\n" "$(echo "$dest" | shellquote)" "$(echo "$link" | shellquote)"
+ done
+ fi
+
+ # Store things that don't have the default user or group.
+ # Store all file modes, in case the user has an unusual umask.
+ find $NOVCS \( -type f -or -type d \) -print | filter_ignore | sort | perl -ne '
+ BEGIN { $q=chr(39) }
+ sub uidname {
+ my $want=shift;
+ if (exists $uidcache{$want}) {
+ return $uidcache{$want};
+ }
+ my $name=scalar getpwuid($want);
+ return $uidcache{$want}=defined $name ? $name : $want;
+ }
+ sub gidname {
+ my $want=shift;
+ if (exists $gidcache{$want}) {
+ return $gidcache{$want};
+ }
+ my $name=scalar getgrgid($want);
+ return $gidcache{$want}=defined $name ? $name : $want;
+ }
+ chomp;
+ my @stat=stat($_);
+ my $mode = $stat[2];
+ my $uid = $stat[4];
+ my $gid = $stat[5];
+ s/$q/$q"$q"$q/g; # escape single quotes
+ s/^/$q/;
+ s/$/$q/;
+ if ($uid != $>) {
+ printf "maybe chown $q%s$q %s\n", uidname($uid), $_;
+ }
+ if ($gid != $)) {
+ printf "maybe chgrp $q%s$q %s\n", gidname($gid), $_;
+ }
+ printf "maybe chmod %04o %s\n", $mode & 07777, $_;
+ '
+
+ # We don't handle xattrs.
+ # Maybe check for getfattr/setfattr and use them if they're available?
+}
+
+if [ "$VCS" = git ] || [ "$VCS" = hg ] || [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then
+ if [ -f .metadata ]; then
+ # remove obsolete .metadata file
+ # git allows fully deleting it at this point, other VCS
+ # may not (the repo is locked for hg).
+ if [ "$VCS" = git ]; then
+ $VCS rm .metadata
+ else
+ rm -f .metadata
+ fi
+ fi
+
+ echo "# Generated by etckeeper. Do not edit." > .etckeeper
+ echo >> .etckeeper
+
+ # Make sure the file is not readable by others, since it can leak
+ # information about contents of non-readable directories in /etc.
+ chmod 700 .etckeeper
+
+ generate_metadata >> .etckeeper
+
+ # stage the file as part of the current commit
+ if [ "$VCS" = git ]; then
+ # this will do nothing if the metadata file is unchanged.
+ git add .etckeeper
+ fi
+ # hg, bzr and darcs add not done, they will automatically
+ # include the file in the current commit
+fi
--- /dev/null
+This is run by a git pre-commit hook before committing changes to the
+repository. This can be used for storing metadata, and for sanity checks.
--- /dev/null
+#!/bin/sh
+# This list will be later used when committing.
+mkdir -p /var/cache/etckeeper/
+etckeeper list-installed > /var/cache/etckeeper/packagelist.pre-install
--- /dev/null
+#!/bin/sh
+set -e
+
+if etckeeper unclean; then
+ if [ "$AVOID_COMMIT_BEFORE_INSTALL" = 1 ]; then
+ echo "" >&2
+ echo "** etckeeper detected uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run" >&2
+ echo "** Aborting $HIGHLEVEL_PACKAGE_MANAGER run. Manually commit and restart." >&2
+ echo "" >&2
+ exit 1
+ fi
+ if ! etckeeper commit "saving uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run"; then
+ echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2
+ fi
+fi
--- /dev/null
+Files in this directory are run before packages are installed, upgraded,
+etc. This is mostly used for sanity checks, ie, does /etc have any
+uncommitted changes?
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ [ -d .git ] && [ -n "`git status --porcelain`" ]
+elif [ "$VCS" = hg ]; then
+ [ -d .hg ] && ! hg status 2>&1 | wc -l | grep -q "^0$"
+elif [ "$VCS" = bzr ]; then
+ [ -d .bzr ] && ! bzr version-info --custom --template="{clean}\n" | grep -q "^1$"
+elif [ "$VCS" = darcs ]; then
+ [ -d _darcs ] && darcs whatsnew -l >/dev/null
+fi
--- /dev/null
+Files in this directory are used to test if the working copy has
+uncommitted changes.
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" != "-f" ]; then
+ echo "** Warning: This will DESTROY all recorded history for $ETCKEEPER_DIR,"
+ echo "** including the $VCS repository."
+ echo ""
+ printf "Are you sure you want to do this? [yN] "
+ read answer
+ case "$answer" in
+ [Yy]*)
+ echo "Proceeding.."
+ exit 0
+ ;;
+ *)
+ echo "Aborting etckeeper uninit."
+ exit 1
+ ;;
+ esac
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# Files generated by etckeeper to store metadata the VCS cannot preserve.
+rm -f .etckeeper
+rm -f .metadata # only generated by old versions
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ rm -rf .git
+ file=.gitignore
+elif [ "$VCS" = hg ]; then
+ rm -rf .hg
+ file=.hgignore
+elif [ "$VCS" = bzr ]; then
+ rm -rf .bzr
+ file=.bzrignore
+elif [ "$VCS" = darcs ]; then
+ rm -rf _darcs
+ file=.darcsignore
+fi
+
+managed_by_etckeeper="managed by etckeeper"
+
+if ! grep -q "$managed_by_etckeeper" "$file"; then
+ exit 0
+else
+ realfile="$file"
+ if which tempfile >/dev/null 2>&1 || type -p tempfile >/dev/null 2>&1; then
+ tempfile="tempfile"
+ elif which mktemp >/dev/null 2>&1 || type -p mktemp >/dev/null 2>&1; then
+ tempfile="mktemp"
+ else
+ echo "etckeeper warning: can't find tempfile or mktemp" >&2
+ exit 1
+ fi
+ file=$($tempfile)
+ otherentries=
+ skipping=
+ while read -r line; do
+ if echo "$line" | grep -q "$managed_by_etckeeper"; then
+ if [ ! "$skipping" ]; then
+ skipping=1
+ else
+ skipping=
+ fi
+ elif [ ! "$skipping" ]; then
+ echo "$line" >> "$file"
+ otherentries=1
+ fi
+ done <"$realfile"
+
+ if [ "$otherentries" ]; then
+ mv -f "$file" "$realfile"
+ else
+ rm -f "$file"
+ rm -f "$realfile"
+ fi
+fi
--- /dev/null
+Executable files in this directory are run to uninitialise the working
+directory, removing files added by `etckeeper init`.
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ dir=.git
+ file=.gitignore
+elif [ "$VCS" = hg ]; then
+ dir=.hg
+ file=.hgignore
+elif [ "$VCS" = bzr ]; then
+ dir=.bzr
+ file=.bzrignore
+elif [ "$VCS" = darcs ]; then
+ dir=_darcs
+ file=.darcsignore
+else
+ echo "etckeeper: unsupported VCS $VCS" >&2
+ exit 1
+fi
+
+if [ ! -d "$dir" ]; then
+ exit 0
+fi
+
+managed_by_etckeeper="managed by etckeeper"
+
+nl() {
+ echo >>"$file"
+}
+
+comment() {
+ comment="$1"
+ echo "# $comment" >>"$file"
+}
+
+ignore() {
+ glob="$1"
+
+ case "$VCS" in
+ git)
+ # escape "#" in ignores, as otherwise it may
+ # be considered a comment
+ echo "$glob" | sed 's/#/\\#/g' >>"$file"
+ ;;
+ bzr)
+ echo "$glob" >>"$file"
+ ;;
+ hg)
+ # rather than converting the glob to a regexp, just
+ # configure hg to use globs
+ if [ -z "$hg_syntax_printed" ]; then
+ comment "use glob syntax"
+ echo "syntax: glob" >>"$file"
+ nl
+ hg_syntax_printed=1
+ fi
+ echo "$glob" | sed 's/#/\\#/g' >>"$file"
+ ;;
+ darcs)
+ # darcs doesn't understand globs, so we need to
+ # translate them into regexs. Not a complete converter,
+ # but suitable for given globs.
+ if [ "${glob%\*}" != "$glob" ]; then
+ glob="${glob%\*}"
+ else
+ glob="$glob"'($|/)'
+ fi
+ if [ "${glob#\*}" != "$glob" ]; then
+ glob="${glob#\*}"
+ else
+ glob='(^|/)'"$glob"
+ fi
+ glob="$( printf %s $glob | sed -e 's/\./\\./g;s/\*/[^\/]*/g;s/\?/[^\/]/g' )"
+ echo "$glob" >>"$file"
+ esac
+}
+
+writefile () {
+ comment "begin section $managed_by_etckeeper (do not edit this section by hand)"
+ nl
+
+ if [ "$VCS" = darcs ]; then
+ darcs setpref boringfile .darcsignore
+ fi
+
+ if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then
+ comment "new and old versions of conffiles, stored by dpkg"
+ ignore "*.dpkg-*"
+ comment "new and old versions of conffiles, stored by ucf"
+ ignore "*.ucf-*"
+ nl
+ elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "rpm" ]; then
+ comment "new and old versions of conffiles, stored by apt/rpm"
+ ignore "*.rpm*"
+ nl
+ elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "pacman-g2" -o "$LOWLEVEL_PACKAGE_MANAGER" = "pacman" ]; then
+ comment "new and old versions of conffiles, stored by pacman"
+ ignore "*.pacnew"
+ ignore "*.pacorig"
+ ignore "*.pacsave"
+ nl
+ fi
+
+ comment "old versions of files"
+ ignore "*.old"
+ # Not currently ignored as admins tend to rely on these files.
+ #ignore "passwd-"
+ #ignore "group-"
+ #ignore "shadow-"
+ #ignore "gshadow-"
+ nl
+
+ comment "mount(8) records system state here, no need to store these"
+ ignore blkid.tab
+ ignore blkid.tab.old
+ nl
+
+ comment "some other files in /etc that typically do not need to be tracked"
+ ignore nologin
+ ignore ld.so.cache
+ ignore prelink.cache
+ ignore mtab
+ ignore mtab.fuselock
+ ignore .pwd.lock
+ ignore "*.LOCK"
+ ignore network/run
+ ignore adjtime
+ ignore lvm/cache
+ ignore lvm/archive
+ ignore "X11/xdm/authdir/authfiles/*"
+ ignore ntp.conf.dhcp
+ ignore .initctl
+ ignore "webmin/fsdump/*.status"
+ ignore "webmin/webmin/oscache"
+ ignore "apparmor.d/cache/*"
+ ignore "service/*/supervise/*"
+ ignore "service/*/log/supervise/*"
+ ignore "sv/*/supervise/*"
+ ignore "sv/*/log/supervise/*"
+ ignore "*.elc"
+ ignore "*.pyc"
+ ignore "*.pyo"
+ ignore "init.d/.depend.*"
+ ignore "openvpn/openvpn-status.log"
+ ignore "cups/subscriptions.conf"
+ ignore "cups/subscriptions.conf.O"
+ ignore "fake-hwclock.data"
+ ignore "check_mk/logwatch.state"
+ nl
+
+ comment "editor temp files"
+ ignore "*~"
+ ignore ".*.sw?"
+ ignore ".sw?"
+ ignore "#*#"
+ ignore DEADJOE
+
+ nl
+ comment "end section $managed_by_etckeeper"
+}
+
+if [ -e "$file" ]; then
+ if ! grep -q "$managed_by_etckeeper" "$file"; then
+ if [ "$1" != "-a" ]; then
+ echo "etckeeper: "$file" does not contain \"$managed_by_etckeeper\" comment; not updating"
+ exit 1
+ else
+ echo "etckeeper: "$file" exists but does not contain \"$managed_by_etckeeper\" comment; updating"
+ writefile
+ exit 0
+ fi
+ fi
+ realfile="$file"
+ if which tempfile >/dev/null 2>&1 || type -p tempfile >/dev/null 2>&1; then
+ tempfile="tempfile"
+ elif which mktemp >/dev/null 2>&1 || type -p mktemp >/dev/null 2>&1; then
+ tempfile="mktemp"
+ else
+ echo "etckeeper warning: can't find tempfile or mktemp" >&2
+ fi
+ file=$($tempfile)
+ (
+ skipping=
+ while read -r line; do
+ if echo "$line" | grep -q "$managed_by_etckeeper"; then
+ if [ ! "$skipping" ]; then
+ skipping=1
+ else
+ skipping=
+ writefile
+ fi
+ elif [ ! "$skipping" ]; then
+ echo "$line" >> "$file"
+ fi
+ done
+ if [ "$skipping" ]; then
+ # reached end of file w/o ending block
+ writefile
+ fi
+ ) <"$realfile"
+
+ mv -f "$file" "$realfile"
+else
+ writefile
+fi
--- /dev/null
+Executable files in this directory are run to update the VCS ignore file,
+or create it if it does not exist.
--- /dev/null
+#!/bin/sh
+set -e
+
+# check whether we can locate the vcs binary
+if [ -n "$VCS" ] && which "$VCS" > /dev/null; then
+ # pass commands to the VCS application
+ $VCS "$@"
+else
+ echo "error: VCS ($VCS) not set or not in PATH" >&2
+ exit 1
+fi
--- /dev/null
+
+######################################################################
+# ACL CONFIGURATION #
+# Specifies access control lists for incoming SMTP mail #
+######################################################################
+begin acl
+
+
--- /dev/null
+
+### acl/20_exim4-config_local_deny_exceptions
+#################################
+
+# This is used to determine whitelisted senders and hosts.
+# It checks for CONFDIR/host_local_deny_exceptions and
+# CONFDIR/sender_local_deny_exceptions.
+#
+# It is meant to be used from some other acl entry.
+#
+# See exim4-config_files(5) for details.
+#
+# If the files do not exist, the white list never matches, which is
+# the desired behaviour.
+#
+# The old file names CONFDIR/local_host_whitelist and
+# CONFDIR/local_sender_whitelist will continue to be honored for a
+# transition period. Their use is deprecated.
+
+acl_local_deny_exceptions:
+ accept
+ hosts = ${if exists{CONFDIR/host_local_deny_exceptions}\
+ {CONFDIR/host_local_deny_exceptions}\
+ {}}
+ accept
+ senders = ${if exists{CONFDIR/sender_local_deny_exceptions}\
+ {CONFDIR/sender_local_deny_exceptions}\
+ {}}
+ accept
+ hosts = ${if exists{CONFDIR/local_host_whitelist}\
+ {CONFDIR/local_host_whitelist}\
+ {}}
+ accept
+ senders = ${if exists{CONFDIR/local_sender_whitelist}\
+ {CONFDIR/local_sender_whitelist}\
+ {}}
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef LOCAL_DENY_EXCEPTIONS_LOCAL_ACL_FILE
+ .include LOCAL_DENY_EXCEPTIONS_LOCAL_ACL_FILE
+ .endif
+
+ # this is still supported for a transition period and is deprecated.
+ .ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
+ .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
+ .endif
--- /dev/null
+
+### acl/30_exim4-config_check_mail
+#################################
+
+# This access control list is used for every MAIL command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+#
+acl_check_mail:
+ .ifdef CHECK_MAIL_HELO_ISSUED
+ deny
+ message = no HELO given before MAIL command
+ condition = ${if def:sender_helo_name {no}{yes}}
+ .endif
+
+ accept
--- /dev/null
+
+### acl/30_exim4-config_check_rcpt
+#################################
+
+# This access control list is used for every RCPT command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+#
+acl_check_rcpt:
+
+ # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
+ # testing for an empty sending host field.
+ accept
+ hosts = :
+ control = dkim_disable_verify
+
+ # Do not try to verify DKIM signatures of incoming mail if DC_minimaldns
+ # or DISABLE_DKIM_VERIFY are set.
+.ifdef DC_minimaldns
+ warn
+ control = dkim_disable_verify
+.else
+.ifdef DISABLE_DKIM_VERIFY
+ warn
+ control = dkim_disable_verify
+.endif
+.endif
+
+ # The following section of the ACL is concerned with local parts that contain
+ # certain non-alphanumeric characters. Dots in unusual places are
+ # handled by this ACL as well.
+ #
+ # Non-alphanumeric characters other than dots are rarely found in genuine
+ # local parts, but are often tried by people looking to circumvent
+ # relaying restrictions. Therefore, although they are valid in local
+ # parts, these rules disallow certain non-alphanumeric characters, as
+ # a precaution.
+ #
+ # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
+ # allows them because they have been encountered. (Consider local parts
+ # constructed as "firstinitial.secondinitial.familyname" when applied to
+ # a name without a second initial.) However, a local part starting
+ # with a dot or containing /../ can cause trouble if it is used as part of a
+ # file name (e.g. for a mailing list). This is also true for local parts that
+ # contain slashes. A pipe symbol can also be troublesome if the local part is
+ # incorporated unthinkingly into a shell command line.
+ #
+ # These ACL components will block recipient addresses that are valid
+ # from an RFC2822 point of view. We chose to have them blocked by
+ # default for security reasons.
+ #
+ # If you feel that your site should have less strict recipient
+ # checking, please feel free to change the default values of the macros
+ # defined in main/01_exim4-config_listmacrosdefs or override them from a
+ # local configuration file.
+ #
+ # Two different rules are used. The first one has a quite strict
+ # default, and is applied to messages that are addressed to one of the
+ # local domains handled by this host.
+
+ # The default value of CHECK_RCPT_LOCAL_LOCALPARTS is defined in
+ # main/01_exim4-config_listmacrosdefs:
+ # CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
+ # This blocks local parts that begin with a dot or contain a quite
+ # broad range of non-alphanumeric characters.
+ .ifdef CHECK_RCPT_LOCAL_LOCALPARTS
+ deny
+ domains = +local_domains
+ local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
+ message = restricted characters in address
+ .endif
+
+
+ # The second rule applies to all other domains, and its default is
+ # considerably less strict.
+
+ # The default value of CHECK_RCPT_REMOTE_LOCALPARTS is defined in
+ # main/01_exim4-config_listmacrosdefs:
+ # CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
+
+ # It allows local users to send outgoing messages to sites
+ # that use slashes and vertical bars in their local parts. It blocks
+ # local parts that begin with a dot, slash, or vertical bar, but allows
+ # these characters within the local part. However, the sequence /../ is
+ # barred. The use of some other non-alphanumeric characters is blocked.
+ # Single quotes might probably be dangerous as well, but they're
+ # allowed by the default regexps to avoid rejecting mails to Ireland.
+ # The motivation here is to prevent local users (or local users' malware)
+ # from mounting certain kinds of attack on remote sites.
+ .ifdef CHECK_RCPT_REMOTE_LOCALPARTS
+ deny
+ domains = !+local_domains
+ local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
+ message = restricted characters in address
+ .endif
+
+
+ # Accept mail to postmaster in any local domain, regardless of the source,
+ # and without verifying the sender.
+ #
+ accept
+ .ifndef CHECK_RCPT_POSTMASTER
+ local_parts = postmaster
+ .else
+ local_parts = CHECK_RCPT_POSTMASTER
+ .endif
+ domains = +local_domains : +relay_to_domains
+
+
+ # Deny unless the sender address can be verified.
+ #
+ # This is disabled by default so that DNSless systems don't break. If
+ # your system can do DNS lookups without delay or cost, you might want
+ # to enable this feature.
+ #
+ # This feature does not work in smarthost and satellite setups as
+ # with these setups all domains pass verification. See spec.txt chapter
+ # 39.31 with the added information that a smarthost/satellite setup
+ # routes all non-local e-mail to the smarthost.
+ .ifdef CHECK_RCPT_VERIFY_SENDER
+ deny
+ message = Sender verification failed
+ !acl = acl_local_deny_exceptions
+ !verify = sender
+ .endif
+
+ # Verify senders listed in local_sender_callout with a callout.
+ #
+ # In smarthost and satellite setups, this causes the callout to be
+ # done to the smarthost. Verification will thus only be reliable if the
+ # smarthost does reject illegal addresses in the SMTP dialog.
+ deny
+ !acl = acl_local_deny_exceptions
+ senders = ${if exists{CONFDIR/local_sender_callout}\
+ {CONFDIR/local_sender_callout}\
+ {}}
+ !verify = sender/callout
+
+
+ # Accept if the message comes from one of the hosts for which we are an
+ # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
+ # so we set control=submission to make Exim treat the message as a
+ # submission. It will fix up various errors in the message, for example, the
+ # lack of a Date: header line. If you are actually relaying out out from
+ # MTAs, you may want to disable this. If you are handling both relaying from
+ # MTAs and submissions from MUAs you should probably split them into two
+ # lists, and handle them differently.
+
+ # Recipient verification is omitted here, because in many cases the clients
+ # are dumb MUAs that don't cope well with SMTP error responses. If you are
+ # actually relaying out from MTAs, you should probably add recipient
+ # verification here.
+
+ # Note that, by putting this test before any DNS black list checks, you will
+ # always accept from these hosts, even if they end up on a black list. The
+ # assumption is that they are your friends, and if they get onto black
+ # list, it is a mistake.
+ accept
+ hosts = +relay_from_hosts
+ control = submission/sender_retain
+ control = dkim_disable_verify
+
+
+ # Accept if the message arrived over an authenticated connection, from
+ # any host. Again, these messages are usually from MUAs, so recipient
+ # verification is omitted, and submission mode is set. And again, we do this
+ # check before any black list tests.
+ accept
+ authenticated = *
+ control = submission/sender_retain
+ control = dkim_disable_verify
+
+
+ # Insist that any other recipient address that we accept is either in one of
+ # our local domains, or is in a domain for which we explicitly allow
+ # relaying. Any other domain is rejected as being unacceptable for relaying.
+ require
+ message = relay not permitted
+ domains = +local_domains : +relay_to_domains
+
+
+ # We also require all accepted addresses to be verifiable. This check will
+ # do local part verification for local domains, but only check the domain
+ # for remote domains.
+ require
+ verify = recipient
+
+
+ # Verify recipients listed in local_rcpt_callout with a callout.
+ # This is especially handy for forwarding MX hosts (secondary MX or
+ # mail hubs) of domains that receive a lot of spam to non-existent
+ # addresses. The only way to check local parts for remote relay
+ # domains is to use a callout (add /callout), but please read the
+ # documentation about callouts before doing this.
+ deny
+ !acl = acl_local_deny_exceptions
+ recipients = ${if exists{CONFDIR/local_rcpt_callout}\
+ {CONFDIR/local_rcpt_callout}\
+ {}}
+ !verify = recipient/callout
+
+
+ # CONFDIR/local_sender_blacklist holds a list of envelope senders that
+ # should have their access denied to the local host. Incoming messages
+ # with one of these senders are rejected at RCPT time.
+ #
+ # The explicit white lists are honored as well as negative items in
+ # the black list. See exim4-config_files(5) for details.
+ deny
+ message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+ !acl = acl_local_deny_exceptions
+ senders = ${if exists{CONFDIR/local_sender_blacklist}\
+ {CONFDIR/local_sender_blacklist}\
+ {}}
+
+
+ # deny bad sites (IP address)
+ # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
+ # and networks (CIDR notation) that should have their access denied to
+ # The local host. Messages coming in from a listed host will have all
+ # RCPT statements rejected.
+ #
+ # The explicit white lists are honored as well as negative items in
+ # the black list. See exim4-config_files(5) for details.
+ deny
+ message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+ !acl = acl_local_deny_exceptions
+ hosts = ${if exists{CONFDIR/local_host_blacklist}\
+ {CONFDIR/local_host_blacklist}\
+ {}}
+
+
+ # Warn if the sender host does not have valid reverse DNS.
+ #
+ # If your system can do DNS lookups without delay or cost, you might want
+ # to enable this.
+ # If sender_host_address is defined, it's a remote call. If
+ # sender_host_name is not defined, then reverse lookup failed. Use
+ # this instead of !verify = reverse_host_lookup to catch deferrals
+ # as well as outright failures.
+ .ifdef CHECK_RCPT_REVERSE_DNS
+ warn
+ condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
+ {yes}{no}}
+ add_header = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
+ .endif
+
+
+ # Use spfquery to perform a pair of SPF checks (for details, see
+ # http://www.openspf.org/)
+ #
+ # This is quite costly in terms of DNS lookups (~6 lookups per mail). Do not
+ # enable if that's an issue. Also note that if you enable this, you must
+ # install "spf-tools-perl" which provides the spfquery command.
+ # Missing spf-tools-perl will trigger the "Unexpected error in
+ # SPF check" warning.
+ .ifdef CHECK_RCPT_SPF
+ deny
+ message = [SPF] $sender_host_address is not allowed to send mail from \
+ ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \
+ Please see \
+ http://www.openspf.org/Why?scope=${if def:sender_address_domain \
+ {mfrom}{helo}};identity=${if def:sender_address_domain \
+ {$sender_address}{$sender_helo_name}};ip=$sender_host_address
+ log_message = SPF check failed.
+ !acl = acl_local_deny_exceptions
+ condition = ${run{/usr/bin/spfquery.mail-spf-perl --ip \
+ ${quote:$sender_host_address} --identity \
+ ${if def:sender_address_domain \
+ {--scope mfrom --identity ${quote:$sender_address}}\
+ {--scope helo --identity ${quote:$sender_helo_name}}}}\
+ {no}{${if eq {$runrc}{1}{yes}{no}}}}
+
+ defer
+ message = Temporary DNS error while checking SPF record. Try again later.
+ !acl = acl_local_deny_exceptions
+ condition = ${if eq {$runrc}{5}{yes}{no}}
+
+ warn
+ condition = ${if <={$runrc}{6}{yes}{no}}
+ add_header = Received-SPF: ${if eq {$runrc}{0}{pass}\
+ {${if eq {$runrc}{2}{softfail}\
+ {${if eq {$runrc}{3}{neutral}\
+ {${if eq {$runrc}{4}{permerror}\
+ {${if eq {$runrc}{6}{none}{error}}}}}}}}}\
+ } client-ip=$sender_host_address; \
+ ${if def:sender_address_domain \
+ {envelope-from=${sender_address}; }{}}\
+ helo=$sender_helo_name
+
+ warn
+ log_message = Unexpected error in SPF check.
+ condition = ${if >{$runrc}{6}{yes}{no}}
+ .endif
+
+
+ # Check against classic DNS "black" lists (DNSBLs) which list
+ # sender IP addresses
+ .ifdef CHECK_RCPT_IP_DNSBLS
+ warn
+ dnslists = CHECK_RCPT_IP_DNSBLS
+ add_header = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ .endif
+
+
+ # Check against DNSBLs which list sender domains, with an option to locally
+ # whitelist certain domains that might be blacklisted.
+ #
+ # Note: If you define CHECK_RCPT_DOMAIN_DNSBLS, you must append
+ # "/$sender_address_domain" after each domain. For example:
+ # CHECK_RCPT_DOMAIN_DNSBLS = rhsbl.foo.org/$sender_address_domain \
+ # : rhsbl.bar.org/$sender_address_domain
+ .ifdef CHECK_RCPT_DOMAIN_DNSBLS
+ warn
+ !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
+ {CONFDIR/local_domain_dnsbl_whitelist}\
+ {}}
+ dnslists = CHECK_RCPT_DOMAIN_DNSBLS
+ add_header = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ .endif
+
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef CHECK_RCPT_LOCAL_ACL_FILE
+ .include CHECK_RCPT_LOCAL_ACL_FILE
+ .endif
+
+
+ #############################################################################
+ # This check is commented out because it is recognized that not every
+ # sysadmin will want to do it. If you enable it, the check performs
+ # Client SMTP Authorization (csa) checks on the sending host. These checks
+ # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
+ # an Internet draft. You can, of course, add additional conditions to this
+ # ACL statement to restrict the CSA checks to certain hosts only.
+ #
+ # require verify = csa
+ #############################################################################
+
+
+ # Accept if the address is in a domain for which we are an incoming relay,
+ # but again, only if the recipient can be verified.
+
+ accept
+ domains = +relay_to_domains
+ endpass
+ verify = recipient
+
+
+ # At this point, the address has passed all the checks that have been
+ # configured, so we accept it unconditionally.
+
+ accept
--- /dev/null
+
+### acl/40_exim4-config_check_data
+#################################
+
+# This ACL is used after the contents of a message have been received. This
+# is the ACL in which you can test a message's headers or body, and in
+# particular, this is where you can invoke external virus or spam scanners.
+
+acl_check_data:
+
+ # Deny unless the address list headers are syntactically correct.
+ #
+ # If you enable this, you might reject legitimate mail.
+ .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX
+ deny
+ message = Message headers fail syntax check
+ !acl = acl_local_deny_exceptions
+ !verify = header_syntax
+ .endif
+
+
+ # require that there is a verifiable sender address in at least
+ # one of the "Sender:", "Reply-To:", or "From:" header lines.
+ .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
+ deny
+ message = No verifiable sender address in message headers
+ !acl = acl_local_deny_exceptions
+ !verify = header_sender
+ .endif
+
+
+ # Deny if the message contains malware. Before enabling this check, you
+ # must install a virus scanner and set the av_scanner option in the
+ # main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # deny
+ # malware = *
+ # message = This message was detected as possible malware ($malware_name).
+
+
+ # Add headers to a message if it is judged to be spam. Before enabling this,
+ # you must install SpamAssassin. You also need to set the spamd_address
+ # option in the main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # Please note that this is only suiteable as an example. There are
+ # multiple issues with this configuration method. For example, if you go
+ # this way, you'll give your spamassassin daemon write access to the
+ # entire exim spool which might be a security issue in case of a
+ # spamassassin exploit.
+ #
+ # See the exim docs and the exim wiki for more suitable examples.
+ #
+ # warn
+ # spam = Debian-exim:true
+ # add_header = X-Spam_score: $spam_score\n\
+ # X-Spam_score_int: $spam_score_int\n\
+ # X-Spam_bar: $spam_bar\n\
+ # X-Spam_report: $spam_report
+
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef CHECK_DATA_LOCAL_ACL_FILE
+ .include CHECK_DATA_LOCAL_ACL_FILE
+ .endif
+
+
+ # accept otherwise
+ accept
--- /dev/null
+
+######################################################################
+# AUTHENTICATION CONFIGURATION #
+######################################################################
+
+begin authenticators
+
+
--- /dev/null
+
+### auth/30_exim4-config_examples
+#################################
+
+# The examples below are for server side authentication, when the
+# local exim is SMTP server and clients authenticate to the local exim.
+
+# They allow two styles of plain-text authentication against an
+# CONFDIR/passwd file whose syntax is described in exim4_passwd(5).
+
+# Hosts that are allowed to use AUTH are defined by the
+# auth_advertise_hosts option in the main configuration. The default is
+# "*", which allows authentication to all hosts over all kinds of
+# connections if there is at least one authenticator defined here.
+# Authenticators which rely on unencrypted clear text passwords don't
+# advertise on unencrypted connections by default. Thus, it might be
+# wise to set up TLS to allow encrypted connections. If TLS cannot be
+# used for some reason, you can set AUTH_SERVER_ALLOW_NOTLS_PASSWORDS to
+# advertise unencrypted clear text password based authenticators on all
+# connections. As this is severely reducing security, using TLS is
+# preferred over allowing clear text password based authenticators on
+# unencrypted connections.
+
+# PLAIN authentication has no server prompts. The client sends its
+# credentials in one lump, containing an authorization ID (which we do not
+# use), an authentication ID, and a password. The latter two appear as
+# $auth2 and $auth3 in the configuration and should be checked against a
+# valid username and password. In a real configuration you would typically
+# use $auth2 as a lookup key, and compare $auth3 against the result of the
+# lookup, perhaps using the crypteq{}{} condition.
+
+# plain_server:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = "${if crypteq{$auth3}{${extract{1}{:}{${lookup{$auth2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
+# server_set_id = $auth2
+# server_prompts = :
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# LOGIN authentication has traditional prompts and responses. There is no
+# authorization ID in this mechanism, so unlike PLAIN the username and
+# password are $auth1 and $auth2. Apart from that you can use the same
+# server_condition setting for both authenticators.
+
+# login_server:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = "Username:: : Password::"
+# server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# cram_md5_server:
+# driver = cram_md5
+# public_name = CRAM-MD5
+# server_secret = ${extract{2}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}fail}}}
+# server_set_id = $auth1
+
+# Here is an example of CRAM-MD5 authentication against PostgreSQL:
+#
+# psqldb_auth_server:
+# driver = cram_md5
+# public_name = CRAM-MD5
+# server_secret = ${lookup pgsql{SELECT pw FROM users WHERE username = '${quote_pgsql:$auth1}'}{$value}fail}
+# server_set_id = $auth1
+
+# Authenticate against local passwords using sasl2-bin
+# Requires exim_uid to be a member of sasl group, see README.Debian.gz
+# plain_saslauthd_server:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
+# server_set_id = $auth2
+# server_prompts = :
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# login_saslauthd_server:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = "Username:: : Password::"
+# # don't send system passwords over unencrypted connections
+# server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# ntlm_sasl_server:
+# driver = cyrus_sasl
+# public_name = NTLM
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# digest_md5_sasl_server:
+# driver = cyrus_sasl
+# public_name = DIGEST-MD5
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# Authentcate against cyrus-sasl
+# This is mainly untested, please report any problems to
+# pkg-exim4-users@lists.alioth.debian.org.
+# cram_md5_sasl_server:
+# driver = cyrus_sasl
+# public_name = CRAM-MD5
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+#
+# plain_sasl_server:
+# driver = cyrus_sasl
+# public_name = PLAIN
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# login_sasl_server:
+# driver = cyrus_sasl
+# public_name = LOGIN
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# Authenticate against courier authdaemon
+
+# This is now the (working!) example from
+# http://www.exim.org/eximwiki/FAQ/Policy_controls/Q0730
+# Possible pitfall: access rights on /var/run/courier/authdaemon/socket.
+# plain_courier_authdaemon:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = \
+# ${extract {ADDRESS} \
+# {${readsocket{/var/run/courier/authdaemon/socket} \
+# {AUTH ${strlen:exim\nlogin\n$auth2\n$auth3\n}\nexim\nlogin\n$auth2\n$auth3\n} }} \
+# {yes} \
+# fail}
+# server_set_id = $auth2
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# login_courier_authdaemon:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = Username:: : Password::
+# server_condition = \
+# ${extract {ADDRESS} \
+# {${readsocket{/var/run/courier/authdaemon/socket} \
+# {AUTH ${strlen:exim\nlogin\n$auth1\n$auth2\n}\nexim\nlogin\n$auth1\n$auth2\n} }} \
+# {yes} \
+# fail}
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# This one is a bad hack to support the broken version 4.xx of
+# Microsoft Outlook Express which violates the RFCs by demanding
+# "250-AUTH=" instead of "250-AUTH ".
+# If your list of offered authenticators is other than PLAIN and LOGIN,
+# you need to adapt the public_name line manually.
+# It has to be the last authenticator to work and has not been tested
+# well. Use at your own risk.
+# See the thread entry point from
+# http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050214/msg00213.html
+# for the related discussion on the exim-users mailing list.
+# Thanks to Fred Viles for this great work.
+
+# support_broken_outlook_express_4_server:
+# driver = plaintext
+# public_name = "\r\n250-AUTH=PLAIN LOGIN"
+# server_prompts = User Name : Password
+# server_condition = no
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+##############
+# See /usr/share/doc/exim4-base/README.Debian.gz
+##############
+
+# These examples below are the equivalent for client side authentication.
+# They get the passwords from CONFDIR/passwd.client, whose format is
+# defined in exim4_passwd_client(5)
+
+# Because AUTH PLAIN and AUTH LOGIN send the password in clear, we
+# only allow these mechanisms over encrypted connections by default.
+# You can set AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS to allow unencrypted
+# clear text password authentication on all connections.
+
+cram_md5:
+ driver = cram_md5
+ public_name = CRAM-MD5
+ client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
+ client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
+
+# this returns the matching line from passwd.client and doubles all ^
+PASSWDLINE=${sg{\
+ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
+ }\
+ {\\N[\\^]\\N}\
+ {^^}\
+ }
+
+plain:
+ driver = plaintext
+ public_name = PLAIN
+.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+ client_send = "<; ${if !eq{$tls_out_cipher}{}\
+ {^${extract{1}{:}{PASSWDLINE}}\
+ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\
+ }fail}"
+.else
+ client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
+ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.endif
+
+login:
+ driver = plaintext
+ public_name = LOGIN
+.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+ # Return empty string if not non-TLS AND looking up $host in passwd-file
+ # yields a non-empty string; fail otherwise.
+ client_send = "<; ${if and{\
+ {!eq{$tls_out_cipher}{}}\
+ {!eq{PASSWDLINE}{}}\
+ }\
+ {}fail}\
+ ; ${extract{1}{::}{PASSWDLINE}}\
+ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.else
+ # Return empty string if looking up $host in passwd-file yields a
+ # non-empty string; fail otherwise.
+ client_send = "<; ${if !eq{PASSWDLINE}{}\
+ {}fail}\
+ ; ${extract{1}{::}{PASSWDLINE}}\
+ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.endif
--- /dev/null
+######################################################################
+# Runtime configuration file for Exim 4 (Debian Packaging) #
+######################################################################
+
+######################################################################
+# /etc/exim4/exim4.conf.template is only used with the non-split
+# configuration scheme.
+# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
+# with the split configuration scheme.
+# If you find this comment anywhere else, somebody copied it there.
+# Documentation about the Debian exim4 configuration scheme can be
+# found in /usr/share/doc/exim4-base/README.Debian.gz.
+######################################################################
+
+######################################################################
+# MAIN CONFIGURATION SETTINGS #
+######################################################################
+
+# Just for reference and scripts.
+# On Debian systems, the main binary is installed as exim4 to avoid
+# conflicts with the exim 3 packages.
+exim_path = /usr/sbin/exim4
+
+# Macro defining the main configuration directory.
+# We do not use absolute paths.
+.ifndef CONFDIR
+CONFDIR = /etc/exim4
+.endif
+
+# debconf-driven macro definitions get inserted after this line
+UPEX4CmacrosUPEX4C = 1
+
+# Create domain and host lists for relay control
+# '@' refers to 'the name of the local host'
+
+# List of domains considered local for exim. Domains not listed here
+# need to be deliverable remotely.
+domainlist local_domains = MAIN_LOCAL_DOMAINS
+
+# List of recipient domains to relay _to_. Use this list if you're -
+# for example - fallback MX or mail gateway for domains.
+domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
+
+# List of sender networks (IP addresses) to _unconditionally_ relay
+# _for_. If you intend to be SMTP AUTH server, you do not need to enter
+# anything here.
+hostlist relay_from_hosts = MAIN_RELAY_NETS
+
+
+# Decide which domain to use to add to all unqualified addresses.
+# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
+# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
+# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
+# the first line of /etc/mailname is used.
+.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
+.ifndef MAIN_QUALIFY_DOMAIN
+qualify_domain = ETC_MAILNAME
+.else
+qualify_domain = MAIN_QUALIFY_DOMAIN
+.endif
+.endif
+
+# listen on all all interfaces?
+.ifdef MAIN_LOCAL_INTERFACES
+local_interfaces = MAIN_LOCAL_INTERFACES
+.endif
+
+.ifndef LOCAL_DELIVERY
+# The default transport, set in /etc/exim4/update-exim4.conf.conf,
+# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
+LOCAL_DELIVERY=mail_spool
+.endif
+
+# The gecos field in /etc/passwd holds not only the name. see passwd(5).
+gecos_pattern = ^([^,:]*)
+gecos_name = $1
+
+# define macros to be used in acl/30_exim4-config_check_rcpt to check
+# recipient local parts for strange characters.
+
+# This macro definition really should be in
+# acl/30_exim4-config_check_rcpt but cannot be there due to
+# http://www.exim.org/bugzilla/show_bug.cgi?id=101 as of exim 4.62.
+
+# These macros are documented in acl/30_exim4-config_check_rcpt,
+# can be changed here or overridden by a locally added configuration
+# file as described in README.Debian chapter 2.1.2
+
+.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
+CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
+.endif
+
+.ifndef CHECK_RCPT_REMOTE_LOCALPARTS
+CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
+.endif
+
+# always log tls_peerdn as we use TLS for outgoing connects by default
+.ifndef MAIN_LOG_SELECTOR
+MAIN_LOG_SELECTOR = +tls_peerdn
+.endif
--- /dev/null
+
+### main/02_exim4-config_options
+#################################
+
+
+# Defines the access control list that is run when an
+# SMTP MAIL command is received.
+#
+.ifndef MAIN_ACL_CHECK_MAIL
+MAIN_ACL_CHECK_MAIL = acl_check_mail
+.endif
+acl_smtp_mail = MAIN_ACL_CHECK_MAIL
+
+
+# Defines the access control list that is run when an
+# SMTP RCPT command is received.
+#
+.ifndef MAIN_ACL_CHECK_RCPT
+MAIN_ACL_CHECK_RCPT = acl_check_rcpt
+.endif
+acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
+
+
+# Defines the access control list that is run when an
+# SMTP DATA command is received.
+#
+.ifndef MAIN_ACL_CHECK_DATA
+MAIN_ACL_CHECK_DATA = acl_check_data
+.endif
+acl_smtp_data = MAIN_ACL_CHECK_DATA
+
+
+# Message size limit. The default (used when MESSAGE_SIZE_LIMIT
+# is unset) is 50 MB
+.ifdef MESSAGE_SIZE_LIMIT
+message_size_limit = MESSAGE_SIZE_LIMIT
+.endif
+
+
+# If you are running exim4-daemon-heavy or a custom version of Exim that
+# was compiled with the content-scanning extension, you can cause incoming
+# messages to be automatically scanned for viruses. You have to modify the
+# configuration in two places to set this up. The first of them is here,
+# where you define the interface to your scanner. This example is typical
+# for ClamAV; see the manual for details of what to set for other virus
+# scanners. The second modification is in the acl_check_data access
+# control list.
+
+# av_scanner = clamd:/var/run/clamav/clamd.ctl
+
+
+# For spam scanning, there is a similar option that defines the interface to
+# SpamAssassin. You do not need to set this if you are using the default, which
+# is shown in this commented example. As for virus scanning, you must also
+# modify the acl_check_data access control list to enable spam scanning.
+
+# spamd_address = 127.0.0.1 783
+
+# Domain used to qualify unqualified recipient addresses
+# If this option is not set, the qualify_domain value is used.
+# qualify_recipient = <value of qualify_domain>
+
+
+# Allow Exim to recognize addresses of the form "user@[10.11.12.13]",
+# where the domain part is a "domain literal" (an IP address) instead
+# of a named domain. The RFCs require this facility, but it is disabled
+# in the default config since it is seldomly used and frequently abused.
+# Domain literal support also needs a special router, which is automatically
+# enabled if you use the enable macro MAIN_ALLOW_DOMAIN_LITERALS.
+# Additionally, you might want to make your local IP addresses (or @[])
+# local domains.
+.ifdef MAIN_ALLOW_DOMAIN_LITERALS
+allow_domain_literals
+.endif
+
+
+# Do a reverse DNS lookup on all incoming IP calls, in order to get the
+# true host name. If you feel this is too expensive, the networks for
+# which a lookup is done can be listed here.
+.ifndef DC_minimaldns
+.ifndef MAIN_HOST_LOOKUP
+MAIN_HOST_LOOKUP = *
+.endif
+host_lookup = MAIN_HOST_LOOKUP
+.endif
+
+
+# In a minimaldns setup, update-exim4.conf guesses the hostname and
+# dumps it here to avoid DNS lookups being done at Exim run time.
+.ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME
+primary_hostname = MAIN_HARDCODE_PRIMARY_HOSTNAME
+.endif
+
+# The settings below, which are actually the same as the defaults in the
+# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
+# calls. You can limit the hosts to which these calls are made, and/or change
+# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
+# are disabled. RFC 1413 calls are cheap and can provide useful information
+# for tracing problem messages, but some hosts and firewalls are
+# misconfigured to drop the requests instead of either answering or
+# rejecting them. This can result in a timeout instead of an immediate refused
+# connection, leading to delays on starting up SMTP sessions. (The default was
+# reduced from 30s to 5s for release 4.61.)
+# rfc1413_hosts = *
+# rfc1413_query_timeout = 5s
+
+# When using an external relay tester (such as rt.njabl.org and/or the
+# currently defunct relay-test.mail-abuse.org, the test may be aborted
+# since exim complains about "too many nonmail commands". If you want
+# the test to complete, add the host from where "your" relay tester
+# connects from to the MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS macro.
+# Please note that a non-empty setting may cause extra DNS lookups to
+# happen, which is the reason why this option is commented out in the
+# default settings.
+# MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS = !rt.njabl.org
+.ifdef MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS
+smtp_accept_max_nonmail_hosts = MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS
+.endif
+
+# By default, exim forces a Sender: header containing the local
+# account name at the local host name in all locally submitted messages
+# that don't have the local account name at the local host name in the
+# From: header, deletes any Sender: header present in the submitted
+# message and forces the envelope sender of all locally submitted
+# messages to the local account name at the local host name.
+# The following settings allow local users to specify their own envelope sender
+# in a locally submitted message. Sender: headers existing in a locally
+# submitted message are not removed, and no automatic Sender: headers
+# are added. These settings are fine for most hosts.
+# If you run exim on a classical multi-user systems where all users
+# have local mailboxes that can be reached via SMTP from the Internet
+# with the local FQDN as the domain part of the address, you might want
+# to disable the following three lines for traceability reasons.
+.ifndef MAIN_FORCE_SENDER
+local_from_check = false
+local_sender_retain = true
+untrusted_set_sender = *
+.endif
+
+
+# By default, Exim expects all envelope addresses to be fully qualified, that
+# is, they must contain both a local part and a domain. Configure exim
+# to accept unqualified addresses from certain hosts. When this is done,
+# unqualified addresses are qualified using the settings of qualify_domain
+# and/or qualify_recipient (see above).
+# sender_unqualified_hosts = <unset>
+# recipient_unqualified_hosts = <unset>
+
+
+# Configure Exim to support the "percent hack" for certain domains.
+# The "percent hack" is the feature by which mail addressed to x%y@z
+# (where z is one of the domains listed) is locally rerouted to x@y
+# and sent on. If z is not one of the "percent hack" domains, x%y is
+# treated as an ordinary local part. The percent hack is rarely needed
+# nowadays but frequently abused. You should not enable it unless you
+# are sure that you really need it.
+# percent_hack_domains = <unset>
+
+
+# Bounce handling
+.ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
+MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
+.endif
+ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
+
+.ifndef MAIN_TIMEOUT_FROZEN_AFTER
+MAIN_TIMEOUT_FROZEN_AFTER = 7d
+.endif
+timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
+
+.ifndef MAIN_FREEZE_TELL
+MAIN_FREEZE_TELL = postmaster
+.endif
+freeze_tell = MAIN_FREEZE_TELL
+
+
+# Define spool directory
+.ifndef SPOOLDIR
+SPOOLDIR = /var/spool/exim4
+.endif
+spool_directory = SPOOLDIR
+
+
+# trusted users can set envelope-from to arbitrary values
+.ifndef MAIN_TRUSTED_USERS
+MAIN_TRUSTED_USERS = uucp
+.endif
+trusted_users = MAIN_TRUSTED_USERS
+.ifdef MAIN_TRUSTED_GROUPS
+trusted_groups = MAIN_TRUSTED_GROUPS
+.endif
+
+
+# users in admin group can do many other things
+# admin_groups = <unset>
+
+
+# SMTP Banner. The example includes the Debian version in the SMTP dialog
+# MAIN_SMTP_BANNER = "${primary_hostname} ESMTP Exim ${version_number} (Debian package MAIN_PACKAGE_VERSION) ${tod_full}"
+# smtp_banner = $smtp_active_hostname ESMTP Exim $version_number $tod_full
--- /dev/null
+
+### main/03_exim4-config_tlsoptions
+#################################
+
+# TLS/SSL configuration for exim as an SMTP server.
+# See /usr/share/doc/exim4-base/README.Debian.gz for explanations.
+
+.ifdef MAIN_TLS_ENABLE
+# Defines what hosts to 'advertise' STARTTLS functionality to. The
+# default, *, will advertise to all hosts that connect with EHLO.
+.ifndef MAIN_TLS_ADVERTISE_HOSTS
+MAIN_TLS_ADVERTISE_HOSTS = *
+.endif
+tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
+
+
+# Full paths to Certificate and Private Key. The Private Key file
+# must be kept 'secret' and should be owned by root.Debian-exim mode
+# 640 (-rw-r-----). exim-gencert takes care of these prerequisites.
+# Normally, exim4 looks for certificate and key in different files:
+# MAIN_TLS_CERTIFICATE - path to certificate file,
+# CONFDIR/exim.crt if unset
+# MAIN_TLS_PRIVATEKEY - path to private key file
+# CONFDIR/exim.key if unset
+# You can also configure exim to look for certificate and key in the
+# same file, set MAIN_TLS_CERTKEY to that file to enable. This takes
+# precedence over all other settings regarding certificate and key file.
+.ifdef MAIN_TLS_CERTKEY
+tls_certificate = MAIN_TLS_CERTKEY
+.else
+.ifndef MAIN_TLS_CERTIFICATE
+MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
+.endif
+tls_certificate = MAIN_TLS_CERTIFICATE
+
+.ifndef MAIN_TLS_PRIVATEKEY
+MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
+.endif
+tls_privatekey = MAIN_TLS_PRIVATEKEY
+.endif
+
+# Pointer to the CA Certificates against which client certificates are
+# checked. This is controlled by the `tls_verify_hosts' and
+# `tls_try_verify_hosts' lists below.
+# If you want to check server certificates, you need to add an
+# tls_verify_certificates statement to the smtp transport.
+# /etc/ssl/certs/ca-certificates.crt is generated by
+# the "ca-certificates" package's update-ca-certificates(8) command.
+.ifndef MAIN_TLS_VERIFY_CERTIFICATES
+MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\
+ {/etc/ssl/certs/ca-certificates.crt}\
+ {/dev/null}}
+.endif
+tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
+
+
+# A list of hosts which are constrained by `tls_verify_certificates'. A host
+# that matches `tls_verify_host' must present a certificate that is
+# verifyable through `tls_verify_certificates' in order to be accepted as an
+# SMTP client. If it does not, the connection is aborted.
+.ifdef MAIN_TLS_VERIFY_HOSTS
+tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS
+.endif
+
+# A weaker form of checking: if a client matches `tls_try_verify_hosts' (but
+# not `tls_verify_hosts'), request a certificate and check it against
+# `tls_verify_certificates' but do not abort the connection if there is no
+# certificate or if the certificate presented does not match. (This
+# condition can be tested for in ACLs through `verify = certificate')
+# By default, this check is done for all hosts. It is known that some
+# clients (including incredimail's version downloadable in February
+# 2008) choke on this. To disable, set MAIN_TLS_TRY_VERIFY_HOSTS to an
+# empty value.
+.ifdef MAIN_TLS_TRY_VERIFY_HOSTS
+tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
+.endif
+
+.endif
--- /dev/null
+
+### main/90_exim4-config_log_selector
+#################################
+
+# uncomment this for debugging
+# MAIN_LOG_SELECTOR == MAIN_LOG_SELECTOR +all -subject -arguments
+
+.ifdef MAIN_LOG_SELECTOR
+log_selector = MAIN_LOG_SELECTOR
+.endif
--- /dev/null
+
+######################################################################
+# RETRY CONFIGURATION #
+######################################################################
+
+begin retry
+
--- /dev/null
+
+### retry/30_exim4-config
+#################################
+
+# This single retry rule applies to all domains and all errors. It specifies
+# retries every 15 minutes for 2 hours, then increasing retry intervals,
+# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 6 hours until 4 days have passed since the first
+# failed delivery.
+
+# Please note that these rules only limit the frequency of retries, the
+# effective retry-time depends on the frequency of queue-running, too.
+# See QUEUEINTERVAL in /etc/default/exim4.
+
+# Address or Domain Error Retries
+# ----------------- ----- -------
+
+* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
--- /dev/null
+
+######################################################################
+# REWRITE CONFIGURATION #
+######################################################################
+
+begin rewrite
+
--- /dev/null
+
+### rewrite/31_exim4-config_rewriting
+#################################
+
+# This rewriting rule is particularily useful for dialup users who
+# don't have their own domain, but could be useful for anyone.
+# It looks up the real address of all local users in a file
+.ifndef NO_EAA_REWRITE_REWRITE
+*@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
+ {$value}fail}" Ffrs
+# identical rewriting rule for /etc/mailname
+*@ETC_MAILNAME "${lookup{${local_part}}lsearch{/etc/email-addresses}\
+ {$value}fail}" Ffrs
+.endif
+
+
--- /dev/null
+
+######################################################################
+# ROUTERS CONFIGURATION #
+# Specifies how addresses are handled #
+######################################################################
+# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
+# An address is passed to each router in turn until it is accepted. #
+######################################################################
+
+begin routers
+
--- /dev/null
+
+### router/100_exim4-config_domain_literal
+#################################
+
+# This router handles e-mail addresses in "domain literal" form like
+# <user@[10.11.12.13]>. The RFCs require this facility, but it is disabled
+# in the default config since it is seldomly used and frequently abused.
+# Domain literal support also needs to be enabled in the main config,
+# which is automatically done if you use the enable macro
+# MAIN_ALLOW_DOMAIN_LITERALS.
+
+.ifdef MAIN_ALLOW_DOMAIN_LITERALS
+domain_literal:
+ debug_print = "R: domain_literal for $local_part@$domain"
+ driver = ipliteral
+ domains = ! +local_domains
+ transport = remote_smtp
+.endif
--- /dev/null
+
+# router/150_exim4-config_hubbed_hosts
+#################################
+
+# route specific domains manually.
+#
+# see exim4-config_files(5) and spec.txt chapter 20.3 through 20.7 for
+# more detailed documentation.
+
+hubbed_hosts:
+ debug_print = "R: hubbed_hosts for $domain"
+ driver = manualroute
+ domains = "${if exists{CONFDIR/hubbed_hosts}\
+ {partial-lsearch;CONFDIR/hubbed_hosts}\
+ fail}"
+ same_domain_copy_routing = yes
+ route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
+ transport = remote_smtp
--- /dev/null
+
+### router/200_exim4-config_primary
+#################################
+# This file holds the primary router, responsible for nonlocal mails
+
+.ifdef DCconfig_internet
+# configtype=internet
+#
+# deliver mail to the recipient if recipient domain is a domain we
+# relay for. We do not ignore any target hosts here since delivering to
+# a site local or even a link local address might be wanted here, and if
+# such an address has found its way into the MX record of such a domain,
+# the local admin is probably in a place where that broken MX record
+# could be fixed.
+
+dnslookup_relay_to_domains:
+ debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
+ driver = dnslookup
+ domains = ! +local_domains : +relay_to_domains
+ transport = remote_smtp
+ same_domain_copy_routing = yes
+ no_more
+
+# deliver mail directly to the recipient. This router is only reached
+# for domains that we do not relay for. Since we most probably can't
+# have broken MX records pointing to site local or link local IP
+# addresses fixed, we ignore target hosts pointing to these addresses.
+
+dnslookup:
+ debug_print = "R: dnslookup for $local_part@$domain"
+ driver = dnslookup
+ domains = ! +local_domains
+ transport = remote_smtp
+ same_domain_copy_routing = yes
+ # ignore private rfc1918 and APIPA addresses
+ ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
+ 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
+ 255.255.255.255
+ no_more
+
+.endif
+
+
+.ifdef DCconfig_local
+# configtype=local
+#
+# Stand-alone system, so generate an error for mail to a non-local domain
+nonlocal:
+ debug_print = "R: nonlocal for $local_part@$domain"
+ driver = redirect
+ domains = ! +local_domains
+ allow_fail
+ data = :fail: Mailing to remote domains not supported
+ no_more
+
+.endif
+
+
+.ifdef DCconfig_smarthost DCconfig_satellite
+# configtype=smarthost or configtype=satellite
+#
+# Send all non-local mail to a single other machine (smarthost).
+#
+# This means _ALL_ non-local mail goes to the smarthost. This will most
+# probably not do what you want for domains that are listed in
+# relay_domains. The most typical use for relay_domains is to control
+# relaying for incoming e-mail on secondary MX hosts. In that case,
+# it doesn't make sense to send the mail to the smarthost since the
+# smarthost will probably send the message right back here, causing a
+# loop.
+#
+# If you want to use a smarthost while being secondary MX for some
+# domains, you'll need to copy the dnslookup_relay_to_domains router
+# here so that mail to relay_domains is handled separately.
+
+smarthost:
+ debug_print = "R: smarthost for $local_part@$domain"
+ driver = manualroute
+ domains = ! +local_domains
+ transport = remote_smtp_smarthost
+ route_list = * DCsmarthost byname
+ host_find_failed = ignore
+ same_domain_copy_routing = yes
+ no_more
+
+.endif
+
+
+# The "no_more" above means that all later routers are for
+# domains in the local_domains list, i.e. just like Exim 3 directors.
--- /dev/null
+
+### router/300_exim4-config_real_local
+#################################
+
+# This router allows reaching a local user while avoiding local
+# processing. This can be used to inform a user of a broken .forward
+# file, for example. The userforward router does this.
+
+COND_LOCAL_SUBMITTER = "\
+ ${if match_ip{$sender_host_address}{:@[]}\
+ {1}{0}\
+ }"
+
+real_local:
+ debug_print = "R: real_local for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ condition = COND_LOCAL_SUBMITTER
+ local_part_prefix = real-
+ check_local_user
+ transport = LOCAL_DELIVERY
+
--- /dev/null
+
+### router/400_exim4-config_system_aliases
+#################################
+
+# This router handles aliasing using a traditional /etc/aliases file.
+#
+##### NB You must ensure that /etc/aliases exists. It used to be the case
+##### NB that every Unix had that file, because it was the Sendmail default.
+##### NB These days, there are systems that don't have it. Your aliases
+##### NB file should at least contain an alias for "postmaster".
+#
+# This router handles the local part in a case-insensitive way which
+# satisfies the RFCs requirement that postmaster be reachable regardless
+# of case. If you decide to handle /etc/aliases in a caseful way, you
+# need to make arrangements for a caseless postmaster.
+#
+# Delivery to arbitrary directories, files, and piping to programs in
+# /etc/aliases is disabled per default.
+# If that is a problem for you, see
+# /usr/share/doc/exim4-base/README.Debian.gz
+# for explanation and some workarounds.
+
+system_aliases:
+ debug_print = "R: system_aliases for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ allow_fail
+ allow_defer
+ data = ${lookup{$local_part}lsearch{/etc/aliases}}
+ .ifdef SYSTEM_ALIASES_USER
+ user = SYSTEM_ALIASES_USER
+ .endif
+ .ifdef SYSTEM_ALIASES_GROUP
+ group = SYSTEM_ALIASES_GROUP
+ .endif
+ .ifdef SYSTEM_ALIASES_FILE_TRANSPORT
+ file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
+ pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ .endif
--- /dev/null
+
+### router/500_exim4-config_hubuser
+#################################
+
+.ifdef DCconfig_satellite
+# This router is only used for configtype=satellite.
+# It takes care to route all mail targetted to <somelocaluser@this.machine>
+# to the host where we read our mail
+#
+hub_user:
+ debug_print = "R: hub_user for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ data = ${local_part}@DCreadhost
+ check_local_user
+
+# Grab the redirected mail and deliver it.
+# This is a duplicate of the smarthost router, needed because
+# DCreadhost might end up as part of +local_domains
+hub_user_smarthost:
+ debug_print = "R: hub_user_smarthost for $local_part@$domain"
+ driver = manualroute
+ domains = DCreadhost
+ transport = remote_smtp_smarthost
+ route_list = * DCsmarthost byname
+ host_find_failed = ignore
+ same_domain_copy_routing = yes
+ check_local_user
+.endif
+
+
--- /dev/null
+
+### router/600_exim4-config_userforward
+#################################
+
+# This router handles forwarding using traditional .forward files in users'
+# home directories. It also allows mail filtering with a forward file
+# starting with the string "# Exim filter" or "# Sieve filter".
+#
+# The no_verify setting means that this router is skipped when Exim is
+# verifying addresses. Similarly, no_expn means that this router is skipped if
+# Exim is processing an EXPN command.
+#
+# The check_ancestor option means that if the forward file generates an
+# address that is an ancestor of the current one, the current one gets
+# passed on instead. This covers the case where A is aliased to B and B
+# has a .forward file pointing to A.
+#
+# The four transports specified at the end are those that are used when
+# forwarding generates a direct delivery to a directory, or a file, or to a
+# pipe, or sets up an auto-reply, respectively.
+#
+userforward:
+ debug_print = "R: userforward for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ check_local_user
+ file = $home/.forward
+ require_files = $local_part:$home/.forward
+ no_verify
+ no_expn
+ check_ancestor
+ allow_filter
+ forbid_smtp_code = true
+ directory_transport = address_directory
+ file_transport = address_file
+ pipe_transport = address_pipe
+ reply_transport = address_reply
+ skip_syntax_errors
+ syntax_errors_to = real-$local_part@$domain
+ syntax_errors_text = \
+ This is an automatically generated message. An error has\n\
+ been found in your .forward file. Details of the error are\n\
+ reported below. While this error persists, you will receive\n\
+ a copy of this message for every message that is addressed\n\
+ to you. If your .forward file is a filter file, or if it is\n\
+ a non-filter file containing no valid forwarding addresses,\n\
+ a copy of each incoming message will be put in your normal\n\
+ mailbox. If a non-filter file contains at least one valid\n\
+ forwarding address, forwarding to the valid addresses will\n\
+ happen, and those will be the only deliveries that occur.
+
--- /dev/null
+
+procmail:
+ debug_print = "R: procmail for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ transport = procmail_pipe
+ # emulate OR with "if exists"-expansion
+ require_files = ${local_part}:\
+ ${if exists{/etc/procmailrc}\
+ {/etc/procmailrc}{${home}/.procmailrc}}:\
+ +/usr/bin/procmail
+ no_verify
+ no_expn
+
--- /dev/null
+
+### router/800_exim4-config_maildrop
+#################################
+
+maildrop:
+ debug_print = "R: maildrop for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ transport = maildrop_pipe
+ require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
+ no_verify
+ no_expn
+
--- /dev/null
+
+### router/850_exim4-config_lowuid
+#################################
+
+.ifndef FIRST_USER_ACCOUNT_UID
+FIRST_USER_ACCOUNT_UID = 0
+.endif
+
+.ifndef DEFAULT_SYSTEM_ACCOUNT_ALIAS
+DEFAULT_SYSTEM_ACCOUNT_ALIAS = :fail: no mail to system accounts
+.endif
+
+COND_SYSTEM_USER_AND_REMOTE_SUBMITTER = "\
+ ${if and{{! match_ip{$sender_host_address}{:@[]}}\
+ {<{$local_user_uid}{FIRST_USER_ACCOUNT_UID}}}\
+ {1}{0}\
+ }"
+
+lowuid_aliases:
+ debug_print = "R: lowuid_aliases for $local_part@$domain (UID $local_user_uid)"
+ check_local_user
+ driver = redirect
+ allow_fail
+ domains = +local_domains
+ condition = COND_SYSTEM_USER_AND_REMOTE_SUBMITTER
+ data = ${if exists{CONFDIR/lowuid-aliases}\
+ {${lookup{$local_part}lsearch{CONFDIR/lowuid-aliases}\
+ {$value}{DEFAULT_SYSTEM_ACCOUNT_ALIAS}}}\
+ {DEFAULT_SYSTEM_ACCOUNT_ALIAS}}
--- /dev/null
+
+### router/900_exim4-config_local_user
+#################################
+
+# This router matches local user mailboxes. If the router fails, the error
+# message is "Unknown user".
+
+local_user:
+ debug_print = "R: local_user for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ local_parts = ! root
+ transport = LOCAL_DELIVERY
+ cannot_route_message = Unknown user
--- /dev/null
+
+### router/mmm_mail4root
+#################################
+# deliver mail addressed to root to /var/mail/mail as user mail:mail
+# if it was not redirected in /etc/aliases or by other means
+# Exim cannot deliver as root since 4.24 (FIXED_NEVER_USERS)
+
+mail4root:
+ debug_print = "R: mail4root for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ data = /var/mail/mail
+ file_transport = address_file
+ local_parts = root
+ user = mail
+ group = mail
+
--- /dev/null
+
+######################################################################
+# TRANSPORTS CONFIGURATION #
+######################################################################
+# ORDER DOES NOT MATTER #
+# Only one appropriate transport is called for each delivery. #
+######################################################################
+
+# A transport is used only when referenced from a router that successfully
+# handles an address.
+
+begin transports
+
--- /dev/null
+
+### transport/10_exim4-config_transport-macros
+#################################
+
+.ifdef HIDE_MAILNAME
+REMOTE_SMTP_HEADERS_REWRITE=*@+local_domains $1@DCreadhost frs : *@ETC_MAILNAME $1@DCreadhost frs
+REMOTE_SMTP_RETURN_PATH=${if match_domain{$sender_address_domain}{+local_domains}{${sender_address_local_part}@DCreadhost}{${if match_domain{$sender_address_domain}{ETC_MAILNAME}{${sender_address_local_part}@DCreadhost}fail}}}
+.endif
+
+.ifdef REMOTE_SMTP_HELO_FROM_DNS
+.ifdef REMOTE_SMTP_HELO_DATA
+REMOTE_SMTP_HELO_DATA==${lookup dnsdb {ptr=$sending_ip_address}{$value}{$primary_hostname}}
+.else
+REMOTE_SMTP_HELO_DATA=${lookup dnsdb {ptr=$sending_ip_address}{$value}{$primary_hostname}}
+.endif
+.endif
--- /dev/null
+
+# This transport is used for handling deliveries directly to files that are
+# generated by aliasing or forwarding.
+#
+address_file:
+ debug_print = "T: address_file for $local_part@$domain"
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+
--- /dev/null
+
+# This transport is used for handling pipe deliveries generated by
+# .forward files. If the commands fails and produces any output on standard
+# output or standard error streams, the output is returned to the sender
+# of the message as a delivery error.
+address_pipe:
+ debug_print = "T: address_pipe for $local_part@$domain"
+ driver = pipe
+ return_fail_output
+
--- /dev/null
+
+# This transport is used for handling autoreplies generated by the filtering
+# option of the userforward router.
+#
+address_reply:
+ debug_print = "T: autoreply for $local_part@$domain"
+ driver = autoreply
+
--- /dev/null
+
+### transport/30_exim4-config_mail_spool
+
+# This transport is used for local delivery to user mailboxes in traditional
+# BSD mailbox format.
+#
+mail_spool:
+ debug_print = "T: appendfile for $local_part@$domain"
+ driver = appendfile
+ file = /var/mail/$local_part
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ group = mail
+ mode = 0660
+ mode_fail_narrower = false
+
--- /dev/null
+
+### transport/30_exim4-config_maildir_home
+#################################
+
+# Use this instead of mail_spool if you want to to deliver to Maildir in
+# home-directory - change the definition of LOCAL_DELIVERY
+#
+maildir_home:
+ debug_print = "T: maildir_home for $local_part@$domain"
+ driver = appendfile
+ .ifdef MAILDIR_HOME_MAILDIR_LOCATION
+ directory = MAILDIR_HOME_MAILDIR_LOCATION
+ .else
+ directory = $home/Maildir
+ .endif
+ .ifdef MAILDIR_HOME_CREATE_DIRECTORY
+ create_directory
+ .endif
+ .ifdef MAILDIR_HOME_CREATE_FILE
+ create_file = MAILDIR_HOME_CREATE_FILE
+ .endif
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ maildir_format
+ .ifdef MAILDIR_HOME_DIRECTORY_MODE
+ directory_mode = MAILDIR_HOME_DIRECTORY_MODE
+ .else
+ directory_mode = 0700
+ .endif
+ .ifdef MAILDIR_HOME_MODE
+ mode = MAILDIR_HOME_MODE
+ .else
+ mode = 0600
+ .endif
+ mode_fail_narrower = false
+ # This transport always chdirs to $home before trying to deliver. If
+ # $home is not accessible, this chdir fails and prevents delivery.
+ # If you are in a setup where home directories might not be
+ # accessible, uncomment the current_directory line below.
+ # current_directory = /
--- /dev/null
+
+maildrop_pipe:
+ debug_print = "T: maildrop_pipe for $local_part@$domain"
+ driver = pipe
+ path = "/bin:/usr/bin:/usr/local/bin"
+ command = "/usr/bin/maildrop"
+ message_prefix =
+ message_suffix =
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+
--- /dev/null
+
+procmail_pipe:
+ debug_print = "T: procmail_pipe for $local_part@$domain"
+ driver = pipe
+ path = "/bin:/usr/bin:/usr/local/bin"
+ command = "/usr/bin/procmail"
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+
--- /dev/null
+
+### transport/30_exim4-config_remote_smtp
+#################################
+# This transport is used for delivering messages over SMTP connections.
+
+remote_smtp:
+ debug_print = "T: remote_smtp for $local_part@$domain"
+ driver = smtp
+.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
+ hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
+.endif
+.ifdef REMOTE_SMTP_HEADERS_REWRITE
+ headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
+.endif
+.ifdef REMOTE_SMTP_RETURN_PATH
+ return_path = REMOTE_SMTP_RETURN_PATH
+.endif
+.ifdef REMOTE_SMTP_HELO_DATA
+ helo_data=REMOTE_SMTP_HELO_DATA
+.endif
+.ifdef DKIM_DOMAIN
+dkim_domain = DKIM_DOMAIN
+.endif
+.ifdef DKIM_SELECTOR
+dkim_selector = DKIM_SELECTOR
+.endif
+.ifdef DKIM_PRIVATE_KEY
+dkim_private_key = DKIM_PRIVATE_KEY
+.endif
+.ifdef DKIM_CANON
+dkim_canon = DKIM_CANON
+.endif
+.ifdef DKIM_STRICT
+dkim_strict = DKIM_STRICT
+.endif
+.ifdef DKIM_SIGN_HEADERS
+dkim_sign_headers = DKIM_SIGN_HEADERS
+.endif
+.ifdef TLS_DH_MIN_BITS
+tls_dh_min_bits = TLS_DH_MIN_BITS
+.endif
+.ifdef REMOTE_SMTP_TLS_CERTIFICATE
+tls_certificate = REMOTE_SMTP_TLS_CERTIFICATE
+.endif
+.ifdef REMOTE_SMTP_PRIVATEKEY
+tls_privatekey = REMOTE_SMTP_PRIVATEKEY
+.endif
--- /dev/null
+
+### transport/30_exim4-config_remote_smtp_smarthost
+#################################
+
+# This transport is used for delivering messages over SMTP connections
+# to a smarthost. The local host tries to authenticate.
+# This transport is used for smarthost and satellite configurations.
+
+remote_smtp_smarthost:
+ debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
+ driver = smtp
+ hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
+ {\
+ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
+ }\
+ {} \
+ }
+.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
+ hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
+.endif
+.ifdef REMOTE_SMTP_HEADERS_REWRITE
+ headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
+.endif
+.ifdef REMOTE_SMTP_RETURN_PATH
+ return_path = REMOTE_SMTP_RETURN_PATH
+.endif
+.ifdef REMOTE_SMTP_HELO_DATA
+ helo_data=REMOTE_SMTP_HELO_DATA
+.endif
+.ifdef TLS_DH_MIN_BITS
+tls_dh_min_bits = TLS_DH_MIN_BITS
+.endif
+.ifdef REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
+tls_certificate = REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
+.endif
+.ifdef REMOTE_SMTP_SMARTHOST_PRIVATEKEY
+tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY
+.endif
--- /dev/null
+# This transport is used for handling file addresses generated by alias
+# or .forward files if the path ends in "/", which causes it to be treated
+# as a directory name rather than a file name.
+
+address_directory:
+ debug_print = "T: address_directory for $local_part@$domain"
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ check_string = ""
+ escape_string = ""
+ maildir_format
+
--- /dev/null
+#####################################################
+### main/01_exim4-config_listmacrosdefs
+#####################################################
+######################################################################
+# Runtime configuration file for Exim 4 (Debian Packaging) #
+######################################################################
+
+######################################################################
+# /etc/exim4/exim4.conf.template is only used with the non-split
+# configuration scheme.
+# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
+# with the split configuration scheme.
+# If you find this comment anywhere else, somebody copied it there.
+# Documentation about the Debian exim4 configuration scheme can be
+# found in /usr/share/doc/exim4-base/README.Debian.gz.
+######################################################################
+
+######################################################################
+# MAIN CONFIGURATION SETTINGS #
+######################################################################
+
+# Just for reference and scripts.
+# On Debian systems, the main binary is installed as exim4 to avoid
+# conflicts with the exim 3 packages.
+exim_path = /usr/sbin/exim4
+
+# Macro defining the main configuration directory.
+# We do not use absolute paths.
+.ifndef CONFDIR
+CONFDIR = /etc/exim4
+.endif
+
+# debconf-driven macro definitions get inserted after this line
+UPEX4CmacrosUPEX4C = 1
+
+# Create domain and host lists for relay control
+# '@' refers to 'the name of the local host'
+
+# List of domains considered local for exim. Domains not listed here
+# need to be deliverable remotely.
+domainlist local_domains = MAIN_LOCAL_DOMAINS
+
+# List of recipient domains to relay _to_. Use this list if you're -
+# for example - fallback MX or mail gateway for domains.
+domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
+
+# List of sender networks (IP addresses) to _unconditionally_ relay
+# _for_. If you intend to be SMTP AUTH server, you do not need to enter
+# anything here.
+hostlist relay_from_hosts = MAIN_RELAY_NETS
+
+
+# Decide which domain to use to add to all unqualified addresses.
+# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
+# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
+# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
+# the first line of /etc/mailname is used.
+.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
+.ifndef MAIN_QUALIFY_DOMAIN
+qualify_domain = ETC_MAILNAME
+.else
+qualify_domain = MAIN_QUALIFY_DOMAIN
+.endif
+.endif
+
+# listen on all all interfaces?
+.ifdef MAIN_LOCAL_INTERFACES
+local_interfaces = MAIN_LOCAL_INTERFACES
+.endif
+
+.ifndef LOCAL_DELIVERY
+# The default transport, set in /etc/exim4/update-exim4.conf.conf,
+# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
+LOCAL_DELIVERY=mail_spool
+.endif
+
+# The gecos field in /etc/passwd holds not only the name. see passwd(5).
+gecos_pattern = ^([^,:]*)
+gecos_name = $1
+
+# define macros to be used in acl/30_exim4-config_check_rcpt to check
+# recipient local parts for strange characters.
+
+# This macro definition really should be in
+# acl/30_exim4-config_check_rcpt but cannot be there due to
+# http://www.exim.org/bugzilla/show_bug.cgi?id=101 as of exim 4.62.
+
+# These macros are documented in acl/30_exim4-config_check_rcpt,
+# can be changed here or overridden by a locally added configuration
+# file as described in README.Debian chapter 2.1.2
+
+.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
+CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
+.endif
+
+.ifndef CHECK_RCPT_REMOTE_LOCALPARTS
+CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
+.endif
+
+# always log tls_peerdn as we use TLS for outgoing connects by default
+.ifndef MAIN_LOG_SELECTOR
+MAIN_LOG_SELECTOR = +tls_peerdn
+.endif
+#####################################################
+### end main/01_exim4-config_listmacrosdefs
+#####################################################
+#####################################################
+### main/02_exim4-config_options
+#####################################################
+
+### main/02_exim4-config_options
+#################################
+
+
+# Defines the access control list that is run when an
+# SMTP MAIL command is received.
+#
+.ifndef MAIN_ACL_CHECK_MAIL
+MAIN_ACL_CHECK_MAIL = acl_check_mail
+.endif
+acl_smtp_mail = MAIN_ACL_CHECK_MAIL
+
+
+# Defines the access control list that is run when an
+# SMTP RCPT command is received.
+#
+.ifndef MAIN_ACL_CHECK_RCPT
+MAIN_ACL_CHECK_RCPT = acl_check_rcpt
+.endif
+acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
+
+
+# Defines the access control list that is run when an
+# SMTP DATA command is received.
+#
+.ifndef MAIN_ACL_CHECK_DATA
+MAIN_ACL_CHECK_DATA = acl_check_data
+.endif
+acl_smtp_data = MAIN_ACL_CHECK_DATA
+
+
+# Message size limit. The default (used when MESSAGE_SIZE_LIMIT
+# is unset) is 50 MB
+.ifdef MESSAGE_SIZE_LIMIT
+message_size_limit = MESSAGE_SIZE_LIMIT
+.endif
+
+
+# If you are running exim4-daemon-heavy or a custom version of Exim that
+# was compiled with the content-scanning extension, you can cause incoming
+# messages to be automatically scanned for viruses. You have to modify the
+# configuration in two places to set this up. The first of them is here,
+# where you define the interface to your scanner. This example is typical
+# for ClamAV; see the manual for details of what to set for other virus
+# scanners. The second modification is in the acl_check_data access
+# control list.
+
+# av_scanner = clamd:/var/run/clamav/clamd.ctl
+
+
+# For spam scanning, there is a similar option that defines the interface to
+# SpamAssassin. You do not need to set this if you are using the default, which
+# is shown in this commented example. As for virus scanning, you must also
+# modify the acl_check_data access control list to enable spam scanning.
+
+# spamd_address = 127.0.0.1 783
+
+# Domain used to qualify unqualified recipient addresses
+# If this option is not set, the qualify_domain value is used.
+# qualify_recipient = <value of qualify_domain>
+
+
+# Allow Exim to recognize addresses of the form "user@[10.11.12.13]",
+# where the domain part is a "domain literal" (an IP address) instead
+# of a named domain. The RFCs require this facility, but it is disabled
+# in the default config since it is seldomly used and frequently abused.
+# Domain literal support also needs a special router, which is automatically
+# enabled if you use the enable macro MAIN_ALLOW_DOMAIN_LITERALS.
+# Additionally, you might want to make your local IP addresses (or @[])
+# local domains.
+.ifdef MAIN_ALLOW_DOMAIN_LITERALS
+allow_domain_literals
+.endif
+
+
+# Do a reverse DNS lookup on all incoming IP calls, in order to get the
+# true host name. If you feel this is too expensive, the networks for
+# which a lookup is done can be listed here.
+.ifndef DC_minimaldns
+.ifndef MAIN_HOST_LOOKUP
+MAIN_HOST_LOOKUP = *
+.endif
+host_lookup = MAIN_HOST_LOOKUP
+.endif
+
+
+# In a minimaldns setup, update-exim4.conf guesses the hostname and
+# dumps it here to avoid DNS lookups being done at Exim run time.
+.ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME
+primary_hostname = MAIN_HARDCODE_PRIMARY_HOSTNAME
+.endif
+
+# The settings below, which are actually the same as the defaults in the
+# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
+# calls. You can limit the hosts to which these calls are made, and/or change
+# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
+# are disabled. RFC 1413 calls are cheap and can provide useful information
+# for tracing problem messages, but some hosts and firewalls are
+# misconfigured to drop the requests instead of either answering or
+# rejecting them. This can result in a timeout instead of an immediate refused
+# connection, leading to delays on starting up SMTP sessions. (The default was
+# reduced from 30s to 5s for release 4.61.)
+# rfc1413_hosts = *
+# rfc1413_query_timeout = 5s
+
+# When using an external relay tester (such as rt.njabl.org and/or the
+# currently defunct relay-test.mail-abuse.org, the test may be aborted
+# since exim complains about "too many nonmail commands". If you want
+# the test to complete, add the host from where "your" relay tester
+# connects from to the MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS macro.
+# Please note that a non-empty setting may cause extra DNS lookups to
+# happen, which is the reason why this option is commented out in the
+# default settings.
+# MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS = !rt.njabl.org
+.ifdef MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS
+smtp_accept_max_nonmail_hosts = MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS
+.endif
+
+# By default, exim forces a Sender: header containing the local
+# account name at the local host name in all locally submitted messages
+# that don't have the local account name at the local host name in the
+# From: header, deletes any Sender: header present in the submitted
+# message and forces the envelope sender of all locally submitted
+# messages to the local account name at the local host name.
+# The following settings allow local users to specify their own envelope sender
+# in a locally submitted message. Sender: headers existing in a locally
+# submitted message are not removed, and no automatic Sender: headers
+# are added. These settings are fine for most hosts.
+# If you run exim on a classical multi-user systems where all users
+# have local mailboxes that can be reached via SMTP from the Internet
+# with the local FQDN as the domain part of the address, you might want
+# to disable the following three lines for traceability reasons.
+.ifndef MAIN_FORCE_SENDER
+local_from_check = false
+local_sender_retain = true
+untrusted_set_sender = *
+.endif
+
+
+# By default, Exim expects all envelope addresses to be fully qualified, that
+# is, they must contain both a local part and a domain. Configure exim
+# to accept unqualified addresses from certain hosts. When this is done,
+# unqualified addresses are qualified using the settings of qualify_domain
+# and/or qualify_recipient (see above).
+# sender_unqualified_hosts = <unset>
+# recipient_unqualified_hosts = <unset>
+
+
+# Configure Exim to support the "percent hack" for certain domains.
+# The "percent hack" is the feature by which mail addressed to x%y@z
+# (where z is one of the domains listed) is locally rerouted to x@y
+# and sent on. If z is not one of the "percent hack" domains, x%y is
+# treated as an ordinary local part. The percent hack is rarely needed
+# nowadays but frequently abused. You should not enable it unless you
+# are sure that you really need it.
+# percent_hack_domains = <unset>
+
+
+# Bounce handling
+.ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
+MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
+.endif
+ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
+
+.ifndef MAIN_TIMEOUT_FROZEN_AFTER
+MAIN_TIMEOUT_FROZEN_AFTER = 7d
+.endif
+timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
+
+.ifndef MAIN_FREEZE_TELL
+MAIN_FREEZE_TELL = postmaster
+.endif
+freeze_tell = MAIN_FREEZE_TELL
+
+
+# Define spool directory
+.ifndef SPOOLDIR
+SPOOLDIR = /var/spool/exim4
+.endif
+spool_directory = SPOOLDIR
+
+
+# trusted users can set envelope-from to arbitrary values
+.ifndef MAIN_TRUSTED_USERS
+MAIN_TRUSTED_USERS = uucp
+.endif
+trusted_users = MAIN_TRUSTED_USERS
+.ifdef MAIN_TRUSTED_GROUPS
+trusted_groups = MAIN_TRUSTED_GROUPS
+.endif
+
+
+# users in admin group can do many other things
+# admin_groups = <unset>
+
+
+# SMTP Banner. The example includes the Debian version in the SMTP dialog
+# MAIN_SMTP_BANNER = "${primary_hostname} ESMTP Exim ${version_number} (Debian package MAIN_PACKAGE_VERSION) ${tod_full}"
+# smtp_banner = $smtp_active_hostname ESMTP Exim $version_number $tod_full
+#####################################################
+### end main/02_exim4-config_options
+#####################################################
+#####################################################
+### main/03_exim4-config_tlsoptions
+#####################################################
+
+### main/03_exim4-config_tlsoptions
+#################################
+
+# TLS/SSL configuration for exim as an SMTP server.
+# See /usr/share/doc/exim4-base/README.Debian.gz for explanations.
+
+.ifdef MAIN_TLS_ENABLE
+# Defines what hosts to 'advertise' STARTTLS functionality to. The
+# default, *, will advertise to all hosts that connect with EHLO.
+.ifndef MAIN_TLS_ADVERTISE_HOSTS
+MAIN_TLS_ADVERTISE_HOSTS = *
+.endif
+tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
+
+
+# Full paths to Certificate and Private Key. The Private Key file
+# must be kept 'secret' and should be owned by root.Debian-exim mode
+# 640 (-rw-r-----). exim-gencert takes care of these prerequisites.
+# Normally, exim4 looks for certificate and key in different files:
+# MAIN_TLS_CERTIFICATE - path to certificate file,
+# CONFDIR/exim.crt if unset
+# MAIN_TLS_PRIVATEKEY - path to private key file
+# CONFDIR/exim.key if unset
+# You can also configure exim to look for certificate and key in the
+# same file, set MAIN_TLS_CERTKEY to that file to enable. This takes
+# precedence over all other settings regarding certificate and key file.
+.ifdef MAIN_TLS_CERTKEY
+tls_certificate = MAIN_TLS_CERTKEY
+.else
+.ifndef MAIN_TLS_CERTIFICATE
+MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
+.endif
+tls_certificate = MAIN_TLS_CERTIFICATE
+
+.ifndef MAIN_TLS_PRIVATEKEY
+MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
+.endif
+tls_privatekey = MAIN_TLS_PRIVATEKEY
+.endif
+
+# Pointer to the CA Certificates against which client certificates are
+# checked. This is controlled by the `tls_verify_hosts' and
+# `tls_try_verify_hosts' lists below.
+# If you want to check server certificates, you need to add an
+# tls_verify_certificates statement to the smtp transport.
+# /etc/ssl/certs/ca-certificates.crt is generated by
+# the "ca-certificates" package's update-ca-certificates(8) command.
+.ifndef MAIN_TLS_VERIFY_CERTIFICATES
+MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\
+ {/etc/ssl/certs/ca-certificates.crt}\
+ {/dev/null}}
+.endif
+tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
+
+
+# A list of hosts which are constrained by `tls_verify_certificates'. A host
+# that matches `tls_verify_host' must present a certificate that is
+# verifyable through `tls_verify_certificates' in order to be accepted as an
+# SMTP client. If it does not, the connection is aborted.
+.ifdef MAIN_TLS_VERIFY_HOSTS
+tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS
+.endif
+
+# A weaker form of checking: if a client matches `tls_try_verify_hosts' (but
+# not `tls_verify_hosts'), request a certificate and check it against
+# `tls_verify_certificates' but do not abort the connection if there is no
+# certificate or if the certificate presented does not match. (This
+# condition can be tested for in ACLs through `verify = certificate')
+# By default, this check is done for all hosts. It is known that some
+# clients (including incredimail's version downloadable in February
+# 2008) choke on this. To disable, set MAIN_TLS_TRY_VERIFY_HOSTS to an
+# empty value.
+.ifdef MAIN_TLS_TRY_VERIFY_HOSTS
+tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
+.endif
+
+.endif
+#####################################################
+### end main/03_exim4-config_tlsoptions
+#####################################################
+#####################################################
+### main/90_exim4-config_log_selector
+#####################################################
+
+### main/90_exim4-config_log_selector
+#################################
+
+# uncomment this for debugging
+# MAIN_LOG_SELECTOR == MAIN_LOG_SELECTOR +all -subject -arguments
+
+.ifdef MAIN_LOG_SELECTOR
+log_selector = MAIN_LOG_SELECTOR
+.endif
+#####################################################
+### end main/90_exim4-config_log_selector
+#####################################################
+#####################################################
+### acl/00_exim4-config_header
+#####################################################
+
+######################################################################
+# ACL CONFIGURATION #
+# Specifies access control lists for incoming SMTP mail #
+######################################################################
+begin acl
+
+
+#####################################################
+### end acl/00_exim4-config_header
+#####################################################
+#####################################################
+### acl/20_exim4-config_local_deny_exceptions
+#####################################################
+
+### acl/20_exim4-config_local_deny_exceptions
+#################################
+
+# This is used to determine whitelisted senders and hosts.
+# It checks for CONFDIR/host_local_deny_exceptions and
+# CONFDIR/sender_local_deny_exceptions.
+#
+# It is meant to be used from some other acl entry.
+#
+# See exim4-config_files(5) for details.
+#
+# If the files do not exist, the white list never matches, which is
+# the desired behaviour.
+#
+# The old file names CONFDIR/local_host_whitelist and
+# CONFDIR/local_sender_whitelist will continue to be honored for a
+# transition period. Their use is deprecated.
+
+acl_local_deny_exceptions:
+ accept
+ hosts = ${if exists{CONFDIR/host_local_deny_exceptions}\
+ {CONFDIR/host_local_deny_exceptions}\
+ {}}
+ accept
+ senders = ${if exists{CONFDIR/sender_local_deny_exceptions}\
+ {CONFDIR/sender_local_deny_exceptions}\
+ {}}
+ accept
+ hosts = ${if exists{CONFDIR/local_host_whitelist}\
+ {CONFDIR/local_host_whitelist}\
+ {}}
+ accept
+ senders = ${if exists{CONFDIR/local_sender_whitelist}\
+ {CONFDIR/local_sender_whitelist}\
+ {}}
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef LOCAL_DENY_EXCEPTIONS_LOCAL_ACL_FILE
+ .include LOCAL_DENY_EXCEPTIONS_LOCAL_ACL_FILE
+ .endif
+
+ # this is still supported for a transition period and is deprecated.
+ .ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
+ .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
+ .endif
+#####################################################
+### end acl/20_exim4-config_local_deny_exceptions
+#####################################################
+#####################################################
+### acl/30_exim4-config_check_mail
+#####################################################
+
+### acl/30_exim4-config_check_mail
+#################################
+
+# This access control list is used for every MAIL command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+#
+acl_check_mail:
+ .ifdef CHECK_MAIL_HELO_ISSUED
+ deny
+ message = no HELO given before MAIL command
+ condition = ${if def:sender_helo_name {no}{yes}}
+ .endif
+
+ accept
+#####################################################
+### end acl/30_exim4-config_check_mail
+#####################################################
+#####################################################
+### acl/30_exim4-config_check_rcpt
+#####################################################
+
+### acl/30_exim4-config_check_rcpt
+#################################
+
+# This access control list is used for every RCPT command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+#
+acl_check_rcpt:
+
+ # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
+ # testing for an empty sending host field.
+ accept
+ hosts = :
+ control = dkim_disable_verify
+
+ # Do not try to verify DKIM signatures of incoming mail if DC_minimaldns
+ # or DISABLE_DKIM_VERIFY are set.
+.ifdef DC_minimaldns
+ warn
+ control = dkim_disable_verify
+.else
+.ifdef DISABLE_DKIM_VERIFY
+ warn
+ control = dkim_disable_verify
+.endif
+.endif
+
+ # The following section of the ACL is concerned with local parts that contain
+ # certain non-alphanumeric characters. Dots in unusual places are
+ # handled by this ACL as well.
+ #
+ # Non-alphanumeric characters other than dots are rarely found in genuine
+ # local parts, but are often tried by people looking to circumvent
+ # relaying restrictions. Therefore, although they are valid in local
+ # parts, these rules disallow certain non-alphanumeric characters, as
+ # a precaution.
+ #
+ # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
+ # allows them because they have been encountered. (Consider local parts
+ # constructed as "firstinitial.secondinitial.familyname" when applied to
+ # a name without a second initial.) However, a local part starting
+ # with a dot or containing /../ can cause trouble if it is used as part of a
+ # file name (e.g. for a mailing list). This is also true for local parts that
+ # contain slashes. A pipe symbol can also be troublesome if the local part is
+ # incorporated unthinkingly into a shell command line.
+ #
+ # These ACL components will block recipient addresses that are valid
+ # from an RFC2822 point of view. We chose to have them blocked by
+ # default for security reasons.
+ #
+ # If you feel that your site should have less strict recipient
+ # checking, please feel free to change the default values of the macros
+ # defined in main/01_exim4-config_listmacrosdefs or override them from a
+ # local configuration file.
+ #
+ # Two different rules are used. The first one has a quite strict
+ # default, and is applied to messages that are addressed to one of the
+ # local domains handled by this host.
+
+ # The default value of CHECK_RCPT_LOCAL_LOCALPARTS is defined in
+ # main/01_exim4-config_listmacrosdefs:
+ # CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
+ # This blocks local parts that begin with a dot or contain a quite
+ # broad range of non-alphanumeric characters.
+ .ifdef CHECK_RCPT_LOCAL_LOCALPARTS
+ deny
+ domains = +local_domains
+ local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
+ message = restricted characters in address
+ .endif
+
+
+ # The second rule applies to all other domains, and its default is
+ # considerably less strict.
+
+ # The default value of CHECK_RCPT_REMOTE_LOCALPARTS is defined in
+ # main/01_exim4-config_listmacrosdefs:
+ # CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
+
+ # It allows local users to send outgoing messages to sites
+ # that use slashes and vertical bars in their local parts. It blocks
+ # local parts that begin with a dot, slash, or vertical bar, but allows
+ # these characters within the local part. However, the sequence /../ is
+ # barred. The use of some other non-alphanumeric characters is blocked.
+ # Single quotes might probably be dangerous as well, but they're
+ # allowed by the default regexps to avoid rejecting mails to Ireland.
+ # The motivation here is to prevent local users (or local users' malware)
+ # from mounting certain kinds of attack on remote sites.
+ .ifdef CHECK_RCPT_REMOTE_LOCALPARTS
+ deny
+ domains = !+local_domains
+ local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
+ message = restricted characters in address
+ .endif
+
+
+ # Accept mail to postmaster in any local domain, regardless of the source,
+ # and without verifying the sender.
+ #
+ accept
+ .ifndef CHECK_RCPT_POSTMASTER
+ local_parts = postmaster
+ .else
+ local_parts = CHECK_RCPT_POSTMASTER
+ .endif
+ domains = +local_domains : +relay_to_domains
+
+
+ # Deny unless the sender address can be verified.
+ #
+ # This is disabled by default so that DNSless systems don't break. If
+ # your system can do DNS lookups without delay or cost, you might want
+ # to enable this feature.
+ #
+ # This feature does not work in smarthost and satellite setups as
+ # with these setups all domains pass verification. See spec.txt chapter
+ # 39.31 with the added information that a smarthost/satellite setup
+ # routes all non-local e-mail to the smarthost.
+ .ifdef CHECK_RCPT_VERIFY_SENDER
+ deny
+ message = Sender verification failed
+ !acl = acl_local_deny_exceptions
+ !verify = sender
+ .endif
+
+ # Verify senders listed in local_sender_callout with a callout.
+ #
+ # In smarthost and satellite setups, this causes the callout to be
+ # done to the smarthost. Verification will thus only be reliable if the
+ # smarthost does reject illegal addresses in the SMTP dialog.
+ deny
+ !acl = acl_local_deny_exceptions
+ senders = ${if exists{CONFDIR/local_sender_callout}\
+ {CONFDIR/local_sender_callout}\
+ {}}
+ !verify = sender/callout
+
+
+ # Accept if the message comes from one of the hosts for which we are an
+ # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
+ # so we set control=submission to make Exim treat the message as a
+ # submission. It will fix up various errors in the message, for example, the
+ # lack of a Date: header line. If you are actually relaying out out from
+ # MTAs, you may want to disable this. If you are handling both relaying from
+ # MTAs and submissions from MUAs you should probably split them into two
+ # lists, and handle them differently.
+
+ # Recipient verification is omitted here, because in many cases the clients
+ # are dumb MUAs that don't cope well with SMTP error responses. If you are
+ # actually relaying out from MTAs, you should probably add recipient
+ # verification here.
+
+ # Note that, by putting this test before any DNS black list checks, you will
+ # always accept from these hosts, even if they end up on a black list. The
+ # assumption is that they are your friends, and if they get onto black
+ # list, it is a mistake.
+ accept
+ hosts = +relay_from_hosts
+ control = submission/sender_retain
+ control = dkim_disable_verify
+
+
+ # Accept if the message arrived over an authenticated connection, from
+ # any host. Again, these messages are usually from MUAs, so recipient
+ # verification is omitted, and submission mode is set. And again, we do this
+ # check before any black list tests.
+ accept
+ authenticated = *
+ control = submission/sender_retain
+ control = dkim_disable_verify
+
+
+ # Insist that any other recipient address that we accept is either in one of
+ # our local domains, or is in a domain for which we explicitly allow
+ # relaying. Any other domain is rejected as being unacceptable for relaying.
+ require
+ message = relay not permitted
+ domains = +local_domains : +relay_to_domains
+
+
+ # We also require all accepted addresses to be verifiable. This check will
+ # do local part verification for local domains, but only check the domain
+ # for remote domains.
+ require
+ verify = recipient
+
+
+ # Verify recipients listed in local_rcpt_callout with a callout.
+ # This is especially handy for forwarding MX hosts (secondary MX or
+ # mail hubs) of domains that receive a lot of spam to non-existent
+ # addresses. The only way to check local parts for remote relay
+ # domains is to use a callout (add /callout), but please read the
+ # documentation about callouts before doing this.
+ deny
+ !acl = acl_local_deny_exceptions
+ recipients = ${if exists{CONFDIR/local_rcpt_callout}\
+ {CONFDIR/local_rcpt_callout}\
+ {}}
+ !verify = recipient/callout
+
+
+ # CONFDIR/local_sender_blacklist holds a list of envelope senders that
+ # should have their access denied to the local host. Incoming messages
+ # with one of these senders are rejected at RCPT time.
+ #
+ # The explicit white lists are honored as well as negative items in
+ # the black list. See exim4-config_files(5) for details.
+ deny
+ message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+ !acl = acl_local_deny_exceptions
+ senders = ${if exists{CONFDIR/local_sender_blacklist}\
+ {CONFDIR/local_sender_blacklist}\
+ {}}
+
+
+ # deny bad sites (IP address)
+ # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
+ # and networks (CIDR notation) that should have their access denied to
+ # The local host. Messages coming in from a listed host will have all
+ # RCPT statements rejected.
+ #
+ # The explicit white lists are honored as well as negative items in
+ # the black list. See exim4-config_files(5) for details.
+ deny
+ message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+ !acl = acl_local_deny_exceptions
+ hosts = ${if exists{CONFDIR/local_host_blacklist}\
+ {CONFDIR/local_host_blacklist}\
+ {}}
+
+
+ # Warn if the sender host does not have valid reverse DNS.
+ #
+ # If your system can do DNS lookups without delay or cost, you might want
+ # to enable this.
+ # If sender_host_address is defined, it's a remote call. If
+ # sender_host_name is not defined, then reverse lookup failed. Use
+ # this instead of !verify = reverse_host_lookup to catch deferrals
+ # as well as outright failures.
+ .ifdef CHECK_RCPT_REVERSE_DNS
+ warn
+ condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
+ {yes}{no}}
+ add_header = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
+ .endif
+
+
+ # Use spfquery to perform a pair of SPF checks (for details, see
+ # http://www.openspf.org/)
+ #
+ # This is quite costly in terms of DNS lookups (~6 lookups per mail). Do not
+ # enable if that's an issue. Also note that if you enable this, you must
+ # install "spf-tools-perl" which provides the spfquery command.
+ # Missing spf-tools-perl will trigger the "Unexpected error in
+ # SPF check" warning.
+ .ifdef CHECK_RCPT_SPF
+ deny
+ message = [SPF] $sender_host_address is not allowed to send mail from \
+ ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \
+ Please see \
+ http://www.openspf.org/Why?scope=${if def:sender_address_domain \
+ {mfrom}{helo}};identity=${if def:sender_address_domain \
+ {$sender_address}{$sender_helo_name}};ip=$sender_host_address
+ log_message = SPF check failed.
+ !acl = acl_local_deny_exceptions
+ condition = ${run{/usr/bin/spfquery.mail-spf-perl --ip \
+ ${quote:$sender_host_address} --identity \
+ ${if def:sender_address_domain \
+ {--scope mfrom --identity ${quote:$sender_address}}\
+ {--scope helo --identity ${quote:$sender_helo_name}}}}\
+ {no}{${if eq {$runrc}{1}{yes}{no}}}}
+
+ defer
+ message = Temporary DNS error while checking SPF record. Try again later.
+ !acl = acl_local_deny_exceptions
+ condition = ${if eq {$runrc}{5}{yes}{no}}
+
+ warn
+ condition = ${if <={$runrc}{6}{yes}{no}}
+ add_header = Received-SPF: ${if eq {$runrc}{0}{pass}\
+ {${if eq {$runrc}{2}{softfail}\
+ {${if eq {$runrc}{3}{neutral}\
+ {${if eq {$runrc}{4}{permerror}\
+ {${if eq {$runrc}{6}{none}{error}}}}}}}}}\
+ } client-ip=$sender_host_address; \
+ ${if def:sender_address_domain \
+ {envelope-from=${sender_address}; }{}}\
+ helo=$sender_helo_name
+
+ warn
+ log_message = Unexpected error in SPF check.
+ condition = ${if >{$runrc}{6}{yes}{no}}
+ .endif
+
+
+ # Check against classic DNS "black" lists (DNSBLs) which list
+ # sender IP addresses
+ .ifdef CHECK_RCPT_IP_DNSBLS
+ warn
+ dnslists = CHECK_RCPT_IP_DNSBLS
+ add_header = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ .endif
+
+
+ # Check against DNSBLs which list sender domains, with an option to locally
+ # whitelist certain domains that might be blacklisted.
+ #
+ # Note: If you define CHECK_RCPT_DOMAIN_DNSBLS, you must append
+ # "/$sender_address_domain" after each domain. For example:
+ # CHECK_RCPT_DOMAIN_DNSBLS = rhsbl.foo.org/$sender_address_domain \
+ # : rhsbl.bar.org/$sender_address_domain
+ .ifdef CHECK_RCPT_DOMAIN_DNSBLS
+ warn
+ !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
+ {CONFDIR/local_domain_dnsbl_whitelist}\
+ {}}
+ dnslists = CHECK_RCPT_DOMAIN_DNSBLS
+ add_header = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
+ .endif
+
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef CHECK_RCPT_LOCAL_ACL_FILE
+ .include CHECK_RCPT_LOCAL_ACL_FILE
+ .endif
+
+
+ #############################################################################
+ # This check is commented out because it is recognized that not every
+ # sysadmin will want to do it. If you enable it, the check performs
+ # Client SMTP Authorization (csa) checks on the sending host. These checks
+ # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
+ # an Internet draft. You can, of course, add additional conditions to this
+ # ACL statement to restrict the CSA checks to certain hosts only.
+ #
+ # require verify = csa
+ #############################################################################
+
+
+ # Accept if the address is in a domain for which we are an incoming relay,
+ # but again, only if the recipient can be verified.
+
+ accept
+ domains = +relay_to_domains
+ endpass
+ verify = recipient
+
+
+ # At this point, the address has passed all the checks that have been
+ # configured, so we accept it unconditionally.
+
+ accept
+#####################################################
+### end acl/30_exim4-config_check_rcpt
+#####################################################
+#####################################################
+### acl/40_exim4-config_check_data
+#####################################################
+
+### acl/40_exim4-config_check_data
+#################################
+
+# This ACL is used after the contents of a message have been received. This
+# is the ACL in which you can test a message's headers or body, and in
+# particular, this is where you can invoke external virus or spam scanners.
+
+acl_check_data:
+
+ # Deny unless the address list headers are syntactically correct.
+ #
+ # If you enable this, you might reject legitimate mail.
+ .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX
+ deny
+ message = Message headers fail syntax check
+ !acl = acl_local_deny_exceptions
+ !verify = header_syntax
+ .endif
+
+
+ # require that there is a verifiable sender address in at least
+ # one of the "Sender:", "Reply-To:", or "From:" header lines.
+ .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
+ deny
+ message = No verifiable sender address in message headers
+ !acl = acl_local_deny_exceptions
+ !verify = header_sender
+ .endif
+
+
+ # Deny if the message contains malware. Before enabling this check, you
+ # must install a virus scanner and set the av_scanner option in the
+ # main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # deny
+ # malware = *
+ # message = This message was detected as possible malware ($malware_name).
+
+
+ # Add headers to a message if it is judged to be spam. Before enabling this,
+ # you must install SpamAssassin. You also need to set the spamd_address
+ # option in the main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # Please note that this is only suiteable as an example. There are
+ # multiple issues with this configuration method. For example, if you go
+ # this way, you'll give your spamassassin daemon write access to the
+ # entire exim spool which might be a security issue in case of a
+ # spamassassin exploit.
+ #
+ # See the exim docs and the exim wiki for more suitable examples.
+ #
+ # warn
+ # spam = Debian-exim:true
+ # add_header = X-Spam_score: $spam_score\n\
+ # X-Spam_score_int: $spam_score_int\n\
+ # X-Spam_bar: $spam_bar\n\
+ # X-Spam_report: $spam_report
+
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef CHECK_DATA_LOCAL_ACL_FILE
+ .include CHECK_DATA_LOCAL_ACL_FILE
+ .endif
+
+
+ # accept otherwise
+ accept
+#####################################################
+### end acl/40_exim4-config_check_data
+#####################################################
+#####################################################
+### router/00_exim4-config_header
+#####################################################
+
+######################################################################
+# ROUTERS CONFIGURATION #
+# Specifies how addresses are handled #
+######################################################################
+# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
+# An address is passed to each router in turn until it is accepted. #
+######################################################################
+
+begin routers
+
+#####################################################
+### end router/00_exim4-config_header
+#####################################################
+#####################################################
+### router/100_exim4-config_domain_literal
+#####################################################
+
+### router/100_exim4-config_domain_literal
+#################################
+
+# This router handles e-mail addresses in "domain literal" form like
+# <user@[10.11.12.13]>. The RFCs require this facility, but it is disabled
+# in the default config since it is seldomly used and frequently abused.
+# Domain literal support also needs to be enabled in the main config,
+# which is automatically done if you use the enable macro
+# MAIN_ALLOW_DOMAIN_LITERALS.
+
+.ifdef MAIN_ALLOW_DOMAIN_LITERALS
+domain_literal:
+ debug_print = "R: domain_literal for $local_part@$domain"
+ driver = ipliteral
+ domains = ! +local_domains
+ transport = remote_smtp
+.endif
+#####################################################
+### end router/100_exim4-config_domain_literal
+#####################################################
+#####################################################
+### router/150_exim4-config_hubbed_hosts
+#####################################################
+
+# router/150_exim4-config_hubbed_hosts
+#################################
+
+# route specific domains manually.
+#
+# see exim4-config_files(5) and spec.txt chapter 20.3 through 20.7 for
+# more detailed documentation.
+
+hubbed_hosts:
+ debug_print = "R: hubbed_hosts for $domain"
+ driver = manualroute
+ domains = "${if exists{CONFDIR/hubbed_hosts}\
+ {partial-lsearch;CONFDIR/hubbed_hosts}\
+ fail}"
+ same_domain_copy_routing = yes
+ route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
+ transport = remote_smtp
+#####################################################
+### end router/150_exim4-config_hubbed_hosts
+#####################################################
+#####################################################
+### router/200_exim4-config_primary
+#####################################################
+
+### router/200_exim4-config_primary
+#################################
+# This file holds the primary router, responsible for nonlocal mails
+
+.ifdef DCconfig_internet
+# configtype=internet
+#
+# deliver mail to the recipient if recipient domain is a domain we
+# relay for. We do not ignore any target hosts here since delivering to
+# a site local or even a link local address might be wanted here, and if
+# such an address has found its way into the MX record of such a domain,
+# the local admin is probably in a place where that broken MX record
+# could be fixed.
+
+dnslookup_relay_to_domains:
+ debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
+ driver = dnslookup
+ domains = ! +local_domains : +relay_to_domains
+ transport = remote_smtp
+ same_domain_copy_routing = yes
+ no_more
+
+# deliver mail directly to the recipient. This router is only reached
+# for domains that we do not relay for. Since we most probably can't
+# have broken MX records pointing to site local or link local IP
+# addresses fixed, we ignore target hosts pointing to these addresses.
+
+dnslookup:
+ debug_print = "R: dnslookup for $local_part@$domain"
+ driver = dnslookup
+ domains = ! +local_domains
+ transport = remote_smtp
+ same_domain_copy_routing = yes
+ # ignore private rfc1918 and APIPA addresses
+ ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
+ 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
+ 255.255.255.255
+ no_more
+
+.endif
+
+
+.ifdef DCconfig_local
+# configtype=local
+#
+# Stand-alone system, so generate an error for mail to a non-local domain
+nonlocal:
+ debug_print = "R: nonlocal for $local_part@$domain"
+ driver = redirect
+ domains = ! +local_domains
+ allow_fail
+ data = :fail: Mailing to remote domains not supported
+ no_more
+
+.endif
+
+
+.ifdef DCconfig_smarthost DCconfig_satellite
+# configtype=smarthost or configtype=satellite
+#
+# Send all non-local mail to a single other machine (smarthost).
+#
+# This means _ALL_ non-local mail goes to the smarthost. This will most
+# probably not do what you want for domains that are listed in
+# relay_domains. The most typical use for relay_domains is to control
+# relaying for incoming e-mail on secondary MX hosts. In that case,
+# it doesn't make sense to send the mail to the smarthost since the
+# smarthost will probably send the message right back here, causing a
+# loop.
+#
+# If you want to use a smarthost while being secondary MX for some
+# domains, you'll need to copy the dnslookup_relay_to_domains router
+# here so that mail to relay_domains is handled separately.
+
+smarthost:
+ debug_print = "R: smarthost for $local_part@$domain"
+ driver = manualroute
+ domains = ! +local_domains
+ transport = remote_smtp_smarthost
+ route_list = * DCsmarthost byname
+ host_find_failed = ignore
+ same_domain_copy_routing = yes
+ no_more
+
+.endif
+
+
+# The "no_more" above means that all later routers are for
+# domains in the local_domains list, i.e. just like Exim 3 directors.
+#####################################################
+### end router/200_exim4-config_primary
+#####################################################
+#####################################################
+### router/300_exim4-config_real_local
+#####################################################
+
+### router/300_exim4-config_real_local
+#################################
+
+# This router allows reaching a local user while avoiding local
+# processing. This can be used to inform a user of a broken .forward
+# file, for example. The userforward router does this.
+
+COND_LOCAL_SUBMITTER = "\
+ ${if match_ip{$sender_host_address}{:@[]}\
+ {1}{0}\
+ }"
+
+real_local:
+ debug_print = "R: real_local for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ condition = COND_LOCAL_SUBMITTER
+ local_part_prefix = real-
+ check_local_user
+ transport = LOCAL_DELIVERY
+
+#####################################################
+### end router/300_exim4-config_real_local
+#####################################################
+#####################################################
+### router/400_exim4-config_system_aliases
+#####################################################
+
+### router/400_exim4-config_system_aliases
+#################################
+
+# This router handles aliasing using a traditional /etc/aliases file.
+#
+##### NB You must ensure that /etc/aliases exists. It used to be the case
+##### NB that every Unix had that file, because it was the Sendmail default.
+##### NB These days, there are systems that don't have it. Your aliases
+##### NB file should at least contain an alias for "postmaster".
+#
+# This router handles the local part in a case-insensitive way which
+# satisfies the RFCs requirement that postmaster be reachable regardless
+# of case. If you decide to handle /etc/aliases in a caseful way, you
+# need to make arrangements for a caseless postmaster.
+#
+# Delivery to arbitrary directories, files, and piping to programs in
+# /etc/aliases is disabled per default.
+# If that is a problem for you, see
+# /usr/share/doc/exim4-base/README.Debian.gz
+# for explanation and some workarounds.
+
+system_aliases:
+ debug_print = "R: system_aliases for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ allow_fail
+ allow_defer
+ data = ${lookup{$local_part}lsearch{/etc/aliases}}
+ .ifdef SYSTEM_ALIASES_USER
+ user = SYSTEM_ALIASES_USER
+ .endif
+ .ifdef SYSTEM_ALIASES_GROUP
+ group = SYSTEM_ALIASES_GROUP
+ .endif
+ .ifdef SYSTEM_ALIASES_FILE_TRANSPORT
+ file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
+ pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ .endif
+#####################################################
+### end router/400_exim4-config_system_aliases
+#####################################################
+#####################################################
+### router/500_exim4-config_hubuser
+#####################################################
+
+### router/500_exim4-config_hubuser
+#################################
+
+.ifdef DCconfig_satellite
+# This router is only used for configtype=satellite.
+# It takes care to route all mail targetted to <somelocaluser@this.machine>
+# to the host where we read our mail
+#
+hub_user:
+ debug_print = "R: hub_user for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ data = ${local_part}@DCreadhost
+ check_local_user
+
+# Grab the redirected mail and deliver it.
+# This is a duplicate of the smarthost router, needed because
+# DCreadhost might end up as part of +local_domains
+hub_user_smarthost:
+ debug_print = "R: hub_user_smarthost for $local_part@$domain"
+ driver = manualroute
+ domains = DCreadhost
+ transport = remote_smtp_smarthost
+ route_list = * DCsmarthost byname
+ host_find_failed = ignore
+ same_domain_copy_routing = yes
+ check_local_user
+.endif
+
+
+#####################################################
+### end router/500_exim4-config_hubuser
+#####################################################
+#####################################################
+### router/600_exim4-config_userforward
+#####################################################
+
+### router/600_exim4-config_userforward
+#################################
+
+# This router handles forwarding using traditional .forward files in users'
+# home directories. It also allows mail filtering with a forward file
+# starting with the string "# Exim filter" or "# Sieve filter".
+#
+# The no_verify setting means that this router is skipped when Exim is
+# verifying addresses. Similarly, no_expn means that this router is skipped if
+# Exim is processing an EXPN command.
+#
+# The check_ancestor option means that if the forward file generates an
+# address that is an ancestor of the current one, the current one gets
+# passed on instead. This covers the case where A is aliased to B and B
+# has a .forward file pointing to A.
+#
+# The four transports specified at the end are those that are used when
+# forwarding generates a direct delivery to a directory, or a file, or to a
+# pipe, or sets up an auto-reply, respectively.
+#
+userforward:
+ debug_print = "R: userforward for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ check_local_user
+ file = $home/.forward
+ require_files = $local_part:$home/.forward
+ no_verify
+ no_expn
+ check_ancestor
+ allow_filter
+ forbid_smtp_code = true
+ directory_transport = address_directory
+ file_transport = address_file
+ pipe_transport = address_pipe
+ reply_transport = address_reply
+ skip_syntax_errors
+ syntax_errors_to = real-$local_part@$domain
+ syntax_errors_text = \
+ This is an automatically generated message. An error has\n\
+ been found in your .forward file. Details of the error are\n\
+ reported below. While this error persists, you will receive\n\
+ a copy of this message for every message that is addressed\n\
+ to you. If your .forward file is a filter file, or if it is\n\
+ a non-filter file containing no valid forwarding addresses,\n\
+ a copy of each incoming message will be put in your normal\n\
+ mailbox. If a non-filter file contains at least one valid\n\
+ forwarding address, forwarding to the valid addresses will\n\
+ happen, and those will be the only deliveries that occur.
+
+#####################################################
+### end router/600_exim4-config_userforward
+#####################################################
+#####################################################
+### router/700_exim4-config_procmail
+#####################################################
+
+procmail:
+ debug_print = "R: procmail for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ transport = procmail_pipe
+ # emulate OR with "if exists"-expansion
+ require_files = ${local_part}:\
+ ${if exists{/etc/procmailrc}\
+ {/etc/procmailrc}{${home}/.procmailrc}}:\
+ +/usr/bin/procmail
+ no_verify
+ no_expn
+
+#####################################################
+### end router/700_exim4-config_procmail
+#####################################################
+#####################################################
+### router/800_exim4-config_maildrop
+#####################################################
+
+### router/800_exim4-config_maildrop
+#################################
+
+maildrop:
+ debug_print = "R: maildrop for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ transport = maildrop_pipe
+ require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
+ no_verify
+ no_expn
+
+#####################################################
+### end router/800_exim4-config_maildrop
+#####################################################
+#####################################################
+### router/850_exim4-config_lowuid
+#####################################################
+
+### router/850_exim4-config_lowuid
+#################################
+
+.ifndef FIRST_USER_ACCOUNT_UID
+FIRST_USER_ACCOUNT_UID = 0
+.endif
+
+.ifndef DEFAULT_SYSTEM_ACCOUNT_ALIAS
+DEFAULT_SYSTEM_ACCOUNT_ALIAS = :fail: no mail to system accounts
+.endif
+
+COND_SYSTEM_USER_AND_REMOTE_SUBMITTER = "\
+ ${if and{{! match_ip{$sender_host_address}{:@[]}}\
+ {<{$local_user_uid}{FIRST_USER_ACCOUNT_UID}}}\
+ {1}{0}\
+ }"
+
+lowuid_aliases:
+ debug_print = "R: lowuid_aliases for $local_part@$domain (UID $local_user_uid)"
+ check_local_user
+ driver = redirect
+ allow_fail
+ domains = +local_domains
+ condition = COND_SYSTEM_USER_AND_REMOTE_SUBMITTER
+ data = ${if exists{CONFDIR/lowuid-aliases}\
+ {${lookup{$local_part}lsearch{CONFDIR/lowuid-aliases}\
+ {$value}{DEFAULT_SYSTEM_ACCOUNT_ALIAS}}}\
+ {DEFAULT_SYSTEM_ACCOUNT_ALIAS}}
+#####################################################
+### end router/850_exim4-config_lowuid
+#####################################################
+#####################################################
+### router/900_exim4-config_local_user
+#####################################################
+
+### router/900_exim4-config_local_user
+#################################
+
+# This router matches local user mailboxes. If the router fails, the error
+# message is "Unknown user".
+
+local_user:
+ debug_print = "R: local_user for $local_part@$domain"
+ driver = accept
+ domains = +local_domains
+ check_local_user
+ local_parts = ! root
+ transport = LOCAL_DELIVERY
+ cannot_route_message = Unknown user
+#####################################################
+### end router/900_exim4-config_local_user
+#####################################################
+#####################################################
+### router/mmm_mail4root
+#####################################################
+
+### router/mmm_mail4root
+#################################
+# deliver mail addressed to root to /var/mail/mail as user mail:mail
+# if it was not redirected in /etc/aliases or by other means
+# Exim cannot deliver as root since 4.24 (FIXED_NEVER_USERS)
+
+mail4root:
+ debug_print = "R: mail4root for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ data = /var/mail/mail
+ file_transport = address_file
+ local_parts = root
+ user = mail
+ group = mail
+
+#####################################################
+### end router/mmm_mail4root
+#####################################################
+#####################################################
+### transport/00_exim4-config_header
+#####################################################
+
+######################################################################
+# TRANSPORTS CONFIGURATION #
+######################################################################
+# ORDER DOES NOT MATTER #
+# Only one appropriate transport is called for each delivery. #
+######################################################################
+
+# A transport is used only when referenced from a router that successfully
+# handles an address.
+
+begin transports
+
+#####################################################
+### end transport/00_exim4-config_header
+#####################################################
+#####################################################
+### transport/10_exim4-config_transport-macros
+#####################################################
+
+### transport/10_exim4-config_transport-macros
+#################################
+
+.ifdef HIDE_MAILNAME
+REMOTE_SMTP_HEADERS_REWRITE=*@+local_domains $1@DCreadhost frs : *@ETC_MAILNAME $1@DCreadhost frs
+REMOTE_SMTP_RETURN_PATH=${if match_domain{$sender_address_domain}{+local_domains}{${sender_address_local_part}@DCreadhost}{${if match_domain{$sender_address_domain}{ETC_MAILNAME}{${sender_address_local_part}@DCreadhost}fail}}}
+.endif
+
+.ifdef REMOTE_SMTP_HELO_FROM_DNS
+.ifdef REMOTE_SMTP_HELO_DATA
+REMOTE_SMTP_HELO_DATA==${lookup dnsdb {ptr=$sending_ip_address}{$value}{$primary_hostname}}
+.else
+REMOTE_SMTP_HELO_DATA=${lookup dnsdb {ptr=$sending_ip_address}{$value}{$primary_hostname}}
+.endif
+.endif
+#####################################################
+### end transport/10_exim4-config_transport-macros
+#####################################################
+#####################################################
+### transport/30_exim4-config_address_file
+#####################################################
+
+# This transport is used for handling deliveries directly to files that are
+# generated by aliasing or forwarding.
+#
+address_file:
+ debug_print = "T: address_file for $local_part@$domain"
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+
+#####################################################
+### end transport/30_exim4-config_address_file
+#####################################################
+#####################################################
+### transport/30_exim4-config_address_pipe
+#####################################################
+
+# This transport is used for handling pipe deliveries generated by
+# .forward files. If the commands fails and produces any output on standard
+# output or standard error streams, the output is returned to the sender
+# of the message as a delivery error.
+address_pipe:
+ debug_print = "T: address_pipe for $local_part@$domain"
+ driver = pipe
+ return_fail_output
+
+#####################################################
+### end transport/30_exim4-config_address_pipe
+#####################################################
+#####################################################
+### transport/30_exim4-config_address_reply
+#####################################################
+
+# This transport is used for handling autoreplies generated by the filtering
+# option of the userforward router.
+#
+address_reply:
+ debug_print = "T: autoreply for $local_part@$domain"
+ driver = autoreply
+
+#####################################################
+### end transport/30_exim4-config_address_reply
+#####################################################
+#####################################################
+### transport/30_exim4-config_mail_spool
+#####################################################
+
+### transport/30_exim4-config_mail_spool
+
+# This transport is used for local delivery to user mailboxes in traditional
+# BSD mailbox format.
+#
+mail_spool:
+ debug_print = "T: appendfile for $local_part@$domain"
+ driver = appendfile
+ file = /var/mail/$local_part
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ group = mail
+ mode = 0660
+ mode_fail_narrower = false
+
+#####################################################
+### end transport/30_exim4-config_mail_spool
+#####################################################
+#####################################################
+### transport/30_exim4-config_maildir_home
+#####################################################
+
+### transport/30_exim4-config_maildir_home
+#################################
+
+# Use this instead of mail_spool if you want to to deliver to Maildir in
+# home-directory - change the definition of LOCAL_DELIVERY
+#
+maildir_home:
+ debug_print = "T: maildir_home for $local_part@$domain"
+ driver = appendfile
+ .ifdef MAILDIR_HOME_MAILDIR_LOCATION
+ directory = MAILDIR_HOME_MAILDIR_LOCATION
+ .else
+ directory = $home/Maildir
+ .endif
+ .ifdef MAILDIR_HOME_CREATE_DIRECTORY
+ create_directory
+ .endif
+ .ifdef MAILDIR_HOME_CREATE_FILE
+ create_file = MAILDIR_HOME_CREATE_FILE
+ .endif
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ maildir_format
+ .ifdef MAILDIR_HOME_DIRECTORY_MODE
+ directory_mode = MAILDIR_HOME_DIRECTORY_MODE
+ .else
+ directory_mode = 0700
+ .endif
+ .ifdef MAILDIR_HOME_MODE
+ mode = MAILDIR_HOME_MODE
+ .else
+ mode = 0600
+ .endif
+ mode_fail_narrower = false
+ # This transport always chdirs to $home before trying to deliver. If
+ # $home is not accessible, this chdir fails and prevents delivery.
+ # If you are in a setup where home directories might not be
+ # accessible, uncomment the current_directory line below.
+ # current_directory = /
+#####################################################
+### end transport/30_exim4-config_maildir_home
+#####################################################
+#####################################################
+### transport/30_exim4-config_maildrop_pipe
+#####################################################
+
+maildrop_pipe:
+ debug_print = "T: maildrop_pipe for $local_part@$domain"
+ driver = pipe
+ path = "/bin:/usr/bin:/usr/local/bin"
+ command = "/usr/bin/maildrop"
+ message_prefix =
+ message_suffix =
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+
+#####################################################
+### end transport/30_exim4-config_maildrop_pipe
+#####################################################
+#####################################################
+### transport/30_exim4-config_procmail_pipe
+#####################################################
+
+procmail_pipe:
+ debug_print = "T: procmail_pipe for $local_part@$domain"
+ driver = pipe
+ path = "/bin:/usr/bin:/usr/local/bin"
+ command = "/usr/bin/procmail"
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+
+#####################################################
+### end transport/30_exim4-config_procmail_pipe
+#####################################################
+#####################################################
+### transport/30_exim4-config_remote_smtp
+#####################################################
+
+### transport/30_exim4-config_remote_smtp
+#################################
+# This transport is used for delivering messages over SMTP connections.
+
+remote_smtp:
+ debug_print = "T: remote_smtp for $local_part@$domain"
+ driver = smtp
+.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
+ hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
+.endif
+.ifdef REMOTE_SMTP_HEADERS_REWRITE
+ headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
+.endif
+.ifdef REMOTE_SMTP_RETURN_PATH
+ return_path = REMOTE_SMTP_RETURN_PATH
+.endif
+.ifdef REMOTE_SMTP_HELO_DATA
+ helo_data=REMOTE_SMTP_HELO_DATA
+.endif
+.ifdef DKIM_DOMAIN
+dkim_domain = DKIM_DOMAIN
+.endif
+.ifdef DKIM_SELECTOR
+dkim_selector = DKIM_SELECTOR
+.endif
+.ifdef DKIM_PRIVATE_KEY
+dkim_private_key = DKIM_PRIVATE_KEY
+.endif
+.ifdef DKIM_CANON
+dkim_canon = DKIM_CANON
+.endif
+.ifdef DKIM_STRICT
+dkim_strict = DKIM_STRICT
+.endif
+.ifdef DKIM_SIGN_HEADERS
+dkim_sign_headers = DKIM_SIGN_HEADERS
+.endif
+.ifdef TLS_DH_MIN_BITS
+tls_dh_min_bits = TLS_DH_MIN_BITS
+.endif
+.ifdef REMOTE_SMTP_TLS_CERTIFICATE
+tls_certificate = REMOTE_SMTP_TLS_CERTIFICATE
+.endif
+.ifdef REMOTE_SMTP_PRIVATEKEY
+tls_privatekey = REMOTE_SMTP_PRIVATEKEY
+.endif
+#####################################################
+### end transport/30_exim4-config_remote_smtp
+#####################################################
+#####################################################
+### transport/30_exim4-config_remote_smtp_smarthost
+#####################################################
+
+### transport/30_exim4-config_remote_smtp_smarthost
+#################################
+
+# This transport is used for delivering messages over SMTP connections
+# to a smarthost. The local host tries to authenticate.
+# This transport is used for smarthost and satellite configurations.
+
+remote_smtp_smarthost:
+ debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
+ driver = smtp
+ hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
+ {\
+ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
+ }\
+ {} \
+ }
+.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
+ hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
+.endif
+.ifdef REMOTE_SMTP_HEADERS_REWRITE
+ headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
+.endif
+.ifdef REMOTE_SMTP_RETURN_PATH
+ return_path = REMOTE_SMTP_RETURN_PATH
+.endif
+.ifdef REMOTE_SMTP_HELO_DATA
+ helo_data=REMOTE_SMTP_HELO_DATA
+.endif
+.ifdef TLS_DH_MIN_BITS
+tls_dh_min_bits = TLS_DH_MIN_BITS
+.endif
+.ifdef REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
+tls_certificate = REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
+.endif
+.ifdef REMOTE_SMTP_SMARTHOST_PRIVATEKEY
+tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY
+.endif
+#####################################################
+### end transport/30_exim4-config_remote_smtp_smarthost
+#####################################################
+#####################################################
+### transport/35_exim4-config_address_directory
+#####################################################
+# This transport is used for handling file addresses generated by alias
+# or .forward files if the path ends in "/", which causes it to be treated
+# as a directory name rather than a file name.
+
+address_directory:
+ debug_print = "T: address_directory for $local_part@$domain"
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ check_string = ""
+ escape_string = ""
+ maildir_format
+
+#####################################################
+### end transport/35_exim4-config_address_directory
+#####################################################
+#####################################################
+### retry/00_exim4-config_header
+#####################################################
+
+######################################################################
+# RETRY CONFIGURATION #
+######################################################################
+
+begin retry
+
+#####################################################
+### end retry/00_exim4-config_header
+#####################################################
+#####################################################
+### retry/30_exim4-config
+#####################################################
+
+### retry/30_exim4-config
+#################################
+
+# This single retry rule applies to all domains and all errors. It specifies
+# retries every 15 minutes for 2 hours, then increasing retry intervals,
+# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 6 hours until 4 days have passed since the first
+# failed delivery.
+
+# Please note that these rules only limit the frequency of retries, the
+# effective retry-time depends on the frequency of queue-running, too.
+# See QUEUEINTERVAL in /etc/default/exim4.
+
+# Address or Domain Error Retries
+# ----------------- ----- -------
+
+* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+#####################################################
+### end retry/30_exim4-config
+#####################################################
+#####################################################
+### rewrite/00_exim4-config_header
+#####################################################
+
+######################################################################
+# REWRITE CONFIGURATION #
+######################################################################
+
+begin rewrite
+
+#####################################################
+### end rewrite/00_exim4-config_header
+#####################################################
+#####################################################
+### rewrite/31_exim4-config_rewriting
+#####################################################
+
+### rewrite/31_exim4-config_rewriting
+#################################
+
+# This rewriting rule is particularily useful for dialup users who
+# don't have their own domain, but could be useful for anyone.
+# It looks up the real address of all local users in a file
+.ifndef NO_EAA_REWRITE_REWRITE
+*@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
+ {$value}fail}" Ffrs
+# identical rewriting rule for /etc/mailname
+*@ETC_MAILNAME "${lookup{${local_part}}lsearch{/etc/email-addresses}\
+ {$value}fail}" Ffrs
+.endif
+
+
+#####################################################
+### end rewrite/31_exim4-config_rewriting
+#####################################################
+#####################################################
+### auth/00_exim4-config_header
+#####################################################
+
+######################################################################
+# AUTHENTICATION CONFIGURATION #
+######################################################################
+
+begin authenticators
+
+
+#####################################################
+### end auth/00_exim4-config_header
+#####################################################
+#####################################################
+### auth/30_exim4-config_examples
+#####################################################
+
+### auth/30_exim4-config_examples
+#################################
+
+# The examples below are for server side authentication, when the
+# local exim is SMTP server and clients authenticate to the local exim.
+
+# They allow two styles of plain-text authentication against an
+# CONFDIR/passwd file whose syntax is described in exim4_passwd(5).
+
+# Hosts that are allowed to use AUTH are defined by the
+# auth_advertise_hosts option in the main configuration. The default is
+# "*", which allows authentication to all hosts over all kinds of
+# connections if there is at least one authenticator defined here.
+# Authenticators which rely on unencrypted clear text passwords don't
+# advertise on unencrypted connections by default. Thus, it might be
+# wise to set up TLS to allow encrypted connections. If TLS cannot be
+# used for some reason, you can set AUTH_SERVER_ALLOW_NOTLS_PASSWORDS to
+# advertise unencrypted clear text password based authenticators on all
+# connections. As this is severely reducing security, using TLS is
+# preferred over allowing clear text password based authenticators on
+# unencrypted connections.
+
+# PLAIN authentication has no server prompts. The client sends its
+# credentials in one lump, containing an authorization ID (which we do not
+# use), an authentication ID, and a password. The latter two appear as
+# $auth2 and $auth3 in the configuration and should be checked against a
+# valid username and password. In a real configuration you would typically
+# use $auth2 as a lookup key, and compare $auth3 against the result of the
+# lookup, perhaps using the crypteq{}{} condition.
+
+# plain_server:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = "${if crypteq{$auth3}{${extract{1}{:}{${lookup{$auth2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
+# server_set_id = $auth2
+# server_prompts = :
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# LOGIN authentication has traditional prompts and responses. There is no
+# authorization ID in this mechanism, so unlike PLAIN the username and
+# password are $auth1 and $auth2. Apart from that you can use the same
+# server_condition setting for both authenticators.
+
+# login_server:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = "Username:: : Password::"
+# server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# cram_md5_server:
+# driver = cram_md5
+# public_name = CRAM-MD5
+# server_secret = ${extract{2}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}fail}}}
+# server_set_id = $auth1
+
+# Here is an example of CRAM-MD5 authentication against PostgreSQL:
+#
+# psqldb_auth_server:
+# driver = cram_md5
+# public_name = CRAM-MD5
+# server_secret = ${lookup pgsql{SELECT pw FROM users WHERE username = '${quote_pgsql:$auth1}'}{$value}fail}
+# server_set_id = $auth1
+
+# Authenticate against local passwords using sasl2-bin
+# Requires exim_uid to be a member of sasl group, see README.Debian.gz
+# plain_saslauthd_server:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
+# server_set_id = $auth2
+# server_prompts = :
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# login_saslauthd_server:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = "Username:: : Password::"
+# # don't send system passwords over unencrypted connections
+# server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# ntlm_sasl_server:
+# driver = cyrus_sasl
+# public_name = NTLM
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# digest_md5_sasl_server:
+# driver = cyrus_sasl
+# public_name = DIGEST-MD5
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# Authentcate against cyrus-sasl
+# This is mainly untested, please report any problems to
+# pkg-exim4-users@lists.alioth.debian.org.
+# cram_md5_sasl_server:
+# driver = cyrus_sasl
+# public_name = CRAM-MD5
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+#
+# plain_sasl_server:
+# driver = cyrus_sasl
+# public_name = PLAIN
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+#
+# login_sasl_server:
+# driver = cyrus_sasl
+# public_name = LOGIN
+# server_realm = <short main hostname>
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# Authenticate against courier authdaemon
+
+# This is now the (working!) example from
+# http://www.exim.org/eximwiki/FAQ/Policy_controls/Q0730
+# Possible pitfall: access rights on /var/run/courier/authdaemon/socket.
+# plain_courier_authdaemon:
+# driver = plaintext
+# public_name = PLAIN
+# server_condition = \
+# ${extract {ADDRESS} \
+# {${readsocket{/var/run/courier/authdaemon/socket} \
+# {AUTH ${strlen:exim\nlogin\n$auth2\n$auth3\n}\nexim\nlogin\n$auth2\n$auth3\n} }} \
+# {yes} \
+# fail}
+# server_set_id = $auth2
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# login_courier_authdaemon:
+# driver = plaintext
+# public_name = LOGIN
+# server_prompts = Username:: : Password::
+# server_condition = \
+# ${extract {ADDRESS} \
+# {${readsocket{/var/run/courier/authdaemon/socket} \
+# {AUTH ${strlen:exim\nlogin\n$auth1\n$auth2\n}\nexim\nlogin\n$auth1\n$auth2\n} }} \
+# {yes} \
+# fail}
+# server_set_id = $auth1
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+# This one is a bad hack to support the broken version 4.xx of
+# Microsoft Outlook Express which violates the RFCs by demanding
+# "250-AUTH=" instead of "250-AUTH ".
+# If your list of offered authenticators is other than PLAIN and LOGIN,
+# you need to adapt the public_name line manually.
+# It has to be the last authenticator to work and has not been tested
+# well. Use at your own risk.
+# See the thread entry point from
+# http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050214/msg00213.html
+# for the related discussion on the exim-users mailing list.
+# Thanks to Fred Viles for this great work.
+
+# support_broken_outlook_express_4_server:
+# driver = plaintext
+# public_name = "\r\n250-AUTH=PLAIN LOGIN"
+# server_prompts = User Name : Password
+# server_condition = no
+# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
+# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
+# .endif
+
+##############
+# See /usr/share/doc/exim4-base/README.Debian.gz
+##############
+
+# These examples below are the equivalent for client side authentication.
+# They get the passwords from CONFDIR/passwd.client, whose format is
+# defined in exim4_passwd_client(5)
+
+# Because AUTH PLAIN and AUTH LOGIN send the password in clear, we
+# only allow these mechanisms over encrypted connections by default.
+# You can set AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS to allow unencrypted
+# clear text password authentication on all connections.
+
+cram_md5:
+ driver = cram_md5
+ public_name = CRAM-MD5
+ client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
+ client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
+
+# this returns the matching line from passwd.client and doubles all ^
+PASSWDLINE=${sg{\
+ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
+ }\
+ {\\N[\\^]\\N}\
+ {^^}\
+ }
+
+plain:
+ driver = plaintext
+ public_name = PLAIN
+.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+ client_send = "<; ${if !eq{$tls_out_cipher}{}\
+ {^${extract{1}{:}{PASSWDLINE}}\
+ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\
+ }fail}"
+.else
+ client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
+ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.endif
+
+login:
+ driver = plaintext
+ public_name = LOGIN
+.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+ # Return empty string if not non-TLS AND looking up $host in passwd-file
+ # yields a non-empty string; fail otherwise.
+ client_send = "<; ${if and{\
+ {!eq{$tls_out_cipher}{}}\
+ {!eq{PASSWDLINE}{}}\
+ }\
+ {}fail}\
+ ; ${extract{1}{::}{PASSWDLINE}}\
+ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.else
+ # Return empty string if looking up $host in passwd-file yields a
+ # non-empty string; fail otherwise.
+ client_send = "<; ${if !eq{PASSWDLINE}{}\
+ {}fail}\
+ ; ${extract{1}{::}{PASSWDLINE}}\
+ ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+.endif
+#####################################################
+### end auth/30_exim4-config_examples
+#####################################################
--- /dev/null
+# password file used when the local exim is authenticating to a remote
+# host as a client.
+#
+# see exim4_passwd_client(5) for more documentation
+#
+# Example:
+### target.mail.server.example:login:password
--- /dev/null
+# /etc/exim4/update-exim4.conf.conf
+#
+# Edit this file and /etc/mailname by hand and execute update-exim4.conf
+# yourself or use 'dpkg-reconfigure exim4-config'
+#
+# Please note that this is _not_ a dpkg-conffile and that automatic changes
+# to this file might happen. The code handling this will honor your local
+# changes, so this is usually fine, but will break local schemes that mess
+# around with multiple versions of the file.
+#
+# update-exim4.conf uses this file to determine variable values to generate
+# exim configuration macros for the configuration file.
+#
+# Most settings found in here do have corresponding questions in the
+# Debconf configuration, but not all of them.
+#
+# This is a Debian specific file
+
+dc_eximconfig_configtype='local'
+dc_other_hostnames='ns1.uhu-banane.de'
+dc_local_interfaces='127.0.0.1 ; ::1'
+dc_readhost=''
+dc_relay_domains=''
+dc_minimaldns='false'
+dc_relay_nets=''
+dc_smarthost=''
+CFILEMODE='644'
+dc_use_split_config='false'
+dc_hide_mailname=''
+dc_mailname_in_oh='true'
+dc_localdelivery='mail_spool'
--- /dev/null
+# Fail2Ban configuration file
+# https://www.rfxn.com/projects/advanced-policy-firewall/
+#
+# Note: APF doesn't play nicely with other actions. It has been observed to
+# remove bans created by other iptables based actions. If you are going to use
+# this action, use it for all of your jails.
+#
+# DON'T MIX APF and other IPTABLES based actions
+[Definition]
+
+actionstart =
+actionstop =
+actioncheck =
+actionban = apf --deny <ip> "banned by Fail2Ban <name>"
+actionunban = apf --remove <ip>
+
+[Init]
+
+# Name used in APF configuration
+#
+name = default
+
+# DEV NOTES:
+#
+# Author: Mark McKinstry
--- /dev/null
+# Fail2ban reporting to badips.com
+#
+# Note: This reports and IP only and does not actually ban traffic. Use
+# another action in the same jail if you want bans to occur.
+#
+# Set the category to the appropriate value before use.
+#
+# To get see register and optional key to get personalised graphs see:
+# http://www.badips.com/blog/personalized-statistics-track-the-attackers-of-all-your-servers-with-one-key
+
+[Definition]
+
+actionban = curl --fail --user-agent "fail2ban v0.8.12" http://www.badips.com/add/<category>/<ip>
+
+[Init]
+
+# Option: category
+# Notes.: Values are from the list here: http://www.badips.com/get/categories
+category =
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Steven Hiscocks
+#
+#
+
+# Action to report IP address to blocklist.de
+# Blocklist.de must be signed up to at www.blocklist.de
+# Once registered, one or more servers can be added.
+# This action requires the server 'email address' and the assoicate apikey.
+#
+# From blocklist.de:
+# www.blocklist.de is a free and voluntary service provided by a
+# Fraud/Abuse-specialist, whose servers are often attacked on SSH-,
+# Mail-Login-, FTP-, Webserver- and other services.
+# The mission is to report all attacks to the abuse deparments of the
+# infected PCs/servers to ensure that the responsible provider can inform
+# the customer about the infection and disable them
+#
+# IMPORTANT:
+#
+# Reporting an IP of abuse is a serious complaint. Make sure that it is
+# serious. Fail2ban developers and network owners recommend you only use this
+# action for:
+# * The recidive where the IP has been banned multiple times
+# * Where maxretry has been set quite high, beyond the normal user typing
+# password incorrectly.
+# * For filters that have a low likelyhood of receiving human errors
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = curl --fail --data-urlencode 'server=<email>' --data 'apikey=<apikey>' --data 'service=<service>' --data 'ip=<ip>' --data-urlencode 'logs=<matches>' --data 'format=text' --user-agent "fail2ban v0.8.12" "https://www.blocklist.de/en/httpreports.html"
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Option: email
+# Notes server email address, as per blocklise.de account
+# Values: STRING Default: None
+#
+#email =
+
+# Option: apikey
+# Notes your user blocklist.de user account apikey
+# Values: STRING Default: None
+#
+#apikey =
+
+# Option: service
+# Notes service name you are reporting on, typically aligns with filter name
+# see http://www.blocklist.de/en/httpreports.html for full list
+# Values: STRING Default: None
+#
+#service =
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Ken Menzel
+# Daniel Black (start/stop)
+# Fabian Wenk (many ideas as per fail2ban users list)
+#
+# Ensure firewall_enable="YES" in the top of /etc/rc.conf
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipfw show | fgrep -q 'table(<table>)' || ( ipfw show | awk 'BEGIN { b = 1 } { if ($1 <= b) { b = $1 + 1 } else { e = b } } END { if (e) exit e <br> else exit b }'; num=$?; ipfw -q add $num <blocktype> <block> from table\(<table>\) to me <port>; echo $num > "<startstatefile>" )
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = [ ! -f <startstatefile> ] || ( read num < "<startstatefile>" <br> ipfw -q delete $num <br> rm "<startstatefile>" )
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# requires an ipfw rule like "deny ip from table(1) to me"
+actionban = ipfw table <table> add <ip>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipfw table <table> delete <ip>
+
+[Init]
+# Option: table
+# Notes: The ipfw table to use. If a ipfw rule using this table already exists,
+# this action will not create a ipfw rule to block it and the following
+# options will have no effect.
+# Values: NUM
+table = 1
+
+# Option: port
+# Notes.: Specifies port to monitor. Blank indicate block all ports.
+# Values: [ NUM | STRING ]
+#
+port =
+
+# Option: startstatefile
+# Notes: A file to indicate that the table rule that was added. Ensure it is unique per table.
+# Values: STRING
+startstatefile = /var/run/fail2ban/ipfw-started-table_<table>
+
+# Option: block
+# Notes: This is how much to block.
+# Can be "ip", "tcp", "udp" or various other options.
+# Values: STRING
+block = ip
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 5 ipfw
+# Common values: deny, unreach port, reset
+# ACTION defination at the top of man ipfw for allowed values.
+# Values: STRING
+#
+blocktype = unreach port
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>, Daniel Black
+# Sends a complaint e-mail to addresses listed in the whois record for an
+# offending IP address.
+# This uses the https://abusix.com/contactdb.html to lookup abuse contacts.
+#
+# DEPENDANCIES:
+# This requires the dig command from bind-utils
+#
+# You should provide the <logpath> in the jail config - lines from the log
+# matching the given IP address will be provided in the complaint as evidence.
+#
+# WARNING
+# -------
+#
+# Please do not use this action unless you are certain that fail2ban
+# does not result in "false positives" for your deployment. False
+# positive reports could serve a mis-favor to the original cause by
+# flooding corresponding contact addresses, and complicating the work
+# of administration personnel responsible for handling (verified) legit
+# complains.
+#
+# Please consider using e.g. sendmail-whois-lines.conf action which
+# would send the reports with relevant information to you, so the
+# report could be first reviewed and then forwarded to a corresponding
+# contact if legit.
+#
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = oifs=${IFS}; IFS=.;SEP_IP=( <ip> ); set -- ${SEP_IP}; ADDRESSES=$(dig +short -t txt -q $4.$3.$2.$1.abuse-contacts.abusix.org); IFS=${oifs}
+ IP=<ip>
+ if [ ! -z "$ADDRESSES" ]; then
+ (printf %%b "<message>\n"; date '+Note: Local timezone is %%z (%%Z)'; grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>) | <mailcmd> "Abuse from <ip>" <mailargs> ${ADDRESSES//,/\" \"}
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+message = Dear Sir/Madam,\n\nWe have detected abuse from the IP address $IP, which according to a abusix.com is on your network. We would appreciate if you would investigate and take action as appropriate.\n\nLog lines are given below, but please ask if you require any further information.\n\n(If you are not the correct person to contact about this please accept our apologies - your e-mail address was extracted from the whois record by an automated process.)\n\n This mail was generated by Fail2Ban.\nThe recipient address of this report was provided by the Abuse Contact DB by abusix.com. abusix.com does not maintain the content of the database. All information which we pass out, derives from the RIR databases and is processed for ease of use. If you want to change or report non working abuse contacts please contact the appropriate RIR. If you have any further question, contact abusix.com directly via email (info@abusix.com). Information about the Abuse Contact Database can be found here: https://abusix.com/global-reporting/abuse-contact-db\nabusix.com is neither responsible nor liable for the content or accuracy of this message.\n
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
+
+# Option: mailcmd
+# Notes.: Your system mail command. Is passed 2 args: subject and recipient
+# Values: CMD
+#
+mailcmd = mail -s
+
+# Option: mailargs
+# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
+# CC reports to another address:
+# -c me@example.com
+# Appear to come from a different address - the '--' indicates
+# arguments to be passed to Sendmail:
+# -- -f me@example.com
+# Values: [ STRING ]
+#
+mailargs =
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>
+# Submits attack reports to DShield (http://www.dshield.org/)
+#
+# You MUST configure at least:
+# <port> (the port that's being attacked - use number not name).
+#
+# You SHOULD also provide:
+# <myip> (your public IP address, if it's not the address of eth0)
+# <userid> (your DShield userID, if you have one - recommended, but reports will
+# be used anonymously if not)
+# <protocol> (the protocol in use - defaults to tcp)
+#
+# Best practice is to provide <port> and <protocol> in jail.conf like this:
+# action = dshield[port=1234,protocol=tcp]
+#
+# ...and create "dshield.local" with contents something like this:
+# [Init]
+# myip = 10.0.0.1
+# userid = 12345
+#
+# Other useful configuration values are <mailargs> (you can use for specifying
+# a different sender address for the report e-mails, which should match what is
+# configured at DShield), and <lines>/<minreportinterval>/<maxbufferage> (to
+# configure how often the buffer is flushed).
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile>.buffer ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ `date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'` Fail2Ban" <mailargs> <dest>
+ date +%%s > <tmpfile>.lastsent
+ fi
+ rm -f <tmpfile>.buffer <tmpfile>.first
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# See http://www.dshield.org/specs.html for more on report format/notes
+#
+# Note: We are currently using <time> for the timestamp because no tag is
+# available to indicate the timestamp of the log message(s) which triggered the
+# ban. Therefore the timestamps we are using in the report, whilst often only a
+# few seconds out, are incorrect. See
+# http://sourceforge.net/tracker/index.php?func=detail&aid=2017795&group_id=121032&atid=689047
+#
+actionban = TZONE=`date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'`
+ DATETIME="`perl -e '@t=localtime(<time>);printf "%%4d-%%02d-%%02d %%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'` $TZONE"
+ PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
+ if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
+ printf %%b "$DATETIME\t<userid>\t<failures>\t<ip>\t<srcport>\t<myip>\t<port>\t$PROTOCOL\t<tcpflags>\n" >> <tmpfile>.buffer
+ NOW=`date +%%s`
+ if [ ! -f <tmpfile>.first ]; then
+ echo <time> | cut -d. -f1 > <tmpfile>.first
+ fi
+ if [ ! -f <tmpfile>.lastsent ]; then
+ echo 0 > <tmpfile>.lastsent
+ fi
+ LOGAGE=$(($NOW - `cat <tmpfile>.first`))
+ LASTREPORT=$(($NOW - `cat <tmpfile>.lastsent`))
+ LINES=$( wc -l <tmpfile>.buffer | awk '{ print $1 }' )
+ if [ $LINES -ge <lines> && $LASTREPORT -gt <minreportinterval> ] || [ $LOGAGE -gt <maxbufferage> ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ $TZONE Fail2Ban" <mailargs> <dest>
+ rm -f <tmpfile>.buffer <tmpfile>.first
+ echo $NOW > <tmpfile>.lastsent
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = if [ -f <tmpfile>.first ]; then
+ NOW=`date +%%s`
+ LOGAGE=$(($NOW - `cat <tmpfile>.first`))
+ if [ $LOGAGE -gt <maxbufferage> ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ `date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'` Fail2Ban" <mailargs> <dest>
+ rm -f <tmpfile>.buffer <tmpfile>.first
+ echo $NOW > <tmpfile>.lastsent
+ fi
+ fi
+
+
+[Init]
+# Option: port
+# Notes.: The target port for the attack (numerical). MUST be provided in the
+# jail config, as it cannot be detected here.
+# Values: [ NUM ]
+#
+port = ???
+
+# Option: userid
+# Notes.: Your DShield user ID. Should be provided either in the jail config or
+# in a .local file.
+# Register at https://secure.dshield.org/register.html
+# Values: [ NUM ]
+#
+userid = 0
+
+# Option: myip
+# Notes.: The target IP for the attack (your public IP). Should be provided
+# either in the jail config or in a .local file unless your PUBLIC IP
+# is the first IP assigned to eth0
+# Values: [ an IP address ] Default: Tries to find the IP address of eth0,
+# which in most cases will be a private IP, and therefore incorrect
+#
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+
+# Option: protocol
+# Notes.: The protocol over which the attack is happening
+# Values: [ tcp | udp | icmp | (any other protocol name from /etc/protocols) | NUM ] Default: tcp
+#
+protocol = tcp
+
+# Option: lines
+# Notes.: How many lines to buffer before making a report. Regardless of this,
+# reports are sent a minimum of <minreportinterval> apart, or if the
+# buffer contains an event over <maxbufferage> old, or on shutdown
+# Values: [ NUM ]
+#
+lines = 50
+
+# Option: minreportinterval
+# Notes.: Minimum period (in seconds) that must elapse before we submit another
+# batch of reports. DShield request a minimum of 1 hour (3600 secs)
+# between reports.
+# Values: [ NUM ]
+#
+minreportinterval = 3600
+
+# Option: maxbufferage
+# Notes.: Maximum age (in seconds) of the oldest report in the buffer before we
+# submit the batch, even if we haven't reached <lines> yet. Note that
+# this is only checked on each ban/unban, and that we always send
+# anything in the buffer on shutdown. Must be greater than
+# Values: [ NUM ]
+#
+maxbufferage = 21600
+
+# Option: srcport
+# Notes.: The source port of the attack. You're unlikely to have this info, so
+# you can leave the default
+# Values: [ NUM ]
+#
+srcport = ???
+
+# Option: tcpflags
+# Notes.: TCP flags on attack. You're unlikely to have this info, so you can
+# leave empty
+# Values: [ STRING ]
+#
+tcpflags =
+
+# Option: mailcmd
+# Notes.: Your system mail command. Is passed 2 args: subject and recipient
+# Values: CMD
+#
+mailcmd = mail -s
+
+# Option: mailargs
+# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
+# CC reports to another address:
+# -c me@example.com
+# Appear to come from a different address (the From address must match
+# the one configured at DShield - the '--' indicates arguments to be
+# passed to Sendmail):
+# -- -f me@example.com
+# Values: [ STRING ]
+#
+mailargs =
+
+# Option: dest
+# Notes.: Destination e-mail address for reports
+# Values: [ STRING ]
+#
+dest = reports@dshield.org
+
+# Option: tmpfile
+# Notes.: Base name of temporary files used for buffering
+# Values: [ STRING ]
+#
+tmpfile = /var/run/fail2ban/tmp-dshield
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = touch /var/run/fail2ban/fail2ban.dummy
+ printf %%b "<init>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = rm -f /var/run/fail2ban/fail2ban.dummy
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "+<ip>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = printf %%b "-<ip>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+[Init]
+
+init = 123
+
--- /dev/null
+# Fail2Ban action file for firewall-cmd/ipset
+#
+# This requires:
+# ipset (package: ipset)
+# firewall-cmd (package: firewalld)
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ]
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: [ STRING ]
+#
+chain = INPUT_direct
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
+
+
+# DEV NOTES:
+#
+# Author: Edgar Hoch and Daniel Black
+# firewallcmd-new / iptables-ipset-proto6 combined for maximium goodness
--- /dev/null
+# Fail2Ban configuration file
+#
+# Because of the --remove-rules in stop this action requires firewalld-0.3.8+
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+actionstart = firewall-cmd --direct --add-chain ipv4 filter fail2ban-<name>
+ firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 1000 -j RETURN
+ firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+
+actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+ firewall-cmd --direct --remove-rules ipv4 filter fail2ban-<name>
+ firewall-cmd --direct --remove-chain ipv4 filter fail2ban-<name>
+
+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '^fail2ban-<name>$'
+
+actionban = firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+
+actionunban = firewall-cmd --direct --remove-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ]
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: [ STRING ]
+#
+chain = INPUT_direct
+
+# DEV NOTES:
+#
+# Author: Edgar Hoch
+# Copied from iptables-new.conf and modified for use with firewalld by Edgar Hoch.
+# It uses "firewall-cmd" instead of "iptables".
+#
+# Output:
+#
+# $ firewall-cmd --direct --add-chain ipv4 filter fail2ban-name
+# success
+# $ firewall-cmd --direct --add-rule ipv4 filter fail2ban-name 1000 -j RETURN
+# success
+# $ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -m state --state NEW -p tcp --dport 22 -j fail2ban-name
+# success
+# $ firewall-cmd --direct --get-chains ipv4 filter
+# fail2ban-name
+# $ firewall-cmd --direct --get-chains ipv4 filter | od -h
+# 0000000 6166 6c69 6232 6e61 6e2d 6d61 0a65
+# $ firewall-cmd --direct --get-chains ipv4 filter | grep -Eq 'fail2ban-name( |$)' ; echo $?
+# 0
+# $ firewall-cmd -V
+# 0.3.8
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Edited for cross platform by: James Stout, Yaroslav Halchenko and Daniel Black
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = IP=<ip> &&
+ printf %%b "<daemon_list>: $IP\n" >> <file>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = echo "/^<daemon_list>: <ip>$/<br>d<br>w<br>q" | ed <file>
+
+[Init]
+
+# Option: file
+# Notes.: hosts.deny file path.
+# Values: STR Default: /etc/hosts.deny
+#
+file = /etc/hosts.deny
+
+# Option: daemon_list
+# Notes: The list of services that this action will deny. See the man page
+# for hosts.deny/hosts_access. Default is all services.
+# Values: STR Default: ALL
+daemon_list = ALL
--- /dev/null
+# Fail2Ban configuration file
+#
+# NetBSD ipfilter (ipf command) ban/unban
+#
+# Author: Ed Ravin <eravin@panix.com>
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# enable IPF if not already enabled
+actionstart = /sbin/ipf -E
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+# don't disable IPF with "/sbin/ipf -D", there may be other filters in use
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = echo block <blocktype> in quick from <ip>/32 | /sbin/ipf -f -
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# note -r option used to remove matching rule
+actionunban = echo block <blocktype> in quick from <ip>/32 | /sbin/ipf -r -f -
+
+[Init]
+
+# Option: Blocktype
+# Notes : This is the return-icmp[return-code] mentioned in the ipf man page section 5. Keep this quoted to prevent
+# Shell expansion. This should be blank (unquoted) to drop the packet.
+# Values: STRING
+blocktype = "return-icmp(port-unr)"
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipfw add <blocktype> tcp from <ip> to <localhost> <port>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipfw delete `ipfw list | grep -i "[^0-9]<ip>[^0-9]" | awk '{print $1;}'`
+
+[Init]
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: localhost
+# Notes.: the local IP address of the network interface
+# Values: IP
+#
+localhost = 127.0.0.1
+
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 5 ipfw
+# Common values: deny, unreach port, reset
+# Values: STRING
+#
+blocktype = unreach port
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified: Yaroslav O. Halchenko <debian@onerussian.com>
+# made active on all ports from original iptables.conf
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is a included configuration file and includes the defination for the blocktype
+# used in all iptables based actions by default.
+#
+# The user can override the default in iptables-blocktype.local
+
+[INCLUDES]
+
+after = iptables-blocktype.local
+
+[Init]
+
+# Option: blocktype
+# Note: This is what the action does with rules. This can be any jump target
+# as per the iptables man page (section 8). Common values are DROP
+# REJECT, REJECT --reject-with icmp-port-unreachable
+# Values: STRING
+blocktype = REJECT --reject-with icmp-port-unreachable
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 4 (ipset v4.2). If you have a later version
+# of ipset try to use the iptables-ipset-proto6.conf as it does some things
+# nicer.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules. Debian squeeze can do this with:
+# apt-get install xtables-addons-source
+# module-assistant auto-install xtables-addons
+#
+# Debian wheezy and above uses protocol 6
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset --create fail2ban-<name> iphash
+ iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset --flush fail2ban-<name>
+ ipset --destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset --test fail2ban-<name> <ip> || ipset --add fail2ban-<name> <ip>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset --test fail2ban-<name> <ip> && ipset --del fail2ban-<name> <ip>
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default: ssh
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version. Version 4 should use
+# iptables-ipset-proto4.conf.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules which probably won't be protocol version 6.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ iptables -I INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version. Version 4 should use
+# iptables-ipset-proto4.conf.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default: ssh
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Guido Bozzetto
+# Modified: Cyril Jaquier
+#
+# make "fail2ban-<name>" chain to match drop IP
+# make "fail2ban-<name>-log" chain to log and drop
+# insert a jump to fail2ban-<name> from -I <chain> if proto/port match
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> 1 -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -N fail2ban-<name>-log
+ iptables -I fail2ban-<name>-log -j LOG --log-prefix "$(expr fail2ban-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2
+ iptables -A fail2ban-<name>-log -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -F fail2ban-<name>-log
+ iptables -X fail2ban-<name>
+ iptables -X fail2ban-<name>-log
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified by Yaroslav Halchenko for multiport banning
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Copied from iptables.conf and modified by Yaroslav Halchenko
+# to fulfill the needs of bugreporter dbts#350746.
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# Changing iptables rules requires root privileges. If fail2ban is
+# configured to run as root, firewall setup can be performed by
+# fail2ban automatically. However, if fail2ban is configured to run as
+# a normal user, the configuration must be done by some other means
+# (e.g. using static firewall configuration with the
+# iptables-persistent package).
+#
+# Explanation of the rule below:
+# Check if any packets coming from an IP on the fail2ban-<name>
+# list have been seen in the last 3600 seconds. If yes, update the
+# timestamp for this IP and drop the packet. If not, let the packet
+# through.
+#
+# Fail2ban inserts blacklisted hosts into the fail2ban-<name> list
+# and removes them from the list after some time, according to its
+# own rules. The 3600 second timeout is independent and acts as a
+# safeguard in case the fail2ban process dies unexpectedly. The
+# shorter of the two timeouts actually matters.
+actionstart = if [ `id -u` -eq 0 ];then iptables -I INPUT -m recent --update --seconds 3600 --name fail2ban-<name> -j <blocktype>;fi
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = echo / > /proc/net/xt_recent/fail2ban-<name>
+ if [ `id -u` -eq 0 ];then iptables -D INPUT -m recent --update --seconds 3600 --name fail2ban-<name> -j <blocktype>;fi
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = test -e /proc/net/xt_recent/fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = echo -<ip> > /proc/net/xt_recent/fail2ban-<name>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Output will be buffered until <lines> lines are available.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile> ]; then
+ printf %%b "Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from `uname -n`" <dest>
+ rm <tmpfile>
+ fi
+ printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
+ LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
+ if [ $LINE -ge <lines> ]; then
+ printf %%b "Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ \nRegards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
+ rm <tmpfile>
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Default number of lines that are buffered
+#
+lines = 5
+
+# Default temporary file
+#
+tmpfile = /var/run/fail2ban/tmp-mail.txt
+
+# Destination/Addressee of the mail
+#
+dest = root
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified-By: Yaroslav Halchenko to include grepping on IP over log files
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `whois <ip> || echo missing whois program`\n\n
+ Lines containing IP:<ip> in <logpath>\n
+ `grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destinataire of the mail
+#
+dest = root
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `whois <ip> || echo missing whois program`\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destination/Addressee of the mail
+#
+dest = root
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destination/Addressee of the mail
+#
+dest = root
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>
+# Submits attack reports to myNetWatchman (http://www.mynetwatchman.com/)
+#
+# You MUST configure at least:
+# <port> (the port that's being attacked - use number not name).
+# <mnwlogin> (your mNW login).
+# <mnwpass> (your mNW password).
+#
+# You SHOULD also provide:
+# <myip> (your public IP address, if it's not the address of eth0)
+# <protocol> (the protocol in use - defaults to tcp)
+#
+# Best practice is to provide <port> and <protocol> in jail.conf like this:
+# action = mynetwatchman[port=1234,protocol=udp]
+#
+# ...and create "mynetwatchman.local" with contents something like this:
+# [Init]
+# mnwlogin = me@example.com
+# mnwpass = SECRET
+# myip = 10.0.0.1
+#
+# Another useful configuration value is <getcmd>, if you don't have wget
+# installed (an example config for curl is given below)
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+#
+# Note: We are currently using <time> for the timestamp because no tag is
+# available to indicate the timestamp of the log message(s) which triggered the
+# ban. Therefore the timestamps we are using in the report, whilst often only a
+# few seconds out, are incorrect. See
+# http://sourceforge.net/tracker/index.php?func=detail&aid=2017795&group_id=121032&atid=689047
+#
+actionban = MNWLOGIN=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwlogin>'`
+ MNWPASS=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwpass>'`
+ PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
+ if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
+ DATETIME=`perl -e '@t=gmtime(<time>);printf "%%4d-%%02d-%%02d+%%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'`
+ <getcmd> "<mnwurl>?AT=2&AV=0&AgentEmail=$MNWLOGIN&AgentPassword=$MNWPASS&AttackerIP=<ip>&SrcPort=<srcport>&ProtocolID=$PROTOCOL&DestPort=<port>&AttackCount=<failures>&VictimIP=<myip>&AttackDateTime=$DATETIME" 2>&1 >> <tmpfile>.out && grep -q 'Attack Report Insert Successful' <tmpfile>.out && rm -f <tmpfile>.out
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+# Option: port
+# Notes.: The target port for the attack (numerical). MUST be provided in
+# the jail config, as it cannot be detected here.
+# Values: [ NUM ] Default: ???
+#
+port = 0
+
+# Option: mnwlogin
+# Notes.: Your mNW login e-mail address. MUST be provided either in the jail
+# config or in a .local file.
+# Register at http://www.mynetwatchman.com/reg.asp
+# Values: [ STRING ] Default: (empty)
+#
+mnwlogin =
+
+# Option: mnwpass
+# Notes.: The password corresponding to your mNW login e-mail address. MUST be
+# provided either in the jail config or in a .local file.
+# Values: [ STRING ] Default: (empty)
+#
+mnwpass =
+
+# Option: myip
+# Notes.: The target IP for the attack (your public IP). Should be overridden
+# either in the jail config or in a .local file unless your PUBLIC IP
+# is the first IP assigned to eth0
+# Values: [ an IP address ] Default: Tries to find the IP address of eth0,
+# which in most cases will be a private IP, and therefore incorrect
+#
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+
+# Option: protocol
+# Notes.: The protocol over which the attack is happening
+# Values: [ tcp | udp | icmp | (any other protocol name from /etc/protocols) | NUM ] Default: tcp
+#
+protocol = tcp
+
+# Option: getcmd
+# Notes.: A command to fetch a URL. Should output page to STDOUT
+# Values: CMD Default: wget
+#
+getcmd = wget --no-verbose --tries=3 --waitretry=10 --connect-timeout=10 --read-timeout=60 --retry-connrefused --output-document=- --user-agent=Fail2Ban
+# Alternative value:
+# getcmd = curl --silent --show-error --retry 3 --connect-timeout 10 --max-time 60 --user-agent Fail2Ban
+
+# Option: srcport
+# Notes.: The source port of the attack. You're unlikely to have this info, so
+# you can leave the default
+# Values: [ NUM ] Default: 0
+#
+srcport = 0
+
+# Option: mnwurl
+# Notes.: The report service URL on the mNW site
+# Values: STRING Default: http://mynetwatchman.com/insertwebreport.asp
+#
+mnwurl = http://mynetwatchman.com/insertwebreport.asp
+
+# Option: tmpfile
+# Notes.: Base name of temporary files
+# Values: [ STRING ] Default: /var/run/fail2ban/tmp-mynetwatchman
+#
+tmpfile = /var/run/fail2ban/tmp-mynetwatchman
--- /dev/null
+# Fail2Ban configuration file for using afctl on Mac OS X Server 10.5
+#
+# Anonymous author
+# http://www.fail2ban.org/wiki/index.php?title=HOWTO_Mac_OS_X_Server_(10.5)&diff=prev&oldid=4081
+#
+# Ref: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/afctl.8.html
+
+[Definition]
+actionstart =
+actionstop =
+actioncheck =
+actionban = /usr/libexec/afctl -a <ip> -t <bantime>
+actionunban = /usr/libexec/afctl -r <ip>
+
+[Init]
+bantime = 2880
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Andy Fragen and Daniel Black
+#
+# Mod for OS X, using random rulenum as OSX ipfw doesn't include tables
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# Values: CMD
+#
+actionban = ipfw add <rulenum> set <setnum> <blocktype> log <block> from <ip> to <dst> <port>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# Values: CMD
+#
+actionunban = ipfw delete `ipfw -S list | grep -i 'set <setnum> <blocktype> log <block> from <ip> to <dst>' | awk '{print $1;}'`
+
+[Init]
+
+# Option: port
+# Notes.: specifies port to block. Can be blank however may require block="ip"
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: dst
+# Notes.: the local IP address of the network interface
+# Values: IP, any, me or anything support by ipfw as a dst
+#
+dst = me
+
+# Option: block
+# Notes: This is how much to block.
+# Can be "ip", "tcp", "udp" or various other options.
+# Values: STRING
+block = tcp
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 8 ipfw
+# Common values: deny, unreach port, reset
+# Values: STRING
+#
+blocktype = unreach port
+
+# Option: set number
+# Notes.: The ipset number this is added to.
+# Values: 0-31
+setnum = 10
+
+# Option: number for ipfw rule
+# Notes: This is meant to be automatically generated and not overwritten
+# Values: Random value between 10000 and 12000
+rulenum="`echo $((RANDOM%%2000+10000))`"
+
+# Duplicate prevention mechanism
+#rulenum = "`a=$((RANDOM%%2000+10000)); while ipfw show | grep -q ^$a\ ; do a=$((RANDOM%%2000+10000)); done; echo $a`"
--- /dev/null
+# Fail2Ban configuration file
+#
+# OpenBSD pf ban/unban
+#
+# Author: Nick Hilliard <nick@foobar.org>
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# we don't enable PF automatically, as it will be enabled elsewhere
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+# we don't disable PF automatically either
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# <failures> number of failures
+# <time> unix timestamp of the ban time
+# Values: CMD
+#
+actionban = /sbin/pfctl -t <tablename> -T add <ip>/32
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# <failures> number of failures
+# <time> unix timestamp of the ban time
+# Values: CMD
+#
+# note -r option used to remove matching rule
+actionunban = /sbin/pfctl -t <tablename> -T delete <ip>/32
+
+[Init]
+# Option: tablename
+# Notes.: The pf table name.
+# Values: [ STRING ]
+#
+tablename = fail2ban
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Michael Gebetsroither
+#
+# This is for blocking whole hosts through blackhole routes.
+#
+# PRO:
+# - Works on all kernel versions and as no compatibility problems (back to debian lenny and WAY further).
+# - It's FAST for very large numbers of blocked ips.
+# - It's FAST because it Blocks traffic before it enters common iptables chains used for filtering.
+# - It's per host, ideal as action against ssh password bruteforcing to block further attack attempts.
+# - No additional software required beside iproute/iproute2
+#
+# CON:
+# - Blocking is per IP and NOT per service, but ideal as action against ssh password bruteforcing hosts
+
+[Definition]
+actionban = ip route add <blocktype> <ip>
+actionunban = ip route del <blocktype> <ip>
+
+[Init]
+
+# Option: blocktype
+# Note: Type can be blackhole, unreachable and prohibit. Unreachable and prohibit correspond to the ICMP reject messages.
+# Values: STRING
+blocktype = unreachable
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Output will be buffered until <lines> lines are available.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile> ]; then
+ printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+ rm <tmpfile>
+ fi
+ printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ From: Fail2Ban <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
+ LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
+ if [ $LINE -ge <lines> ]; then
+ printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+ rm <tmpfile>
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Default number of lines that are buffered
+#
+lines = 5
+
+# Default temporary file
+#
+tmpfile = /var/run/fail2ban/tmp-mail.txt
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Common settings for sendmail actions
+#
+# Users can override the defaults in sendmail-common.local
+
+[INCLUDES]
+
+after = sendmail-common.local
+
+[Init]
+
+# Recipient mail address
+#
+dest = root
+
+# Sender mail address
+#
+sender = fail2ban
+
+# Sender display name
+#
+sendername = Fail2Ban
+
+# vim: filetype=dosini
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `/usr/bin/whois <ip> || echo missing whois program`\n\n
+ Lines containing IP:<ip> in <logpath>\n
+ `grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `/usr/bin/whois <ip> || echo missing whois program`\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+
+# vim: filetype=dosini
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+
+# vim: filetype=dosini
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+# The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see
+# file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a
+# new shorewall rule to ban an IP address, that rule will affect only new
+# connections. So if the attempter goes on trying using the same connection
+# he could even log in. In order to get the same behavior of the iptable
+# action (so that the ban is immediate) the /etc/shorewall/shorewall.conf
+# file should me modified with "BLACKLISTNEWONLY=No".
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = shorewall <blocktype> <ip>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = shorewall allow <ip>
+
+[Init]
+
+# Option: blocktype
+# Note: This is what the action does with rules.
+# See man page of shorewall for options that include drop, logdrop, reject, or logreject
+# Values: STRING
+blocktype = reject
--- /dev/null
+# Fail2Ban action configuration file for ufw
+#
+# You are required to run "ufw enable" before this will have an effect.
+#
+# The insert position should be approprate to block the required traffic.
+# A number after an allow rule to the application won't be much use.
+
+[Definition]
+
+actionstart =
+
+actionstop =
+
+actioncheck =
+
+actionban = [ -n "<application>" ] && app="app <application>" ; ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
+
+actionunban = [ -n "<application>" ] && app="app <application>" ; ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: insertpos
+# Notes.: The postition number in the firewall list to insert the block rule
+insertpos = 1
+
+# Option: blocktype
+# Notes.: reject or deny
+blocktype = reject
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application =
+
+# DEV NOTES:
+#
+# Author: Guilhem Lettron
+# Enhancements: Daniel Black
--- /dev/null
+# Fail2Ban main configuration file
+#
+# Comments: use '#' for comment lines and ';' (following a space) for inline comments
+#
+# Changes: in most of the cases you should not modify this
+# file, but provide customizations in fail2ban.local file, e.g.:
+#
+# [Definition]
+# loglevel = 4
+#
+
+[Definition]
+
+# Option: loglevel
+# Notes.: Set the log level output.
+# 1 = ERROR
+# 2 = WARN
+# 3 = INFO
+# 4 = DEBUG
+# Values: [ NUM ] Default: 1
+#
+loglevel = 3
+
+# Option: logtarget
+# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
+# Only one log target can be specified.
+# If you change logtarget from the default value and you are
+# using logrotate -- also adjust or disable rotation in the
+# corresponding configuration file
+# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
+# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
+#
+logtarget = /var/log/fail2ban.log
+
+# Option: socket
+# Notes.: Set the socket file. This is used to communicate with the daemon. Do
+# not remove this file when Fail2ban runs. It will not be possible to
+# communicate with the server afterwards.
+# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock
+#
+socket = /var/run/fail2ban/fail2ban.sock
+
+# Option: pidfile
+# Notes.: Set the PID file. This is used to store the process ID of the
+# fail2ban server.
+# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid
+#
+pidfile = /var/run/fail2ban/fail2ban.pid
+
--- /dev/null
+# Fail2Ban filter for 3proxy
+#
+#
+
+[Definition]
+
+
+failregex = ^\s[+-]\d{4} \S+ \d{3}0[1-9] \S+ <HOST>:\d+ [\d.]+:\d+ \d+ \d+ \d+\s
+
+ignoreregex =
+
+# DEV Notes:
+# http://www.3proxy.ru/howtoe.asp#ERRORS indicates that 01-09 are
+# all authentication problems (%E field)
+# Log format is: "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T"
+#
+# Requested by ykimon in https://github.com/fail2ban/fail2ban/issues/246
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban apache-auth filter
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# apache-common.local
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server configuration: (uri )?\S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01617: )?user .*? authentication failure for "\S*": Password Mismatch(, referer: \S+)?$
+ ^%(_apache_error_client)s (AH01618: )?user .*? not found(: )?\S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01614: )?client used wrong authentication scheme: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH\d+: )?Authorization of user \S+ to access \S* failed, reason: .*$
+ ^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*?: password mismatch: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*?' in realm `.+' (not found|denied by provider): \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01631: )?user .*?: authorization failure for "\S*":(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* received - length is not \S+(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - got `.*?' but expected `.+'(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm `.*?' received: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01793: )?invalid qop `.*?' received: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01777: )?(Digest: )?invalid nonce .*? received - user attempted time travel(, referer: \S+)?\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# This filter matches the authorization failures of Apache. It takes the log messages
+# from the modules in aaa that return HTTP_UNAUTHORIZED, HTTP_METHOD_NOT_ALLOWED or
+# HTTP_FORBIDDEN and not AUTH_GENERAL_ERROR or HTTP_INTERNAL_SERVER_ERROR.
+#
+# An unauthorized response 401 is the first step for a browser to instigate authentication
+# however apache doesn't log this as an error. Only subsequent errors are logged in the
+# error log.
+#
+# Source:
+#
+# By searching the code in http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/*
+# for ap_log_rerror(APLOG_MARK, APLOG_ERR and examining resulting return code should get
+# all of these expressions. Lots of submodules like mod_authz_* return back to mod_authz_core
+# to return the actual failure.
+#
+# See also: http://wiki.apache.org/httpd/ListOfErrors
+# Expressions that don't have tests and aren't common.
+# more be added with https://issues.apache.org/bugzilla/show_bug.cgi?id=55284
+# ^%(_apache_error_client)s (AH01778: )?user .*: nonce expired \([\d.]+ seconds old - max lifetime [\d.]+\) - sending new nonce\s*$
+# ^%(_apache_error_client)s (AH01779: )?user .*: one-time-nonce mismatch - sending new nonce\s*$
+# ^%(_apache_error_client)s (AH02486: )?realm mismatch - got `.*' but no realm specified\s*$
+#
+# referer is always in error log messages if it exists added as per the log_error_core function in server/log.c
+#
+# Author: Cyril Jaquier
+# Major edits by Daniel Black
--- /dev/null
+# Fail2Ban configuration file
+#
+# Regexp to catch known spambots and software alike. Please verify
+# that it is your intent to block IPs which were driven by
+# above mentioned bots.
+
+
+[Definition]
+
+badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider
+badbots = Atomic_Email_Hunter/4\.0|atSpider/1\.0|autoemailspider|bwh3_user_agent|China Local Browse 2\.6|ContactBot/0\.2|ContentSmartz|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailSpider|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Guestbook Auto Submitter|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 +http\://letscrawl\.com/|Lincoln State Web Browser|LMQueueBot/0\.2|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|MVAClient|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/3\.0 \(compatible; scan4mail \(advanced version\) http\://www\.peterspages\.net/?scan4mail\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|NameOfAgent \(CMS Spider\)|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|ShablastBot 1\.0|snap\.com beta crawler v0|Snapbot/1\.0|Snapbot/1\.0 \(Snap Shots, +http\://www\.snap\.com\)|sogou develop spider|Sogou Orion spider/3\.0\(+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sogou spider|Sogou web spider/3\.0\(+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|VadixBot|WebVulnCrawl\.unknown/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00
+
+failregex = ^<HOST> -.*"(GET|POST).*HTTP.*"(?:%(badbots)s|%(badbotscustom)s)"$
+
+ignoreregex =
+
+# DEV Notes:
+# List of bad bots fetched from http://www.user-agents.org
+# Generated on Thu Nov 7 14:23:35 PST 2013 by files/gen_badbots.
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Generic configuration items (to be used as interpolations) in other
+# apache filters.
+
+[INCLUDES]
+
+# Load customizations if any available
+after = apache-common.local
+
+[DEFAULT]
+
+_apache_error_client = \[[^]]*\] \[(:?error|\S+:\S+)\]( \[pid \d+(:\S+ \d+)?\])? \[client <HOST>(:\d{1,5})?\]
+
+# Common prefix for [error] apache messages which also would include <HOST>
+# Depending on the version it could be
+# 2.2: [Sat Jun 01 11:23:08 2013] [error] [client 1.2.3.4]
+# 2.4: [Thu Jun 27 11:55:44.569531 2013] [core:info] [pid 4101:tid 2992634688] [client 1.2.3.4:46652]
+# 2.4 (perfork): [Mon Dec 23 07:49:01.981912 2013] [:error] [pid 3790] [client 204.232.202.107:46301] script '/var/www/timthumb.php' not found or unable to
+#
+# Reference: https://github.com/fail2ban/fail2ban/issues/268
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban apache-modsec filter
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# apache-common.local
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s ModSecurity: (\[.*?\] )*Access denied with code [45]\d\d.*$
+
+ignoreregex =
+
+# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter to web requests for home directories on Apache servers
+#
+# Regex to match failures to find a home directory on a server, which
+# became popular last days. Most often attacker just uses IP instead of
+# domain name -- so expect to see them in generic error.log if you have
+# per-domain log files.
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s (AH00128: )?File does not exist: .*/~.*
+
+ignoreregex =
+
+# Author: Yaroslav O. Halchenko <debian@onerussian.com>
--- /dev/null
+# Fail2Ban filter to block web requests for scripts (on non scripted websites)
+#
+#
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
+
+ignoreregex =
+
+
+# DEV Notes:
+#
+# https://wiki.apache.org/httpd/ListOfErrors for apache error IDs
+#
+# Second regex, script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat\s*$ is Before http-2.2
+#
+# Author: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter to block web requests on a long or suspicious nature
+#
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+failregex = ^%(_apache_error_client)s ((AH0013[456]: )?Invalid (method|URI) in request .*( - possible attempt to establish SSL connection on non-SSL port)?|(AH00565: )?request failed: URI too long \(longer than \d+\)|request failed: erroneous characters after protocol string: .*|AH00566: request failed: invalid characters in URI)(, referer: \S+)?$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# fgrep -r 'URI too long' httpd-2.*
+# httpd-2.2.25/server/protocol.c: "request failed: URI too long (longer than %d)", r->server->limit_req_line);
+# httpd-2.4.4/server/protocol.c: "request failed: URI too long (longer than %d)",
+#
+# fgrep -r 'in request' ../httpd-2.* | fgrep Invalid
+# httpd-2.2.25/server/core.c: "Invalid URI in request %s", r->the_request);
+# httpd-2.2.25/server/core.c: "Invalid method in request %s", r->the_request);
+# httpd-2.2.25/docs/manual/rewrite/flags.html.fr:avertissements 'Invalid URI in request'.
+# httpd-2.4.4/server/core.c: "Invalid URI in request %s", r->the_request);
+# httpd-2.4.4/server/core.c: "Invalid method in request %s - possible attempt to establish SSL connection on non-SSL port", r->the_request);
+# httpd-2.4.4/server/core.c: "Invalid method in request %s", r->the_request);
+#
+# fgrep -r 'invalid characters in URI' httpd-2.*
+# httpd-2.4.4/server/protocol.c: "request failed: invalid characters in URI");
+#
+# http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?r1=739382&r2=739620&pathrev=739620
+# ...possible attempt to establish SSL connection on non-SSL port
+#
+# https://wiki.apache.org/httpd/ListOfErrors
+# Author: Tim Connors
--- /dev/null
+# Fail2Ban filter for Anti-Spam SMTP Proxy Server also known as ASSP
+#
+# Honmepage: http://www.magicvillage.de/~Fritz_Borgstedt/assp/0003D91C-8000001C/
+# ProjektSite: http://sourceforge.net/projects/assp/?source=directory
+#
+#
+
+[Definition]
+
+__assp_actions = (?:dropping|refusing)
+
+failregex = ^(:? \[SSL-out\])? <HOST> max sender authentication errors \(\d{,3}\) exceeded -- %(__assp_actions)s connection - after reply: \d{3} \d{1}\.\d{1}.\d{1} Error: authentication failed: \w+;$
+ ^(?: \[SSL-out\])? <HOST> SSL negotiation with client failed: SSL accept attempt failed with unknown error.*:unknown protocol;$
+ ^ Blocking <HOST> - too much AUTH errors \(\d{,3}\);$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Examples: Apr-27-13 02:33:09 Blocking 217.194.197.97 - too much AUTH errors (41);
+# Dec-29-12 17:10:31 [SSL-out] 200.247.87.82 SSL negotiation with client failed: SSL accept attempt failed with unknown errorerror:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol;
+# Dec-30-12 04:01:47 [SSL-out] 81.82.232.66 max sender authentication errors (5) exceeded
+#
+# Author: Enrico Labedzki (enrico.labedzki@deiwos.de)
--- /dev/null
+# Fail2Ban filter for asterisk authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = asterisk
+
+__pid_re = (?:\[\d+\])
+
+# All Asterisk log messages begin like this:
+log_prefix= (?:NOTICE|SECURITY)%(__pid_re)s:?(?:\[C-[\da-f]*\])? \S+:\d*( in \w+:)?
+
+failregex = ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Registration from '[^']*' failed for '<HOST>(:\d+)?' - (Wrong password|Username/auth name mismatch|No matching peer found|Not a local domain|Device does not match ACL|Peer is not supposed to register|ACL error \(permit/deny\)|Not a local domain)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Call from '[^']*' \(<HOST>:\d+\) to extension '\d+' rejected because extension not found in context 'default'\.$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Host <HOST> failed to authenticate as '[^']*'$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s No registration for peer '[^']*' \(from <HOST>\)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Host <HOST> failed MD5 authentication for '[^']*' \([^)]+\)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Failed to authenticate (user|device) [^@]+@<HOST>\S*$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s (?:handle_request_subscribe: )?Sending fake auth rejection for (device|user) \d*<sip:[^@]+@<HOST>>;tag=\w+\S*$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s SecurityEvent="(FailedACL|InvalidAccountID|ChallengeResponseFailed|InvalidPassword)",EventTV="[\d-]+",Severity="[\w]+",Service="[\w]+",EventVersion="\d+",AccountID="\d*",SessionID="0x[\da-f]+",LocalAddress="IPV[46]/(UD|TC)P/[\da-fA-F:.]+/\d+",RemoteAddress="IPV[46]/(UD|TC)P/<HOST>/\d+"(,Challenge="\w+",ReceivedChallenge="\w+")?(,ReceivedHash="[\da-f]+")?(,ACLName="\w+")?$
+ ^(%(__prefix_line)s|\[\]\s*WARNING%(__pid_re)s:?(?:\[C-[\da-f]*\])? )Ext\. s: "Rejecting unknown SIP connection from <HOST>"$
+
+ignoreregex =
+
+
+# Author: Xavier Devlamynck / Daniel Black
+#
+# General log format - main/logger.c:ast_log
+# Address format - ast_sockaddr_stringify
+#
+# First regex: channels/chan_sip.c
+#
+# main/logger.c:ast_log_vsyslog - "in {functionname}:" only occurs in syslog
--- /dev/null
+# Generic configuration items (to be used as interpolations) in other
+# filters or actions configurations
+#
+
+[INCLUDES]
+
+# Load customizations if any available
+after = common.local
+
+
+[DEFAULT]
+
+# Daemon definition is to be specialized (if needed) in .conf file
+_daemon = \S*
+
+#
+# Shortcuts for easier comprehension of the failregex
+#
+# PID.
+# EXAMPLES: [123]
+__pid_re = (?:\[\d+\])
+
+# Daemon name (with optional source_file:line or whatever)
+# EXAMPLES: pam_rhosts_auth, [sshd], pop(pam_unix)
+__daemon_re = [\[\(]?%(_daemon)s(?:\(\S+\))?[\]\)]?:?
+
+# extra daemon info
+# EXAMPLE: [ID 800047 auth.info]
+__daemon_extra_re = (?:\[ID \d+ \S+\])
+
+# Combinations of daemon name and PID
+# EXAMPLES: sshd[31607], pop(pam_unix)[4920]
+__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:?)
+
+# Some messages have a kernel prefix with a timestamp
+# EXAMPLES: kernel: [769570.846956]
+__kernel_prefix = kernel: \[ *\d+\.\d+\]
+
+__hostname = \S+
+
+# A MD5 hex
+# EXAMPLES: 07:06:27:55:b0:e3:0c:3c:5a:28:2d:7c:7e:4c:77:5f
+__md5hex = (?:[\da-f]{2}:){15}[\da-f]{2}
+
+# bsdverbose is where syslogd is started with -v or -vv and results in <4.3> or
+# <auth.info> appearing before the host as per testcases/files/logs/bsd/*.
+__bsd_syslog_verbose = (<[^.]+\.[^.]+>)
+
+# Common line prefixes (beginnings) which could be used in filters
+#
+# [bsdverbose]? [hostname] [vserver tag] daemon_id spaces
+#
+# This can be optional (for instance if we match named native log files)
+__prefix_line = \s*%(__bsd_syslog_verbose)s?\s*(?:%(__hostname)s )?(?:%(__kernel_prefix)s )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s%(__daemon_extra_re)s?\s*
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for courier authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
+
+failregex = ^%(__prefix_line)sLOGIN FAILED, user=.*, ip=\[<HOST>\]$
+
+ignoreregex =
+
+# Author: Christoph Haas
+# Modified by: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter to block relay attempts though a Courier smtp server
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = courieresmtpd
+
+failregex = ^%(__prefix_line)serror,relay=<HOST>,.*: 550 User unknown\.$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter for authentication failures on Cyrus imap server
+#
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = (?:cyrus/)?(?:imapd?|pop3d?)
+
+failregex = ^%(__prefix_line)sbadlogin: \S+ ?\[<HOST>\] \S+ .*?\[?SASL\(-13\): authentication failure: .*\]?$
+
+ignoreregex =
+
+# Author: Jan Wagner <waja@cyconet.org>
--- /dev/null
+# Fail2Ban filter Dovecot authentication and pop3/imap server
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (auth|dovecot(-auth)?|auth-worker)
+
+failregex = ^%(__prefix_line)s(pam_unix(\(dovecot:auth\))?:)?\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S* rhost=<HOST>(\s+user=\S*)?\s*$
+ ^%(__prefix_line)s(pop3|imap)-login: (Info: )?(Aborted login|Disconnected)(: Inactivity)? \(((auth failed, \d+ attempts)( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\):( user=<\S*>,)?( method=\S+,)? rip=<HOST>(, lip=(\d{1,3}\.){3}\d{1,3})?(, TLS( handshaking(: SSL_accept\(\) failed: error:[\dA-F]+:SSL routines:[TLS\d]+_GET_CLIENT_HELLO:unknown protocol)?)?(: Disconnected)?)?(, session=<\S+>)?\s*$
+ ^%(__prefix_line)s(Info|dovecot: auth\(default\)): pam\(\S+,<HOST>\): pam_authenticate\(\) failed: (User not known to the underlying authentication module: \d+ Time\(s\)|Authentication failure \(password mismatch\?\))\s*$
+
+ignoreregex =
+
+# DEV Notes:
+# * the first regex is essentially a copy of pam-generic.conf
+# * Probably doesn't do dovecot sql/ldap backends properly
+# * Removed the 'no auth attempts' log lines from the matches because produces
+# lots of false positives on misconfigured MTAs making regexp unuseable
+#
+# Author: Martin Waschbuesch
+# Daniel Black (rewrote with begin and end anchors)
--- /dev/null
+# Fail2Ban filter for dropbear
+#
+# NOTE: The regex below is ONLY intended to work with a patched
+# version of Dropbear as described here:
+# http://www.unchartedbackwaters.co.uk/pyblosxom/static/patches
+# ^%(__prefix_line)sexit before auth from <HOST>.*\s*$
+#
+# The standard Dropbear output doesn't provide enough information to
+# ban all types of attack. The Dropbear patch adds IP address
+# information to the 'exit before auth' message which is always
+# produced for any form of non-successful login. It is that message
+# which this file matches.
+#
+# More information: http://bugs.debian.org/546913
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = dropbear
+
+failregex = ^%(__prefix_line)s[Ll]ogin attempt for nonexistent user ('.*' )?from <HOST>:\d+$
+ ^%(__prefix_line)s[Bb]ad (PAM )?password attempt for .+ from <HOST>(:\d+)?$
+ ^%(__prefix_line)s[Ee]xit before auth \(user '.+', \d+ fails\): Max auth tries reached - user '.+' from <HOST>:\d+\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# The first two regexs here match the unmodified dropbear messages. It isn't
+# possible to match the source of the 'exit before auth' messages from dropbear
+# as they don't include the "from <HOST>" bit.
+#
+# The second last failregex line we need to match with the modified dropbear.
+#
+# For the second regex the following apply:
+#
+# http://www.netmite.com/android/mydroid/external/dropbear/svr-authpam.c
+# http://svn.dd-wrt.com/changeset/16642#file64
+#
+# http://svn.dd-wrt.com/changeset/16642/src/router/dropbear/svr-authpasswd.c
+#
+# Author: Francis Russell
+# Zak B. Elep
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Steven Hiscocks
+#
+#
+
+[Definition]
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+# host must be matched by a group named "host". The tag "<HOST>" can
+# be used for standard IP/hostname matching and is only an alias for
+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
+# Multiline regexs should use tag "<SKIPLINES>" to separate lines.
+# This allows lines between the matching lines to continue to be
+# searched for other failures. This tag can be used multiple times.
+# Values: TEXT
+#
+failregex = ^(?:\.\d+)? \[info\] <0\.\d+\.\d>@ejabberd_c2s:wait_for_feature_request:\d+ \([^\)]+\) Failed authentication for \S+ from IP <HOST>$
--- /dev/null
+# Fail2Ban filter file for common exim expressions
+#
+# This is to be used by other exim filters
+
+[INCLUDES]
+
+# Load customizations if any available
+after = exim-common.local
+
+[Definition]
+
+host_info = H=([\w.-]+ )?(\(\S+\) )?\[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?(U=\S+ )?(P=e?smtp )?
+pid = ( \[\d+\])?
+
+# DEV Notes:
+# From exim source code: ./src/receive.c:add_host_info_for_log
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for exim the spam rejection messages
+#
+## For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used.
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# exim-common.local
+before = exim-common.conf
+
+[Definition]
+
+failregex = ^%(pid)s \S+ F=(<>|\S+@\S+) %(host_info)srejected by local_scan\(\): .{0,256}$
+ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: .*dnsbl.*\s*$
+ ^%(pid)s \S+ %(host_info)sF=(<>|[^@]+@\S+) rejected after DATA: This message contains a virus \(\S+\)\.\s*$
+ ^%(pid)s \S+ SA: Action: silently tossed message: score=\d+\.\d+ required=\d+\.\d+ trigger=\d+\.\d+ \(scanned in \d+/\d+ secs \| Message-Id: \S+\)\. From \S+ \(host=(\S+ )?\[<HOST>\]\) for \S+$
+
+ignoreregex =
+
+# DEV Notes:
+# The %(host_info) defination contains a <HOST> match
+#
+# Author: Cyril Jaquier
+# Daniel Black (rewrote with strong regexs)
--- /dev/null
+# Fail2Ban filter for exim
+#
+# This includes the rejection messages of exim. For spam and filter
+# related bans use the exim-spam.conf
+#
+
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# exim-common.local
+before = exim-common.conf
+
+[Definition]
+
+failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$
+ ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$
+ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$
+ ^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$
+ ^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$
+
+ignoreregex =
+
+# DEV Notes:
+# The %(host_info) defination contains a <HOST> match
+#
+# SMTP protocol synchronization error \([^)]*\) <- This needs to be non-greedy
+# to void capture beyond ")" to avoid a DoS Injection vulnerabilty as input= is
+# user injectable data.
+#
+# Author: Cyril Jaquier
+# Daniel Black (rewrote with strong regexs)
--- /dev/null
+# Fail2Ban configuration file
+#
+# Enable "log-auth-failures" on each Sofia profile to monitor
+# <param name="log-auth-failures" value="true"/>
+# -- this requires a high enough loglevel on your logs to save these messages.
+#
+# In the fail2ban jail.local file for this filter set ignoreip to the internal
+# IP addresses on your LAN.
+#
+
+[Definition]
+
+failregex = ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ SIP auth (failure|challenge) \((REGISTER|INVITE)\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>$
+ ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ Can't find user \[\d+@\d+\.\d+\.\d+\.\d+\] from <HOST>$
+
+ignoreregex =
+
+# Author: Rupa SChomaker, soapee01, Daniel Black
+# http://wiki.freeswitch.org/wiki/Fail2ban
+# Thanks to Jim on mailing list of samples and guidance
+#
+# No need to match the following. Its a duplicate of the SIP auth regex.
+# ^\.\d+ \[DEBUG\] sofia\.c:\d+ IP <HOST> Rejected by acl "\S+"\. Falling back to Digest auth\.$
--- /dev/null
+# Fail2Ban filter for Group-Office
+#
+# Enable logging with:
+# $config['info_log']='/home/groupoffice/log/info.log';
+#
+
+[Definition]
+
+failregex = ^\[\]LOGIN FAILED for user: "\S+" from IP: <HOST>$
+
+
+
+# Author: Daniel Black
+
--- /dev/null
+# Fail2Ban filter file for gssftp
+#
+# Note: gssftp is part of the krb5-appl-servers in Fedora
+#
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = ftpd
+
+failregex = ^%(__prefix_line)srepeated login failures from <HOST> \(\S+\)$
+
+ignoreregex =
+
+# Author: Kevin Zembower
+# Edited: Daniel Black - syslog based daemon
--- /dev/null
+# fail2ban filter configuration for horde
+
+
+[Definition]
+
+
+failregex = ^ HORDE \[error\] \[(horde|imp)\] FAILED LOGIN for \S+ \[<HOST>\](\(forwarded for \[\S+\]\))? to (Horde|{[^}]+}) \[(pid \d+ )?on line \d+ of \S+\]$
+
+
+ignoreregex =
+
+# DEV NOTES:
+# https://github.com/horde/horde/blob/master/imp/lib/Auth.php#L132
+# https://github.com/horde/horde/blob/master/horde/login.php
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter to match wrong passwords as notified by lighttpd's auth Module
+#
+
+[Definition]
+
+failregex = ^: \(http_auth\.c\.\d+\) (password doesn\'t match .* username: .*|digest: auth failed for .*: wrong password|get_password failed), IP: <HOST>\s*$
+
+ignoreregex =
+
+# Author: Francois Boulogne <fboulogne@april.org>
--- /dev/null
+# Fail2Ban filter for unsuccesfull MySQL authentication attempts
+#
+#
+# To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld]:
+# log-error=/var/log/mysqld.log
+# log-warning = 2
+#
+# If using mysql syslog [mysql_safe] has syslog in /etc/my.cnf
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = mysqld
+
+failregex = ^%(__prefix_line)s(\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[Warning\] Access denied for user '\w+'@'<HOST>' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Technically __prefix_line can equate to an empty string hence it can support
+# syslog and non-syslog at once.
+# Example:
+# 130322 11:26:54 [Warning] Access denied for user 'root'@'127.0.0.1' (using password: YES)
+#
+# Authors: Artur Penttinen
+# Yaroslav O. Halchenko
--- /dev/null
+# Fail2Ban filter for Nagios Remote Plugin Executor (nrpe2)
+# Detecting unauthorized access to the nrpe2 daemon
+# typically logged in /var/log/messages syslog
+#
+
+[INCLUDES]
+# Read syslog common prefixes
+before = common.conf
+
+[Definition]
+_daemon = nrpe
+failregex = ^%(__prefix_line)sHost <HOST> is not allowed to talk to us!\s*$
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Ivo Truxa - 2014/02/03
--- /dev/null
+# Fail2Ban filter file for named (bind9).
+#
+
+# This filter blocks attacks against named (bind9) however it requires special
+# configuration on bind.
+#
+# By default, logging is off with bind9 installation.
+#
+# You will need something like this in your named.conf to provide proper logging.
+#
+# logging {
+# channel security_file {
+# file "/var/log/named/security.log" versions 3 size 30m;
+# severity dynamic;
+# print-time yes;
+# };
+# category security {
+# security_file;
+# };
+# };
+
+[Definition]
+
+# Daemon name
+_daemon=named
+
+# Shortcuts for easier comprehension of the failregex
+
+__pid_re=(?:\[\d+\])
+__daemon_re=\(?%(_daemon)s(?:\(\S+\))?\)?:?
+__daemon_combs_re=(?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:)
+
+# hostname daemon_id spaces
+# this can be optional (for instance if we match named native log files)
+__line_prefix=(?:\s\S+ %(__daemon_combs_re)s\s+)?
+
+failregex = ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: (view (internal|external): )?query(?: \(cache\))? '.*' denied\s*$
+ ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: zone transfer '\S+/AXFR/\w+' denied\s*$
+ ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: bad zone transfer request: '\S+/IN': non-authoritative zone \(NOTAUTH\)\s*$
+
+# DEV Notes:
+# Trying to generalize the
+# structure which is general to capture general patterns in log
+# lines to cover different configurations/distributions
+#
+# (\.\d+)? is a really ugly catch of the microseconds not captured in the date detector
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# fail2ban filter configuration for nginx
+
+
+[Definition]
+
+
+failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
+
+ignoreregex =
+
+# DEV NOTES:
+# Based on samples in https://github.com/fail2ban/fail2ban/pull/43/files
+# Extensive search of all nginx auth failures not done yet.
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Bas van den Dikkenberg
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = nsd
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+# host must be matched by a group named "host". The tag "<HOST>" can
+# be used for standard IP/hostname matching and is only an alias for
+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
+# Values: TEXT
+
+failregex = ^\[\]%(__prefix_line)sinfo: ratelimit block .* query <HOST> TYPE255$
+ ^\[\]%(__prefix_line)sinfo: .* <HOST> refused, no acl matches\.$
--- /dev/null
+# Fail2Ban filter for Openwebmail
+# banning hosts with authentication errors in /var/log/openwebmail.log
+# OpenWebMail http://openwebmail.org
+#
+
+[Definition]
+
+failregex = ^ - \[\d+\] \(<HOST>\) (?P<USER>\S+) - login error - (no such user - loginname=(?P=USER)|auth_unix.pl, ret -4, Password incorrect)$
+ ^ - \[\d+\] \(<HOST>\) (?P<USER>\S+) - userinfo error - auth_unix.pl, ret -4, User (?P=USER) doesn't exist$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Ivo Truxa (c) 2013 truXoft.com
--- /dev/null
+# Fail2Ban configuration file for generic PAM authentication errors
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+# if you want to catch only login errors from specific daemons, use something like
+#_ttys_re=(?:ssh|pure-ftpd|ftp)
+#
+# Default: catch all failed logins
+_ttys_re=\S*
+
+__pam_re=\(?pam_unix(?:\(\S+\))?\)?:?
+_daemon = \S+
+
+failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# for linux-pam before 0.99.2.0 (late 2005) (removed before 0.8.11 release)
+# _daemon = \S*\(?pam_unix\)?
+# failregex = ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for perdition
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon=perdition.\S+
+
+failregex = ^%(__prefix_line)sAuth: <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+ client-secure=\S+ authorisation_id=NONE authentication_id=".+" server="\S+" protocol=\S+ server-secure=\S+ status="failed: (local authentication failure|Re-Authentication Failure)"$
+ ^%(__prefix_line)sFatal Error reading authentication information from client <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+: Exiting child$
+
+ignoreregex =
+
+# Author: Christophe Carles and Daniel Black
--- /dev/null
+# Fail2Ban filter for URLs with a URL as a script parameters
+# which can be an indication of a fopen url php injection
+#
+# Example of web requests in Apache access log:
+# 66.185.212.172 - - [26/Mar/2009:08:44:20 -0500] "GET /index.php?n=http://eatmyfood.hostinginfive.com/pizza.htm? HTTP/1.1" 200 114 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
+
+[Definition]
+
+failregex = ^<HOST> -.*"(GET|POST).*\?.*\=http\:\/\/.* HTTP\/.*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Version 2
+# fixes the failregex so REFERERS that contain =http:// don't get blocked
+# (mentioned by "fasuto" (no real email provided... blog comment) in this entry:
+# http://blogs.buanzo.com.ar/2009/04/fail2ban-filter-for-php-injection-attacks.html#comment-1489
+#
+# Author: Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
--- /dev/null
+# Fail2Ban filter for postfix authentication failures
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = postfix/smtpd
+
+failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for selected Postfix SMTP rejections
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = postfix/smtpd
+
+failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
+ ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
+ ^%(__prefix_line)sNOQUEUE: reject: VRFY from \S+\[<HOST>\]: 550 5\.1\.1 .*$
+ ^%(__prefix_line)simproper command pipelining after \S+ from [^[]*\[<HOST>\]:?$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
--- /dev/null
+# Fail2Ban fitler for the Proftpd FTP daemon
+#
+# Set "UseReverseDNS off" in proftpd.conf to avoid the need for DNS.
+# See: http://www.proftpd.org/docs/howto/DNS.html
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = proftpd
+
+__suffix_failed_login = (User not authorized for login|No such user found|Incorrect password|Password expired|Account disabled|Invalid shell: '\S+'|User in \S+|Limit (access|configuration) denies login|Not a UserAlias|maximum login length exceeded).?
+
+failregex = ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ USER .*: no such user found from \S+ \[\S+\] to \S+:\S+ *$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ USER .* \(Login failed\): %(__suffix_failed_login)s\s*$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: .* login attempted\. *$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded *$
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
+# Daniel Black - hardening of regex
--- /dev/null
+# Fail2Ban filter for pureftp
+#
+# Disable hostname based logging by:
+#
+# Start pure-ftpd with the -H switch or on Ubuntu 'echo yes > /etc/pure-ftpd/conf/DontResolve'
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = pure-ftpd
+
+# Error message specified in multiple languages
+__errmsg = (?:�ϥΪ�\[.*\]���ҥ���|ʹ����\[.*\]��֤ʧ��|\[.*\] kullan�c�s� i�in giri� hatal�|����������� �� ������� ������������ \[.*\]|Godkjennelse mislyktes for \[.*\]|Beh�righetskontroll misslyckas f�r anv�ndare \[.*\]|Autentifikacia uzivatela zlyhala \[.*\]|Autentificare esuata pentru utilizatorul \[.*\]|Autentica��o falhou para usu�rio \[.*\]|Autentyfikacja nie powiod�a si� dla u�ytkownika \[.*\]|Autorisatie faalde voor gebruiker \[.*\]|\[.*\] ��� ���� ����|Autenticazione falita per l'utente \[.*\]|Azonos�t�s sikertelen \[.*\] felhaszn�l�nak|\[.*\] c'est un batard, il connait pas son code|Erreur d'authentification pour l'utilisateur \[.*\]|Autentificaci�n fallida para el usuario \[.*\]|Authentication failed for user \[.*\]|Authentifizierung fehlgeschlagen f�r Benutzer \[.*\].|Godkendelse mislykkedes for \[.*\]|Autentifikace u�ivatele selhala \[.*\])
+
+failregex = ^%(__prefix_line)s\(.+?@<HOST>\) \[WARNING\] %(__errmsg)s\s*$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
+# Modified: Yaroslav Halchenko for pure-ftpd
+# Documentation thanks to Blake on http://www.fail2ban.org/wiki/index.php?title=Fail2ban:Community_Portal
+#
+# Only logs to syslog though facility can be changed configuration file/command line
+#
+# fgrep -r MSG_AUTH_FAILED_LOG pure-ftpd-1.0.36/src
--- /dev/null
+# Fail2Ban filters for qmail RBL patches/fake proxies
+#
+# the default djb RBL implementation doesn't log any rejections
+# so is useless with this filter.
+#
+# One patch is here:
+#
+# http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:qmail|rblsmtpd)
+
+failregex = ^%(__prefix_line)s\d+\.\d+ rblsmtpd: <HOST> pid \d+ \S+ 4\d\d \S+\s*$
+ ^%(__prefix_line)s\d+\.\d+ qmail-smtpd: 4\d\d badiprbl: ip <HOST> rbl: \S+\s*$
+ ^%(__prefix_line)s\S+ blocked <HOST> \S+ -\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# These seem to be for two or 3 different patches to qmail or rblsmtpd
+# so you'll probably only ever see one of these regex's that match.
+#
+# ref: https://github.com/fail2ban/fail2ban/pull/386
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for repeat bans
+#
+# This filter monitors the fail2ban log file, and enables you to add long
+# time bans for ip addresses that get banned by fail2ban multiple times.
+#
+# Reasons to use this: block very persistent attackers for a longer time,
+# stop receiving email notifications about the same attacker over and
+# over again.
+#
+# This jail is only useful if you set the 'findtime' and 'bantime' parameters
+# in jail.conf to a higher value than the other jails. Also, this jail has its
+# drawbacks, namely in that it works only with iptables, or if you use a
+# different blocking mechanism for this jail versus others (e.g. hostsdeny
+# for most jails, and shorewall for this one).
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = fail2ban\.actions
+
+# The name of the jail that this filter is used for. In jail.conf, name the
+# jail using this filter 'recidive', or change this line!
+_jailname = recidive
+
+failregex = ^(%(__prefix_line)s|,\d{3} fail2ban.actions%(__pid_re)s?:\s+)WARNING\s+\[(?!%(_jailname)s\])(?:.*)\]\s+Ban\s+<HOST>\s*$
+
+# Author: Tom Hendrikx, modifications by Amir Caspi
--- /dev/null
+# Fail2Ban configuration file for roundcube web server
+#
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex = ^\s*(\[(\s[+-][0-9]{4})?\])?(%(__hostname)s roundcube: IMAP Error)?: (FAILED login|Login failed) for .*? from <HOST>(\. .* in .*?/rcube_imap\.php on line \d+ \(\S+ \S+\))?$
+
+ignoreregex =
+# DEV Notes:
+#
+# Source: https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap.php#L180
+#
+# Part after <HOST> comes straight from IMAP server up until the " in ....."
+# Earlier versions didn't log the IMAP response hence optional.
+#
+# DoS resistance:
+#
+# Assume that the user can inject "from <HOST>" into the imap response
+# somehow. Write test cases around this to ensure that the combination of
+# arbitrary user input and IMAP response doesn't inject the wrong IP for
+# fail2ban
+#
+# Author: Teodor Micu & Yaroslav Halchenko & terence namusonge & Daniel Black
--- /dev/null
+# Fail2Ban configuration file for generic SELinux audit messages
+#
+# This file is not intended to be used directly, and should be included into a
+# filter file which would define following variables. See selinux-ssh.conf as
+# and example.
+#
+# _type
+# _uid
+# _auid
+# _subj
+# _msg
+#
+# Also one of these variables must include <HOST>.
+
+[Definition]
+
+failregex = ^type=%(_type)s msg=audit\(:\d+\): (user )?pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'$
+
+ignoreregex =
+
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban configuration file for SELinux ssh authentication errors
+#
+
+[INCLUDES]
+
+after = selinux-common.conf
+
+[Definition]
+
+_type = USER_(ERR|AUTH)
+_uid = 0
+_auid = \d+
+_subj = (?:unconfined_u|system_u):system_r:sshd_t:s0-s0:c0\.c1023
+
+_exe =/usr/sbin/sshd
+_terminal = ssh
+
+_msg = op=\S+ acct=(?P<_quote_acct>"?)\S+(?P=_quote_acct) exe="%(_exe)s" hostname=(\?|(\d+\.){3}\d+) addr=<HOST> terminal=%(_terminal)s res=failed
+
+# DEV Notes:
+#
+# Note: USER_LOGIN is ignored as this is the duplicate messsage
+# ssh logs after 3 USER_AUTH failures.
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for sendmail authentication failures
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:sm-(mta|acceptingconnections))
+
+failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for sendmail spam/relay type failures
+#
+# Some of the below failregex will only work properly, when the following
+# options are set in the .mc file (see your Sendmail documentation on how
+# to modify it and generate the corresponding .cf file):
+#
+# FEATURE(`delay_checks')
+# FEATURE(`greet_pause', `500')
+# FEATURE(`ratecontrol', `nodelay', `terminate')
+# FEATURE(`conncontrol', `nodelay', `terminate')
+#
+# ratecontrol and conncontrol also need corresponding options ClientRate:
+# and ClientConn: in the access file, see documentation for ratecontrol and
+# conncontrol in the sendmail/cf/README file.
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:sm-(mta|acceptingconnections))
+
+failregex = ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=(?P<email><\S+@\S+>), relay=(\S+ )?\[<HOST>\]( \(may be forged\))?, reject=(550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.|IP name lookup failed \[(\d+\.){3}\d+\])|553 5\.1\.8 (?P=email)\.\.\. Domain of sender address \S+ does not exist|550 5\.[71]\.1 (?P=email)\.\.\. (Rejected: .*|User unknown))$
+ ^%(__prefix_line)sruleset=check_relay, arg1=(?P<dom>\S+), arg2=<HOST>, relay=((?P=dom) )?\[(\d+\.){3}\d+\]( \(may be forged\))?, reject=421 4\.3\.2 (Connection rate limit exceeded\.|Too many open connections\.)$
+ ^%(__prefix_line)s\w{14}: rejecting commands from (\S+ )?\[<HOST>\] due to pre-greeting traffic after \d+ seconds$
+ ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]: ((?i)expn|vrfy) \S+ \[rejected\]$
+
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Daniel Black and Fabian Wenk
--- /dev/null
+# Fail2Ban filter for sieve authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_deamon = (?:cyrus/)?(?:tim)?sieved?
+
+failregex = ^%(__prefix_line)sbadlogin: \S+ ?\[<HOST>\] \S+ authentication failure$
+
+ignoreregex =
+
+# Author: Jan Wagner <waja@cyconet.org>
--- /dev/null
+# Fail2ban filter for SOGo authentcation
+#
+# Log file usually in /var/log/sogo/sogo.log
+
+[Definition]
+
+failregex = ^ sogod \[\d+\]: SOGoRootPage Login from '<HOST>' for user '.*' might not have worked( - password policy: \d* grace: -?\d* expire: -?\d* bound: -?\d*)?\s*$
+
+ignoreregex =
+
+#
+# DEV Notes:
+#
+# The error log may contain multiple hosts, whereas the first one
+# is the client and all others are poxys. We match the first one, only
+#
+# Author: Arnd Brandes
--- /dev/null
+# Fail2Ban filter for unsuccesful solid-pop3 authentication attempts
+#
+# Doesn't currently provide PAM support as PAM log messages don't include rhost as
+# remote IP.
+#
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = solid-pop3d
+
+failregex = ^%(__prefix_line)sauthentication failed: (no such user|can't map user name): .*? - <HOST>$
+ ^%(__prefix_line)s(APOP )?authentication failed for (mapped )?user .*? - <HOST>$
+ ^%(__prefix_line)sroot login not allowed - <HOST>$
+ ^%(__prefix_line)scan't find APOP secret for user .*? - <HOST>$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# solid-pop3d needs to be compiled with --enable-logextend to support
+# IP addresses in log messages.
+#
+# solid-pop3d-0.15/src/main.c contains all authentication errors
+# except for PAM authentication messages ( src/authenticate.c )
+#
+# A pam authentication failure message (note no IP for rhost).
+# Nov 17 23:17:50 emf1pt2-2-35-70 solid-pop3d[17176]: pam_unix(solid-pop3d:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=jacques
+#
+# Authors: Daniel Black
--- /dev/null
+# Fail2Ban filter for Squid attempted proxy bypasses
+#
+#
+
+[Definition]
+
+failregex = ^\s+\d\s<HOST>\s+[A-Z_]+_DENIED/403 .*$
+ ^\s+\d\s<HOST>\s+NONE/405 .*$
+
+
+
+# Author: Daniel Black
+
--- /dev/null
+# Fail2Ban ssh filter for at attempted exploit
+#
+# The regex here also relates to a exploit:
+#
+# http://www.securityfocus.com/bid/17958/exploit
+# The example code here shows the pushing of the exploit straight after
+# reading the server version. This is where the client version string normally
+# pushed. As such the server will read this unparsible information as
+# "Did not receive identification string".
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = sshd
+
+failregex = ^%(__prefix_line)sDid not receive identification string from <HOST>\s*$
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for openssh
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = sshd
+
+failregex = ^%(__prefix_line)s(?:error: PAM: )?[aA]uthentication (?:failure|error) for .* from <HOST>( via \S+)?\s*$
+ ^%(__prefix_line)s(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\s*$
+ ^%(__prefix_line)sFailed \S+ for .*? from <HOST>(?: port \d*)?(?: ssh\d*)?(: (ruser .*|(\S+ ID \S+ \(serial \d+\) CA )?\S+ %(__md5hex)s(, client user ".*", client host ".*")?))?\s*$
+ ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
+ ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because not listed in AllowUsers\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because listed in DenyUsers\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because not in any group\s*$
+ ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
+ ^%(__prefix_line)sReceived disconnect from <HOST>: 3: \S+: Auth fail$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because a group is listed in DenyGroups\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# "Failed \S+ for .*? from <HOST>..." failregex uses non-greedy catch-all because
+# it is coming before use of <HOST> which is not hard-anchored at the end as well,
+# and later catch-all's could contain user-provided input, which need to be greedily
+# matched away first.
+#
+# Author: Cyril Jaquier, Yaroslav Halchenko, Petr Voralek, Daniel Black
--- /dev/null
+# Fail2Ban filter for suhosian PHP hardening
+#
+# This occurs with lighttpd or directly from the plugin
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = (?:lighttpd|suhosin)
+
+
+_lighttpd_prefix = (?:\(mod_fastcgi\.c\.\d+\) FastCGI-stderr:\s)
+
+failregex = ^%(__prefix_line)s%(_lighttpd_prefix)s?ALERT - .* \(attacker '<HOST>', file '.*'(?:, line \d+)?\)$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# https://github.com/stefanesser/suhosin/blob/1fba865ab73cc98a3109f88d85eb82c1bfc29b37/log.c#L161
+#
+# Author: Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
--- /dev/null
+# Fail2Ban filter for uwimap
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:ipop3d|imapd)
+
+failregex = ^%(__prefix_line)sLogin (?:failed|excessive login failures|disabled|SYSTEM BREAK-IN ATTEMPT) user=\S* auth=\S* host=.*\[<HOST>\]\s*$
+ ^%(__prefix_line)sFailed .* override of user=.* host=.*\[<HOST>\]\s*$
+
+ignoreregex =
+
+# Author: Amir Caspi
--- /dev/null
+# Fail2Ban filter for vsftp
+#
+# Configure VSFTP for "dual_log_enable=YES", and have fail2ban watch
+# /var/log/vsftpd.log instead of /var/log/secure. vsftpd.log file shows the
+# incoming ip address rather than domain names.
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+__pam_re=\(?pam_unix(?:\(\S+\))?\)?:?
+_daemon = vsftpd
+
+failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+ ^ \[pid \d+\] \[.+\] FAIL LOGIN: Client "<HOST>"\s*$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
+# Documentation from fail2ban wiki
--- /dev/null
+# Fail2Ban filter for webmin
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = webmin
+
+failregex = ^%(__prefix_line)sNon-existent login as .+ from <HOST>\s*$
+ ^%(__prefix_line)sInvalid login as .+ from <HOST>\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# pattern : webmin[15673]: Non-existent login as toto from 86.0.6.217
+# webmin[29544]: Invalid login as root from 86.0.6.217
+#
+# Rule Author: Delvit Guillaume
--- /dev/null
+# Fail2Ban configuration file for wuftpd
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = wu-ftpd
+__pam_re=\(?pam_unix(?:\(wu-ftpd:auth\))?\)?:?
+
+failregex = ^%(__prefix_line)sfailed login from \S+ \[<HOST>\]\s*$
+ ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for xinetd failures
+#
+# Cfr.: /var/log/(daemon\.|sys)log
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = xinetd
+
+failregex = ^%(__prefix_line)sFAIL: \S+ address from=<HOST>$
+ ^%(__prefix_line)sFAIL: \S+ libwrap from=<HOST>$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# libwrap => tcp wrappers: hosts.(allow|deny)
+# address => xinetd: deny_from|only_from
+#
+# Author: Guido Bozzetto
--- /dev/null
+# Fail2Ban configuration file.
+#
+# This file was composed for Debian systems from the original one
+# provided now under /usr/share/doc/fail2ban/examples/jail.conf
+# for additional examples.
+#
+# Comments: use '#' for comment lines and ';' for inline comments
+#
+# To avoid merges during upgrades DO NOT MODIFY THIS FILE
+# and rather provide your changes in /etc/fail2ban/jail.local
+#
+
+# The DEFAULT allows a global definition of the options. They can be overridden
+# in each jail afterwards.
+
+[DEFAULT]
+
+# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
+# ban a host which matches an address in this list. Several addresses can be
+# defined using space separator.
+ignoreip = 127.0.0.1/8
+
+# External command that will take an tagged arguments to ignore, e.g. <ip>,
+# and return true if the IP is to be ignored. False otherwise.
+#
+# ignorecommand = /path/to/command <ip>
+ignorecommand =
+
+# "bantime" is the number of seconds that a host is banned.
+bantime = 600
+
+# A host is banned if it has generated "maxretry" during the last "findtime"
+# seconds.
+findtime = 600
+maxretry = 3
+
+# "backend" specifies the backend used to get files modification.
+# Available options are "pyinotify", "gamin", "polling" and "auto".
+# This option can be overridden in each jail as well.
+#
+# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
+# If pyinotify is not installed, Fail2ban will use auto.
+# gamin: requires Gamin (a file alteration monitor) to be installed.
+# If Gamin is not installed, Fail2ban will use auto.
+# polling: uses a polling algorithm which does not require external libraries.
+# auto: will try to use the following backends, in order:
+# pyinotify, gamin, polling.
+backend = auto
+
+# "usedns" specifies if jails should trust hostnames in logs,
+# warn when reverse DNS lookups are performed, or ignore all hostnames in logs
+#
+# yes: if a hostname is encountered, a reverse DNS lookup will be performed.
+# warn: if a hostname is encountered, a reverse DNS lookup will be performed,
+# but it will be logged as a warning.
+# no: if a hostname is encountered, will not be used for banning,
+# but it will be logged as info.
+usedns = warn
+
+#
+# Destination email address used solely for the interpolations in
+# jail.{conf,local} configuration files.
+destemail = frank@brehm-online.com
+
+#
+# Name of the sender for mta actions
+sendername = Fail2Ban
+
+# Email address of the sender
+sender = fail2ban+ns1@brehm-online.com
+
+#
+# ACTIONS
+#
+
+# Default banning action (e.g. iptables, iptables-new,
+# iptables-multiport, shorewall, etc) It is used to define
+# action_* variables. Can be overridden globally or per
+# section within jail.local file
+banaction = iptables-multiport
+
+# email action. Since 0.8.1 upstream fail2ban uses sendmail
+# MTA for the mailing. Change mta configuration parameter to mail
+# if you want to revert to conventional 'mail'.
+mta = sendmail
+
+# Default protocol
+protocol = tcp
+
+# Specify chain where jumps would need to be added in iptables-* actions
+chain = INPUT
+
+#
+# Action shortcuts. To be used to define action parameter
+
+# The simplest action to take: ban only
+action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+
+# ban & send an e-mail with whois report to the destemail.
+action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+ %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sender="%(sender)s", sendername="%(sendername)s"]
+
+# ban & send an e-mail with whois report and relevant log lines
+# to the destemail.
+action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+ %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
+
+# Choose default action. To change, just override value of 'action' with the
+# interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local
+# globally (section [DEFAULT]) or per specific section
+action = %(action_)s
+
+#
+# JAILS
+#
+
+# Next jails corresponds to the standard configuration in Fail2ban 0.6 which
+# was shipped in Debian. Enable any defined here jail by including
+#
+# [SECTION_NAME]
+# enabled = true
+
+#
+# in /etc/fail2ban/jail.local.
+#
+# Optionally you may override any other parameter (e.g. banaction,
+# action, port, logpath, etc) in that section within jail.local
+
+#[ssh]
+#
+#enabled = true
+#port = ssh
+#filter = sshd
+#logpath = /var/log/auth.log
+#maxretry = 6
+
+#[dropbear]
+#
+#enabled = false
+#port = ssh
+#filter = dropbear
+#logpath = /var/log/auth.log
+#maxretry = 6
+
+# Generic filter for pam. Has to be used with action which bans all ports
+# such as iptables-allports, shorewall
+#[pam-generic]
+#
+#enabled = false
+## pam-generic filter can be customized to monitor specific subset of 'tty's
+#filter = pam-generic
+## port actually must be irrelevant but lets leave it all for some possible uses
+#port = all
+#banaction = iptables-allports
+#port = anyport
+#logpath = /var/log/auth.log
+#maxretry = 6
+
+#[xinetd-fail]
+#
+#enabled = false
+#filter = xinetd-fail
+#port = all
+#banaction = iptables-multiport-log
+#logpath = /var/log/daemon.log
+#maxretry = 2
+
+
+#[ssh-ddos]
+#
+#enabled = false
+#port = ssh
+#filter = sshd-ddos
+#logpath = /var/log/auth.log
+#maxretry = 6
+
+
+# Here we use blackhole routes for not requiring any additional kernel support
+# to store large volumes of banned IPs
+
+#[ssh-route]
+#
+#enabled = false
+#filter = sshd
+#action = route
+#logpath = /var/log/sshd.log
+#maxretry = 6
+
+# Here we use a combination of Netfilter/Iptables and IPsets
+# for storing large volumes of banned IPs
+#
+# IPset comes in two versions. See ipset -V for which one to use
+# requires the ipset package and kernel support.
+#[ssh-iptables-ipset4]
+#
+#enabled = false
+#port = ssh
+#filter = sshd
+#banaction = iptables-ipset-proto4
+#logpath = /var/log/sshd.log
+#maxretry = 6
+
+#[ssh-iptables-ipset6]
+#
+#enabled = false
+#port = ssh
+#filter = sshd
+#banaction = iptables-ipset-proto6
+#logpath = /var/log/sshd.log
+#maxretry = 6
+
+
+#
+# HTTP servers
+#
+
+#[apache]
+#
+#enabled = false
+#port = http,https
+#filter = apache-auth
+#logpath = /var/log/apache*/*error.log
+#maxretry = 6
+
+# default action is now multiport, so apache-multiport jail was left
+# for compatibility with previous (<0.7.6-2) releases
+#[apache-multiport]
+#
+#enabled = false
+#port = http,https
+#filter = apache-auth
+#logpath = /var/log/apache*/*error.log
+#maxretry = 6
+
+#[apache-noscript]
+#
+#enabled = false
+#port = http,https
+#filter = apache-noscript
+#logpath = /var/log/apache*/*error.log
+#maxretry = 6
+
+#[apache-overflows]
+#
+#enabled = false
+#port = http,https
+#filter = apache-overflows
+#logpath = /var/log/apache*/*error.log
+#maxretry = 2
+
+#[apache-modsecurity]
+#
+#enabled = false
+#filter = apache-modsecurity
+#port = http,https
+#logpath = /var/log/apache*/*error.log
+#maxretry = 2
+
+#[apache-nohome]
+#
+#enabled = false
+#filter = apache-nohome
+#port = http,https
+#logpath = /var/log/apache*/*error.log
+#maxretry = 2
+
+# Ban attackers that try to use PHP's URL-fopen() functionality
+# through GET/POST variables. - Experimental, with more than a year
+# of usage in production environments.
+
+#[php-url-fopen]
+#
+#enabled = false
+#port = http,https
+#filter = php-url-fopen
+#logpath = /var/www/*/logs/access_log
+
+# A simple PHP-fastcgi jail which works with lighttpd.
+# If you run a lighttpd server, then you probably will
+# find these kinds of messages in your error_log:
+# ALERT – tried to register forbidden variable ‘GLOBALS’
+# through GET variables (attacker '1.2.3.4', file '/var/www/default/htdocs/index.php')
+
+#[lighttpd-fastcgi]
+#
+#enabled = false
+#port = http,https
+#filter = lighttpd-fastcgi
+#logpath = /var/log/lighttpd/error.log
+
+# Same as above for mod_auth
+# It catches wrong authentifications
+
+#[lighttpd-auth]
+#
+#enabled = false
+#port = http,https
+#filter = suhosin
+#logpath = /var/log/lighttpd/error.log
+
+#[nginx-http-auth]
+#
+#enabled = false
+#filter = nginx-http-auth
+#port = http,https
+#logpath = /var/log/nginx/error.log
+
+# Monitor roundcube server
+
+#[roundcube-auth]
+#
+#enabled = false
+#filter = roundcube-auth
+#port = http,https
+#logpath = /var/log/roundcube/userlogins
+
+
+#[sogo-auth]
+#
+#enabled = false
+#filter = sogo-auth
+#port = http, https
+## without proxy this would be:
+## port = 20000
+#logpath = /var/log/sogo/sogo.log
+
+
+#
+# FTP servers
+#
+
+#[vsftpd]
+#
+#enabled = false
+#port = ftp,ftp-data,ftps,ftps-data
+#filter = vsftpd
+#logpath = /var/log/vsftpd.log
+## or overwrite it in jails.local to be
+## logpath = /var/log/auth.log
+## if you want to rely on PAM failed login attempts
+## vsftpd's failregex should match both of those formats
+#maxretry = 6
+
+
+#[proftpd]
+#
+#enabled = false
+#port = ftp,ftp-data,ftps,ftps-data
+#filter = proftpd
+#logpath = /var/log/proftpd/proftpd.log
+#maxretry = 6
+
+
+#[pure-ftpd]
+#
+#enabled = false
+#port = ftp,ftp-data,ftps,ftps-data
+#filter = pure-ftpd
+#logpath = /var/log/syslog
+#maxretry = 6
+
+
+#[wuftpd]
+#
+#enabled = false
+#port = ftp,ftp-data,ftps,ftps-data
+#filter = wuftpd
+#logpath = /var/log/syslog
+#maxretry = 6
+
+
+#
+# Mail servers
+#
+
+#[postfix]
+#
+#enabled = false
+#port = smtp,ssmtp,submission
+#filter = postfix
+#logpath = /var/log/mail.log
+
+
+#[couriersmtp]
+#
+#enabled = false
+#port = smtp,ssmtp,submission
+#filter = couriersmtp
+#logpath = /var/log/mail.log
+
+
+#
+# Mail servers authenticators: might be used for smtp,ftp,imap servers, so
+# all relevant ports get banned
+#
+
+#[courierauth]
+#
+#enabled = false
+#port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+#filter = courierlogin
+#logpath = /var/log/mail.log
+
+
+#[sasl]
+#
+#enabled = false
+#port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+#filter = postfix-sasl
+## You might consider monitoring /var/log/mail.warn instead if you are
+## running postfix since it would provide the same log lines at the
+## "warn" level but overall at the smaller filesize.
+#logpath = /var/log/mail.log
+
+#[dovecot]
+#
+#enabled = false
+#port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+#filter = dovecot
+#logpath = /var/log/mail.log
+
+# To log wrong MySQL access attempts add to /etc/my.cnf:
+# log-error=/var/log/mysqld.log
+# log-warning = 2
+#[mysqld-auth]
+#
+#enabled = false
+#filter = mysqld-auth
+#port = 3306
+#logpath = /var/log/mysqld.log
+
+
+# DNS Servers
+
+
+# These jails block attacks against named (bind9). By default, logging is off
+# with bind9 installation. You will need something like this:
+#
+# logging {
+# channel security_file {
+# file "/var/log/named/security.log" versions 3 size 30m;
+# severity dynamic;
+# print-time yes;
+# };
+# category security {
+# security_file;
+# };
+# };
+#
+# in your named.conf to provide proper logging
+
+# !!! WARNING !!!
+# Since UDP is connection-less protocol, spoofing of IP and imitation
+# of illegal actions is way too simple. Thus enabling of this filter
+# might provide an easy way for implementing a DoS against a chosen
+# victim. See
+# http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html
+# Please DO NOT USE this jail unless you know what you are doing.
+#[named-refused-udp]
+#
+#enabled = false
+#port = domain,953
+#protocol = udp
+#filter = named-refused
+#logpath = /var/log/named/security.log
+
+#[named-refused-tcp]
+#
+#enabled = false
+#port = domain,953
+#protocol = tcp
+#filter = named-refused
+#logpath = /var/log/named/security.log
+
+#[freeswitch]
+#
+#enabled = false
+#filter = freeswitch
+#logpath = /var/log/freeswitch.log
+#maxretry = 10
+#action = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp]
+# iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp]
+
+#[ejabberd-auth]
+#
+#enabled = false
+#filter = ejabberd-auth
+#port = xmpp-client
+#protocol = tcp
+#logpath = /var/log/ejabberd/ejabberd.log
+
+
+# Multiple jails, 1 per protocol, are necessary ATM:
+# see https://github.com/fail2ban/fail2ban/issues/37
+#[asterisk-tcp]
+#
+#enabled = false
+#filter = asterisk
+#port = 5060,5061
+#protocol = tcp
+#logpath = /var/log/asterisk/messages
+
+#[asterisk-udp]
+#
+#enabled = false
+#filter = asterisk
+#port = 5060,5061
+#protocol = udp
+#logpath = /var/log/asterisk/messages
+
+
+# Jail for more extended banning of persistent abusers
+# !!! WARNING !!!
+# Make sure that your loglevel specified in fail2ban.conf/.local
+# is not at DEBUG level -- which might then cause fail2ban to fall into
+# an infinite loop constantly feeding itself with non-informative lines
+#[recidive]
+#
+#enabled = false
+#filter = recidive
+#logpath = /var/log/fail2ban.log
+#action = iptables-allports[name=recidive]
+# sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
+#bantime = 604800 ; 1 week
+#findtime = 86400 ; 1 day
+#maxretry = 5
+
+# See the IMPORTANT note in action.d/blocklist_de.conf for when to
+# use this action
+#
+# Report block via blocklist.de fail2ban reporting service API
+# See action.d/blocklist_de.conf for more information
+#[ssh-blocklist]
+#
+#enabled = false
+#filter = sshd
+#action = iptables[name=SSH, port=ssh, protocol=tcp]
+# sendmail-whois[name=SSH, dest="%(destemail)s", sender="%(sender)s", sendername="%(sendername)s"]
+# blocklist_de[email="%(sender)s", apikey="xxxxxx", service="%(filter)s"]
+#logpath = /var/log/sshd.log
+#maxretry = 20
+
+
+# consider low maxretry and a long bantime
+# nobody except your own Nagios server should ever probe nrpe
+#[nagios]
+#enabled = false
+#filter = nagios
+#action = iptables[name=Nagios, port=5666, protocol=tcp]
+# sendmail-whois[name=Nagios, dest="%(destemail)s", sender="%(sender)s", sendername="%(sendername)s"]
+#logpath = /var/log/messages ; nrpe.cfg may define a different log_facility
+#maxretry = 1
+
+# vim: filetype=dosini
--- /dev/null
+
+[apache]
+
+enabled = true
+port = http,https
+filter = apache-auth
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
+[apache-noscript]
+
+enabled = true
+port = http,https
+filter = apache-noscript
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
+[apache-overflows]
+
+enabled = true
+port = http,https
+filter = apache-overflows
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+[apache-modsecurity]
+
+enabled = true
+filter = apache-modsecurity
+port = http,https
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+[apache-nohome]
+
+enabled = true
+filter = apache-nohome
+port = http,https
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+
+
+# vim: filetype=dosini
--- /dev/null
+
+[postfix]
+
+enabled = true
+port = smtp,ssmtp,submission
+filter = postfix
+logpath = /var/log/syslog.d/mail.log
+action = %(action_mw)s
+
+
+# vim: filetype=dosini
--- /dev/null
+
+[ssh]
+
+enabled = true
+port = ssh
+filter = sshd
+logpath = /var/log/syslog.d/auth.log
+action = %(action_)s
+maxretry = 6
+
+
+# vim: filetype=dosini
--- /dev/null
+# /etc/fstab: static file system information.
+#
+# Use 'blkid' to print the universally unique identifier for a
+# device; this may be used with UUID= as a more robust way to name devices
+# that works even if disks are added and removed. See fstab(5).
+#
+# <file system> <mount point> <type> <options> <dump> <pass>
+UUID=48a94cd6-85f8-4b46-ac5e-7ffe2f8bf042 / ext4 discard,errors=remount-ro 0 1
+/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
+/dev/mapper/vg00-swap none swap sw 0 0
+/dev/mapper/vg00-home /home ext4 acl,user_xattr 0 2
+/dev/mapper/vg00-tmp /tmp ext4 noatime 0 2
+/dev/mapper/vg00-var /var ext4 acl,user_xattr 0 2
--- /dev/null
+
+[Global]
+
+backup_dir = '/var/backup'
+
+[FTP]
+
+host = 'backup.serverkompetenz.de'
+user = 'b082473'
+#user = 'b047934'
+password = '53rVer'
+passive = True
+dir = '/backup'
+timezone = 'UTC'
+
+[Copies]
+
+yearly = 3
+monthly = 4
+weekly = 3
+daily = 4
+
--- /dev/null
+
+[Global]
+
+backup_dir = '/var/backup'
+
+[SFTP]
+
+host = 'rsync.hidrive.strato.com'
+user = 'frank.brehm'
+
+dir = '/users/frank.brehm/Backup'
+
+key_file = '/etc/ftp-backup/id_rsa'
+
+[Copies]
+
+yearly = 3
+monthly = 4
+weekly = 3
+daily = 4
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAr+YczQdb+IEn+3WOCv7G0CGjvInCJR4FQgxxSMnicPam/uYV
+DUA2DkVhy3ZJj4sw9DywSK6QlN7ivBIXDz3wJfr7c9JHG7Buv3bmJDiq+5GGyjrm
+t6ILSvAQEza7S/p+G9lXTlZDADi1jEruIQoutSDU4C0qQeoH2LeUdMBnZ10Ojgf8
+UeH5k6z4FytutRXQEwgA8iS5YH3SP24qjIfr7zvTQQntR7UI1q2STcEpmnAttKdN
+1LTZIl8iwNoX6S/UTOpaxfYtHwUfFvfQUw5hhdv8Omk7W3AQTpNcphwY7sVSOrTM
+G8WabEy46foDszDp648XHCkK1VsJqcDBvDDG8wIDAQABAoIBABLdllczI90aVSR2
+Lj7lpoMqKHqPN+BtQNkdpoTNClldSvnpyXY7XdDYBi4hSLB5mE2JuMqC1oTxBtZv
+BkQfO4OHULLSacgBe09TvElEPqpuqEtGV/p4CcgGyWKWKy5x9lacT+3Z+KOscWRT
+oQiwI+RPWiWVEoQxSpgm0GhZPn3qYnNGlDFbs65jSaGyTupNZXxvpClPvcjPm21+
+O6UyY2dXP3KJXYNmalFGPlhBGi4qV+azAC0IuTROtO7YXnRvh43e3EWDbyiQsk73
+0wew9IhhAAxnUbZc/OHjy0x10/aiugNfUK/KrmZLmiX1+fHpflu1ArG3s3FLK5rG
+qTiQ4ZECgYEA5+yF8cR5gAwUCPPAb49x7Ry3pisZPT/A2eZ3rz7ops8Icki5M87G
+bVLipMYGQOxWxoA6DeLh7EJ0aClx1TVg9vCzIDpdIi+Iaki1uO1RJF/V0eEkZw21
+01msYWAUgeq9oRauWxbmuxR9oriRmhUu58y6+5yY1Ebnje2ROPC8/EkCgYEAwiiz
+MR+/60SMXktfnHYnl0lPyVodU9OfIgueMXaOv+jIBMwk31Jm14wTfc9tBqT5mweY
+vY7M1ZnPg5OJIytXQo7vOFixT41EJlc7Ipiehzc7SZU0JPyX68ebXZmJjzRxuZYx
+DSZmiDCC16NvoJRzHuKl/AEiG6RRScSgJZOwUVsCgYAD1DnZ5f6DiK+D/lI9BUdC
+POkjSy7dfgH3FwD+2bEJn/1ptZ2pJ07LW0T2p3ZO+BfuqwtKU2abefVmCtkgRgNV
+0F+EtrH28IX2C0FEzlY6nYJwNqFdOjK4TJC2AtoT0wZSdIdoZZZlnE7+ssFko9jk
+ZtLneIxlZM5J35Q4NnFIUQKBgQC36VGDUK28Ltw/XWodjJYH6buX4LIy+xubZiHc
+fI7PHbKJSM4Mc8NSnS7BVz/QsWh1/wYhWCiSk/VKju+xzpYDR901JF4gGpHZN3ue
+U66mKh0QoDIabuGAxzxVtt/kNCsdPjUMXbl1e24U0I0mMDezo8DSKkiiok0VcRi5
+P2IeTQKBgQDmTP+Q+PbUsUsdkTHJ8piIi0CgMPyzQ7eg9Ia6toul8MYeMF3kTX1w
+jaHJrL21QicBnIuIRgB9wIJsa8MEnozPcmgE3DjbP5eI1/8gsyCkfC9m9BIARh+4
+CoYNRyRhfBp7Jz0+SNUIP3o4Mh/xtNSK6YUnF9nQpAEax8gDiprjbw==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCv5hzNB1v4gSf7dY4K/sbQIaO8icIlHgVCDHFIyeJw9qb+5hUNQDYORWHLdkmPizD0PLBIrpCU3uK8EhcPPfAl+vtz0kcbsG6/duYkOKr7kYbKOua3ogtK8BATNrtL+n4b2VdOVkMAOLWMSu4hCi61INTgLSpB6gfYt5R0wGdnXQ6OB/xR4fmTrPgXK261FdATCADyJLlgfdI/biqMh+vvO9NBCe1HtQjWrZJNwSmacC20p03UtNkiXyLA2hfpL9RM6lrF9i0fBR8W99BTDmGF2/w6aTtbcBBOk1ymHBjuxVI6tMwbxZpsTLjp+gOzMOnrjxccKQrVWwmpwMG8MMbz backup@helga
--- /dev/null
+# Configuration for getaddrinfo(3).
+#
+# So far only configuration for the destination address sorting is needed.
+# RFC 3484 governs the sorting. But the RFC also says that system
+# administrators should be able to overwrite the defaults. This can be
+# achieved here.
+#
+# All lines have an initial identifier specifying the option followed by
+# up to two values. Information specified in this file replaces the
+# default information. Complete absence of data of one kind causes the
+# appropriate default information to be used. The supported commands include:
+#
+# reload <yes|no>
+# If set to yes, each getaddrinfo(3) call will check whether this file
+# changed and if necessary reload. This option should not really be
+# used. There are possible runtime problems. The default is no.
+#
+# label <mask> <value>
+# Add another rule to the RFC 3484 label table. See section 2.1 in
+# RFC 3484. The default is:
+#
+#label ::1/128 0
+#label ::/0 1
+#label 2002::/16 2
+#label ::/96 3
+#label ::ffff:0:0/96 4
+#label fec0::/10 5
+#label fc00::/7 6
+#label 2001:0::/32 7
+#
+# This default differs from the tables given in RFC 3484 by handling
+# (now obsolete) site-local IPv6 addresses and Unique Local Addresses.
+# The reason for this difference is that these addresses are never
+# NATed while IPv4 site-local addresses most probably are. Given
+# the precedence of IPv6 over IPv4 (see below) on machines having only
+# site-local IPv4 and IPv6 addresses a lookup for a global address would
+# see the IPv6 be preferred. The result is a long delay because the
+# site-local IPv6 addresses cannot be used while the IPv4 address is
+# (at least for the foreseeable future) NATed. We also treat Teredo
+# tunnels special.
+#
+# precedence <mask> <value>
+# Add another rule to the RFC 3484 precedence table. See section 2.1
+# and 10.3 in RFC 3484. The default is:
+#
+#precedence ::1/128 50
+#precedence ::/0 40
+#precedence 2002::/16 30
+#precedence ::/96 20
+#precedence ::ffff:0:0/96 10
+#
+# For sites which prefer IPv4 connections change the last line to
+#
+#precedence ::ffff:0:0/96 100
+
+#
+# scopev4 <mask> <value>
+# Add another rule to the RFC 6724 scope table for IPv4 addresses.
+# By default the scope IDs described in section 3.2 in RFC 6724 are
+# used. Changing these defaults should hardly ever be necessary.
+# The defaults are equivalent to:
+#
+#scopev4 ::ffff:169.254.0.0/112 2
+#scopev4 ::ffff:127.0.0.0/104 2
+#scopev4 ::ffff:0.0.0.0/96 14
--- /dev/null
+.\" This file is loaded after an-old.tmac.
+.\" Put any local modifications to an-old.tmac here.
+.
+.if n \{\
+. \" Debian: Map \(oq to ' rather than ` in nroff mode for devices other
+. \" than utf8.
+. if !'\*[.T]'utf8' \
+. tr \[oq]'
+.
+. \" Debian: Disable the use of SGR (ANSI colour) escape sequences by
+. \" grotty.
+. if '\V[GROFF_SGR]'' \
+. output x X tty: sgr 0
+.
+. \" Debian: Strictly, "-" is a hyphen while "\-" is a minus sign, and the
+. \" former may not always be rendered in the form expected for things like
+. \" command-line options. Uncomment this if you want to make sure that
+. \" manual pages you're writing are clear of this problem.
+. \" if '\*[.T]'utf8' \
+. \" char - \[hy]
+.\}
--- /dev/null
+.\" This file is loaded after doc.tmac.
+.\" Put any local modifications to doc.tmac here.
+.
+.if n \{\
+. \" Debian: Map \(oq to ' rather than ` in nroff mode for devices other
+. \" than utf8.
+. if !'\*[.T]'utf8' \
+. tr \[oq]'
+.
+. \" Debian: Disable the use of SGR (ANSI colour) escape sequences by
+. \" grotty.
+. if '\V[GROFF_SGR]'' \
+. output x X tty: sgr 0
+.
+. \" Debian: Strictly, "-" is a hyphen while "\-" is a minus sign, and the
+. \" former may not always be rendered in the form expected for things like
+. \" command-line options. Uncomment this if you want to make sure that
+. \" manual pages you're writing are clear of this problem.
+. \" if '\*[.T]'utf8' \
+. \" char - \[hy]
+.\}
--- /dev/null
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:repo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:repo
+operator:x:37:repo
+list:x:38:
+irc:x:39:
+src:x:40:repo
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:repo
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+input:x:101:
+systemd-journal:x:102:
+systemd-timesync:x:103:
+systemd-network:x:104:
+systemd-resolve:x:105:
+systemd-bus-proxy:x:106:
+crontab:x:107:
+netdev:x:108:
+ssh:x:109:
+Debian-exim:x:110:
+mlocate:x:111:repo
+ssl-cert:x:112:
+postfix:x:113:
+postdrop:x:114:
+bind:x:999:
+ulog:x:115:
--- /dev/null
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+input:x:101:
+systemd-journal:x:102:
+systemd-timesync:x:103:
+systemd-network:x:104:
+systemd-resolve:x:105:
+systemd-bus-proxy:x:106:
+crontab:x:107:
+netdev:x:108:
+ssh:x:109:
+Debian-exim:x:110:
+mlocate:x:111:
+ssl-cert:x:112:
+postfix:x:113:
+postdrop:x:114:
+bind:x:999:
+ulog:x:115:
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+grub_lang=`echo $LANG | cut -d . -f 1`
+grubdir="`echo "/boot/grub" | sed 's,//*,/,g'`"
+quick_boot="0"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+# Do this as early as possible, since other commands might depend on it.
+# (e.g. the `loadfont' command might need lvm or raid modules)
+for i in ${GRUB_PRELOAD_MODULES} ; do
+ echo "insmod $i"
+done
+
+if [ "x${GRUB_DEFAULT}" = "x" ] ; then GRUB_DEFAULT=0 ; fi
+if [ "x${GRUB_DEFAULT}" = "xsaved" ] ; then GRUB_DEFAULT='${saved_entry}' ; fi
+if [ "x${GRUB_TIMEOUT}" = "x" ] ; then GRUB_TIMEOUT=5 ; fi
+if [ "x${GRUB_GFXMODE}" = "x" ] ; then GRUB_GFXMODE=auto ; fi
+
+if [ "x${GRUB_DEFAULT_BUTTON}" = "x" ] ; then GRUB_DEFAULT_BUTTON="$GRUB_DEFAULT" ; fi
+if [ "x${GRUB_DEFAULT_BUTTON}" = "xsaved" ] ; then GRUB_DEFAULT_BUTTON='${saved_entry}' ; fi
+if [ "x${GRUB_TIMEOUT_BUTTON}" = "x" ] ; then GRUB_TIMEOUT_BUTTON="$GRUB_TIMEOUT" ; fi
+
+cat << EOF
+if [ -s \$prefix/grubenv ]; then
+ set have_grubenv=true
+ load_env
+fi
+EOF
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ]; then
+ cat <<EOF
+if cmostest $GRUB_BUTTON_CMOS_ADDRESS ; then
+ set default="${GRUB_DEFAULT_BUTTON}"
+elif [ "\${next_entry}" ] ; then
+ set default="\${next_entry}"
+ set next_entry=
+ save_env next_entry
+ set boot_once=true
+else
+ set default="${GRUB_DEFAULT}"
+fi
+EOF
+else
+ cat <<EOF
+if [ "\${next_entry}" ] ; then
+ set default="\${next_entry}"
+ set next_entry=
+ save_env next_entry
+ set boot_once=true
+else
+ set default="${GRUB_DEFAULT}"
+fi
+EOF
+fi
+cat <<EOF
+
+if [ x"\${feature_menuentry_id}" = xy ]; then
+ menuentry_id_option="--id"
+else
+ menuentry_id_option=""
+fi
+
+export menuentry_id_option
+
+if [ "\${prev_saved_entry}" ]; then
+ set saved_entry="\${prev_saved_entry}"
+ save_env saved_entry
+ set prev_saved_entry=
+ save_env prev_saved_entry
+ set boot_once=true
+fi
+
+function savedefault {
+ if [ -z "\${boot_once}" ]; then
+ saved_entry="\${chosen}"
+ save_env saved_entry
+ fi
+}
+EOF
+
+if [ "$quick_boot" = 1 ]; then
+ cat <<EOF
+function recordfail {
+ set recordfail=1
+EOF
+ FS="$(grub-probe --target=fs "${grubdir}")"
+ case "$FS" in
+ btrfs | cpiofs | newc | odc | romfs | squash4 | tarfs | zfs)
+ cat <<EOF
+ # GRUB lacks write support for $FS, so recordfail support is disabled.
+EOF
+ ;;
+ *)
+ cat <<EOF
+ if [ -n "\${have_grubenv}" ]; then if [ -z "\${boot_once}" ]; then save_env recordfail; fi; fi
+EOF
+ esac
+ cat <<EOF
+}
+EOF
+fi
+
+cat <<EOF
+function load_video {
+EOF
+if [ -n "${GRUB_VIDEO_BACKEND}" ]; then
+ cat <<EOF
+ insmod ${GRUB_VIDEO_BACKEND}
+EOF
+else
+# If all_video.mod isn't available load all modules available
+# with versions prior to introduction of all_video.mod
+cat <<EOF
+ if [ x\$feature_all_video_module = xy ]; then
+ insmod all_video
+ else
+ insmod efi_gop
+ insmod efi_uga
+ insmod ieee1275_fb
+ insmod vbe
+ insmod vga
+ insmod video_bochs
+ insmod video_cirrus
+ fi
+EOF
+fi
+cat <<EOF
+}
+
+EOF
+
+serial=0;
+gfxterm=0;
+for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do
+ if [ xserial = "x$x" ]; then
+ serial=1;
+ fi
+ if [ xgfxterm = "x$x" ]; then
+ gfxterm=1;
+ fi
+done
+
+if [ "x$serial" = x1 ]; then
+ if [ "x${GRUB_SERIAL_COMMAND}" = "x" ] ; then
+ grub_warn "$(gettext "Requested serial terminal but GRUB_SERIAL_COMMAND is unspecified. Default parameters will be used.")"
+ GRUB_SERIAL_COMMAND=serial
+ fi
+ echo "${GRUB_SERIAL_COMMAND}"
+fi
+
+if [ "x$gfxterm" = x1 ]; then
+ if [ -n "$GRUB_FONT" ] ; then
+ # Make the font accessible
+ prepare_grub_to_access_device `${grub_probe} --target=device "${GRUB_FONT}"`
+ cat << EOF
+if loadfont `make_system_path_relative_to_its_root "${GRUB_FONT}"` ; then
+EOF
+ else
+ for dir in "${pkgdatadir}" "`echo '/boot/grub' | sed "s,//*,/,g"`" /usr/share/grub ; do
+ for basename in unicode unifont ascii; do
+ path="${dir}/${basename}.pf2"
+ if is_path_readable_by_grub "${path}" > /dev/null ; then
+ font_path="${path}"
+ else
+ continue
+ fi
+ break 2
+ done
+ done
+ if [ -n "${font_path}" ] ; then
+ cat << EOF
+if [ x\$feature_default_font_path = xy ] ; then
+ font=unicode
+else
+EOF
+ # Make the font accessible
+ prepare_grub_to_access_device `${grub_probe} --target=device "${font_path}"`
+ cat << EOF
+ font="`make_system_path_relative_to_its_root "${font_path}"`"
+fi
+
+if loadfont \$font ; then
+EOF
+ else
+ cat << EOF
+if loadfont unicode ; then
+EOF
+ fi
+ fi
+
+ cat << EOF
+ set gfxmode=${GRUB_GFXMODE}
+ load_video
+ insmod gfxterm
+EOF
+
+# Gettext variables and module
+if [ "x${LANG}" != "xC" ] && [ "x${LANG}" != "x" ]; then
+ cat << EOF
+ set locale_dir=\$prefix/locale
+ set lang=${grub_lang}
+ insmod gettext
+EOF
+fi
+
+cat <<EOF
+fi
+EOF
+fi
+
+case x${GRUB_TERMINAL_INPUT} in
+ x)
+ # Just use the native terminal
+ ;;
+ x*)
+ cat << EOF
+terminal_input ${GRUB_TERMINAL_INPUT}
+EOF
+ ;;
+esac
+
+case x${GRUB_TERMINAL_OUTPUT} in
+ x)
+ # Just use the native terminal
+ ;;
+ x*)
+ cat << EOF
+terminal_output ${GRUB_TERMINAL_OUTPUT}
+EOF
+ ;;
+esac
+
+if [ "x$gfxterm" = x1 ]; then
+ if [ "x$GRUB_THEME" != x ] && [ -f "$GRUB_THEME" ] \
+ && is_path_readable_by_grub "$GRUB_THEME"; then
+ gettext_printf "Found theme: %s\n" "$GRUB_THEME" >&2
+
+ prepare_grub_to_access_device `${grub_probe} --target=device "$GRUB_THEME"`
+ cat << EOF
+insmod gfxmenu
+EOF
+ themedir="`dirname "$GRUB_THEME"`"
+ for x in "$themedir"/*.pf2 "$themedir"/f/*.pf2; do
+ if [ -f "$x" ]; then
+ cat << EOF
+loadfont (\$root)`make_system_path_relative_to_its_root $x`
+EOF
+ fi
+ done
+ if [ x"`echo "$themedir"/*.jpg`" != x"$themedir/*.jpg" ] || [ x"`echo "$themedir"/*.jpeg`" != x"$themedir/*.jpeg" ]; then
+ cat << EOF
+insmod jpeg
+EOF
+ fi
+ if [ x"`echo "$themedir"/*.png`" != x"$themedir/*.png" ]; then
+ cat << EOF
+insmod png
+EOF
+ fi
+ if [ x"`echo "$themedir"/*.tga`" != x"$themedir/*.tga" ]; then
+ cat << EOF
+insmod tga
+EOF
+ fi
+
+ cat << EOF
+set theme=(\$root)`make_system_path_relative_to_its_root $GRUB_THEME`
+export theme
+EOF
+ elif [ "x$GRUB_BACKGROUND" != x ] && [ -f "$GRUB_BACKGROUND" ] \
+ && is_path_readable_by_grub "$GRUB_BACKGROUND"; then
+ gettext_printf "Found background: %s\n" "$GRUB_BACKGROUND" >&2
+ case "$GRUB_BACKGROUND" in
+ *.png) reader=png ;;
+ *.tga) reader=tga ;;
+ *.jpg|*.jpeg) reader=jpeg ;;
+ *) gettext "Unsupported image format" >&2; echo >&2; exit 1 ;;
+ esac
+ prepare_grub_to_access_device `${grub_probe} --target=device "$GRUB_BACKGROUND"`
+ cat << EOF
+insmod $reader
+background_image -m stretch `make_system_path_relative_to_its_root "$GRUB_BACKGROUND"`
+EOF
+ fi
+fi
+
+make_timeout ()
+{
+ cat << EOF
+if [ "\${recordfail}" = 1 ] ; then
+ set timeout=${GRUB_RECORDFAIL_TIMEOUT:--1}
+else
+EOF
+ if [ "x${3}" != "x" ] ; then
+ timeout="${2}"
+ style="${3}"
+ elif [ "x${1}" != "x" ] && \
+ ([ "$quick_boot" = 1 ] || [ "x${1}" != "x0" ]) ; then
+ # Handle the deprecated GRUB_HIDDEN_TIMEOUT scheme.
+ timeout="${1}"
+ if [ "x${2}" != "x0" ] ; then
+ grub_warn "$(gettext "Setting GRUB_TIMEOUT to a non-zero value when GRUB_HIDDEN_TIMEOUT is set is no longer supported.")"
+ fi
+ if [ "x${GRUB_HIDDEN_TIMEOUT_QUIET}" = "xtrue" ] ; then
+ style="hidden"
+ verbose=
+ else
+ style="countdown"
+ verbose=" --verbose"
+ fi
+ else
+ # No hidden timeout, so treat as GRUB_TIMEOUT_STYLE=menu
+ timeout="${2}"
+ style="menu"
+ fi
+ cat << EOF
+ if [ x\$feature_timeout_style = xy ] ; then
+ set timeout_style=${style}
+ set timeout=${timeout}
+EOF
+ if [ "x${style}" = "xmenu" ] ; then
+ cat << EOF
+ # Fallback normal timeout code in case the timeout_style feature is
+ # unavailable.
+ else
+ set timeout=${timeout}
+EOF
+ else
+ cat << EOF
+ # Fallback hidden-timeout code in case the timeout_style feature is
+ # unavailable.
+ elif sleep${verbose} --interruptible ${timeout} ; then
+ set timeout=0
+EOF
+ fi
+ cat << EOF
+ fi
+fi
+EOF
+}
+
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ]; then
+ cat <<EOF
+if cmostest $GRUB_BUTTON_CMOS_ADDRESS ; then
+EOF
+make_timeout "${GRUB_HIDDEN_TIMEOUT_BUTTON}" "${GRUB_TIMEOUT_BUTTON}" "${GRUB_TIMEOUT_STYLE_BUTTON}"
+echo else
+make_timeout "${GRUB_HIDDEN_TIMEOUT}" "${GRUB_TIMEOUT}" "${GRUB_TIMEOUT_STYLE}"
+echo fi
+else
+make_timeout "${GRUB_HIDDEN_TIMEOUT}" "${GRUB_TIMEOUT}" "${GRUB_TIMEOUT_STYLE}"
+fi
+
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ] && [ "x$GRUB_BUTTON_CMOS_CLEAN" = "xyes" ]; then
+ cat <<EOF
+cmosclean $GRUB_BUTTON_CMOS_ADDRESS
+EOF
+fi
+
+# Play an initial tune
+if [ "x${GRUB_INIT_TUNE}" != "x" ] ; then
+ echo "play ${GRUB_INIT_TUNE}"
+fi
+
+if [ "x${GRUB_BADRAM}" != "x" ] ; then
+ echo "badram ${GRUB_BADRAM}"
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2010 Alexander Kurtz <kurtz.alex@googlemail.com>
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+# Include the GRUB helper library for grub-mkconfig.
+. /usr/share/grub/grub-mkconfig_lib
+
+# We want to work in /boot/grub/ only.
+test -d /boot/grub; cd /boot/grub
+
+# Set the location of a possibly necessary cache file for the background image.
+# NOTE: This MUST BE A DOTFILE to avoid confusing it with user-defined images.
+BACKGROUND_CACHE=".background_cache"
+
+set_default_theme(){
+ case $GRUB_DISTRIBUTOR in
+ Tanglu|Ubuntu|Kubuntu)
+ # Set a monochromatic theme for Tanglu/Ubuntu.
+ echo "${1}set menu_color_normal=white/black"
+ echo "${1}set menu_color_highlight=black/light-gray"
+
+ if [ -e /lib/plymouth/themes/default.grub ]; then
+ sed "s/^/${1}/" /lib/plymouth/themes/default.grub
+ fi
+ ;;
+ *)
+ # Set the traditional Debian blue theme.
+ echo "${1}set menu_color_normal=cyan/blue"
+ echo "${1}set menu_color_highlight=white/blue"
+ ;;
+ esac
+}
+
+module_available(){
+ local module
+ for module in "${1}.mod" */"${1}.mod"; do
+ if [ -f "${module}" ]; then
+ return 0
+ fi
+ done
+ return 1
+}
+
+set_background_image(){
+ # Step #1: Search all available output modes ...
+ local output
+ for output in ${GRUB_TERMINAL_OUTPUT}; do
+ if [ "x$output" = "xgfxterm" ]; then
+ break
+ fi
+ done
+
+ # ... and check if we are able to display a background image at all.
+ if ! [ "x${output}" = "xgfxterm" ]; then
+ return 1
+ fi
+
+ # Step #2: Check if the specified background image exists.
+ if ! [ -f "${1}" ]; then
+ return 2
+ fi
+
+ # Step #3: Search the correct GRUB module for our background image.
+ local reader
+ case "${1}" in
+ *.jpg|*.JPG|*.jpeg|*.JPEG) reader="jpeg";;
+ *.png|*.PNG) reader="png";;
+ *.tga|*.TGA) reader="tga";;
+ *) return 3;; # Unknown image type.
+ esac
+
+ # Step #4: Check if the necessary GRUB module is available.
+ if ! module_available "${reader}"; then
+ return 4
+ fi
+
+ # Step #5: Check if GRUB can read the background image directly.
+ # If so, we can remove the cache file (if any). Otherwise the backgound
+ # image needs to be cached under /boot/grub/.
+ if is_path_readable_by_grub "${1}"; then
+ rm --force "${BACKGROUND_CACHE}.jpeg" \
+ "${BACKGROUND_CACHE}.png" "${BACKGROUND_CACHE}.tga"
+ elif cp "${1}" "${BACKGROUND_CACHE}.${reader}"; then
+ set -- "${BACKGROUND_CACHE}.${reader}" "${2}" "${3}"
+ else
+ return 5
+ fi
+
+ # Step #6: Prepare GRUB to read the background image.
+ if ! prepare_grub_to_access_device "`${grub_probe} --target=device "${1}"`"; then
+ return 6
+ fi
+
+ # Step #7: Everything went fine, print out a message to stderr ...
+ echo "Found background image: ${1}" >&2
+
+ # ... and write our configuration snippet to stdout. Use the colors
+ # desktop-base specified. If we're using a user-defined background, use
+ # the default colors since we've got no idea how the image looks like.
+ # If loading the background image fails, use the default theme.
+ echo "insmod ${reader}"
+ echo "if background_image `make_system_path_relative_to_its_root "${1}"`; then"
+ if [ -n "${2}" ]; then
+ echo " set color_normal=${2}"
+ fi
+ if [ -n "${3}" ]; then
+ echo " set color_highlight=${3}"
+ fi
+ if [ -z "${2}" ] && [ -z "${3}" ]; then
+ echo " true"
+ fi
+ echo "else"
+ set_default_theme " "
+ echo "fi"
+}
+
+# Earlier versions of grub-pc copied the default background image to /boot/grub
+# during postinst. Remove those obsolete images if they haven't been touched by
+# the user. They are still available under /usr/share/images/desktop-base/ if
+# desktop-base is installed.
+while read checksum background; do
+ if [ -f "${background}" ] && [ "x`sha1sum "${background}"`" = "x${checksum} ${background}" ]; then
+ echo "Removing old background image: ${background}" >&2
+ rm "${background}"
+ fi
+done <<EOF
+648ee65dd0c157a69b019a5372cbcfea4fc754a5 debian-blueish-wallpaper-640x480.png
+0431e97a6c661084c59676c4baeeb8c2f602edb8 debian-blueish-wallpaper-640x480.png
+968ecf6696c5638cfe80e8e70aba239526270864 debian-blueish-wallpaper-640x480.tga
+11143e8c92a073401de0b0fd42d0c052af4ccd9b moreblue-orbit-grub.png
+d00d5e505ab63f2d53fa880bfac447e2d3bb197c moreblue-orbit-grub.png
+f5b12c1009ec0a3b029185f6b66cd0d7e5611019 moreblue-orbit-grub.png
+EOF
+
+# Include the configuration of desktop-base if available.
+if [ -f "/usr/share/desktop-base/grub_background.sh" ]; then
+ . "/usr/share/desktop-base/grub_background.sh"
+fi
+
+# First check whether the user has specified a background image explicitly.
+# If so, try to use it. Don't try the other possibilities in that case
+# (#608263).
+if [ -n "${GRUB_BACKGROUND+x}" ]; then
+ set_background_image "${GRUB_BACKGROUND}" || set_default_theme
+ exit 0
+fi
+
+# Next search for pictures the user put into /boot/grub/ and use the first one.
+for background in *.jpg *.JPG *.jpeg *.JPEG *.png *.PNG *.tga *.TGA; do
+ if set_background_image "${background}"; then
+ exit 0
+ fi
+done
+
+# Next try to use the background image and colors specified by desktop-base.
+if set_background_image "${WALLPAPER}" "${COLOR_NORMAL}" "${COLOR_HIGHLIGHT}"; then
+ exit 0
+fi
+
+# If we haven't found a background image yet, use the default from desktop-base.
+case $GRUB_DISTRIBUTOR in
+ Ubuntu|Kubuntu)
+ ;;
+ Tanglu)
+ if set_background_image "/usr/share/images/grub/grub.png"; then
+ exit 0
+ fi
+ ;;
+ *)
+ if set_background_image "/usr/share/images/desktop-base/desktop-grub.png"; then
+ exit 0
+ fi
+ ;;
+esac
+
+# Finally, if all of the above fails, use the default theme.
+set_default_theme
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+ubuntu_recovery="0"
+quiet_boot="0"
+quick_boot="0"
+gfxpayload_dynamic="0"
+vt_handoff="0"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+CLASS="--class gnu-linux --class gnu --class os"
+SUPPORTED_INITS="sysvinit:/lib/sysvinit/init systemd:/lib/systemd/systemd upstart:/sbin/upstart"
+
+if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
+ OS=GNU/Linux
+else
+ case ${GRUB_DISTRIBUTOR} in
+ Ubuntu|Kubuntu)
+ OS="${GRUB_DISTRIBUTOR}"
+ ;;
+ *)
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ ;;
+ esac
+ CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
+fi
+
+# loop-AES arranges things so that /dev/loop/X can be our root device, but
+# the initrds that Linux uses don't like that.
+case ${GRUB_DEVICE} in
+ /dev/loop/*|/dev/loop[0-9])
+ GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"`
+ # We can't cope with devices loop-mounted from files here.
+ case ${GRUB_DEVICE} in
+ /dev/*) ;;
+ *) exit 0 ;;
+ esac
+ ;;
+esac
+
+if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
+ || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
+ || uses_abstraction "${GRUB_DEVICE}" lvm; then
+ LINUX_ROOT_DEVICE=${GRUB_DEVICE}
+else
+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
+fi
+
+case x"$GRUB_FS" in
+ xbtrfs)
+ rootsubvol="`make_system_path_relative_to_its_root /`"
+ rootsubvol="${rootsubvol#/}"
+ if [ "x${rootsubvol}" != x ]; then
+ GRUB_CMDLINE_LINUX="rootflags=subvol=${rootsubvol} ${GRUB_CMDLINE_LINUX}"
+ fi;;
+ xzfs)
+ rpool=`${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true`
+ bootfs="`make_system_path_relative_to_its_root / | sed -e "s,@$,,"`"
+ LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}"
+ ;;
+esac
+
+title_correction_code=
+
+if [ -x /lib/recovery-mode/recovery-menu ]; then
+ GRUB_CMDLINE_LINUX_RECOVERY=recovery
+else
+ GRUB_CMDLINE_LINUX_RECOVERY=single
+fi
+if [ "$ubuntu_recovery" = 1 ]; then
+ GRUB_CMDLINE_LINUX_RECOVERY="$GRUB_CMDLINE_LINUX_RECOVERY nomodeset"
+fi
+
+if [ "$vt_handoff" = 1 ]; then
+ for word in $GRUB_CMDLINE_LINUX_DEFAULT; do
+ if [ "$word" = splash ]; then
+ GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT \$vt_handoff"
+ fi
+ done
+fi
+
+linux_entry ()
+{
+ os="$1"
+ version="$2"
+ type="$3"
+ args="$4"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ x$type != xsimple ] ; then
+ case $type in
+ recovery)
+ title="$(gettext_printf "%s, with Linux %s (%s)" "${os}" "${version}" "$(gettext "${GRUB_RECOVERY_TITLE}")")" ;;
+ init-*)
+ title="$(gettext_printf "%s, with Linux %s (%s)" "${os}" "${version}" "${type#init-}")" ;;
+ *)
+ title="$(gettext_printf "%s, with Linux %s" "${os}" "${version}")" ;;
+ esac
+ if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ replacement_title="$(echo "Advanced options for ${OS}" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ else
+ echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ "$quick_boot" = 1 ]; then
+ echo " recordfail" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x$type != xrecovery ] ; then
+ save_default_entry | grub_add_tab
+ fi
+
+ # Use ELILO's generic "efifb" when it's known to be available.
+ # FIXME: We need an interface to select vesafb in case efifb can't be used.
+ if [ "x$GRUB_GFXPAYLOAD_LINUX" = x ]; then
+ echo " load_video" | sed "s/^/$submenu_indentation/"
+ else
+ if [ "x$GRUB_GFXPAYLOAD_LINUX" != xtext ]; then
+ echo " load_video" | sed "s/^/$submenu_indentation/"
+ fi
+ fi
+ if ([ "$ubuntu_recovery" = 0 ] || [ x$type != xrecovery ]) && \
+ ([ "x$GRUB_GFXPAYLOAD_LINUX" != x ] || [ "$gfxpayload_dynamic" = 1 ]); then
+ echo " gfxmode \$linux_gfx_mode" | sed "s/^/$submenu_indentation/"
+ fi
+
+ echo " insmod gzio" | sed "s/^/$submenu_indentation/"
+ echo " if [ x\$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi" | sed "s/^/$submenu_indentation/"
+
+ if [ x$dirname = x/ ]; then
+ if [ -z "${prepare_root_cache}" ]; then
+ prepare_root_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_root_cache}" | sed "s/^/$submenu_indentation/"
+ else
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x"$quiet_boot" = x0 ] || [ x"$type" != xsimple ]; then
+ message="$(gettext_printf "Loading Linux %s ..." ${version})"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+EOF
+ fi
+ if test -d /sys/firmware/efi && test -e "${linux}.efi.signed"; then
+ sed "s/^/$submenu_indentation/" << EOF
+ linux ${rel_dirname}/${basename}.efi.signed root=${linux_root_device_thisversion} ro ${args}
+EOF
+ else
+ sed "s/^/$submenu_indentation/" << EOF
+ linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
+EOF
+ fi
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ if [ x"$quiet_boot" = x0 ] || [ x"$type" != xsimple ]; then
+ message="$(gettext_printf "Loading initial ramdisk ...")"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+ initrd ${rel_dirname}/${initrd}
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+}
+EOF
+}
+
+machine=`uname -m`
+case "x$machine" in
+ xi?86 | xx86_64)
+ list=`for i in /boot/vmlinuz-* /vmlinuz-* /boot/kernel-* ; do
+ if grub_file_is_not_garbage "$i" ; then echo -n "$i " ; fi
+ done` ;;
+ *)
+ list=`for i in /boot/vmlinuz-* /boot/vmlinux-* /vmlinuz-* /vmlinux-* /boot/kernel-* ; do
+ if grub_file_is_not_garbage "$i" ; then echo -n "$i " ; fi
+ done` ;;
+esac
+
+case "$machine" in
+ i?86) GENKERNEL_ARCH="x86" ;;
+ mips|mips64) GENKERNEL_ARCH="mips" ;;
+ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;;
+ arm*) GENKERNEL_ARCH="arm" ;;
+ *) GENKERNEL_ARCH="$machine" ;;
+esac
+
+prepare_boot_cache=
+prepare_root_cache=
+boot_device_id=
+title_correction_code=
+
+cat << 'EOF'
+function gfxmode {
+ set gfxpayload="${1}"
+EOF
+if [ "$vt_handoff" = 1 ]; then
+ cat << 'EOF'
+ if [ "${1}" = "keep" ]; then
+ set vt_handoff=vt.handoff=7
+ else
+ set vt_handoff=
+ fi
+EOF
+fi
+cat << EOF
+}
+EOF
+
+# Use ELILO's generic "efifb" when it's known to be available.
+# FIXME: We need an interface to select vesafb in case efifb can't be used.
+if [ "x$GRUB_GFXPAYLOAD_LINUX" != x ] || [ "$gfxpayload_dynamic" = 0 ]; then
+ echo "set linux_gfx_mode=$GRUB_GFXPAYLOAD_LINUX"
+else
+ cat << EOF
+if [ "\${recordfail}" != 1 ]; then
+ if [ -e \${prefix}/gfxblacklist.txt ]; then
+ if hwmatch \${prefix}/gfxblacklist.txt 3; then
+ if [ \${match} = 0 ]; then
+ set linux_gfx_mode=keep
+ else
+ set linux_gfx_mode=text
+ fi
+ else
+ set linux_gfx_mode=text
+ fi
+ else
+ set linux_gfx_mode=keep
+ fi
+else
+ set linux_gfx_mode=text
+fi
+EOF
+fi
+cat << EOF
+export linux_gfx_mode
+EOF
+
+# Extra indentation to add to menu entries in a submenu. We're not in a submenu
+# yet, so it's empty. In a submenu it will be equal to '\t' (one tab).
+submenu_indentation=""
+
+is_top_level=true
+while [ "x$list" != "x" ] ; do
+ linux=`version_find_latest $list`
+ case $linux in
+ *.efi.signed)
+ # We handle these in linux_entry.
+ list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '`
+ continue
+ ;;
+ esac
+ gettext_printf "Found linux image: %s\n" "$linux" >&2
+ basename=`basename $linux`
+ dirname=`dirname $linux`
+ rel_dirname=`make_system_path_relative_to_its_root $dirname`
+ version=`echo $basename | sed -e "s,^[^0-9]*-,,g"`
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+ initrd=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+ "initrd-${alt_version}" "initramfs-${alt_version}.img" \
+ "initramfs-genkernel-${version}" \
+ "initramfs-genkernel-${alt_version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
+ if test -e "${dirname}/${i}" ; then
+ initrd="$i"
+ break
+ fi
+ done
+
+ config=
+ for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${i}" ; then
+ config="${i}"
+ break
+ fi
+ done
+
+ initramfs=
+ if test -n "${config}" ; then
+ initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
+ fi
+
+ if test -n "${initrd}" ; then
+ gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+ elif test -z "${initramfs}" ; then
+ # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's
+ # no initrd or builtin initramfs, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+ fi
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ linux_entry "${OS}" "${version}" simple \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+
+ submenu_indentation="$grub_tab"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ # TRANSLATORS: %s is replaced with an OS name
+ echo "submenu '$(gettext_printf "Advanced options for %s" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
+ is_top_level=false
+ fi
+
+ linux_entry "${OS}" "${version}" advanced \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+ for supported_init in ${SUPPORTED_INITS}; do
+ init_path="${supported_init#*:}"
+ if [ -x "${init_path}" ] && [ "$(readlink -f /sbin/init)" != "${init_path}" ]; then
+ linux_entry "${OS}" "${version}" "init-${supported_init%%:*}" \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} init=${init_path}"
+ fi
+ done
+ if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
+ linux_entry "${OS}" "${version}" recovery \
+ "${GRUB_CMDLINE_LINUX_RECOVERY} ${GRUB_CMDLINE_LINUX}"
+ fi
+
+ list=`echo $list | tr ' ' '\n' | fgrep -vx "$linux" | tr '\n' ' '`
+done
+
+# If at least one kernel was found, then we need to
+# add a closing '}' for the submenu command.
+if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+fi
+
+echo "$title_correction_code"
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+CLASS="--class gnu-linux --class gnu --class os --class xen"
+SUPPORTED_INITS="sysvinit:/lib/sysvinit/init systemd:/lib/systemd/systemd upstart:/sbin/upstart"
+
+if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
+ OS=GNU/Linux
+else
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
+fi
+
+# loop-AES arranges things so that /dev/loop/X can be our root device, but
+# the initrds that Linux uses don't like that.
+case ${GRUB_DEVICE} in
+ /dev/loop/*|/dev/loop[0-9])
+ GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"`
+ # We can't cope with devices loop-mounted from files here.
+ case ${GRUB_DEVICE} in
+ /dev/*) ;;
+ *) exit 0 ;;
+ esac
+ ;;
+esac
+
+if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
+ || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
+ || uses_abstraction "${GRUB_DEVICE}" lvm; then
+ LINUX_ROOT_DEVICE=${GRUB_DEVICE}
+else
+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
+fi
+
+# Allow overriding GRUB_CMDLINE_LINUX and GRUB_CMDLINE_LINUX_DEFAULT.
+if [ "${GRUB_CMDLINE_LINUX_XEN_REPLACE}" ]; then
+ GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX_XEN_REPLACE}"
+fi
+if [ "${GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT}" ]; then
+ GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT}"
+fi
+
+case x"$GRUB_FS" in
+ xbtrfs)
+ rootsubvol="`make_system_path_relative_to_its_root /`"
+ rootsubvol="${rootsubvol#/}"
+ if [ "x${rootsubvol}" != x ]; then
+ GRUB_CMDLINE_LINUX="rootflags=subvol=${rootsubvol} ${GRUB_CMDLINE_LINUX}"
+ fi;;
+ xzfs)
+ rpool=`${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true`
+ bootfs="`make_system_path_relative_to_its_root / | sed -e "s,@$,,"`"
+ LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}"
+ ;;
+esac
+
+title_correction_code=
+
+linux_entry ()
+{
+ os="$1"
+ version="$2"
+ xen_version="$3"
+ type="$4"
+ args="$5"
+ xen_args="$6"
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ x$type != xsimple ] ; then
+ if [ x$type = xrecovery ] ; then
+ title="$(gettext_printf "%s, with Xen %s and Linux %s (%s)" "${os}" "${xen_version}" "${version}" "$(gettext "${GRUB_RECOVERY_TITLE}")")"
+ elif [ "${type#init-}" != "$type" ] ; then
+ title="$(gettext_printf "%s, with Xen %s and Linux %s (%s)" "${os}" "${xen_version}" "${version}" "${type#init-}")"
+ else
+ title="$(gettext_printf "%s, with Xen %s and Linux %s" "${os}" "${xen_version}" "${version}")"
+ fi
+ replacement_title="$(echo "Advanced options for ${OS}" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ if [ x"Xen ${xen_version}>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'xen-gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ else
+ title="$(gettext_printf "%s, with Xen hypervisor" "${os}")"
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'xen-gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x$type != xrecovery ] ; then
+ save_default_entry | grub_add_tab | sed "s/^/$submenu_indentation/"
+ fi
+
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/"
+ xmessage="$(gettext_printf "Loading Xen %s ..." ${xen_version})"
+ lmessage="$(gettext_printf "Loading Linux %s ..." ${version})"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$xmessage" | grub_quote)'
+ if [ "\$grub_platform" = "pc" -o "\$grub_platform" = "" ]; then
+ xen_rm_opts=
+ else
+ xen_rm_opts="no-real-mode edd=off"
+ fi
+ multiboot ${rel_xen_dirname}/${xen_basename} placeholder ${xen_args} \${xen_rm_opts}
+ echo '$(echo "$lmessage" | grub_quote)'
+ module ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
+EOF
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ message="$(gettext_printf "Loading initial ramdisk ...")"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+ module --nounzip ${rel_dirname}/${initrd}
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+}
+EOF
+}
+
+linux_list=`for i in /boot/vmlinu[xz]-* /vmlinu[xz]-* /boot/kernel-*; do
+ if grub_file_is_not_garbage "$i"; then
+ basename=$(basename $i)
+ version=$(echo $basename | sed -e "s,^[^0-9]*-,,g")
+ dirname=$(dirname $i)
+ config=
+ for j in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${j}" ; then
+ config="${j}"
+ break
+ fi
+ done
+ if (grep -qx "CONFIG_XEN_DOM0=y" "${config}" 2> /dev/null || grep -qx "CONFIG_XEN_PRIVILEGED_GUEST=y" "${config}" 2> /dev/null); then echo -n "$i " ; fi
+ fi
+ done`
+if [ "x${linux_list}" = "x" ] ; then
+ exit 0
+fi
+
+file_is_not_sym () {
+ case "$1" in
+ */xen-syms-*)
+ return 1;;
+ *)
+ return 0;;
+ esac
+}
+
+xen_list=`for i in /boot/xen*; do
+ if grub_file_is_not_garbage "$i" && file_is_not_sym "$i" ; then echo -n "$i " ; fi
+ done`
+prepare_boot_cache=
+boot_device_id=
+
+title_correction_code=
+
+machine=`uname -m`
+
+case "$machine" in
+ i?86) GENKERNEL_ARCH="x86" ;;
+ mips|mips64) GENKERNEL_ARCH="mips" ;;
+ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;;
+ arm*) GENKERNEL_ARCH="arm" ;;
+ *) GENKERNEL_ARCH="$machine" ;;
+esac
+
+# Extra indentation to add to menu entries in a submenu. We're not in a submenu
+# yet, so it's empty. In a submenu it will be equal to '\t' (one tab).
+submenu_indentation=""
+
+is_top_level=true
+
+while [ "x${xen_list}" != "x" ] ; do
+ list="${linux_list}"
+ current_xen=`version_find_latest $xen_list`
+ xen_basename=`basename ${current_xen}`
+ xen_dirname=`dirname ${current_xen}`
+ rel_xen_dirname=`make_system_path_relative_to_its_root $xen_dirname`
+ xen_version=`echo $xen_basename | sed -e "s,.gz$,,g;s,^xen-,,g"`
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ "x$is_top_level" != xtrue ]; then
+ echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {"
+ fi
+ while [ "x$list" != "x" ] ; do
+ linux=`version_find_latest $list`
+ gettext_printf "Found linux image: %s\n" "$linux" >&2
+ basename=`basename $linux`
+ dirname=`dirname $linux`
+ rel_dirname=`make_system_path_relative_to_its_root $dirname`
+ version=`echo $basename | sed -e "s,^[^0-9]*-,,g"`
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+ initrd=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+ "initrd-${alt_version}" "initramfs-${alt_version}.img" \
+ "initramfs-genkernel-${version}" \
+ "initramfs-genkernel-${alt_version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}" ; do
+ if test -e "${dirname}/${i}" ; then
+ initrd="$i"
+ break
+ fi
+ done
+ if test -n "${initrd}" ; then
+ gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+ else
+ # "UUID=" magic is parsed by initrds. Since there's no initrd, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+ fi
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" simple \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+
+ submenu_indentation="$grub_tab$grub_tab"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ # TRANSLATORS: %s is replaced with an OS name
+ echo "submenu '$(gettext_printf "Advanced options for %s (with Xen hypervisor)" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
+ echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {"
+ is_top_level=false
+ fi
+
+ linux_entry "${OS}" "${version}" "${xen_version}" advanced \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+ for supported_init in ${SUPPORTED_INITS}; do
+ init_path="${supported_init#*:}"
+ if [ -x "${init_path}" ] && [ "$(readlink -f /sbin/init)" != "${init_path}" ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" "init-${supported_init%%:*}" \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} init=${init_path}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+
+ fi
+ done
+ if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" recovery \
+ "single ${GRUB_CMDLINE_LINUX}" "${GRUB_CMDLINE_XEN}"
+ fi
+
+ list=`echo $list | tr ' ' '\n' | fgrep -vx "$linux" | tr '\n' ' '`
+ done
+ if [ x"$is_top_level" != xtrue ]; then
+ echo ' }'
+ fi
+ xen_list=`echo $xen_list | tr ' ' '\n' | fgrep -vx "$current_xen" | tr '\n' ' '`
+done
+
+# If at least one kernel was found, then we need to
+# add a closing '}' for the submenu command.
+if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+fi
+
+echo "$title_correction_code"
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+quick_boot="0"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+found_other_os=
+
+adjust_timeout () {
+ if [ "$quick_boot" = 1 ] && [ "x${found_other_os}" != "x" ]; then
+ cat << EOF
+set timeout_style=menu
+if [ "\${timeout}" = 0 ]; then
+ set timeout=10
+fi
+EOF
+ fi
+}
+
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
+ exit 0
+fi
+
+if [ -z "`which os-prober 2> /dev/null`" -o -z "`which linux-boot-prober 2> /dev/null`" ] ; then
+ # missing os-prober and/or linux-boot-prober
+ exit 0
+fi
+
+OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
+if [ -z "${OSPROBED}" ] ; then
+ # empty os-prober output, nothing doing
+ exit 0
+fi
+
+osx_entry() {
+ found_other_os=1
+ if [ x$2 = x32 ]; then
+ # TRANSLATORS: it refers to kernel architecture (32-bit)
+ bitstr="$(gettext "(32-bit)")"
+ else
+ # TRANSLATORS: it refers to kernel architecture (64-bit)
+ bitstr="$(gettext "(64-bit)")"
+ fi
+ # TRANSLATORS: it refers on the OS residing on device %s
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $bitstr $onstr" | grub_quote)' --class osx --class darwin --class os \$menuentry_id_option 'osprober-xnu-$2-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+ cat << EOF
+ load_video
+ set do_resume=0
+ if [ /var/vm/sleepimage -nt10 / ]; then
+ if xnu_resume /var/vm/sleepimage; then
+ set do_resume=1
+ fi
+ fi
+ if [ \$do_resume = 0 ]; then
+ xnu_uuid ${OSXUUID} uuid
+ if [ -f /Extra/DSDT.aml ]; then
+ acpi -e /Extra/DSDT.aml
+ fi
+ if [ /kernelcache -nt /System/Library/Extensions ]; then
+ $1 /kernelcache boot-uuid=\${uuid} rd=*uuid
+ else
+ $1 /mach_kernel boot-uuid=\${uuid} rd=*uuid
+ if [ /System/Library/Extensions.mkext -nt /System/Library/Extensions ]; then
+ xnu_mkext /System/Library/Extensions.mkext
+ else
+ xnu_kextdir /System/Library/Extensions
+ fi
+ fi
+ if [ -f /Extra/Extensions.mkext ]; then
+ xnu_mkext /Extra/Extensions.mkext
+ fi
+ if [ -d /Extra/Extensions ]; then
+ xnu_kextdir /Extra/Extensions
+ fi
+ if [ -f /Extra/devprop.bin ]; then
+ xnu_devprop_load /Extra/devprop.bin
+ fi
+ if [ -f /Extra/splash.jpg ]; then
+ insmod jpeg
+ xnu_splash /Extra/splash.jpg
+ fi
+ if [ -f /Extra/splash.png ]; then
+ insmod png
+ xnu_splash /Extra/splash.png
+ fi
+ if [ -f /Extra/splash.tga ]; then
+ insmod tga
+ xnu_splash /Extra/splash.tga
+ fi
+ fi
+}
+EOF
+}
+
+used_osprober_linux_ids=
+
+wubi=
+
+for OS in ${OSPROBED} ; do
+ DEVICE="`echo ${OS} | cut -d ':' -f 1`"
+ LONGNAME="`echo ${OS} | cut -d ':' -f 2 | tr '^' ' '`"
+ LABEL="`echo ${OS} | cut -d ':' -f 3 | tr '^' ' '`"
+ BOOT="`echo ${OS} | cut -d ':' -f 4`"
+ if UUID="`${grub_probe} --target=fs_uuid --device ${DEVICE%@*}`"; then
+ EXPUUID="$UUID"
+
+ if [ x"${DEVICE#*@}" != x ] ; then
+ EXPUUID="${EXPUUID}@${DEVICE#*@}"
+ fi
+
+ if [ "x${GRUB_OS_PROBER_SKIP_LIST}" != "x" -a "x`echo ${GRUB_OS_PROBER_SKIP_LIST} | grep -i -e '\b'${EXPUUID}'\b'`" != "x" ] ; then
+ echo "Skipped ${LONGNAME} on ${DEVICE} by user request." >&2
+ continue
+ fi
+ fi
+
+ BTRFS="`echo ${OS} | cut -d ':' -f 5`"
+ if [ "x$BTRFS" = "xbtrfs" ]; then
+ BTRFSuuid="`echo ${OS} | cut -d ':' -f 6`"
+ BTRFSsubvol="`echo ${OS} | cut -d ':' -f 7`"
+ fi
+
+ if [ -z "${LONGNAME}" ] ; then
+ LONGNAME="${LABEL}"
+ fi
+
+ gettext_printf "Found %s on %s\n" "${LONGNAME}" "${DEVICE}" >&2
+
+ case ${BOOT} in
+ chain)
+
+ case ${LONGNAME} in
+ Windows*)
+ if [ -z "$wubi" ]; then
+ if [ -x /usr/share/lupin-support/grub-mkimage ] && \
+ /usr/share/lupin-support/grub-mkimage --test; then
+ wubi=yes
+ else
+ wubi=no
+ fi
+ fi
+ if [ "$wubi" = yes ]; then
+ echo "Skipping ${LONGNAME} on Wubi system" >&2
+ continue
+ fi
+ ;;
+ esac
+
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class windows --class os \$menuentry_id_option 'osprober-chain-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+
+ if [ x"`${grub_probe} --device ${DEVICE} --target=partmap`" = xmsdos ]; then
+ cat << EOF
+ parttool \${root} hidden-
+EOF
+ fi
+
+ case ${LONGNAME} in
+ Windows\ Vista*|Windows\ 7*|Windows\ Server\ 2008*)
+ ;;
+ *)
+ cat << EOF
+ drivemap -s (hd0) \${root}
+EOF
+ ;;
+ esac
+
+ cat <<EOF
+ chainloader +1
+}
+EOF
+ ;;
+ efi)
+
+ found_other_os=1
+ EFIPATH=${DEVICE#*@}
+ DEVICE=${DEVICE%@*}
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class windows --class os \$menuentry_id_option 'osprober-efi-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | sed -e "s/^/\t/"
+ prepare_grub_to_access_device ${DEVICE} | sed -e "s/^/\t/"
+
+ cat <<EOF
+ chainloader ${EFIPATH}
+}
+EOF
+ ;;
+ linux)
+ if [ "x$BTRFS" = "xbtrfs" ]; then
+ LINUXPROBED="`linux-boot-prober btrfs ${BTRFSuuid} ${BTRFSsubvol} 2> /dev/null | tr ' ' '^' | paste -s -d ' '`"
+ else
+ LINUXPROBED="`linux-boot-prober ${DEVICE} 2> /dev/null | tr ' ' '^' | paste -s -d ' '`"
+ fi
+ prepare_boot_cache=
+ boot_device_id=
+ is_top_level=true
+ title_correction_code=
+ OS="${LONGNAME}"
+
+ for LINUX in ${LINUXPROBED} ; do
+ LROOT="`echo ${LINUX} | cut -d ':' -f 1`"
+ LBOOT="`echo ${LINUX} | cut -d ':' -f 2`"
+ LLABEL="`echo ${LINUX} | cut -d ':' -f 3 | tr '^' ' '`"
+ LKERNEL="`echo ${LINUX} | cut -d ':' -f 4`"
+ LINITRD="`echo ${LINUX} | cut -d ':' -f 5`"
+ LPARAMS="`echo ${LINUX} | cut -d ':' -f 6- | tr '^' ' '`"
+
+ if [ -z "${LLABEL}" ] ; then
+ LLABEL="${LONGNAME}"
+ fi
+
+ if [ "${LROOT}" != "${LBOOT}" ]; then
+ LKERNEL="${LKERNEL#/boot}"
+ LINITRD="${LINITRD#/boot}"
+ fi
+
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${LBOOT} | grub_add_tab)"
+ [ "${prepare_boot_cache}" ] || continue
+ fi
+
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ recovery_params="$(echo "${LPARAMS}" | grep 'single\|recovery')" || true
+ counter=1
+ while echo "$used_osprober_linux_ids" | grep 'osprober-gnulinux-$LKERNEL-${recovery_params}-$counter-$boot_device_id' > /dev/null; do
+ counter=$((counter+1));
+ done
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${DEVICE}")"
+ fi
+ used_osprober_linux_ids="$used_osprober_linux_ids 'osprober-gnulinux-$LKERNEL-${recovery_params}-$counter-$boot_device_id'"
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ cat << EOF
+menuentry '$(echo "$OS $onstr" | grub_quote)' --class gnu-linux --class gnu --class os \$menuentry_id_option 'osprober-gnulinux-simple-$boot_device_id' {
+EOF
+ save_default_entry | grub_add_tab
+ printf '%s\n' "${prepare_boot_cache}"
+ cat << EOF
+ linux ${LKERNEL} ${LPARAMS}
+EOF
+ if [ -n "${LINITRD}" ] ; then
+ cat << EOF
+ initrd ${LINITRD}
+EOF
+ fi
+ cat << EOF
+}
+EOF
+ echo "submenu '$(gettext_printf "Advanced options for %s" "${OS} $onstr" | grub_quote)' \$menuentry_id_option 'osprober-gnulinux-advanced-$boot_device_id' {"
+ is_top_level=false
+ fi
+ title="${LLABEL} $onstr"
+ cat << EOF
+ menuentry '$(echo "$title" | grub_quote)' --class gnu-linux --class gnu --class os \$menuentry_id_option 'osprober-gnulinux-$LKERNEL-${recovery_params}-$boot_device_id' {
+EOF
+ save_default_entry | sed -e "s/^/$grub_tab$grub_tab/"
+ printf '%s\n' "${prepare_boot_cache}" | grub_add_tab
+ cat << EOF
+ linux ${LKERNEL} ${LPARAMS}
+EOF
+ if [ -n "${LINITRD}" ] ; then
+ cat << EOF
+ initrd ${LINITRD}
+EOF
+ fi
+ cat << EOF
+ }
+EOF
+ if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ replacement_title="$(echo "Advanced options for ${OS} $onstr" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ done
+ if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+ fi
+ echo "$title_correction_code"
+ ;;
+ macosx)
+ if [ "${UUID}" ]; then
+ OSXUUID="${UUID}"
+ osx_entry xnu_kernel 32
+ osx_entry xnu_kernel64 64
+ fi
+ ;;
+ hurd)
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class hurd --class gnu --class os \$menuentry_id_option 'osprober-gnuhurd-/boot/gnumach.gz-false-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+ grub_device="`${grub_probe} --device ${DEVICE} --target=drive`"
+ mach_device="`echo "${grub_device}" | sed -e 's/(\(hd.*\),msdos\(.*\))/\1s\2/'`"
+ grub_fs="`${grub_probe} --device ${DEVICE} --target=fs`"
+ case "${grub_fs}" in
+ *fs) hurd_fs="${grub_fs}" ;;
+ *) hurd_fs="${grub_fs}fs" ;;
+ esac
+ cat << EOF
+ multiboot /boot/gnumach.gz root=device:${mach_device}
+ module /hurd/${hurd_fs}.static ${hurd_fs} --readonly \\
+ --multiboot-command-line='\${kernel-command-line}' \\
+ --host-priv-port='\${host-port}' \\
+ --device-master-port='\${device-port}' \\
+ --exec-server-task='\${exec-task}' -T typed '\${root}' \\
+ '\$(task-create)' '\$(task-resume)'
+ module /lib/ld.so.1 exec /hurd/exec '\$(exec-task=task-create)'
+}
+EOF
+ ;;
+ minix)
+ cat << EOF
+menuentry "${LONGNAME} (on ${DEVICE}, Multiboot)" {
+EOF
+ save_default_entry | sed -e "s/^/\t/"
+ prepare_grub_to_access_device ${DEVICE} | sed -e "s/^/\t/"
+ cat << EOF
+ multiboot /boot/image_latest
+}
+EOF
+ ;;
+ *)
+ echo -n " "
+ # TRANSLATORS: %s is replaced by OS name.
+ gettext_printf "%s is not yet supported by grub-mkconfig.\n" "${LONGNAME}" >&2
+ ;;
+ esac
+done
+
+adjust_timeout
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+efi_vars_dir=/sys/firmware/efi/vars
+EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c
+OsIndications="$efi_vars_dir/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE/data"
+
+if [ -e "$OsIndications" ] && \
+ [ "$(( $(printf %x \'"$(cat $OsIndications | cut -b1)") & 1 ))" = 1 ]; then
+ LABEL="System setup"
+
+ gettext_printf "Adding boot menu entry for EFI firmware configuration\n" >&2
+
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+
+ cat << EOF
+menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+ fwsetup
+}
+EOF
+fi
--- /dev/null
+#!/bin/sh
+exec tail -n +3 $0
+# This file provides an easy way to add custom menu entries. Simply type the
+# menu entries you want to add after this comment. Be careful not to change
+# the 'exec tail' line above.
--- /dev/null
+#!/bin/sh
+cat <<EOF
+if [ -f \${config_directory}/custom.cfg ]; then
+ source \${config_directory}/custom.cfg
+elif [ -z "\${config_directory}" -a -f \$prefix/custom.cfg ]; then
+ source \$prefix/custom.cfg;
+fi
+EOF
+
--- /dev/null
+
+All executable files in this directory are processed in shell expansion order.
+
+ 00_*: Reserved for 00_header.
+ 10_*: Native boot entries.
+ 20_*: Third party apps (e.g. memtest86+).
+
+The number namespace in-between is configurable by system installer and/or
+administrator. For example, you can add an entry to boot another OS as
+01_otheros, 11_otheros, etc, depending on the position you want it to occupy in
+the menu; and then adjust the default setting via /etc/default/grub.
--- /dev/null
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::repo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::repo
+operator:*::repo
+list:*::
+irc:*::
+src:*::repo
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::repo
+games:*::
+users:*::
+nogroup:*::
+input:!::
+systemd-journal:!::
+systemd-timesync:!::
+systemd-network:!::
+systemd-resolve:!::
+systemd-bus-proxy:!::
+crontab:!::
+netdev:!::
+ssh:!::
+Debian-exim:!::
+mlocate:!::repo
+ssl-cert:!::
+postfix:!::
+postdrop:!::
+bind:!::
+ulog:!::
--- /dev/null
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+input:!::
+systemd-journal:!::
+systemd-timesync:!::
+systemd-network:!::
+systemd-resolve:!::
+systemd-bus-proxy:!::
+crontab:!::
+netdev:!::
+ssh:!::
+Debian-exim:!::
+mlocate:!::
+ssl-cert:!::
+postfix:!::
+postdrop:!::
+bind:!::
+ulog:!::
--- /dev/null
+Any file places in this directory ending in .conf will be read as a
+GSS-API mechanism configuration file, and the mechanisms described in
+that file will be dynamically loaded.
+
--- /dev/null
+127.0.0.1 localhost
+127.0.1.1 ns1.uhu-banane.de ns1
+
+# The following lines are desirable for IPv6 capable hosts
+::1 localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
--- /dev/null
+# /etc/hosts.allow: list of hosts that are allowed to access the system.
+# See the manual pages hosts_access(5) and hosts_options(5).
+#
+# Example: ALL: LOCAL @some_netgroup
+# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
+#
+# If you're going to protect the portmapper use the name "rpcbind" for the
+# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
+#
+
--- /dev/null
+# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
+# See the manual pages hosts_access(5) and hosts_options(5).
+#
+# Example: ALL: some.host.name, .some.domain
+# ALL EXCEPT in.fingerd: other.host.name, .other.domain
+#
+# If you're going to protect the portmapper use the name "rpcbind" for the
+# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
+#
+# The PARANOID wildcard matches any host whose name does not match its
+# address.
+#
+# You may wish to enable this to ensure any programs that don't
+# validate looked up hostnames still leave understandable logs. In past
+# versions of Debian this has been the default.
+# ALL: PARANOID
+
--- /dev/null
+ Configuration of System V init under Debian GNU/Linux
+
+Most Unix versions have a file here that describes how the scripts
+in this directory work, and how the links in the /etc/rc?.d/ directories
+influence system startup/shutdown.
+
+For Debian, this information is contained in the policy manual, chapter
+"System run levels and init.d scripts". The Debian Policy Manual is
+available at:
+
+ http://www.debian.org/doc/debian-policy/#contents
+
+The Debian Policy Manual is also available in the Debian package
+"debian-policy". When this package is installed, the policy manual can be
+found in directory /usr/share/doc/debian-policy. If you have a browser
+installed you can probably read it at
+
+ file://localhost/usr/share/doc/debian-policy/
+
+Some more detailed information can also be found in the files in the
+/usr/share/doc/sysv-rc directory.
+
+Debian Policy dictates that /etc/init.d/*.sh scripts must work properly
+when sourced. The following additional rules apply:
+
+* /etc/init.d/*.sh scripts must not rely for their correct functioning
+ on their being sourced rather than executed. That is, they must work
+ properly when executed too. They must include "#!/bin/sh" at the top.
+ This is useful when running scripts in parallel.
+
+* /etc/init.d/*.sh scripts must conform to the rules for sh scripts as
+ spelled out in the Debian policy section entitled "Scripts" (§10.4).
+
+Use the update-rc.d command to create symbolic links in the /etc/rc?.d
+as appropriate. See that man page for more details.
+
+All init.d scripts are expected to have a LSB style header documenting
+dependencies and default runlevel settings. The header look like this
+(not all fields are required):
+
+### BEGIN INIT INFO
+# Provides: skeleton
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $portmap
+# Should-Stop: $portmap
+# X-Start-Before: nis
+# X-Stop-After: nis
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Example initscript
+# Description: This file should be used to construct scripts to be
+# placed in /etc/init.d.
+### END INIT INFO
+
+More information on the format is available from insserv(8). This
+information is used to dynamicaly assign sequence numbers to the
+boot scripts and to run the scripts in parallel during the boot.
+See also /usr/share/doc/insserv/README.Debian.
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: acpid
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# X-Start-Before: kdm gdm3 xdm lightdm
+# X-Stop-After: kdm gdm3 xdm lightdm
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Start the Advanced Configuration and Power Interface daemon
+# Description: Provide a socket for X11, hald and others to multiplex
+# kernel ACPI events.
+### END INIT INFO
+
+set -e
+
+ACPID="/usr/sbin/acpid"
+DEFAULTS="/etc/default/acpid"
+
+# Check for daemon presence
+[ -x "$ACPID" ] || exit 0
+
+OPTIONS=""
+MODULES=""
+# Include acpid defaults if available
+[ -r "$DEFAULTS" ] && . "$DEFAULTS"
+
+# Get lsb functions
+. /lib/lsb/init-functions
+
+# As the name says. If the kernel supports modules, it'll try to load
+# the ones listed in "MODULES".
+load_modules() {
+ [ -f /proc/modules ] || return 0
+ if [ "$MODULES" = "all" ]; then
+ MODULES="$(sed -rn 's#^(/lib/modules/[^/]+/)?kernel/(drivers|ubuntu)/acpi/([^/]+/)*(.*)\.ko:.*#\4#p' "/lib/modules/$(uname -r)/modules.dep")"
+ fi
+
+ if [ -z "$MODULES" ]; then
+ return
+ fi
+
+ log_begin_msg "Loading ACPI kernel modules..."
+ # work around a bug in initramfs which leaks this env var Launchpad #291619
+ # and a bug in modprobe --all --quiet which doesn't load all modules and
+ # exits with non-zero exit status Debian #504088
+ unset MODPROBE_OPTIONS
+ modprobe --all --use-blacklist $MODULES 2>/dev/null
+ log_end_msg $?
+}
+
+case "$1" in
+ start)
+ load_modules || true
+ log_begin_msg "Starting ACPI services..."
+ start-stop-daemon --start --quiet --oknodo --exec "$ACPID" -- $OPTIONS
+ log_end_msg $?
+ ;;
+ stop)
+ log_begin_msg "Stopping ACPI services..."
+ start-stop-daemon --stop --quiet --oknodo --retry 2 --exec "$ACPID"
+ log_end_msg $?
+ ;;
+ restart)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ reload|force-reload)
+ log_begin_msg "Reloading ACPI services..."
+ start-stop-daemon --stop --signal 1 --exec "$ACPID"
+ log_end_msg $?
+ ;;
+ status)
+ status_of_proc "$ACPID" acpid
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/acpid {start|stop|restart|reload|force-reload|status}"
+ exit 1
+esac
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: aiccu
+# Required-Start: $local_fs $remote_fs $syslog $network $time $named
+# Required-Stop: $local_fs $remote_fs $syslog $network $time $named
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: SixXS Automatic IPv6 Connectivity Client Utility
+# Description:
+# This client configures IPv6 connectivity without having to
+# manually configure interfaces etc. A SixXS account or an account
+# of another supported tunnel broker and at least one tunnel are
+# required. These can be freely requested from the SixXS website
+# at no cost. For more information about SixXS check their homepage.
+### END INIT INFO
+
+# Original Author: Jeroen Massar <jeroen@sixxs.net>
+# Author: Reinier Haasjes <reinier@haasjes.com>
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="SixXS Automatic IPv6 Connectivity Client Utility"
+NAME=aiccu
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# Is aiccu enabled?
+case "$AICCU_ENABLED" in
+ [Nn]*)
+ exit 0
+ ;;
+esac
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Verify that the configuration file exists
+ if [ ! -f /etc/aiccu.conf ]; then
+ log_failure_msg "AICCU Configuration file /etc/aiccu.conf doesn't exist"
+ exit 1;
+ fi
+
+ # Verify that the configuration is correct
+ if [ `grep -c "^username" /etc/aiccu.conf 2>/dev/null` -ne 1 ]; then
+ log_failure_msg "AICCU is not configured, edit /etc/aiccu.conf first"
+ exit 1;
+ fi
+
+ # Verify that it is in daemonize mode, otherwise it won't ever return
+ if [ `grep -c "^daemonize true" /etc/aiccu.conf 2>/dev/null` -ne 1 ]; then
+ log_failure_msg "AICCU is not configured to daemonize on run"
+ exit 1;
+ fi
+
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- start \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON -- stop
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: apache2
+# Required-Start: $local_fs $remote_fs $network $syslog $named
+# Required-Stop: $local_fs $remote_fs $network $syslog $named
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Apache2 web server
+# Description: Start the web server and associated helpers
+# This script will start apache2, and possibly all associated instances.
+# Moreover, it will set-up temporary directories and helper tools such as
+# htcacheclean when required by the configuration.
+### END INIT INFO
+
+DESC="web server"
+NAME=apache2
+DAEMON=/usr/sbin/$NAME
+
+SCRIPTNAME="${0##*/}"
+SCRIPTNAME="${SCRIPTNAME##[KS][0-9][0-9]}"
+if [ -n "$APACHE_CONFDIR" ] ; then
+ if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
+ DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}"
+ else
+ DIR_SUFFIX=
+ fi
+elif [ "${SCRIPTNAME##apache2-}" != "$SCRIPTNAME" ] ; then
+ DIR_SUFFIX="-${SCRIPTNAME##apache2-}"
+ APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX
+else
+ DIR_SUFFIX=
+ APACHE_CONFDIR=/etc/apache2
+fi
+if [ -z "$APACHE_ENVVARS" ] ; then
+ APACHE_ENVVARS=$APACHE_CONFDIR/envvars
+fi
+export APACHE_CONFDIR APACHE_ENVVARS
+
+ENV="env -i LANG=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then
+ ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR"
+fi
+if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then
+ ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS"
+fi
+
+
+#edit /etc/default/apache2 to change this.
+HTCACHECLEAN_RUN=auto
+HTCACHECLEAN_MODE=daemon
+HTCACHECLEAN_SIZE=300M
+HTCACHECLEAN_DAEMON_INTERVAL=120
+HTCACHECLEAN_PATH=/var/cache/apache2$DIR_SUFFIX/mod_cache_disk
+HTCACHECLEAN_OPTIONS=""
+
+# Read configuration variable file if it is present
+if [ -f /etc/default/apache2$DIR_SUFFIX ] ; then
+ . /etc/default/apache2$DIR_SUFFIX
+elif [ -f /etc/default/apache2 ] ; then
+ . /etc/default/apache2
+fi
+
+PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE)
+
+VERBOSE=no
+if [ -f /etc/default/rcS ]; then
+ . /etc/default/rcS
+fi
+. /lib/lsb/init-functions
+
+
+# Now, set defaults:
+APACHE2CTL="$ENV apache2ctl"
+HTCACHECLEAN="$ENV htcacheclean"
+PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE)
+APACHE2_INIT_MESSAGE=""
+
+CONFTEST_OUTFILE=
+cleanup() {
+ if [ -n "$CONFTEST_OUTFILE" ] ; then
+ rm -f "$CONFTEST_OUTFILE"
+ fi
+}
+trap cleanup 0 # "0" means "EXIT", but "EXIT" is not portable
+
+
+apache_conftest() {
+ [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE"
+ CONFTEST_OUTFILE=$(mktemp)
+ if ! $APACHE2CTL configtest > "$CONFTEST_OUTFILE" 2>&1 ; then
+ return 1
+ else
+ rm -f "$CONFTEST_OUTFILE"
+ CONFTEST_OUTFILE=
+ return 0
+ fi
+}
+
+clear_error_msg() {
+ [ -z "$CONFTEST_OUTFILE" ] || rm -f "$CONFTEST_OUTFILE"
+ CONFTEST_OUTFILE=
+ APACHE2_INIT_MESSAGE=
+}
+
+print_error_msg() {
+ [ -z "$APACHE2_INIT_MESSAGE" ] || log_warning_msg "$APACHE2_INIT_MESSAGE"
+ if [ -n "$CONFTEST_OUTFILE" ] ; then
+ echo "Output of config test was:" >&2
+ cat "$CONFTEST_OUTFILE" >&2
+ rm -f "$CONFTEST_OUTFILE"
+ CONFTEST_OUTFILE=
+ fi
+}
+
+apache_wait_start() {
+ local STATUS=$1
+ local i=0
+
+ if [ $STATUS != 0 ] ; then
+ return $STATUS
+ fi
+ while : ; do
+ PIDTMP=$(pidofproc -p $PIDFILE $DAEMON)
+ if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then
+ return $STATUS
+ fi
+
+ if [ $i = "20" ] ; then
+ APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX instance did not start within 20 seconds. Please read the log files to discover problems"
+ return 2
+ fi
+
+ [ "$VERBOSE" != no ] && log_progress_msg "."
+ sleep 1
+ i=$(($i+1))
+ done
+}
+
+apache_wait_stop() {
+ local STATUS=$1
+ local METH=$2
+
+ if [ $STATUS != 0 ] ; then
+ return $STATUS
+ fi
+
+ PIDTMP=$(pidofproc -p $PIDFILE $DAEMON)
+ if [ -n "${PIDTMP:-}" ] && kill -0 "${PIDTMP:-}" 2> /dev/null; then
+
+ if [ "$METH" = "kill" ]; then
+ killproc -p $PIDFILE $DAEMON
+ else
+ $APACHE2CTL $METH > /dev/null 2>&1
+ fi
+
+ local i=0
+ while kill -0 "${PIDTMP:-}" 2> /dev/null; do
+ if [ $i = '60' ]; then
+ STATUS=2
+ break
+ fi
+ [ "$VERBOSE" != no ] && log_progress_msg "."
+ sleep 1
+ i=$(($i+1))
+ done
+ return $STATUS
+ else
+ return $STATUS
+ fi
+}
+
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+
+ if pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then
+ return 1
+ fi
+
+ if apache_conftest ; then
+ $APACHE2CTL start
+ apache_wait_start $?
+ return $?
+ else
+ APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed."
+ return 2
+ fi
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+
+ # either "stop" or "graceful-stop"
+ local STOP=$1
+ # can't use pidofproc from LSB here
+ local AP_RET=0
+
+ if pidof $DAEMON > /dev/null 2>&1 ; then
+ if [ -e $PIDFILE ] && pidof $DAEMON | tr ' ' '\n' | grep -w $(cat $PIDFILE) > /dev/null 2>&1 ; then
+ AP_RET=2
+ else
+ AP_RET=1
+ fi
+ else
+ AP_RET=0
+ fi
+
+ # AP_RET is:
+ # 0 if Apache (whichever) is not running
+ # 1 if Apache (whichever) is running
+ # 2 if Apache from the PIDFILE is running
+
+ if [ $AP_RET = 0 ] ; then
+ return 1
+ fi
+
+ if [ $AP_RET = 2 ] && apache_conftest ; then
+ apache_wait_stop $? $STOP
+ return $?
+ else
+ if [ $AP_RET = 2 ]; then
+ clear_error_msg
+ APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!"
+ apache_wait_stop $? "kill"
+ return $?
+ elif [ $AP_RET = 1 ] ; then
+ APACHE2_INIT_MESSAGE="There are processes named 'apache2' running which do not match your pid file which are left untouched in the name of safety, Please review the situation by hand".
+ return 2
+ fi
+ fi
+
+}
+
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ if apache_conftest; then
+ if ! pidofproc -p $PIDFILE "$DAEMON" > /dev/null 2>&1 ; then
+ APACHE2_INIT_MESSAGE="Apache2 is not running"
+ return 2
+ fi
+ $APACHE2CTL graceful > /dev/null 2>&1
+ return $?
+ else
+ APACHE2_INIT_MESSAGE="The apache2$DIR_SUFFIX configtest failed. Not doing anything."
+ return 2
+ fi
+}
+
+
+check_htcacheclean() {
+ [ "$HTCACHECLEAN_MODE" = "daemon" ] || return 1
+ [ "$HTCACHECLEAN_RUN" = "yes" ] && return 0
+
+ MODSDIR=$(. $APACHE_ENVVARS && echo $APACHE_MODS_ENABLED)
+ [ "$HTCACHECLEAN_RUN" = "auto" \
+ -a -e ${MODSDIR:-$APACHE_CONFDIR/mods-enabled}/cache_disk.load ] && \
+ return 0
+ return 1
+}
+
+start_htcacheclean() {
+ $HTCACHECLEAN $HTCACHECLEAN_OPTIONS -d$HTCACHECLEAN_DAEMON_INTERVAL \
+ -i -p$HTCACHECLEAN_PATH -l$HTCACHECLEAN_SIZE
+}
+
+stop_htcacheclean() {
+ pkill -P 1 -f "htcacheclean.* -p$HTCACHECLEAN_PATH " 2> /dev/null || return 1
+}
+
+
+# Sanity checks. They need to occur after function declarations
+[ -x $DAEMON ] || exit 0
+
+if [ ! -x $DAEMON ] ; then
+ echo "No apache-bin package installed"
+ exit 0
+fi
+
+if [ -z "$PIDFILE" ] ; then
+ echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2
+ exit 2
+fi
+
+if check_htcacheclean ; then
+ if [ ! -d "$HTCACHECLEAN_PATH" ] ; then
+ echo "htcacheclean is configured, but directory $HTCACHECLEAN_PATH does not exist!" >&2
+ exit 2
+ fi
+fi
+
+
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ RET_STATUS=$?
+ case "$RET_STATUS" in
+ 0|1)
+ log_success_msg
+ [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running"
+ if check_htcacheclean ; then
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting HTTP cache cleaning daemon" "htcacheclean"
+ start_htcacheclean
+ [ "$VERBOSE" != no ] && log_end_msg $?
+ fi
+ ;;
+ 2)
+ log_failure_msg
+ print_error_msg
+ exit 1
+ ;;
+ esac
+ ;;
+ stop|graceful-stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop "$1"
+ RET_STATUS=$?
+ case "$RET_STATUS" in
+ 0|1)
+ log_success_msg
+ [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was not running"
+ ;;
+ 2)
+ log_failure_msg
+ print_error_msg
+ exit 1
+ ;;
+ esac
+ print_error_msg
+
+ if check_htcacheclean ; then
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping HTTP cache cleaning daemon" "htcacheclean"
+ stop_htcacheclean
+ [ "$VERBOSE" != no ] && log_end_msg $?
+ fi
+
+ ;;
+ status)
+ status_of_proc -p $PIDFILE "apache2" "$NAME"
+ exit $?
+ ;;
+ reload|force-reload|graceful)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ RET_STATUS=$?
+ case "$RET_STATUS" in
+ 0|1)
+ log_success_msg
+ [ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running"
+ ;;
+ 2)
+ log_failure_msg
+ print_error_msg
+ exit 1
+ ;;
+ esac
+ print_error_msg
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0)
+ log_end_msg 0
+ ;;
+ 1|*)
+ log_end_msg 1 # Old process is still or failed to running
+ print_error_msg
+ exit 1
+ ;;
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ print_error_msg
+ exit 1
+ ;;
+ esac
+ ;;
+ start-htcacheclean)
+ log_daemon_msg "Starting htcacheclean"
+ start_htcacheclean
+ log_end_msg $?
+ exit $?
+ ;;
+ stop-htcacheclean)
+ log_daemon_msg "Stopping htcacheclean"
+ stop_htcacheclean
+ log_end_msg $?
+ exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
+
+# vim: syntax=sh ts=4 sw=4 sts=4 sr noet
--- /dev/null
+#!/bin/sh -e
+
+### BEGIN INIT INFO
+# Provides: bind9
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $network $syslog
+# Should-Stop: $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start and stop bind9
+# Description: bind9 is a Domain Name Server (DNS)
+# which translates ip addresses to and from internet names
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# for a chrooted server: "-u bind -t /var/lib/named"
+# Don't modify this line, change or create /etc/default/bind9.
+OPTIONS=""
+RESOLVCONF=no
+
+test -f /etc/default/bind9 && . /etc/default/bind9
+
+test -x /usr/sbin/rndc || exit 0
+
+. /lib/lsb/init-functions
+PIDFILE=/var/run/named/named.pid
+
+check_network() {
+ if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then
+ IFCONFIG_OPTS="-au"
+ else
+ IFCONFIG_OPTS=""
+ fi
+ if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
+ #log_action_msg "No networks configured."
+ return 1
+ fi
+ return 0
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting domain name service..." "bind9"
+
+ modprobe capability >/dev/null 2>&1 || true
+
+ # dirs under /var/run can go away on reboots.
+ mkdir -p /var/run/named
+ chmod 775 /var/run/named
+ chown root:bind /var/run/named >/dev/null 2>&1 || true
+
+ if [ ! -x /usr/sbin/named ]; then
+ log_action_msg "named binary missing - not starting"
+ log_end_msg 1
+ fi
+
+ if ! check_network; then
+ log_action_msg "no networks configured"
+ log_end_msg 1
+ fi
+
+ if start-stop-daemon --start --oknodo --quiet --exec /usr/sbin/named \
+ --pidfile ${PIDFILE} -- $OPTIONS; then
+ if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named
+ fi
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping domain name service..." "bind9"
+ if ! check_network; then
+ log_action_msg "no networks configured"
+ log_end_msg 1
+ fi
+
+ if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d lo.named
+ fi
+ pid=$(/usr/sbin/rndc stop -p | awk '/^pid:/ {print $2}') || true
+ if [ -z "$pid" ]; then # no pid found, so either not running, or error
+ pid=$(pgrep -f ^/usr/sbin/named) || true
+ start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named \
+ --pidfile ${PIDFILE} -- $OPTIONS
+ fi
+ if [ -n "$pid" ]; then
+ sig=0
+ n=1
+ while kill -$sig $pid 2>/dev/null; do
+ if [ $n -eq 1 ]; then
+ echo "waiting for pid $pid to die"
+ fi
+ if [ $n -eq 11 ]; then
+ echo "giving up on pid $pid with kill -0; trying -9"
+ sig=9
+ fi
+ if [ $n -gt 20 ]; then
+ echo "giving up on pid $pid"
+ break
+ fi
+ n=$(($n+1))
+ sleep 1
+ done
+ fi
+ log_end_msg 0
+ ;;
+
+ reload|force-reload)
+ log_daemon_msg "Reloading domain name service..." "bind9"
+ if ! check_network; then
+ log_action_msg "no networks configured"
+ log_end_msg 1
+ fi
+
+ /usr/sbin/rndc reload >/dev/null && log_end_msg 0 || log_end_msg 1
+ ;;
+
+ restart)
+ if ! check_network; then
+ log_action_msg "no networks configured"
+ exit 1
+ fi
+
+ $0 stop
+ $0 start
+ ;;
+
+ status)
+ ret=0
+ status_of_proc -p ${PIDFILE} /usr/sbin/named bind9 2>/dev/null || ret=$?
+ exit $ret
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/bind9 {start|stop|reload|restart|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: bootlogs
+# Required-Start: hostname $local_fs
+# Required-Stop:
+# Should-Start: $x-display-manager gdm kdm xdm ldm sdm wdm nodm
+# Default-Start: 1 2 3 4 5
+# Default-Stop:
+# Short-Description: Log file handling to be done during bootup.
+# Description: Various things that don't need to be done particularly
+# early in the boot, just before getty is run.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ # Save kernel messages in /var/log/dmesg
+ if which dmesg >/dev/null 2>&1
+ then
+ [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg
+ dmesg -s 524288 > /var/log/dmesg
+ chgrp adm /var/log/dmesg || :
+ elif [ -c /dev/klog ]
+ then
+ [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg
+ dd if=/dev/klog of=/var/log/dmesg &
+ sleep 1
+ kill $!
+ [ -f /var/log/dmesg ] && { chgrp adm /var/log/dmesg || : ; }
+ fi
+}
+
+do_status () {
+ return 0
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: bootlogs [start|stop|status]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: bootmisc
+# Required-Start: $remote_fs
+# Required-Stop:
+# Should-Start: udev
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Miscellaneous things to be done during bootup.
+# Description: Some cleanup. Note, it need to run after mountnfs-bootclean.sh.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ #
+ # If login delaying is enabled then create the flag file
+ # which prevents logins before startup is complete
+ #
+ case "$DELAYLOGIN" in
+ Y*|y*)
+ echo "System bootup in progress - please wait" > /var/lib/initscripts/nologin
+ ;;
+ esac
+
+ # Create /var/run/utmp so we can login.
+ : > /var/run/utmp
+ if grep -q ^utmp: /etc/group
+ then
+ chmod 664 /var/run/utmp
+ chgrp utmp /var/run/utmp
+ fi
+
+ # Remove bootclean's flag files.
+ # Don't run bootclean again after this!
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+ rm -f /tmp/.tmpfs /run/.tmpfs /run/lock/.tmpfs
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: bootmisc.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkfs
+# Required-Start: checkroot
+# Required-Stop:
+# Should-Start:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Check all filesystems.
+### END INIT INFO
+
+# Include /usr/bin in path to find on_ac_power if /usr/ is on the root
+# partition.
+PATH=/sbin:/bin:/usr/bin
+FSCK_LOGFILE=/var/log/fsck/checkfs
+[ "$FSCKFIX" ] || FSCKFIX=no
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+. /lib/init/swap-functions.sh
+
+do_start () {
+ # Trap SIGINT so that we can handle user interupt of fsck.
+ trap "" INT
+
+ # See if we're on AC Power. If not, we're not gonna run our
+ # check. If on_ac_power (in /usr/) is unavailable, behave as
+ # before and check all file systems needing it.
+
+# Disabled AC power check until fsck can be told to only check the
+# file system if it is corrupt when running on battery. (bug #526398)
+# if which on_ac_power >/dev/null 2>&1
+# then
+# on_ac_power >/dev/null 2>&1
+# if [ $? -eq 1 ]
+# then
+# [ "$VERBOSE" = no ] || log_success_msg "Running on battery power, so skipping file system check."
+# BAT=yes
+# fi
+# fi
+ BAT=""
+ fscheck="yes"
+
+ if is_fastboot_active
+ then
+ [ "$fscheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping file system check."
+ fscheck=no
+ fi
+
+ #
+ # Check the rest of the file systems.
+ #
+ if [ "$fscheck" = yes ] && [ ! "$BAT" ] && [ "$FSCKTYPES" != "none" ]
+ then
+
+ # Execute swapon command again, in case there are lvm
+ # or md swap partitions. fsck can suck RAM.
+ swaponagain 'lvm and md'
+
+ if [ -f /forcefsck ] || grep -q -s -w -i "forcefsck" /proc/cmdline
+ then
+ force="-f"
+ else
+ force=""
+ fi
+ if [ "$FSCKFIX" = yes ]
+ then
+ fix="-y"
+ else
+ fix="-a"
+ fi
+ spinner="-C"
+ case "$TERM" in
+ dumb|network|unknown|"")
+ spinner=""
+ ;;
+ esac
+ [ "$(uname -m)" = s390x ] && spinner="" # This should go away
+ FSCKTYPES_OPT=""
+ [ "$FSCKTYPES" ] && FSCKTYPES_OPT="-t $FSCKTYPES"
+ handle_failed_fsck() {
+ log_failure_msg "File system check failed.
+A log is being saved in ${FSCK_LOGFILE} if that location is writable.
+Please repair the file system manually."
+ log_warning_msg "A maintenance shell will now be started.
+CONTROL-D will terminate this shell and resume system boot."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Continuing with system boot in 5 seconds."
+ sleep 5
+ fi
+ }
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Checking file systems"
+ logsave -s $FSCK_LOGFILE fsck $spinner -R -A $fix $force $FSCKTYPES_OPT
+ FSCKCODE=$?
+
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_action_end_msg 1 "code $FSCKCODE"
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ log_action_end_msg 1 "code $FSCKCODE"
+ handle_failed_fsck
+ else
+ log_action_end_msg 0
+ fi
+ else
+ if [ "$FSCKTYPES" ]
+ then
+ log_action_msg "Will now check all file systems of types $FSCKTYPES"
+ else
+ log_action_msg "Will now check all file systems"
+ fi
+ logsave -s $FSCK_LOGFILE fsck $spinner -V -R -A $fix $force $FSCKTYPES_OPT
+ FSCKCODE=$?
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ handle_failed_fsck
+ else
+ log_success_msg "Done checking file systems.
+A log is being saved in ${FSCK_LOGFILE} if that location is writable."
+ fi
+ fi
+ fi
+ rm -f /fastboot /forcefsck 2>/dev/null
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: checkfs.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkroot-bootclean
+# Required-Start: checkroot
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after checkroot.
+# Description: Clean temporary filesystems after
+# the root filesystem has been mounted.
+# At this point, directories which may be
+# masked by future mounts may be cleaned.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /run and /run/lock. Remove the .clean files to
+ # force initial cleaning. This is intended to allow cleaning
+ # of directories masked by mounts while the system was
+ # previously running, which would otherwise prevent them being
+ # cleaned.
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: checkroot-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkroot mtab
+# Required-Start: mountdevsubfs hostname
+# Required-Stop:
+# Should-Start: keymap hwclockfirst hdparm bootlogd
+# Should-stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Check to root file system.
+### END INIT INFO
+
+# Include /usr/bin in path to find on_ac_power if /usr/ is on the root
+# partition.
+PATH=/sbin:/bin:/usr/bin
+FSCK_LOGFILE=/var/log/fsck/checkroot
+[ "$FSCKFIX" ] || FSCKFIX=no
+[ "$SULOGIN" ] || SULOGIN=no
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+do_start () {
+ # Trap SIGINT so that we can handle user interrupt of fsck.
+ trap "" INT
+
+ #
+ # Set SULOGIN in /etc/default/rcS to yes if you want a sulogin to
+ # be spawned from this script *before anything else* with a timeout,
+ # like sysv does.
+ #
+ [ "$SULOGIN" = yes ] && sulogin -t 30 $CONSOLE
+
+ KERNEL="$(uname -s)"
+ MACHINE="$(uname -m)"
+
+ read_fstab
+
+ #
+ # Activate the swap device(s) in /etc/fstab. This needs to be done
+ # before fsck, since fsck can be quite memory-hungry.
+ #
+ ENABLE_SWAP=no
+ case "$KERNEL" in
+ Linux)
+ if [ "$NOSWAP" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap as requested via bootoption noswap."
+ ENABLE_SWAP=no
+ else
+ if [ "$swap_on_lv" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on logical volume."
+ elif [ "$swap_on_file" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on swapfile."
+ else
+ ENABLE_SWAP=yes
+ fi
+ fi
+ ;;
+ *)
+ ENABLE_SWAP=yes
+ ;;
+ esac
+ if [ "$ENABLE_SWAP" = yes ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Activating swap"
+ swapon -a -e >/dev/null 2>&1
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Activating swap"
+ swapon -a -v
+ log_end_msg $?
+ fi
+ fi
+
+ #
+ # Does the root device in /etc/fstab match with the actual device ?
+ # If not we try to use the /dev/root alias device, and if that
+ # fails we create a temporary node in /run.
+ #
+ # Do this only on Linux. Neither kFreeBSD nor Hurd have
+ # /dev/root and the device ids used here are specific to
+ # Linux.
+ KERNEL="$(uname)"
+ if [ "$rootcheck" = yes ] && [ "$KERNEL" = Linux ]
+ then
+ ddev="$(mountpoint -qx $rootdev)"
+ rdev="$(mountpoint -d /)"
+ if [ "$ddev" != "$rdev" ] && [ "$ddev" != "4:0" ]
+ then
+ if [ "$(mountpoint -qx /dev/root)" = "4:0" ]
+ then
+ rootdev=/dev/root
+ else
+ if \
+ rm -f /run/rootdev \
+ && mknod -m 600 /run/rootdev b ${rdev%:*} ${rdev#*:} \
+ && [ -e /run/rootdev ]
+ then
+ rootdev=/run/rootdev
+ else
+ rootfatal=yes
+ fi
+ fi
+ fi
+ fi
+
+ #
+ # Bother, said Pooh.
+ #
+ if [ "$rootfatal" = yes ]
+ then
+ log_failure_msg "The device node $rootdev for the root filesystem is missing or incorrect
+or there is no entry for the root filesystem listed in /etc/fstab.
+The system is also unable to create a temporary node in /run.
+This means you have to fix the problem manually."
+ log_warning_msg "A maintenance shell will now be started.
+CONTROL-D will terminate this shell and restart the system."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Will restart in 5 seconds."
+ sleep 5
+ fi
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ fi
+
+ # See if we're on AC Power. If not, we're not gonna run our
+ # check. If on_ac_power (in /usr/) is unavailable, behave as
+ # before and check all file systems needing it.
+# Disabled AC power check until fsck can be told to only check the
+# file system if it is corrupt when running on battery. (bug #526398)
+# if which on_ac_power >/dev/null 2>&1 && [ "$rootcheck" = yes ]
+# then
+# on_ac_power >/dev/null 2>&1
+# if [ "$?" -eq 1 ]
+# then
+# log_warning_msg "On battery power, so skipping file system check."
+# rootcheck=no
+# fi
+# fi
+
+ #
+ # See if we want to check the root file system.
+ #
+ FSCKCODE=0
+ if is_fastboot_active
+ then
+ [ "$rootcheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping root file system check."
+ rootcheck=no
+ fi
+
+ if which findmnt >/dev/null 2>&1
+ then
+ if [ "$(findmnt -f -n -o FSTYPE /)" = "btrfs" ]
+ then
+ [ "$rootcheck" = yes ] && log_warning_msg "btrfs root detected, so skipping root file system check."
+ rootcheck=no
+ fi
+ fi
+
+ if [ "$rootcheck" = yes ]
+ then
+ #
+ # Ensure that root is quiescent and read-only before fsck'ing.
+ #
+ # mount -n -o remount,ro / would be the correct syntax but
+ # mount can get confused when there is a "bind" mount defined
+ # in fstab that bind-mounts "/" somewhere else.
+ #
+ # So we use mount -n -o remount,ro $rootdev / but that can
+ # fail on older kernels on sparc64/alpha architectures due
+ # to a bug in sys_mount().
+ #
+ # As a compromise we try both.
+ #
+ if \
+ ! mount -n -o remount,ro $rootdev / \
+ && ! mount -n -o remount,ro -t dummytype $rootdev / 2>/dev/null \
+ && ! mount -n -o remount,ro / 2>/dev/null
+ then
+ log_failure_msg "Cannot check root file system because it is not mounted read-only."
+ rootcheck=no
+ fi
+ fi
+
+ #
+ # The actual checking is done here.
+ #
+ if [ "$rootcheck" = yes ]
+ then
+ if [ -f /forcefsck ] || grep -q -s -w -i "forcefsck" /proc/cmdline
+ then
+ force="-f"
+ else
+ force=""
+ fi
+
+ if [ "$FSCKFIX" = yes ]
+ then
+ fix="-y"
+ else
+ fix="-a"
+ fi
+
+ spinner="-C"
+ case "$TERM" in
+ dumb|network|unknown|"")
+ spinner="" ;;
+ esac
+ # This Linux/s390x special case should go away.
+ if [ "${KERNEL}:${MACHINE}" = Linux:s390x ]
+ then
+ spinner=""
+ fi
+
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Checking root file system"
+ logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -t $roottype $rootdev
+ FSCKCODE=$?
+ if [ "$FSCKCODE" = 0 ]
+ then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 1 "code $FSCKCODE"
+ fi
+ else
+ log_daemon_msg "Will now check root file system"
+ logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -V -t $roottype $rootdev
+ FSCKCODE=$?
+ log_end_msg $FSCKCODE
+ fi
+ fi
+
+ #
+ # If there was a failure, drop into single-user mode.
+ #
+ # NOTE: "failure" is defined as exiting with a return code of
+ # 4 or larger. A return code of 1 indicates that file system
+ # errors were corrected but that the boot may proceed. A return
+ # code of 2 or 3 indicates that the system should immediately reboot.
+ #
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 3 ]
+ then
+ # Surprise! Re-directing from a HERE document (as in "cat << EOF")
+ # does not work because the root is currently read-only.
+ log_failure_msg "An automatic file system check (fsck) of the root filesystem failed.
+A manual fsck must be performed, then the system restarted.
+The fsck should be performed in maintenance mode with the
+root filesystem mounted in read-only mode."
+ log_warning_msg "The root filesystem is currently mounted in read-only mode.
+A maintenance shell will now be started.
+After performing system maintenance, press CONTROL-D
+to terminate the maintenance shell and restart the system."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Will restart in 5 seconds."
+ sleep 5
+ fi
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ log_failure_msg "The file system check corrected errors on the root partition
+but requested that the system be restarted."
+ log_warning_msg "The system will be restarted in 5 seconds."
+ sleep 5
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ fi
+
+ #
+ # Remount root to final mode (rw or ro).
+ #
+ # See the comments above at the previous "mount -o remount"
+ # for an explanation why we try this twice.
+ #
+ if ! mount -n -o remount,$rootopts,$rootmode $fstabroot / 2>/dev/null
+ then
+ mount -n -o remount,$rootopts,$rootmode /
+ fi
+
+ # If possible, migrate /etc/mtab to be a symlink to
+ # /proc/mounts. Note that not all systems e.g. Hurd currently
+ # support this.
+ if [ "$rootmode" != "ro" ]; then
+ mtab_migrate
+ fi
+
+ if selinux_enabled && [ -x /sbin/restorecon ] && [ -r /etc/mtab ]
+ then
+ restorecon /etc/mtab
+ fi
+
+ #
+ # Remove /run/rootdev if we created it.
+ #
+ rm -f /run/rootdev
+
+ # Update mount options for mounts created in early boot
+ # S01mountkernfs.sh
+ /etc/init.d/mountkernfs.sh reload
+ # S03mountdevsubfs.sh
+ /etc/init.d/mountdevsubfs.sh reload
+
+}
+
+do_status () {
+ # If / is read-write or swap is enabled, this script have done
+ # its job.
+ rootrw=false
+ swapon=false
+ if [ -f /etc/mtab ] ; then
+ if grep " / " /etc/mtab |grep -q rw ; then
+ rootrw=true
+ fi
+ fi
+ if [ -f /proc/swaps ] ; then
+ if [ "$(cat /proc/swaps |grep -v ^Filename)" ] ; then
+ swapon=true
+ fi
+ fi
+ if [ true = "$rootrw" ] || [ true = "$swapon" ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: checkroot.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+#
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for Debian by Christoph Lameter <clameter@debian.org>
+# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012
+
+### BEGIN INIT INFO
+# Provides: chrony
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog $network $named $time
+# Should-Stop: $syslog $network $named $time
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Controls chronyd NTP time daemon
+# Description: Chronyd is the NTP time daemon in the Chrony package
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/chronyd
+FLAGS="defaults"
+NAME="chronyd"
+DESC="time daemon"
+
+test -f $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+putonline ()
+{ # Do we have a default route? If so put chronyd online.
+ if timelimit -q -s9 -t5 -- netstat -rn 2>/dev/null | grep -q '0\.0\.0\.0'
+ then
+ sleep 2 # Chronyd can take a while to start.
+ KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+ PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+ # Make sure chronyc can't hang us up.
+ if timelimit -q -s9 -t5 -- /usr/bin/chronyc > /dev/null << EOF
+password $PASSWORD
+online
+burst 5/10
+quit
+EOF
+ then
+ touch /var/run/chrony-ppp-up
+ echo "$NAME is running and online."
+ else
+ rm -f /var/run/chrony-ppp-up
+ echo "$NAME is running and offline."
+ fi
+ else
+ rm -f /var/run/chrony-ppp-up
+ echo "$NAME is running and offline."
+ fi
+}
+
+case "$1" in
+ start)
+ start-stop-daemon --start --verbose --exec $DAEMON
+ case "$?" in
+ 0) # daemon successfully started
+ putonline
+ ;;
+ 1) # daemon already running
+ ;;
+ *) # daemon could not be started
+ echo "$DAEMON failed to start."
+ exit 1
+ ;;
+ esac
+ ;;
+ stop)
+ start-stop-daemon --stop --verbose --oknodo --exec $DAEMON
+ rm -f /var/run/chrony-ppp-up
+ ;;
+ restart|force-reload)
+ echo -n "Restarting $DESC: "
+ start-stop-daemon --stop --quiet --exec $DAEMON
+ sleep 1
+ start-stop-daemon --start --verbose --exec $DAEMON -- -r
+ case "$?" in
+ 0) # daemon successfully started
+ putonline
+ ;;
+ 1) # still running
+ ;;
+ *) # daemon could not be started
+ echo "$DAEMON failed to restart."
+ rm -f /var/run/chrony-ppp-up
+ exit 1
+ ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: console-setup
+# Required-Start: $remote_fs
+# Required-Stop:
+# Should-Start: console-screen kbd
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set console font and keymap
+### END INIT INFO
+
+set -e
+
+# This script is used jointly by console-setup and console-setup-mini.
+# It belongs to keyboard-configuration because it is forbidden two
+# different packages to share common configuration file.
+
+test -f /bin/setupcon || exit 0
+
+if [ -f /etc/default/locale ]; then
+ # In order to permit auto-detection of the charmap when
+ # console-setup-mini operates without configuration file.
+ . /etc/default/locale
+ export LANG
+fi
+
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_action_begin_msg () {
+ echo -n "$@... "
+ }
+
+ log_action_end_msg () {
+ if [ "$1" -eq 0 ]; then
+ echo done.
+ else
+ echo failed.
+ fi
+ }
+fi
+
+case "$1" in
+ stop|status)
+ # console-setup isn't a daemon
+ ;;
+ start|force-reload|restart|reload)
+ log_action_begin_msg "Setting up console font and keymap"
+ if setupcon --save; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/console-setup {start|reload|restart|force-reload|stop|status}'
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+# Start/stop the cron daemon.
+#
+### BEGIN INIT INFO
+# Provides: cron
+# Required-Start: $remote_fs $syslog $time
+# Required-Stop: $remote_fs $syslog $time
+# Should-Start: $network $named slapd autofs ypbind nscd nslcd winbind
+# Should-Stop: $network $named slapd autofs ypbind nscd nslcd winbind
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Regular background program processing daemon
+# Description: cron is a standard UNIX program that runs user-specified
+# programs at periodic scheduled times. vixie cron adds a
+# number of features to the basic UNIX cron, including better
+# security and more powerful configuration options.
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DESC="cron daemon"
+NAME=cron
+DAEMON=/usr/sbin/cron
+PIDFILE=/var/run/crond.pid
+SCRIPTNAME=/etc/init.d/"$NAME"
+
+test -f $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+[ -r /etc/default/cron ] && . /etc/default/cron
+
+# Read the system's locale and set cron's locale. This is only used for
+# setting the charset of mails generated by cron. To provide locale
+# information to tasks running under cron, see /etc/pam.d/cron.
+#
+# We read /etc/environment, but warn about locale information in
+# there because it should be in /etc/default/locale.
+parse_environment ()
+{
+ for ENV_FILE in /etc/environment /etc/default/locale; do
+ [ -r "$ENV_FILE" ] || continue
+ [ -s "$ENV_FILE" ] || continue
+
+ for var in LANG LANGUAGE LC_ALL LC_CTYPE; do
+ value=`egrep "^${var}=" "$ENV_FILE" | tail -n1 | cut -d= -f2`
+ [ -n "$value" ] && eval export $var=$value
+
+ if [ -n "$value" ] && [ "$ENV_FILE" = /etc/environment ]; then
+ log_warning_msg "/etc/environment has been deprecated for locale information; use /etc/default/locale for $var=$value instead"
+ fi
+ done
+ done
+
+# Get the timezone set.
+ if [ -z "$TZ" -a -e /etc/timezone ]; then
+ TZ=`cat /etc/timezone`
+ fi
+}
+
+# Parse the system's environment
+if [ "$READ_ENV" = "yes" ] ; then
+ parse_environment
+fi
+
+
+case "$1" in
+start) log_daemon_msg "Starting periodic command scheduler" "cron"
+ start_daemon -p $PIDFILE $DAEMON $EXTRA_OPTS
+ log_end_msg $?
+ ;;
+stop) log_daemon_msg "Stopping periodic command scheduler" "cron"
+ killproc -p $PIDFILE $DAEMON
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && [ -e "$PIDFILE" ] && rm -f $PIDFILE
+ log_end_msg $RETVAL
+ ;;
+restart) log_daemon_msg "Restarting periodic command scheduler" "cron"
+ $0 stop
+ $0 start
+ ;;
+reload|force-reload) log_daemon_msg "Reloading configuration files for periodic command scheduler" "cron"
+ # cron reloads automatically
+ log_end_msg 0
+ ;;
+status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+*) log_action_msg "Usage: /etc/init.d/cron {start|stop|status|restart|reload|force-reload}"
+ exit 2
+ ;;
+esac
+exit 0
--- /dev/null
+#! /bin/sh
+# /etc/init.d/exim4
+#
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for exim by Tim Cutts <timc@chiark.greenend.org.uk>
+# Modified for exim4 by Andreas Metzler <ametzler@downhill.at.eu.org>
+# and Marc Haber <mh+debian-packages@zugschlus.de>
+
+### BEGIN INIT INFO
+# Provides: exim4
+# Required-Start: $remote_fs $syslog $named $network $time
+# Required-Stop: $remote_fs $syslog $named $network
+# Should-Start: postgresql mysql clamav-daemon greylist spamassassin
+# Should-Stop: postgresql mysql clamav-daemon greylist spamassassin
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: exim Mail Transport Agent
+# Description: exim is a Mail Transport agent
+### END INIT INFO
+
+set -e
+
+test -x /usr/lib/exim4/exim4 || exit 0
+
+. /lib/lsb/init-functions
+
+if [ -n "$EX4DEBUG" ]; then
+ echo "now debugging $0 $@"
+ set -x
+fi
+
+LANG=C
+export LANG
+
+#read default file
+QUEUERUNNER='combined'
+QUEUEINTERVAL='30m'
+UPEX4OPTS=''
+PIDFILE="/var/run/exim4/exim.pid"
+QRPIDFILE="/var/run/exim4/eximqr.pid"
+[ -f /etc/default/exim4 ] && . /etc/default/exim4
+
+upex4conf() {
+ UPEX4CONF="update-exim4.conf"
+ OLDIFS="$IFS"
+ IFS=:
+ for p in $PATH; do
+ if [ -x "$p/$UPEX4CONF" ]; then
+ IFS="$OLDIFS"
+ $p/$UPEX4CONF $UPEX4OPTS
+ return 0
+ fi
+ done
+ IFS="$OLDIFS"
+}
+
+# Exit if exim runs from /etc/inetd.conf
+if [ -f /etc/inetd.conf ] && grep -E -q '^[[:space:]]*((\*|[[:alnum:].-]+):)?smtp[[:space:]]' /etc/inetd.conf
+then
+ upex4conf
+ exit 0
+fi
+
+
+DAEMON="/usr/sbin/exim4"
+NAME="exim4"
+
+# this is from madduck on IRC, 2006-07-06
+# There should be a better possibility to give daemon error messages
+# and/or to log things
+log()
+{
+ case "$1" in
+ [[:digit:]]*) success=$1; shift;;
+ *) :;;
+ esac
+ log_action_begin_msg "$1"; shift
+ log_action_end_msg ${success:-0} "$*"
+}
+
+start_exim()
+{
+ [ -e /var/run/exim4 ] || \
+ install -d -oDebian-exim -gDebian-exim -m750 /var/run/exim4
+ case ${QUEUERUNNER} in
+ combined)
+ start_daemon -p "$PIDFILE" \
+ "$DAEMON" -bd "-q${QFLAGS}${QUEUEINTERVAL}" \
+ ${COMMONOPTIONS} \
+ ${QUEUERUNNEROPTIONS} \
+ ${SMTPLISTENEROPTIONS}
+ log_progress_msg "exim4"
+ ;;
+ separate)
+ start_daemon -p "$PIDFILE" \
+ "$DAEMON" -bd \
+ ${COMMONOPTIONS} \
+ ${SMTPLISTENEROPTIONS}
+ log_progress_msg "exim4_listener"
+ start_daemon -p "$QRPIDFILE" \
+ "$DAEMON" -oP $QRPIDFILE \
+ "-q${QFLAGS}${QUEUEINTERVAL}" \
+ ${COMMONOPTIONS} \
+ ${QUEUERUNNEROPTIONS}
+ log_progress_msg "exim4_queuerunner"
+ ;;
+ queueonly)
+ start_daemon -p "$QRPIDFILE" \
+ "$DAEMON" -oP $QRPIDFILE \
+ "-q${QFLAGS}${QUEUEINTERVAL}" \
+ ${COMMONOPTIONS} \
+ ${QUEUERUNNEROPTIONS}
+ log_progress_msg "exim4_queuerunner"
+ ;;
+ no|ppp)
+ start_daemon -p "$PIDFILE" \
+ "$DAEMON" -bd \
+ ${COMMONOPTIONS} \
+ ${SMTPLISTENEROPTIONS}
+ log_progress_msg "exim4_listener"
+ ;;
+ nodaemon)
+ ;;
+ esac
+}
+
+stop_exim()
+{
+# we try to kill eximqr and exim SMTP listener, no matter what
+# ${QUEUERUNNER} is set to, we could have switched since starting.
+ if [ -f "$QRPIDFILE" ]; then
+ killproc -p "$QRPIDFILE" "$DAEMON"
+ # exim does not remove the pidfile
+ if [ $? -eq 0 ] ; then rm -f "$QRPIDFILE" ; fi
+ log_progress_msg "exim4_queuerunner"
+ fi
+ if [ -f "$PIDFILE" ]; then
+ killproc -p "$PIDFILE" "$DAEMON"
+ # exim does not remove the pidfile
+ if [ $? -eq 0 ] ; then rm -f "$PIDFILE" ; fi
+ log_progress_msg "exim4_listener"
+ fi
+}
+
+reload_exim()
+{
+ case ${QUEUERUNNER} in
+ combined|no|ppp)
+ killproc -p "$PIDFILE" "$DAEMON" -HUP
+ log_progress_msg "exim4"
+ ;;
+ separate)
+ killproc -p "$PIDFILE" "$DAEMON" -HUP
+ log_progress_msg "exim4_listener"
+ killproc -p "$QRPIDFILE" "$DAEMON" -HUP
+ log_progress_msg "exim4_queuerunner"
+ ;;
+ esac
+}
+
+kill_all_exims()
+{ SIG="${1:-TERM}"
+ for pid in $(pidof $NAME); do
+ if [ "$(readlink /proc/$pid/root)" = "/" ]; then
+ kill -$SIG $pid
+ fi
+ done
+}
+
+status()
+{
+ # the exit value of this function reflects the status of the SMTP
+ # service. Output shows the status of the queue runner as well.
+ SMTPNAME="SMTP listener daemon"
+ QRNAME="separate queue runner daemon"
+ if [ "${QUEUERUNNER}" = "combined" ]; then
+ SMTPNAME="combined SMTP listener and queue runner daemon"
+ fi
+ log_action_begin_msg "checking $QRNAME"
+ if pidofproc -p "$QRPIDFILE" "$DAEMON" >/dev/null; then
+ log_action_end_msg 0 "running"
+ else
+ if [ -e "$QRPIDFILE" ]; then
+ log_action_end_msg 1 "$QRNAME failed"
+ else
+ log_action_end_msg 0 "not running"
+ fi
+ fi
+ log_action_begin_msg "checking $SMTPNAME"
+ if pidofproc -p "$PIDFILE" "$DAEMON" >/dev/null; then
+ log_action_end_msg 0 "running"
+ exit 0
+ else
+ if [ -e "$PIDFILE" ]; then
+ log_action_end_msg 1 "$SMTPNAME failed"
+ exit 1
+ else
+ log_action_end_msg 0 "not running"
+ exit 3
+ fi
+ fi
+}
+
+# check for valid configuration file
+isconfigvalid()
+{
+if ! $DAEMON -bV > /dev/null ; then
+ log 1 "Warning! Invalid configuration file for $NAME. Exiting."
+ exit 1
+fi
+}
+
+# check for non-empty paniclog
+warn_paniclog()
+{
+ if [ -s "/var/log/exim4/paniclog" ]; then
+ if [ -z "$E4BCD_PANICLOG_NOISE" ] || grep -vq "$E4BCD_PANICLOG_NOISE" /var/log/exim4/paniclog; then
+ echo "ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken" 1>&2
+ fi
+ fi
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting MTA"
+ # regenerate exim4.conf
+ upex4conf
+ isconfigvalid
+ start_exim
+ log_end_msg 0
+ warn_paniclog
+ ;;
+ stop)
+ log_daemon_msg "Stopping MTA"
+ stop_exim
+ log_end_msg 0
+ warn_paniclog
+ ;;
+ restart)
+ log_daemon_msg "Stopping MTA for restart"
+ # regenerate exim4.conf
+ upex4conf
+ isconfigvalid
+ stop_exim
+ log_end_msg 0
+ sleep 2
+ log_daemon_msg "Restarting MTA"
+ start_exim
+ log_end_msg 0
+ warn_paniclog
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $NAME configuration files"
+ # regenerate exim4.conf
+ upex4conf
+ isconfigvalid
+ reload_exim
+ log_end_msg 0
+ warn_paniclog
+ ;;
+ status)
+ status
+ ;;
+ force-stop)
+ kill_all_exims $2
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|reload|status|what|force-stop}"
+ exit 1
+ ;;
+esac
+
+exit 0
+# vim:tabstop=2:expandtab:shiftwidth=2
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: fail2ban
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Should-Start: $time $network $syslog iptables firehol shorewall ipmasq arno-iptables-firewall iptables-persistent ferm
+# Should-Stop: $network $syslog iptables firehol shorewall ipmasq arno-iptables-firewall iptables-persistent ferm
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start/stop fail2ban
+# Description: Start/stop fail2ban, a daemon scanning the log files and
+# banning potential attackers.
+### END INIT INFO
+
+# Author: Aaron Isotton <aaron@isotton.com>
+# Modified: by Yaroslav Halchenko <debian@onerussian.com>
+# reindented + minor corrections + to work on sarge without modifications
+# Modified: by Glenn Aaldering <glenn@openvideo.nl>
+# added exit codes for status command
+#
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+DESC="authentication failure monitor"
+NAME=fail2ban
+
+# fail2ban-client is not a daemon itself but starts a daemon and
+# loads its with configuration
+DAEMON=/usr/bin/$NAME-client
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Ad-hoc way to parse out socket file name
+SOCKFILE=`grep -h '^[^#]*socket *=' /etc/$NAME/$NAME.conf /etc/$NAME/$NAME.local 2>/dev/null \
+ | tail -n 1 | sed -e 's/.*socket *= *//g' -e 's/ *$//g'`
+[ -z "$SOCKFILE" ] && SOCKFILE='/tmp/fail2ban.sock'
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Run as root by default.
+FAIL2BAN_USER=root
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+DAEMON_ARGS="$FAIL2BAN_OPTS"
+
+# Load the VERBOSE setting and other rcS variables
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+
+# Predefine what can be missing from lsb source later on -- necessary to run
+# on sarge. Just present it in a bit more compact way from what was shipped
+log_daemon_msg () {
+ [ -z "$1" ] && return 1
+ echo -n "$1:"
+ [ -z "$2" ] || echo -n " $2"
+}
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+# Actually has to (>=2.0-7) present in sarge. log_daemon_msg is predefined
+# so we must be ok
+. /lib/lsb/init-functions
+
+#
+# Shortcut function for abnormal init script interruption
+#
+report_bug()
+{
+ echo $*
+ echo "Please submit a bug report to Debian BTS (reportbug fail2ban)"
+ exit 1
+}
+
+#
+# Helper function to check if socket is present, which is often left after
+# abnormal exit of fail2ban and needs to be removed
+#
+check_socket()
+{
+ # Return
+ # 0 if socket is present and readable
+ # 1 if socket file is not present
+ # 2 if socket file is present but not readable
+ # 3 if socket file is present but is not a socket
+ [ -e "$SOCKFILE" ] || return 1
+ [ -r "$SOCKFILE" ] || return 2
+ [ -S "$SOCKFILE" ] || return 3
+ return 0
+}
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ do_status && return 1
+
+ if [ -e "$SOCKFILE" ]; then
+ log_failure_msg "Socket file $SOCKFILE is present"
+ [ "$1" = "force-start" ] \
+ && log_success_msg "Starting anyway as requested" \
+ || return 2
+ DAEMON_ARGS="$DAEMON_ARGS -x"
+ fi
+
+ # Assure that /var/run/fail2ban exists
+ [ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban
+
+ if [ "$FAIL2BAN_USER" != "root" ]; then
+ # Make the socket directory, IP lists and fail2ban log
+ # files writable by fail2ban
+ chown "$FAIL2BAN_USER" /var/run/fail2ban
+ # Create the logfile if it doesn't exist
+ touch /var/log/fail2ban.log
+ chown "$FAIL2BAN_USER" /var/log/fail2ban.log
+ find /proc/net/xt_recent -name 'fail2ban-*' -exec chown "$FAIL2BAN_USER" {} \;
+ fi
+
+ start-stop-daemon --start --quiet --chuid "$FAIL2BAN_USER" --exec $DAEMON -- \
+ $DAEMON_ARGS start > /dev/null\
+ || return 2
+
+ return 0
+}
+
+
+#
+# Function that checks the status of fail2ban and returns
+# corresponding code
+#
+do_status()
+{
+ $DAEMON ping > /dev/null 2>&1
+ return $?
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ $DAEMON status > /dev/null 2>&1 || return 1
+ $DAEMON stop > /dev/null || return 2
+
+ # now we need actually to wait a bit since it might take time
+ # for server to react on client's stop request. Especially
+ # important for restart command on slow boxes
+ count=1
+ while do_status && [ $count -lt 60 ]; do
+ sleep 1
+ count=$(($count+1))
+ done
+ [ $count -lt 60 ] || return 3 # failed to stop
+
+ return 0
+}
+
+#
+# Function to reload configuration
+#
+do_reload() {
+ $DAEMON reload > /dev/null && return 0 || return 1
+ return 0
+}
+
+# yoh:
+# shortcut function to don't duplicate case statements and to don't use
+# bashisms (arrays). Fixes #368218
+#
+log_end_msg_wrapper()
+{
+ if [ "$3" != "no" ]; then
+ [ $1 -lt $2 ] && value=0 || value=1
+ log_end_msg $value
+ fi
+}
+
+command="$1"
+case "$command" in
+ start|force-start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start "$command"
+ log_end_msg_wrapper $? 2 "$VERBOSE"
+ ;;
+
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ log_end_msg_wrapper $? 2 "$VERBOSE"
+ ;;
+
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ log_end_msg_wrapper $? 1 "always"
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+
+ status)
+ log_daemon_msg "Status of $DESC"
+ do_status
+ case $? in
+ 0) log_success_msg " $NAME is running" ;;
+ 255)
+ check_socket
+ case $? in
+ 1) log_failure_msg " $NAME is not running" && exit 3 ;;
+ 0) log_failure_msg " $NAME is not running but $SOCKFILE exists" && exit 3 ;;
+ 2) log_failure_msg " $SOCKFILE not readable, status of $NAME is unknown" && exit 3 ;;
+ 3) log_failure_msg " $SOCKFILE exists but not a socket, status of $NAME is unknown" && exit 3 ;;
+ *) report_bug "Unknown return code from $NAME:check_socket." && exit 4 ;;
+ esac
+ ;;
+ *) report_bug "Unknown $NAME status code" && exit 4
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|force-start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: halt
+# Required-Start:
+# Required-Stop:
+# Default-Start:
+# Default-Stop: 0
+# Short-Description: Execute the halt command.
+# Description:
+### END INIT INFO
+
+NETDOWN=yes
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ -f /etc/default/halt ] && . /etc/default/halt
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ if [ "$INIT_HALT" = "" ]
+ then
+ case "$HALT" in
+ [Pp]*)
+ INIT_HALT=POWEROFF
+ ;;
+ [Hh]*)
+ INIT_HALT=HALT
+ ;;
+ *)
+ INIT_HALT=POWEROFF
+ ;;
+ esac
+ fi
+
+ # See if we need to cut the power.
+ if [ "$INIT_HALT" = "POWEROFF" ] && [ -x /etc/init.d/ups-monitor ]
+ then
+ /etc/init.d/ups-monitor poweroff
+ fi
+
+ # Don't shut down drives if we're using RAID.
+ hddown="-h"
+ if grep -qs '^md.*active' /proc/mdstat
+ then
+ hddown=""
+ fi
+
+ # If INIT_HALT=HALT don't poweroff.
+ poweroff="-p"
+ if [ "$INIT_HALT" = "HALT" ]
+ then
+ poweroff=""
+ fi
+
+ # Make it possible to not shut down network interfaces,
+ # needed to use wake-on-lan
+ netdown="-i"
+ if [ "$NETDOWN" = "no" ]; then
+ netdown=""
+ fi
+
+ log_action_msg "Will now halt"
+ halt -d -f $netdown $poweroff $hddown
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: haveged
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Entropy daemon using the HAVEGE algorithm
+# Description: haveged uses HAVEGE (HArdware Volatile Entropy Gathering
+# and Expansion) to maintain a pool of random bytes used
+# to fill /dev/random whenever necessary.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="entropy daemon"
+NAME=haveged
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+. /lib/lsb/init-functions
+
+do_start()
+{
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+do_stop()
+{
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: hostname
+# Required-Start:
+# Required-Stop:
+# Should-Start: glibc
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Set hostname based on /etc/hostname
+# Description: Read the machines hostname from /etc/hostname, and
+# update the kernel value with this value. If
+# /etc/hostname is empty, the current kernel value
+# for hostname is used. If the kernel value is
+# empty, the value 'localhost' is used.
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+do_start () {
+ [ -f /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
+
+ # Keep current name if /etc/hostname is missing.
+ [ -z "$HOSTNAME" ] && HOSTNAME="$(hostname)"
+
+ # And set it to 'localhost' if no setting was found
+ [ -z "$HOSTNAME" ] && HOSTNAME=localhost
+
+ [ "$VERBOSE" != no ] && log_action_begin_msg "Setting hostname to '$HOSTNAME'"
+ hostname "$HOSTNAME"
+ ES=$?
+ [ "$VERBOSE" != no ] && log_action_end_msg $ES
+ exit $ES
+}
+
+do_status () {
+ HOSTNAME=$(hostname)
+ if [ "$HOSTNAME" ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: hostname.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+# hwclock.sh Set and adjust the CMOS clock.
+#
+# Version: @(#)hwclock.sh 2.00 14-Dec-1998 miquels@cistron.nl
+#
+# Patches:
+# 2000-01-30 Henrique M. Holschuh <hmh@rcm.org.br>
+# - Minor cosmetic changes in an attempt to help new
+# users notice something IS changing their clocks
+# during startup/shutdown.
+# - Added comments to alert users of hwclock issues
+# and discourage tampering without proper doc reading.
+# 2012-02-16 Roger Leigh <rleigh@debian.org>
+# - Use the UTC/LOCAL setting in /etc/adjtime rather than
+# the UTC setting in /etc/default/rcS. Additionally
+# source /etc/default/hwclock to permit configuration.
+
+# WARNING: Please read /usr/share/doc/util-linux/README.Debian.hwclock
+# before changing this file. You risk serious clock
+# misbehaviour otherwise.
+
+### BEGIN INIT INFO
+# Provides: hwclock
+# Required-Start: mountdevsubfs
+# Required-Stop: mountdevsubfs
+# Should-Stop: umountfs
+# Default-Start: S
+# X-Start-Before: checkroot
+# Default-Stop: 0 6
+### END INIT INFO
+
+# These defaults are user-overridable in /etc/default/hwclock
+BADYEAR=no
+HWCLOCKACCESS=yes
+HWCLOCKPARS=
+HCTOSYS_DEVICE=rtc0
+
+# We only want to use the system timezone or else we'll get
+# potential inconsistency at startup.
+unset TZ
+
+hwclocksh()
+{
+ [ ! -x /sbin/hwclock ] && return 0
+ [ ! -r /etc/default/rcS ] || . /etc/default/rcS
+ [ ! -r /etc/default/hwclock ] || . /etc/default/hwclock
+
+ . /lib/lsb/init-functions
+ verbose_log_action_msg() { [ "$VERBOSE" = no ] || log_action_msg "$@"; }
+
+ case "$BADYEAR" in
+ no|"") BADYEAR="" ;;
+ yes) BADYEAR="--badyear" ;;
+ *) log_action_msg "unknown BADYEAR setting: \"$BADYEAR\""; return 1 ;;
+ esac
+
+ case "$1" in
+ start)
+ # If the admin deleted the hwclock config, create a blank
+ # template with the defaults.
+ if [ -w /etc ] && [ ! -f /etc/adjtime ] && [ ! -e /etc/adjtime ]; then
+ printf "0.0 0 0.0\n0\nUTC\n" > /etc/adjtime
+ fi
+
+ if [ -d /run/udev ] || [ -d /dev/.udev ]; then
+ return 0
+ fi
+
+ if [ "$HWCLOCKACCESS" != no ]; then
+ log_action_msg "Setting the system clock"
+
+ # Just for reporting.
+ if head -n 3 /etc/adjtime | tail -n 1 | grep -q '^UTC$' ; then
+ UTC="--utc"
+ else
+ UTC=
+ fi
+ # Copies Hardware Clock time to System Clock using the correct
+ # timezone for hardware clocks in local time, and sets kernel
+ # timezone. DO NOT REMOVE.
+ if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --hctosys $HWCLOCKPARS $BADYEAR; then
+ # Announce the local time.
+ verbose_log_action_msg "System Clock set to: `date $UTC`"
+ else
+ log_warning_msg "Unable to set System Clock to: `date $UTC`"
+ fi
+ else
+ verbose_log_action_msg "Not setting System Clock"
+ fi
+ ;;
+ stop|restart|reload|force-reload)
+ #
+ # Updates the Hardware Clock with the System Clock time.
+ # This will *override* any changes made to the Hardware Clock.
+ #
+ # WARNING: If you disable this, any changes to the system
+ # clock will not be carried across reboots.
+ #
+
+ if [ "$HWCLOCKACCESS" != no ]; then
+ log_action_msg "Saving the system clock"
+ if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --systohc $HWCLOCKPARS $BADYEAR; then
+ verbose_log_action_msg "Hardware Clock updated to `date`"
+ fi
+ else
+ verbose_log_action_msg "Not saving System Clock"
+ fi
+ ;;
+ show)
+ if [ "$HWCLOCKACCESS" != no ]; then
+ /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --show $HWCLOCKPARS $BADYEAR
+ fi
+ ;;
+ *)
+ log_success_msg "Usage: hwclock.sh {start|stop|reload|force-reload|show}"
+ log_success_msg " start sets kernel (system) clock from hardware (RTC) clock"
+ log_success_msg " stop and reload set hardware (RTC) clock from kernel (system) clock"
+ return 1
+ ;;
+ esac
+}
+
+hwclocksh "$@"
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: kbd
+# Required-Start: $remote_fs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Description: Set console screen modes and fonts
+# Short-Description: Prepare console
+### END INIT INFO
+
+# This is the boot script for the `kbd' package.
+# It loads parameters from /etc/kbd/config and maybe loads
+# default font and map.
+# (c) 1997 Yann Dirson
+
+PKG=kbd
+if [ -r /etc/$PKG/config ]; then
+ . /etc/$PKG/config
+fi
+
+if [ -d /etc/$PKG/config.d ]; then
+ for i in `run-parts --list /etc/$PKG/config.d `; do
+ . $i
+ done
+fi
+
+# do some magic with the variables for compatibility with the config
+# file of console-tools
+for vc in '' `set | grep "^.*_vc[0-9][0-9]*=" | sed 's/^.*\(_vc[0-9][0-9]*\)=.*/\1/'`
+do
+ eval [ '"'\${SCREEN_FONT$vc}'"' ] && eval CONSOLE_FONT$vc=\${CONSOLE_FONT$vc:-\${SCREEN_FONT$vc}}
+ eval [ '"'\${SCREEN_FONT_MAP$vc}'"' ] && eval FONT_MAP$vc=\${FONT_MAP$vc:-\${SCREEN_FONT_MAP$vc}}
+ eval [ '"'\${APP_CHARSET_MAP$vc}'"' ] && eval CONSOLE_MAP$vc=\${CONSOLE_MAP$vc:-\${APP_CHARSET_MAP$vc}}
+done
+
+. /lib/lsb/init-functions
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+SETFONT_OPT="-v"
+
+if which setupcon >/dev/null
+then
+ HAVE_SETUPCON=yes
+fi
+
+# set DEVICE_PREFIX depending on devfs/udev
+if [ -d /dev/vc ]; then
+ DEVICE_PREFIX="/dev/vc/"
+else
+ DEVICE_PREFIX="/dev/tty"
+fi
+
+# determine the system charmap
+ENV_FILE=''
+[ -r /etc/environment ] && ENV_FILE="/etc/environment"
+[ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"
+[ "$ENV_FILE" ] && CHARMAP=$(set -a && . "$ENV_FILE" && locale charmap)
+if [ "$CHARMAP" = "UTF-8" -a -z "$CONSOLE_MAP" ]
+then
+ UNICODE_MODE=yes
+fi
+
+unicode_start_stop ()
+{
+ vc=$1
+ if [ -n "$UNICODE_MODE" -a -z "`eval echo \\$CONSOLE_MAP_vc$vc`" ]; then
+ action=unicode_start
+ else
+ action=unicode_stop
+ fi
+ if [ "${CONSOLE_FONT}" ]; then
+ $action "${CONSOLE_FONT}" < ${DEVICE_PREFIX}$vc > ${DEVICE_PREFIX}$vc 2> /dev/null || true
+ else
+ $action < ${DEVICE_PREFIX}$vc > ${DEVICE_PREFIX}$vc 2> /dev/null || true
+ fi
+}
+
+test_console () {
+ local ok
+ ok=0
+ if which tty >/dev/null; then
+ case "`tty`" in
+ /dev/tty[1-9]*|/dev/vc/[0-9]*|/dev/console|/dev/ttyv[0-9]*)
+ return 0
+ ;;
+ esac
+ ok=1
+ fi
+
+ if which kbd_mode >/dev/null; then
+ mode="`(LC_ALL=C; export LC_ALL; kbd_mode) 2>&1`"
+ mode=${mode#The keyboard is in }
+ case "$mode" in
+ Unicode*|default*|xlate*) return 0 ;;
+ esac
+ ok=1
+ fi
+
+ if which vidcontrol >/dev/null; then
+ if vidcontrol -i adapter >&- 2>&-; then
+ return 0
+ fi
+ ok=1
+ fi
+
+ return $ok
+}
+
+setup ()
+{
+ # be sure the main program is installed
+ which setfont >/dev/null || return
+
+ # drop out if we can't access the console
+ test_console || return
+
+ # start vcstime
+ if [ "${DO_VCSTIME}" = "yes" ] && which vcstime >/dev/null; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Starting clock on text console"
+ vcstime &
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ if [ -d /etc/init ] && which initctl >/dev/null; then
+ # Upstart
+ LIST_CONSOLES=`cd /etc/init; find -name 'tty*.conf' -printf '%f ' | sed -e 's/[^0-9 ]//g'`
+ elif [ -f /etc/systemd/logind.conf ] && which systemd >/dev/null; then
+ # systemd
+ N_CONSOLES=`sed -ne 's/#.*//; /NAutoVTs/ { s/[^0-9]//g; p }' /etc/systemd/logind.conf`
+ if [ -z "$N_CONSOLES" ]; then
+ N_CONSOLES=6
+ fi
+ LIST_CONSOLES=`seq 1 "$N_CONSOLES"`
+ else
+ # traditional SysV init
+ LIST_CONSOLES=`sed -ne '/^[ \t]#/d; /tty[0-9]\+/ s/.*tty\([0-9]\+\).*/\1/ p' /etc/inittab`
+ fi
+
+ # Global default font+map
+ if [ -z "${HAVE_SETUPCON}" -a "${CONSOLE_FONT}${CONSOLE_MAP}${FONT_MAP}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up general console font"
+ sfm="${FONT_MAP}" && [ "$sfm" ] && sfm="-u $sfm"
+ acm="${CONSOLE_MAP}" && [ "$acm" ] && acm="-m $acm"
+
+ # Set for the first 6 VCs (as they are allocated in /etc/inittab)
+ for vc in $LIST_CONSOLES
+ do
+ if ! ( unicode_start_stop $vc \
+ && setfont -C ${DEVICE_PREFIX}$vc ${SETFONT_OPT} $sfm ${CONSOLE_FONT} $acm )
+ then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ # Default to Unicode mode for new VTs?
+ if [ -f /sys/module/vt/parameters/default_utf8 ]; then
+ if [ -n "$UNICODE_MODE" ]; then
+ echo 1
+ else
+ echo 0
+ fi > /sys/module/vt/parameters/default_utf8
+ fi
+
+ # Per-VC font+sfm
+ PERVC_FONTS="`set | grep "^CONSOLE_FONT_vc[0-9]*=" | tr -d \' `"
+ if [ -z "${HAVE_SETUPCON}" -a "${PERVC_FONTS}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up per-VC fonts"
+ for font in ${PERVC_FONTS}
+ do
+ # extract VC and FONTNAME info from variable setting
+ vc=`echo $font | cut -b16- | cut -d= -f1`
+ eval font=\$CONSOLE_FONT_vc$vc
+ # eventually find an associated SFM
+ eval sfm=\${FONT_MAP_vc${vc}}
+ [ "$sfm" ] && sfm="-u $sfm"
+ if ! ( unicode_start_stop $vc \
+ && setfont -C ${DEVICE_PREFIX}$vc ${SETFONT_OPT} $sfm $font )
+ then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+
+ # Per-VC ACMs
+ PERVC_ACMS="`set | grep "^CONSOLE_MAP_vc[0-9]*=" | tr -d \' `"
+ if [ -z "${HAVE_SETUPCON}" -a "${PERVC_ACMS}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up per-VC ACM's"
+ for acm in ${PERVC_ACMS}
+ do
+ # extract VC and ACM_FONTNAME info from variable setting
+ vc=`echo $acm | cut -b15- | cut -d= -f1`
+ eval acm=\$CONSOLE_MAP_vc$vc
+ if ! setfont -C "${DEVICE_PREFIX}$vc" ${SETFONT_OPT} -m "$acm"; then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+
+ # screensaver stuff
+ setterm_args=""
+ if [ "$BLANK_TIME" ]; then
+ setterm_args="$setterm_args -blank $BLANK_TIME"
+ fi
+ if [ "$BLANK_DPMS" ]; then
+ setterm_args="$setterm_args -powersave $BLANK_DPMS"
+ fi
+ if [ "$POWERDOWN_TIME" ]; then
+ setterm_args="$setterm_args -powerdown $POWERDOWN_TIME"
+ fi
+ if [ "$setterm_args" ]; then
+ setterm $setterm_args
+ fi
+
+ # Keyboard rate and delay
+ KBDRATE_ARGS=""
+ if [ -n "$KEYBOARD_RATE" ]; then
+ KBDRATE_ARGS="-r $KEYBOARD_RATE"
+ fi
+ if [ -n "$KEYBOARD_DELAY" ]; then
+ KBDRATE_ARGS="$KBDRATE_ARGS -d $KEYBOARD_DELAY"
+ fi
+ if [ -n "$KBDRATE_ARGS" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting keyboard rate and delay"
+ kbdrate -s $KBDRATE_ARGS
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ # Inform gpm if present, of potential changes.
+ if [ -f /var/run/gpm.pid ]; then
+ kill -s WINCH `cat /var/run/gpm.pid` 2> /dev/null
+ fi
+
+ # Allow user to remap keys on the console
+ if [ -z "${HAVE_SETUPCON}" -a -r /etc/$PKG/remap ]; then
+ dumpkeys < ${DEVICE_PREFIX}1 | sed -f /etc/$PKG/remap | loadkeys --quiet
+ fi
+
+ # Set LEDS here
+ if [ -n "$LEDS" ]; then
+ for i in $LIST_CONSOLES
+ do
+ setleds -D $LEDS < $DEVICE_PREFIX$i
+ done
+ fi
+}
+
+case "$1" in
+ start|reload|restart|force-reload)
+ if [ -n "$HAVE_SETUPCON" ]
+ then
+ log_action_msg "Setting console screen modes"
+ else
+ log_action_msg "Setting console screen modes and fonts"
+ fi
+ setup
+ ;;
+ stop)
+ ;;
+ status)
+ ;;
+ *)
+ setup
+ ;;
+esac
+
+:
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: keyboard-setup
+# Required-Start: mountkernfs
+# Required-Stop:
+# Should-Start: keymap udev
+# X-Start-Before: checkroot
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set preliminary keymap
+# Description: Set the console keyboard as early as possible
+# so during the file systems checks the administrator
+# can interact. At this stage of the boot process
+# only the ASCII symbols are supported.
+### END INIT INFO
+
+set -e
+
+# This script is not used by keyboard-configuration. It is used
+# jointly by console-setup and console-setup-mini
+
+test -f /bin/setupcon || exit 0
+
+if [ -f /etc/default/locale ]; then
+ # In order to permit auto-detection of the charmap when
+ # console-setup-mini operates without configuration file.
+ . /etc/default/locale
+ export LANG
+fi
+
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_action_begin_msg () {
+ echo -n "$@... "
+ }
+
+ log_action_end_msg () {
+ if [ "$1" -eq 0 ]; then
+ echo done.
+ else
+ echo failed.
+ fi
+ }
+fi
+
+case "$1" in
+ stop|status)
+ # keyboard-setup isn't a daemon
+ ;;
+ start|force-reload|restart|reload)
+ log_action_begin_msg "Setting preliminary keymap"
+ if setupcon -k 2>/dev/null; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/keyboard-setup {start|reload|restart|force-reload|stop|status}'
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: keymap
+# Required-Start: mountdevsubfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set keymap
+# Description: Set the Console keymap
+### END INIT INFO
+
+# If setupcon is present, then we've been superseded by console-setup.
+if type setupcon >/dev/null 2>&1; then
+ exit 0
+fi
+
+. /lib/lsb/init-functions
+
+#
+# Load the keymaps *as soon as possible*
+#
+
+# Don't fail on error
+CONSOLE_TYPE=`fgconsole 2>/dev/null` || CONSOLE_TYPE="unknown"
+
+# Don't fail on serial consoles
+
+QUIT=0
+# fail silently if loadkeys not present (yet).
+command -v loadkeys >/dev/null 2>&1 || QUIT=1
+
+CONFDIR=/etc/console
+CONFFILEROOT=boottime
+EXT=kmap
+CONFFILE=${CONFDIR}/${CONFFILEROOT}.${EXT}.gz
+
+reset_kernel()
+{
+ # On Mac PPC machines, we may need to set kernel vars first
+ # We need to mount /proc to do that; not optimal, as its going to
+ # be mounted in S10checkroot, but we need it set up before sulogin
+ # may be run in checkroot, which will need the keyboard to log in...
+ [ -x /sbin/sysctl ] || return
+ [ -r /etc/sysctl.conf ] || return
+ grep -v '^\#' /etc/sysctl.conf | grep -q keycodes
+ if [ "$?" = "0" ] ; then
+ grep keycodes /etc/sysctl.conf | grep -v "^#" | while read d ; do
+ /sbin/sysctl -w $d 2> /dev/null || true
+ done
+ fi
+}
+
+unicode_start_stop()
+{
+ # Switch unicode mode by checking the locale.
+ # This will be needed before loading the keymap.
+ command -v unicode_start > /dev/null || return
+ command -v unicode_stop > /dev/null || return
+
+ ENV_FILE=""
+ [ -r /etc/environment ] && ENV_FILE="/etc/environment"
+ [ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"
+ [ "$ENV_FILE" ] && CHARMAP=$(set -a && . "$ENV_FILE" && locale charmap)
+ if [ "$CHARMAP" = "UTF-8" ]; then
+ unicode_start 2> /dev/null || true
+ else
+ unicode_stop 2> /dev/null || true
+ fi
+}
+
+if [ ! $QUIT = '1' ] ; then
+
+ case "$1" in
+ start | restart | force-reload | reload)
+
+ # Set kernel variables if required
+ reset_kernel
+
+ # First mount /proc if necessary...and if it is there (#392798)
+ unmount_proc="no"
+ if [ -d /proc ]; then
+ if [ ! -x /proc/$$ ]; then
+ unmount_proc="yes"
+ mount -n /proc
+ fi
+
+
+ if [ -f /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes ] ; then
+ linux_keycodes=`cat /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes`
+ else
+ linux_keycodes=1;
+ fi
+ else
+ linux_keycodes=1;
+ fi
+
+ # load new map
+ if [ $linux_keycodes -gt 0 ] ; then
+ if [ -r ${CONFFILE} ] ; then
+
+ # Switch console mode to UTF-8 or ASCII as necessary
+ unicode_start_stop
+
+ if [ $CONSOLE_TYPE = "serial" ] ; then
+ loadkeys -q ${CONFFILE} 2>&1 > /dev/null
+ else
+ loadkeys -q ${CONFFILE}
+ fi
+ if [ $? -gt 0 ]
+ then
+ # if we've a serial console, we may not have a keyboard, so don't
+ # complain if we fail.
+ if [ ! $CONSOLE_TYPE = "serial" ]; then
+ log_warning_msg "Problem when loading ${CONFDIR}/${CONFFILEROOT}.${EXT}.gz, use install-keymap"
+ sleep 10
+ fi
+ fi
+ fi
+ fi
+
+ # unmount /proc if we mounted it
+ [ "$unmount_proc" = "no" ] || umount -n /proc
+
+ ;;
+
+ stop)
+ ;;
+
+ status)
+ exit 0
+ ;;
+
+ *)
+ log_warning_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}"
+ ;;
+ esac
+
+fi
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: killprocs
+# Required-Start: $local_fs
+# Required-Stop:
+# Default-Start: 1
+# Default-Stop:
+# Short-Description: executed by init(8) upon entering runlevel 1 (single).
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+do_start () {
+ # Kill all processes.
+ log_action_begin_msg "Asking all remaining processes to terminate"
+ killall5 -15 # SIGTERM
+ log_action_end_msg 0
+ alldead=""
+ for seq in 1 2 3 4 5 6 7 8 9 10; do
+ # use SIGCONT/signal 18 to check if there are
+ # processes left. No need to check the exit code
+ # value, because either killall5 work and it make
+ # sense to wait for processes to die, or it fail and
+ # there is nothing to wait for.
+
+ if killall5 -18 ; then
+ :
+ else
+ alldead=1
+ break
+ fi
+
+ sleep 1
+ done
+ if [ -z "$alldead" ] ; then
+ log_action_begin_msg "Killing all remaining processes"
+ killall5 -9 # SIGKILL
+ log_action_end_msg 1
+ else
+ log_action_begin_msg "All processes ended within $seq seconds."
+ log_action_end_msg 0
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: kmod
+# Required-Start:
+# Required-Stop:
+# Should-Start: checkroot
+# Should-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Load the modules listed in /etc/modules.
+# Description: Load the modules listed in /etc/modules.
+### END INIT INFO
+
+# Silently exit if the kernel does not support modules.
+[ -f /proc/modules ] || exit 0
+[ -x /sbin/modprobe ] || exit 0
+
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+. /lib/lsb/init-functions
+
+PATH='/sbin:/bin'
+
+case "$1" in
+ start)
+ ;;
+
+ stop|restart|reload|force-reload)
+ log_warning_msg "Action '$1' is meaningless for this init script"
+ exit 0
+ ;;
+
+ *)
+ log_success_msg "Usage: $0 start"
+ exit 1
+esac
+
+load_module() {
+ local module args
+ module="$1"
+ args="$2"
+
+ if [ "$VERBOSE" != no ]; then
+ log_action_msg "Loading kernel module $module"
+ modprobe $module $args || true
+ else
+ modprobe $module $args > /dev/null 2>&1 || true
+ fi
+}
+
+modules_files() {
+ local modules_load_dirs='/etc/modules-load.d /run/modules-load.d /lib/modules-load.d'
+ local processed=' '
+ local add_etc_modules=true
+
+ for dir in $modules_load_dirs; do
+ [ -d $dir ] || continue
+ for file in $(run-parts --list --regex='\.conf$' $dir 2> /dev/null || true); do
+ local base=${file##*/}
+ if echo -n "$processed" | grep -qF " $base "; then
+ continue
+ fi
+ if [ "$add_etc_modules" -a -L $file \
+ -a "$(readlink -f $file)" = /etc/modules ]; then
+ add_etc_modules=
+ fi
+ processed="$processed$base "
+ echo $file
+ done
+ done
+
+ if [ "$add_etc_modules" ]; then
+ echo /etc/modules
+ fi
+}
+
+if [ "$VERBOSE" = no ]; then
+ log_action_begin_msg 'Loading kernel modules'
+fi
+
+files=$(modules_files)
+if [ "$files" ] ; then
+ grep -h '^[^#]' $files |
+ while read module args; do
+ [ "$module" ] || continue
+ load_module "$module" "$args"
+ done
+fi
+
+if [ "$VERBOSE" = no ]; then
+ log_action_end_msg 0
+fi
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: lvm2 lvm
+# Required-Start: mountdevsubfs
+# Required-Stop:
+# Should-Start: udev mdadm-raid cryptdisks-early multipath-tools-boot
+# Should-Stop: umountroot mdadm-raid
+# X-Start-Before: checkfs mountall
+# X-Stop-After: umountfs
+# Default-Start: S
+# Default-Stop:
+### END INIT INFO
+
+SCRIPTNAME=/etc/init.d/lvm2
+
+. /lib/lsb/init-functions
+
+[ -x /sbin/vgchange ] || exit 0
+
+case "$1" in
+ start)
+ log_action_begin_msg "Setting up LVM Volume Groups"
+ /sbin/lvm vgchange -aay --sysinit >/dev/null
+ log_action_end_msg "$?"
+ ;;
+ stop|restart|force-reload|status)
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME start" >&2
+ exit 3
+ ;;
+esac
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: motd
+# Required-Start: hostname $local_fs
+# Required-Stop:
+# Should-Start:
+# Default-Start: 1 2 3 4 5
+# Default-Stop:
+# Short-Description: Create dynamic part of /etc/motd
+# Description: /etc/motd is user-editable and static. This script
+# creates the initial dynamic part, by default the
+# output of uname, and stores it in /var/run/motd.dynamic.
+# Both parts are output by pam_motd.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+. /lib/init/vars.sh
+
+do_start () {
+ # Update motd
+ uname -snrvm > /var/run/motd.dynamic
+}
+
+do_status () {
+ if [ -f /var/run/motd.dynamic ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: motd [start|stop|status]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountall-bootclean
+# Required-Start: mountall
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after mountall.
+# Description: Clean temporary filesystems after
+# all local filesystems have been mounted.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /var/lock, /var/run
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountall-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountall
+# Required-Start: checkfs checkroot-bootclean
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount all filesystems.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+. /lib/init/swap-functions.sh
+
+# for ntfs-3g to get correct file name encoding
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG
+fi
+
+do_start() {
+ #
+ # Mount local file systems in /etc/fstab.
+ #
+ mount_all_local() {
+ mount -a -t nonfs,nfs4,smbfs,cifs,ncp,ncpfs,coda,ocfs2,gfs,gfs2,ceph \
+ -O no_netdev
+ }
+ pre_mountall
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Mounting local filesystems"
+ mount_all_local
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now mount local filesystems"
+ mount_all_local
+ log_end_msg $?
+ fi
+ post_mountall
+
+ # We might have mounted something over /run; see if
+ # /run/initctl is present. Look for
+ # /usr/share/sysvinit/update-rc.d to verify that sysvinit (and
+ # not upstart) is installed).
+ INITCTL="/run/initctl"
+ if [ ! -p "$INITCTL" ] && [ -f "/usr/share/sysvinit/update-rc.d" ]; then
+ # Create new control channel
+ rm -f "$INITCTL"
+ mknod -m 600 "$INITCTL" p
+
+ # Reopen control channel.
+ PID="$(pidof -s /sbin/init || echo 1)"
+ [ -n "$PID" ] && kill -s USR1 "$PID"
+ fi
+
+ # Execute swapon command again, in case we want to swap to
+ # a file on a now mounted filesystem.
+ swaponagain 'swapfile'
+
+ # Remount tmpfs filesystems; with increased VM after swapon,
+ # the size limits may be adjusted.
+ mount_run mount_noupdate
+ mount_lock mount_noupdate
+ mount_shm mount_noupdate
+
+ # Now we have mounted everything, check whether we need to
+ # mount a tmpfs on /tmp. We can now also determine swap size
+ # to factor this into our size limit.
+ mount_tmp mount_noupdate
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountall.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountdevsubfs
+# Required-Start: mountkernfs
+# Required-Stop:
+# Should-Start: udev
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount special file systems under /dev.
+# Description: Mount the virtual filesystems the kernel provides
+# that ordinarily live under the /dev filesystem.
+### END INIT INFO
+#
+# This script gets called multiple times during boot
+#
+
+PATH=/sbin:/bin
+TTYGRP=5
+TTYMODE=620
+[ -f /etc/default/devpts ] && . /etc/default/devpts
+
+KERNEL="$(uname -s)"
+
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+# May be run several times, so must be idempotent.
+# $1: Mount mode, to allow for remounting
+mount_filesystems () {
+ MNTMODE="$1"
+
+ # Mount a tmpfs on /run/shm
+ mount_shm "$MNTMODE"
+
+ # Mount /dev/pts
+ if [ "$KERNEL" = Linux ]
+ then
+ if [ ! -d /dev/pts ]
+ then
+ mkdir --mode=755 /dev/pts
+ [ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts
+ fi
+ domount "$MNTMODE" devpts "" /dev/pts devpts "-onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE"
+ fi
+}
+
+case "$1" in
+ "")
+ echo "Warning: mountdevsubfs should be called with the 'start' argument." >&2
+ mount_filesystems mount_noupdate
+ ;;
+ start)
+ mount_filesystems mount_noupdate
+ ;;
+ restart|reload|force-reload)
+ mount_filesystems remount
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountdevsubfs [start|stop]" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountkernfs
+# Required-Start:
+# Required-Stop:
+# Should-Start: glibc
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount kernel virtual file systems.
+# Description: Mount initial set of virtual filesystems the kernel
+# provides and that are required by everything.
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+# May be run several times, so must be idempotent.
+# $1: Mount mode, to allow for remounting
+mount_filesystems () {
+ MNTMODE="$1"
+
+ #
+ # Mount tmpfs on /run and/or /run/lock
+ #
+ mount_run "$MNTMODE"
+ mount_lock "$MNTMODE"
+
+ #
+ # Mount proc filesystem on /proc
+ #
+ domount "$MNTMODE" proc "" /proc proc "-onodev,noexec,nosuid"
+
+ #
+ # Mount sysfs on /sys
+ #
+ # Only mount sysfs if it is supported (kernel >= 2.6)
+ if grep -E -qs "sysfs\$" /proc/filesystems
+ then
+ domount "$MNTMODE" sysfs "" /sys sysfs "-onodev,noexec,nosuid"
+ fi
+
+ if [ -d /sys/fs/pstore ]
+ then
+ domount "$MNTMODE" pstore "" /sys/fs/pstore pstore ""
+ fi
+
+ if [ -d /sys/kernel/config ]
+ then
+ domount "$MNTMODE" configfs "" /sys/kernel/config configfs ""
+ fi
+}
+
+case "$1" in
+ "")
+ echo "Warning: mountkernfs should be called with the 'start' argument." >&2
+ mount_filesystems mount_noupdate
+ ;;
+ start)
+ mount_filesystems mount_noupdate
+ ;;
+ restart|reload|force-reload)
+ mount_filesystems remount
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountkernfs [start|stop]" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountnfs-bootclean
+# Required-Start: $local_fs mountnfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after mountnfs.
+# Description: Clean temporary filesystems after
+# network filesystems have been mounted.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /var/lock, /var/run
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountnfs-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountnfs
+# Required-Start: $local_fs
+# Required-Stop:
+# Should-Start: $network $portmap nfs-common udev-mtab
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Wait for network file systems to be mounted
+# Description: Network file systems are mounted by
+# /etc/network/if-up.d/mountnfs in the background
+# when interfaces are brought up; this script waits
+# for them to be mounted before carrying on.
+### END INIT INFO
+
+. /lib/init/vars.sh
+. /lib/init/mount-functions.sh
+. /lib/lsb/init-functions
+
+do_wait_async_mount() {
+ # Read through fstab line by line. If it is NFS, set the flag
+ # for mounting NFS file systems. If any NFS partition is found
+ # then wait around for it.
+
+ waitnfs=
+ for file in "$(eval ls $(fstab_files))"; do
+ if [ -f "$file" ]; then
+ while read DEV MTPT FSTYPE OPTS REST; do
+ case "$DEV" in
+ ""|\#*)
+ continue
+ ;;
+ esac
+ case "$OPTS" in
+ noauto|*,noauto|noauto,*|*,noauto,*)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs|nfs4|smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs|ceph)
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ case "$MTPT" in
+ /usr/local|/usr/local/*)
+ ;;
+ /usr|/usr/*)
+ waitnfs="$waitnfs $MTPT"
+ ;;
+ /var|/var/*)
+ waitnfs="$waitnfs $MTPT"
+ ;;
+ esac
+ done < "$file"
+ fi
+ done
+
+ # Wait for each path, the timeout is for all of them as that's
+ # really the maximum time we have to wait anyway
+ TIMEOUT=900
+ for mountpt in $waitnfs; do
+ log_action_begin_msg "Waiting for $mountpt"
+
+ while ! mountpoint -q $mountpt; do
+ sleep 0.1
+
+ TIMEOUT=$(( $TIMEOUT - 1 ))
+ if [ $TIMEOUT -le 0 ]; then
+ log_action_end_msg 1
+ break
+ fi
+ done
+
+ if [ $TIMEOUT -gt 0 ]; then
+ log_action_end_msg 0
+ fi
+ done
+}
+
+case "$1" in
+ start)
+ # Using 'no !=' instead of 'yes =' to make sure async nfs
+ # mounting is the default even without a value in
+ # /etc/default/rcS
+ if [ no != "$ASYNCMOUNTNFS" ] ; then
+ do_wait_async_mount
+ else
+ FROMINITD=yes /etc/network/if-up.d/mountnfs
+ fi
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+
+# This file is part of netfilter-persistent
+# Copyright (C) 2014 Jonathan Wiltshire
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation, either version 3
+# of the License, or (at your option) any later version.
+
+### BEGIN INIT INFO
+# Provides: netfilter-persistent
+# Required-Start: mountkernfs $remote_fs
+# Required-Stop: $remote_fs
+# Default-Start: S
+# Default-Stop: 0 1 6
+# Short-Description: Load boot-time netfilter configuration
+# Description: Loads boot-time netfilter configuration
+### END INIT INFO
+
+. /lib/lsb/init-functions
+
+case "$1" in
+start|restart|reload|force-reload)
+ log_action_begin_msg "Loading netfilter rules"
+ /usr/sbin/netfilter-persistent start
+ log_action_end_msg $?
+ ;;
+save)
+ log_action_begin_msg "Saving netfilter rules"
+ /usr/sbin/netfilter-persistent save
+ log_action_end_msg $?
+ ;;
+stop)
+ log_action_begin_msg "Stopping netfilter rules"
+ /usr/sbin/netfilter-persistent stop
+ log_action_end_msg $?
+ ;;
+flush)
+ log_action_begin_msg "Flushing netfilter rules"
+ /usr/sbin/netfilter-persistent flush
+ log_action_end_msg $?
+ ;;
+*)
+ echo "Usage: $0 {start|restart|reload|force-reload|save|flush}" >&2
+ exit 1
+ ;;
+esac
+
+exit $rc
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: networking ifupdown
+# Required-Start: mountkernfs $local_fs urandom
+# Required-Stop: $local_fs
+# Default-Start: S
+# Default-Stop: 0 6
+# Short-Description: Raise network interfaces.
+# Description: Prepare /run/network directory, ifstate file and raise network interfaces, or take them down.
+### END INIT INFO
+
+PATH="/sbin:/bin"
+RUN_DIR="/run/network"
+IFSTATE="$RUN_DIR/ifstate"
+STATEDIR="$RUN_DIR/state"
+
+[ -x /sbin/ifup ] || exit 0
+[ -x /sbin/ifdown ] || exit 0
+
+. /lib/lsb/init-functions
+
+CONFIGURE_INTERFACES=yes
+EXCLUDE_INTERFACES=
+VERBOSE=no
+
+[ -f /etc/default/networking ] && . /etc/default/networking
+
+verbose=""
+[ "$VERBOSE" = yes ] && verbose=-v
+
+process_exclusions() {
+ set -- $EXCLUDE_INTERFACES
+ exclusions=""
+ for d
+ do
+ exclusions="-X $d $exclusions"
+ done
+ echo $exclusions
+}
+
+process_options() {
+ [ -e /etc/network/options ] || return 0
+ log_warning_msg "/etc/network/options still exists and it will be IGNORED! Please use /etc/sysctl.conf instead."
+}
+
+check_ifstate() {
+ if [ ! -d "$RUN_DIR" ] ; then
+ if ! mkdir -p "$RUN_DIR" ; then
+ log_failure_msg "can't create $RUN_DIR"
+ exit 1
+ fi
+ if ! chown root:netdev "$RUN_DIR" ; then
+ log_warning_msg "can't chown $RUN_DIR"
+ fi
+ fi
+ if [ ! -r "$IFSTATE" ] ; then
+ if ! :> "$IFSTATE" ; then
+ log_failure_msg "can't initialise $IFSTATE"
+ exit 1
+ fi
+ fi
+}
+
+check_network_file_systems() {
+ [ -e /proc/mounts ] || return 0
+
+ if [ -e /etc/iscsi/iscsi.initramfs ]; then
+ log_warning_msg "not deconfiguring network interfaces: iSCSI root is mounted."
+ exit 0
+ fi
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network devices still mounted."
+ exit 0
+ ;;
+ esac
+ case $FSTYPE in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|pvfs|pvfs2|fuse.httpfs|fuse.curlftpfs)
+ log_warning_msg "not deconfiguring network interfaces: network file systems still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/mounts
+}
+
+check_network_swap() {
+ [ -e /proc/swaps ] || return 0
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network swap still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/swaps
+}
+
+ifup_hotplug () {
+ if [ -d /sys/class/net ]
+ then
+ ifaces=$(for iface in $(ifquery --list --allow=hotplug)
+ do
+ link=${iface##:*}
+ link=${link##.*}
+ if [ -e "/sys/class/net/$link" ]
+ then
+ # link detection does not work unless we up the link
+ ip link set "$iface" up || true
+ if [ "$(cat /sys/class/net/$link/operstate)" = up ]
+ then
+ echo "$iface"
+ fi
+ fi
+ done)
+ if [ -n "$ifaces" ]
+ then
+ ifup $ifaces "$@" || true
+ fi
+ fi
+}
+
+case "$1" in
+start)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+ check_ifstate
+
+ if [ "$CONFIGURE_INTERFACES" = no ]
+ then
+ log_action_msg "Not configuring network interfaces, see /etc/default/networking"
+ exit 0
+ fi
+ set -f
+ exclusions=$(process_exclusions)
+ log_action_begin_msg "Configuring network interfaces"
+ if [ -x /sbin/udevadm ]; then
+ if [ -n "$(ifquery --list --exclude=lo)" ] || [ -n "$(ifquery --list --allow=hotplug)" ]; then
+ udevadm settle || true
+ fi
+ fi
+ if ifup -a $exclusions $verbose && ifup_hotplug $exclusions $verbose
+ then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+stop)
+ if init_is_upstart; then
+ exit 0
+ fi
+ check_network_file_systems
+ check_network_swap
+
+ log_action_begin_msg "Deconfiguring network interfaces"
+ if ifdown -a --exclude=lo $verbose; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+reload)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+
+ log_action_begin_msg "Reloading network interfaces configuration"
+ state=$(ifquery --state)
+ ifdown -a --exclude=lo $verbose || true
+ if ifup --exclude=lo $state $verbose ; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+force-reload|restart)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+
+ log_warning_msg "Running $0 $1 is deprecated because it may not re-enable some interfaces"
+ log_action_begin_msg "Reconfiguring network interfaces"
+ ifdown -a --exclude=lo $verbose || true
+ set -f
+ exclusions=$(process_exclusions)
+ if ifup -a --exclude=lo $exclusions $verbose && ifup_hotplug $exclusions $verbose
+ then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+*)
+ echo "Usage: /etc/init.d/networking {start|stop|reload|restart|force-reload}"
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# vim: noet ts=8
--- /dev/null
+#!/bin/sh -e
+
+# Start or stop Postfix
+#
+# LaMont Jones <lamont@debian.org>
+# based on sendmail's init.d script
+
+### BEGIN INIT INFO
+# Provides: postfix mail-transport-agent
+# Required-Start: $local_fs $remote_fs $syslog $named $network $time
+# Required-Stop: $local_fs $remote_fs $syslog $named $network
+# Should-Start: postgresql mysql clamav-daemon postgrey spamassassin saslauthd dovecot
+# Should-Stop: postgresql mysql clamav-daemon postgrey spamassassin saslauthd dovecot
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Postfix Mail Transport Agent
+# Description: postfix is a Mail Transport agent
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/postfix
+NAME=Postfix
+TZ=
+unset TZ
+
+# Defaults - don't touch, edit /etc/default/postfix
+SYNC_CHROOT="y"
+
+test -f /etc/default/postfix && . /etc/default/postfix
+
+test -x $DAEMON && test -f /etc/postfix/main.cf || exit 0
+
+. /lib/lsb/init-functions
+#DISTRO=$(lsb_release -is 2>/dev/null || echo Debian)
+
+enabled_instances() {
+ postmulti -l -a | awk '($3=="y") { print $1}'
+}
+
+running() {
+ INSTANCE="$1"
+ if [ "X$INSTANCE" = X ]; then
+ POSTCONF="postconf"
+ else
+ POSTCONF="postmulti -i $INSTANCE -x postconf"
+ fi
+
+ queue=$($POSTCONF -h queue_directory 2>/dev/null || echo /var/spool/postfix)
+ if [ -f ${queue}/pid/master.pid ]; then
+ pid=$(sed 's/ //g' ${queue}/pid/master.pid)
+ # what directory does the executable live in. stupid prelink systems.
+ dir=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* -> //; s/\/[^\/]*$//')
+ if [ "X$dir" = "X/usr/lib/postfix" ]; then
+ echo y
+ fi
+ fi
+}
+
+configure_instance() {
+ INSTANCE="$1"
+ if [ "X$INSTANCE" = X ]; then
+ POSTCONF="postconf"
+ else
+ POSTCONF="postmulti -i $INSTANCE -x postconf"
+ fi
+
+
+ # if you set myorigin to 'ubuntu.com' or 'debian.org', it's wrong, and annoys the admins of
+ # those domains. See also sender_canonical_maps.
+
+ MYORIGIN=$($POSTCONF -h myorigin | tr 'A-Z' 'a-z')
+ if [ "X${MYORIGIN#/}" != "X${MYORIGIN}" ]; then
+ MYORIGIN=$(tr 'A-Z' 'a-z' < $MYORIGIN)
+ fi
+ if [ "X$MYORIGIN" = Xubuntu.com ] || [ "X$MYORIGIN" = Xdebian.org ]; then
+ log_failure_msg "Invalid \$myorigin ($MYORIGIN), refusing to start"
+ log_end_msg 1
+ exit 1
+ fi
+
+ config_dir=$($POSTCONF -h config_directory)
+ # see if anything is running chrooted.
+ NEED_CHROOT=$(awk '/^[0-9a-z]/ && ($5 ~ "[-yY]") { print "y"; exit}' ${config_dir}/master.cf)
+
+ if [ -n "$NEED_CHROOT" ] && [ -n "$SYNC_CHROOT" ]; then
+ # Make sure that the chroot environment is set up correctly.
+ oldumask=$(umask)
+ umask 022
+ queue_dir=$($POSTCONF -h queue_directory)
+ cd "$queue_dir"
+
+ # copy the CA path if specified
+ ca_path=$($POSTCONF -h smtp_tls_CApath)
+ case "$ca_path" in
+ '') :;; # no ca_path
+ $queue_dir/*) :;; # skip stuff already in chroot, (and to make vim syntax happy: */)
+ *)
+ if test -d "$ca_path"; then
+ dest_dir="$queue_dir/${ca_path#/}"
+ # strip any/all trailing /
+ while [ "${dest_dir%/}" != "${dest_dir}" ]; do
+ dest_dir="${dest_dir%/}"
+ done
+ new=0
+ if test -d "$dest_dir"; then
+ # write to a new directory ...
+ dest_dir="${dest_dir}.NEW"
+ new=1
+ fi
+ mkdir --parent ${dest_dir}
+ # handle files in subdirectories
+ (cd "$ca_path" && find . -name '*.pem' -print0 | cpio -0pdL --quiet "$dest_dir") 2>/dev/null ||
+ (log_failure_msg failure copying certificates; exit 1)
+ c_rehash "$dest_dir" >/dev/null 2>&1
+ if [ "$new" = 1 ]; then
+ # and replace the old directory
+ rm -rf "${dest_dir%.NEW}"
+ mv "$dest_dir" "${dest_dir%.NEW}"
+ fi
+ fi
+ ;;
+ esac
+
+ # if there is a CA file, copy it
+ ca_file=$($POSTCONF -h smtp_tls_CAfile)
+ case "$ca_file" in
+ $queue_dir/*) :;; # skip stuff already in chroot
+ '') # no ca_file
+ # or copy the bundle to preserve functionality
+ ca_bundle=/etc/ssl/certs/ca-certificates.crt
+ if [ -f $ca_bundle ]; then
+ mkdir --parent "$queue_dir/${ca_bundle%/*}"
+ cp -L "$ca_bundle" "$queue_dir/${ca_bundle%/*}"
+ fi
+ ;;
+ *)
+ if test -f "$ca_file"; then
+ dest_dir="$queue_dir/${ca_path#/}"
+ mkdir --parent "$dest_dir"
+ cp -L "$ca_file" "$dest_dir"
+ fi
+ ;;
+ esac
+
+ # if we're using unix:passwd.byname, then we need to add etc/passwd.
+ local_maps=$($POSTCONF -h local_recipient_maps)
+ if [ "X$local_maps" != "X${local_maps#*unix:passwd.byname}" ]; then
+ if [ "X$local_maps" = "X${local_maps#*proxy:unix:passwd.byname}" ]; then
+ sed 's/^\([^:]*\):[^:]*/\1:x/' /etc/passwd > etc/passwd
+ chmod a+r etc/passwd
+ fi
+ fi
+
+ FILES="etc/localtime etc/services etc/resolv.conf etc/hosts \
+ etc/host.conf etc/nsswitch.conf etc/nss_mdns.config"
+ for file in $FILES; do
+ [ -d ${file%/*} ] || mkdir -p ${file%/*}
+ if [ -f /${file} ]; then rm -f ${file} && cp /${file} ${file}; fi
+ if [ -f ${file} ]; then chmod a+rX ${file}; fi
+ done
+ # ldaps needs this. debian bug 572841
+ (echo /dev/random; echo /dev/urandom) | cpio -pdL --quiet . 2>/dev/null || true
+ rm -f usr/lib/zoneinfo/localtime
+ mkdir -p usr/lib/zoneinfo
+ ln -sf /etc/localtime usr/lib/zoneinfo/localtime
+
+ LIBLIST=$(for name in gcc_s nss resolv; do
+ for f in /lib/*/lib${name}*.so* /lib/lib${name}*.so*; do
+ if [ -f "$f" ]; then echo ${f#/}; fi;
+ done;
+ done)
+
+ if [ -n "$LIBLIST" ]; then
+ for f in $LIBLIST; do
+ rm -f "$f"
+ done
+ tar cf - -C / $LIBLIST 2>/dev/null |tar xf -
+ fi
+ umask $oldumask
+ fi
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting Postfix Mail Transport Agent" postfix
+ RET=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" = X ]; then
+ configure_instance $INSTANCE
+ CMD="/usr/sbin/postmulti -- -i $INSTANCE -x ${DAEMON}"
+ if ! start-stop-daemon --start --exec $CMD quiet-quick-start; then
+ RET=1
+ fi
+ fi
+ done
+ log_end_msg $RET
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping Postfix Mail Transport Agent" postfix
+ RET=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" != X ]; then
+ CMD="/usr/sbin/postmulti -i $INSTANCE -x ${DAEMON}"
+ if ! ${CMD} quiet-stop; then
+ RET=1
+ fi
+ fi
+ done
+ log_end_msg $RET
+ ;;
+
+ restart)
+ $0 stop
+ $0 start
+ ;;
+
+ force-reload|reload)
+ log_action_begin_msg "Reloading Postfix configuration"
+ if ${DAEMON} quiet-reload; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 1
+ fi
+ ;;
+
+ status)
+ ALL=1
+ ANY=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" != X ]; then
+ ANY=1
+ else
+ ALL=0
+ fi
+ done
+ # handle the case when postmulti returns *no* configured instances
+ if [ $ANY = 0 ]; then
+ ALL=0
+ fi
+ if [ $ALL = 1 ]; then
+ log_success_msg "postfix is running"
+ exit 0
+ elif [ $ANY = 1 ]; then
+ log_success_msg "some postfix instances are running"
+ exit 0
+ else
+ log_success_msg "postfix is not running"
+ exit 3
+ fi
+ ;;
+
+ flush|check|abort)
+ ${DAEMON} $1
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/postfix {start|stop|restart|reload|flush|check|abort|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+# /etc/init.d/procps: Set kernel variables from /etc/sysctl.conf
+#
+# written by Elrond <Elrond@Wunder-Nett.org>
+
+### BEGIN INIT INFO
+# Provides: procps
+# Required-Start: mountkernfs $local_fs
+# Required-Stop:
+# Should-Start: udev module-init-tools
+# X-Start-Before: $network
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Configure kernel parameters at boottime
+# Description: Loads kernel parameters that are specified in /etc/sysctl.conf
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+SYSCTL=/sbin/sysctl
+
+test -x $SYSCTL || exit 0
+
+. /lib/lsb/init-functions
+
+# Comment this out for sysctl to print every item changed
+QUIET_SYSCTL="-q"
+
+# Check for existance of the default file and exit if not there,
+# Closes #52839 for the boot-floppy people
+if [ -f /etc/default/rcS ] ; then
+ . /etc/default/rcS
+fi
+
+set -e
+
+case "$1" in
+ start|restart|force-reload|reload)
+ log_action_begin_msg "Setting kernel variables "
+ STATUS=0
+ $SYSCTL $QUIET_SYSCTL --system || STATUS=$?
+ log_action_end_msg $STATUS
+ ;;
+ stop)
+ ;;
+ status)
+ ;;
+ *)
+ echo "Usage: /etc/init.d/procps {start|stop|restart|reload|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+#
+# rc
+#
+# Starts/stops services on runlevel changes.
+#
+# Optimization: A start script is not run when the service was already
+# configured to run in the previous runlevel. A stop script is not run
+# when the the service was already configured not to run in the previous
+# runlevel.
+#
+# Authors:
+# Miquel van Smoorenburg <miquels@cistron.nl>
+# Bruce Perens <Bruce@Pixar.com>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+export PATH
+
+# Un-comment the following for interactive debugging. Do not un-comment
+# this for debugging a real boot process as no scripts will be executed.
+# debug=echo
+
+# Make sure the name survive changing the argument list
+scriptname="$0"
+
+umask 022
+
+on_exit() {
+ echo "error: '$scriptname' exited outside the expected code flow."
+}
+trap on_exit EXIT # Enable emergency handler
+
+# Ignore CTRL-C only in this shell, so we can interrupt subprocesses.
+trap ":" INT QUIT TSTP
+
+# Set onlcr to avoid staircase effect.
+stty onlcr 0>&1
+
+# Now find out what the current and what the previous runlevel are.
+
+runlevel=$RUNLEVEL
+# Get first argument. Set new runlevel to this argument.
+[ "$1" != "" ] && runlevel=$1
+if [ "$runlevel" = "" ]
+then
+ echo "Usage: $scriptname <runlevel>" >&2
+ exit 1
+fi
+previous=$PREVLEVEL
+[ "$previous" = "" ] && previous=N
+
+export runlevel previous
+
+if [ -f /etc/default/rcS ] ; then
+ . /etc/default/rcS
+fi
+export VERBOSE
+
+if [ -f /lib/lsb/init-functions ] ; then
+ . /lib/lsb/init-functions
+else
+ log_action_msg() { echo $@; }
+ log_failure_msg() { echo $@; }
+ log_warning_msg() { echo $@; }
+fi
+
+#
+# Check if we are able to use make like booting. It require the
+# insserv package to be enabled. Boot concurrency also requires
+# startpar to be installed.
+#
+CONCURRENCY=makefile
+test -s /etc/init.d/.depend.boot || CONCURRENCY="none"
+test -s /etc/init.d/.depend.start || CONCURRENCY="none"
+test -s /etc/init.d/.depend.stop || CONCURRENCY="none"
+if test -e /etc/init.d/.legacy-bootordering ; then
+ CONCURRENCY="none"
+fi
+if ! test -e /proc/stat; then
+ if [ "$(uname)" = "GNU/kFreeBSD" ] ; then
+ # startpar requires /proc/stat
+ mount -t linprocfs linprocfs /proc
+ fi
+fi
+if [ -x /lib/startpar/startpar ] ; then
+ STARTPAR=/lib/startpar/startpar
+else
+ STARTPAR=startpar
+fi
+$STARTPAR -v > /dev/null 2>&1 || CONCURRENCY="none"
+
+#
+# Start script or program.
+#
+case "$CONCURRENCY" in
+ makefile|startpar|shell) # startpar and shell are obsolete
+ CONCURRENCY=makefile
+ log_action_msg "Using makefile-style concurrent boot in runlevel $runlevel"
+ startup() {
+ eval "$($STARTPAR -p 4 -t 20 -T 3 -M $1 -P $previous -R $runlevel)"
+
+ if [ -n "$failed_service" ]
+ then
+ log_failure_msg "startpar: service(s) returned failure: $failed_service"
+ fi
+
+ if [ -n "$skipped_service_not_installed" ]
+ then
+ log_warning_msg "startpar: service(s) skipped, program is not installed: $skipped_service_not_installed"
+ fi
+
+ if [ -n "$skipped_service_not_configured" ]
+ then
+ log_warning_msg "startpar: service(s) skipped, program is not configured: $skipped_service_not_configured"
+ fi
+
+ unset failed_service skipped_service_not_installed skipped_service_not_configured
+ }
+ ;;
+ none|*)
+ startup() {
+ action=$1
+ shift
+ scripts="$@"
+ for script in $scripts ; do
+ $debug "$script" $action
+ done
+ }
+ ;;
+esac
+
+# Is there an rc directory for this new runlevel?
+if [ -d /etc/rc$runlevel.d ]
+then
+ case "$runlevel" in
+ 0|6)
+ ACTION=stop
+ ;;
+ S)
+ ACTION=start
+ ;;
+ *)
+ ACTION=start
+ ;;
+ esac
+
+ # First, run the KILL scripts.
+ if [ makefile = "$CONCURRENCY" ]
+ then
+ if [ "$ACTION" = "start" ] && [ "$previous" != N ]
+ then
+ startup stop
+ fi
+ elif [ "$previous" != N ]
+ then
+ # Run all scripts with the same level in parallel
+ CURLEVEL=""
+ for s in /etc/rc$runlevel.d/K*
+ do
+ # Extract order value from symlink
+ level=${s#/etc/rc$runlevel.d/K}
+ level=${level%%[a-zA-Z]*}
+ if [ "$level" = "$CURLEVEL" ]
+ then
+ continue
+ fi
+ CURLEVEL=$level
+ SCRIPTS=""
+ for i in /etc/rc$runlevel.d/K$level*
+ do
+ # Check if the script is there.
+ [ ! -f $i ] && continue
+
+ #
+ # Find stop script in previous runlevel but
+ # no start script there.
+ #
+ suffix=${i#/etc/rc$runlevel.d/K[0-9][0-9]}
+ previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix
+ previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix
+ #
+ # If there is a stop script in the previous level
+ # and _no_ start script there, we don't
+ # have to re-stop the service.
+ #
+ [ -f $previous_stop ] && [ ! -f $previous_start ] && continue
+
+ # Stop the service.
+ SCRIPTS="$SCRIPTS $i"
+ done
+ startup stop $SCRIPTS
+ done
+ fi
+
+ if [ makefile = "$CONCURRENCY" ]
+ then
+ if [ S = "$runlevel" ]
+ then
+ startup boot
+ else
+ startup $ACTION
+ fi
+ else
+ # Now run the START scripts for this runlevel.
+ # Run all scripts with the same level in parallel
+ CURLEVEL=""
+ for s in /etc/rc$runlevel.d/S*
+ do
+ # Extract order value from symlink
+ level=${s#/etc/rc$runlevel.d/S}
+ level=${level%%[a-zA-Z]*}
+ if [ "$level" = "$CURLEVEL" ]
+ then
+ continue
+ fi
+ CURLEVEL=$level
+ SCRIPTS=""
+ for i in /etc/rc$runlevel.d/S$level*
+ do
+ [ ! -f $i ] && continue
+
+ suffix=${i#/etc/rc$runlevel.d/S[0-9][0-9]}
+ if [ "$previous" != N ]
+ then
+ #
+ # Find start script in previous runlevel and
+ # stop script in this runlevel.
+ #
+ stop=/etc/rc$runlevel.d/K[0-9][0-9]$suffix
+ previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix
+ #
+ # If there is a start script in the previous level
+ # and _no_ stop script in this level, we don't
+ # have to re-start the service.
+ #
+ if [ start = "$ACTION" ] ; then
+ [ -f $previous_start ] && [ ! -f $stop ] && continue
+ else
+ # Workaround for the special
+ # handling of runlevels 0 and 6.
+ previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix
+ #
+ # If there is a stop script in the previous level
+ # and _no_ start script there, we don't
+ # have to re-stop the service.
+ #
+ [ -f $previous_stop ] && [ ! -f $previous_start ] && continue
+ fi
+
+ fi
+ SCRIPTS="$SCRIPTS $i"
+ done
+ startup $ACTION $SCRIPTS
+ done
+ fi
+fi
+
+trap - EXIT # Disable emergency handler
+
+exit 0
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rc.local
+# Required-Start: $all
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Run /etc/rc.local if it exist
+### END INIT INFO
+
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+do_start() {
+ if [ -x /etc/rc.local ]; then
+ [ "$VERBOSE" != no ] && log_begin_msg "Running local boot scripts (/etc/rc.local)"
+ /etc/rc.local
+ ES=$?
+ [ "$VERBOSE" != no ] && log_end_msg $ES
+ return $ES
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ exit 0
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+#
+# rcS
+#
+# Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order
+#
+
+exec /etc/init.d/rc S
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: reboot
+# Required-Start:
+# Required-Stop:
+# Default-Start:
+# Default-Stop: 6
+# Short-Description: Execute the reboot command.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ # Message should end with a newline since kFreeBSD may
+ # print more stuff (see #323749)
+ log_action_msg "Will now restart"
+ reboot -d -f -i
+}
+
+case "$1" in
+ start)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ status)
+ exit 0
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rmnologin
+# Required-Start: $remote_fs $all
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Remove /run/nologin at boot
+# Description: This script removes the /run/nologin file as the
+# last step in the boot process, if DELAYLOGIN=yes.
+# If DELAYLOGIN=no, /run/nologin was not created by
+# bootmisc earlier in the boot process.
+### END INIT INFO
+
+PATH=/sbin:/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ #
+ # If login delaying is enabled then remove the flag file
+ #
+ case "$DELAYLOGIN" in
+ Y*|y*)
+ rm -f /run/nologin
+ ;;
+ esac
+}
+
+do_status () {
+ if [ ! -f /run/nologin ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: rsyncd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $named autofs
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: fast remote file copy program daemon
+# Description: rsync is a program that allows files to be copied to and
+# from remote machines in much the same way as rcp.
+# This provides rsyncd daemon functionality.
+### END INIT INFO
+
+set -e
+
+# /etc/init.d/rsync: start and stop the rsync daemon
+
+DAEMON=/usr/bin/rsync
+RSYNC_ENABLE=false
+RSYNC_OPTS=''
+RSYNC_DEFAULTS_FILE=/etc/default/rsync
+RSYNC_CONFIG_FILE=/etc/rsyncd.conf
+RSYNC_PID_FILE=/var/run/rsync.pid
+RSYNC_NICE_PARM=''
+RSYNC_IONICE_PARM=''
+
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+if [ -s $RSYNC_DEFAULTS_FILE ]; then
+ . $RSYNC_DEFAULTS_FILE
+ case "x$RSYNC_ENABLE" in
+ xtrue|xfalse) ;;
+ xinetd) exit 0
+ ;;
+ *) log_failure_msg "Value of RSYNC_ENABLE in $RSYNC_DEFAULTS_FILE must be either 'true' or 'false';"
+ log_failure_msg "not starting rsync daemon."
+ exit 1
+ ;;
+ esac
+ case "x$RSYNC_NICE" in
+ x[0-9]|x1[0-9]) RSYNC_NICE_PARM="--nicelevel $RSYNC_NICE";;
+ x) ;;
+ *) log_warning_msg "Value of RSYNC_NICE in $RSYNC_DEFAULTS_FILE must be a value between 0 and 19 (inclusive);"
+ log_warning_msg "ignoring RSYNC_NICE now."
+ ;;
+ esac
+ case "x$RSYNC_IONICE" in
+ x-c[123]*) RSYNC_IONICE_PARM="$RSYNC_IONICE";;
+ x) ;;
+ *) log_warning_msg "Value of RSYNC_IONICE in $RSYNC_DEFAULTS_FILE must be -c1, -c2 or -c3;"
+ log_warning_msg "ignoring RSYNC_IONICE now."
+ ;;
+ esac
+fi
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+rsync_start() {
+ if [ ! -s "$RSYNC_CONFIG_FILE" ]; then
+ log_failure_msg "missing or empty config file $RSYNC_CONFIG_FILE"
+ log_end_msg 1
+ exit 0
+ fi
+ # See ionice(1)
+ if [ -n "$RSYNC_IONICE_PARM" ] && [ -x /usr/bin/ionice ] &&
+ /usr/bin/ionice "$RSYNC_IONICE_PARM" true 2>/dev/null; then
+ /usr/bin/ionice "$RSYNC_IONICE_PARM" -p$$ > /dev/null 2>&1
+ fi
+ if start-stop-daemon --start --quiet --background \
+ --pidfile $RSYNC_PID_FILE --make-pidfile \
+ $RSYNC_NICE_PARM --exec $DAEMON \
+ -- --no-detach --daemon --config "$RSYNC_CONFIG_FILE" $RSYNC_OPTS
+ then
+ rc=0
+ sleep 1
+ if ! kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ log_failure_msg "rsync daemon failed to start"
+ rc=1
+ fi
+ else
+ rc=1
+ fi
+ if [ $rc -eq 0 ]; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ rm -f $RSYNC_PID_FILE
+ fi
+} # rsync_start
+
+
+case "$1" in
+ start)
+ if "$RSYNC_ENABLE"; then
+ log_daemon_msg "Starting rsync daemon" "rsync"
+ if [ -s $RSYNC_PID_FILE ] && kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ log_progress_msg "apparently already running"
+ log_end_msg 0
+ exit 0
+ fi
+ rsync_start
+ else
+ if [ -s "$RSYNC_CONFIG_FILE" ]; then
+ [ "$VERBOSE" != no ] && log_warning_msg "rsync daemon not enabled in $RSYNC_DEFAULTS_FILE, not starting..."
+ fi
+ fi
+ ;;
+ stop)
+ log_daemon_msg "Stopping rsync daemon" "rsync"
+ start-stop-daemon --stop --quiet --oknodo --pidfile $RSYNC_PID_FILE
+ log_end_msg $?
+ rm -f $RSYNC_PID_FILE
+ ;;
+
+ reload|force-reload)
+ log_warning_msg "Reloading rsync daemon: not needed, as the daemon"
+ log_warning_msg "re-reads the config file whenever a client connects."
+ ;;
+
+ restart)
+ set +e
+ if $RSYNC_ENABLE; then
+ log_daemon_msg "Restarting rsync daemon" "rsync"
+ if [ -s $RSYNC_PID_FILE ] && kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ start-stop-daemon --stop --quiet --oknodo --pidfile $RSYNC_PID_FILE || true
+ sleep 1
+ else
+ log_warning_msg "rsync daemon not running, attempting to start."
+ rm -f $RSYNC_PID_FILE
+ fi
+ rsync_start
+ else
+ if [ -s "$RSYNC_CONFIG_FILE" ]; then
+ [ "$VERBOSE" != no ] && log_warning_msg "rsync daemon not enabled in $RSYNC_DEFAULTS_FILE, not starting..."
+ fi
+ fi
+ ;;
+
+ status)
+ status_of_proc -p $RSYNC_PID_FILE "$DAEMON" rsync
+ exit $? # notreached due to set -e
+ ;;
+ *)
+ echo "Usage: /etc/init.d/rsync {start|stop|reload|force-reload|restart|status}"
+ exit 1
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rsyslog
+# Required-Start: $remote_fs $time
+# Required-Stop: umountnfs $time
+# X-Stop-After: sendsigs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: enhanced syslogd
+# Description: Rsyslog is an enhanced multi-threaded syslogd.
+# It is quite compatible to stock sysklogd and can be
+# used as a drop-in replacement.
+### END INIT INFO
+
+#
+# Author: Michael Biebl <biebl@debian.org>
+#
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="enhanced syslogd"
+NAME=rsyslog
+
+RSYSLOGD=rsyslogd
+DAEMON=/usr/sbin/rsyslogd
+PIDFILE=/var/run/rsyslogd.pid
+
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Define LSB log_* functions.
+. /lib/lsb/init-functions
+
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # other if daemon could not be started or a failure occured
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $RSYSLOGD_OPTIONS
+}
+
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # other if daemon could not be stopped or a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON
+}
+
+#
+# Tell rsyslogd to close all open files
+#
+do_rotate() {
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --exec $DAEMON
+}
+
+create_xconsole() {
+ XCONSOLE=/dev/xconsole
+ if [ "$(uname -s)" != "Linux" ]; then
+ XCONSOLE=/run/xconsole
+ ln -sf $XCONSOLE /dev/xconsole
+ fi
+ if [ ! -e $XCONSOLE ]; then
+ mknod -m 640 $XCONSOLE p
+ chown root:adm $XCONSOLE
+ [ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE
+ fi
+}
+
+sendsigs_omit() {
+ OMITDIR=/run/sendsigs.omit.d
+ mkdir -p $OMITDIR
+ ln -sf $PIDFILE $OMITDIR/rsyslog
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$RSYSLOGD"
+ create_xconsole
+ do_start
+ case "$?" in
+ 0) sendsigs_omit
+ log_end_msg 0 ;;
+ 1) log_progress_msg "already started"
+ log_end_msg 0 ;;
+ *) log_end_msg 1 ;;
+ esac
+
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$RSYSLOGD"
+ do_stop
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_progress_msg "already stopped"
+ log_end_msg 0 ;;
+ *) log_end_msg 1 ;;
+ esac
+
+ ;;
+ rotate)
+ log_daemon_msg "Closing open files" "$RSYSLOGD"
+ do_rotate
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $RSYSLOGD && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: salt-minion
+# Required-Start: $remote_fs $network
+# Required-Stop: $remote_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: salt minion control daemon
+# Description: This is a daemon that controls the salt minions
+### END INIT INFO
+
+# Author: Michael Prokop <mika@debian.org>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="salt minion control daemon"
+NAME=salt-minion
+DAEMON=/usr/bin/salt-minion
+DAEMON_ARGS="-d"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+. /lib/lsb/init-functions
+
+do_start() {
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ pid=$(pidofproc -p $PIDFILE $DAEMON)
+ if [ -n "$pid" ] ; then
+ return 1
+ fi
+
+ start-stop-daemon --start --quiet --background --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+do_stop() {
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload)
+ # not implemented
+ #;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: sendsigs
+# Required-Start:
+# Required-Stop: umountnfs
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Kill all remaining processes.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+# Make it possible to see who the misbehaving processes are
+report_unkillable() {
+ if [ -x /usr/bin/pstree ] ; then
+ echo "Currently running processes (pstree):"
+ pstree
+ elif [ -x /bin/ps ] ; then
+ echo "Currently running processes (ps):"
+ ps -ef
+ fi
+}
+
+do_stop () {
+ OMITPIDS=
+
+ for omitfile in /run/sendsigs.omit; do
+ if [ -e $omitfile ]; then
+ for pid in $(cat $omitfile); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+ done
+
+ # Load sendsigs.omit.d/packagename files too, to make it
+ # possible for scripts that need to modify the list of pids at
+ # run time without race conditions.
+ for omitdir in /run/sendsigs.omit.d; do
+ if [ -d "${omitdir}" ]; then
+ for pidfile in "${omitdir}/"*; do
+ [ -f "$pidfile" ] || continue
+ for pid in $(cat $pidfile); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ done
+ fi
+ done
+
+ # Upstart jobs have their own "stop on" clauses that sends
+ # SIGTERM/SIGKILL just like this, so if they're still running,
+ # they're supposed to be
+ if [ -x /sbin/initctl ]; then
+ for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+
+ # Flush the kernel I/O buffer before we start to kill
+ # processes, to make sure the IO of already stopped services to
+ # not slow down the remaining processes to a point where they
+ # are accidentily killed with SIGKILL because they did not
+ # manage to shut down in time.
+ sync
+
+ # Kill all processes.
+ log_action_begin_msg "Asking all remaining processes to terminate"
+ killall5 -15 $OMITPIDS # SIGTERM
+ log_action_end_msg 0
+ alldead=""
+ for seq in 1 2 3 4 5 6 7 8 9 10; do
+ # use SIGCONT/signal 18 to check if there are
+ # processes left. No need to check the exit code
+ # value, because either killall5 work and it make
+ # sense to wait for processes to die, or it fail and
+ # there is nothing to wait for.
+
+ # did an upstart job start since we last polled initctl? check
+ # again on each loop and add any new jobs (e.g., plymouth) to
+ # the list. If we did miss one starting up, this beats waiting
+ # 10 seconds before shutting down.
+ if [ -x /sbin/initctl ]; then
+ for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+ if killall5 -18 $OMITPIDS ; then
+ :
+ else
+ alldead=1
+ break
+ fi
+
+ sleep 1
+ done
+ if [ -z "$alldead" ] ; then
+ report_unkillable
+ log_action_begin_msg "Killing all remaining processes"
+ killall5 -9 $OMITPIDS # SIGKILL
+ log_action_end_msg 1
+ else
+ log_action_begin_msg "All processes ended within $seq seconds"
+ log_action_end_msg 0
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: single
+# Required-Start: $local_fs $all killprocs
+# Required-Stop:
+# Default-Start: 1
+# Default-Stop:
+# Short-Description: executed by init(8) upon entering runlevel 1 (single).
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+. /lib/lsb/init-functions
+
+do_start () {
+ log_action_msg "Will now switch to single-user mode"
+ exec init -t1 S
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
+if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
+ set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
+fi
+### BEGIN INIT INFO
+# Provides: skeleton
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Example initscript
+# Description: This file should be used to construct scripts to be
+# placed in /etc/init.d. This example start a
+# single forking daemon capable of writing a pid
+# file. To get other behavoirs, implemend
+# do_start(), do_stop() or other functions to
+# override the defaults in /lib/init/init-d-script.
+### END INIT INFO
+
+# Author: Foo Bar <foobar@baz.org>
+#
+# Please remove the "Author" lines above and replace them
+# with your own name if you copy and modify this script.
+
+DESC="Description of the service"
+DAEMON=/usr/sbin/daemonexecutablename
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: sshd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: OpenBSD Secure Shell server
+### END INIT INFO
+
+set -e
+
+# /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon
+
+test -x /usr/sbin/sshd || exit 0
+( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
+
+umask 022
+
+if test -f /etc/default/ssh; then
+ . /etc/default/ssh
+fi
+
+. /lib/lsb/init-functions
+
+if [ -n "$2" ]; then
+ SSHD_OPTS="$SSHD_OPTS $2"
+fi
+
+# Are we running from init?
+run_by_init() {
+ ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ]
+}
+
+check_for_upstart() {
+ if init_is_upstart; then
+ exit $1
+ fi
+}
+
+check_for_no_start() {
+ # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
+ if [ -e /etc/ssh/sshd_not_to_be_run ]; then
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 0 || true
+ fi
+ if ! run_by_init; then
+ log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" || true
+ fi
+ exit 0
+ fi
+}
+
+check_dev_null() {
+ if [ ! -c /dev/null ]; then
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 1 || true
+ fi
+ if ! run_by_init; then
+ log_action_msg "/dev/null is not a character device!" || true
+ fi
+ exit 1
+ fi
+}
+
+check_privsep_dir() {
+ # Create the PrivSep empty dir if necessary
+ if [ ! -d /var/run/sshd ]; then
+ mkdir /var/run/sshd
+ chmod 0755 /var/run/sshd
+ fi
+}
+
+check_config() {
+ if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then
+ /usr/sbin/sshd $SSHD_OPTS -t || exit 1
+ fi
+}
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+case "$1" in
+ start)
+ check_for_upstart 1
+ check_privsep_dir
+ check_for_no_start
+ check_dev_null
+ log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" || true
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+ stop)
+ check_for_upstart 0
+ log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" || true
+ if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ reload|force-reload)
+ check_for_upstart 1
+ check_for_no_start
+ check_config
+ log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" || true
+ if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ restart)
+ check_for_upstart 1
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
+ start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ try-restart)
+ check_for_upstart 1
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
+ RET=0
+ start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid || RET="$?"
+ case $RET in
+ 0)
+ # old daemon stopped
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+ 1)
+ # daemon not running
+ log_progress_msg "(not running)" || true
+ log_end_msg 0 || true
+ ;;
+ *)
+ # failed to stop
+ log_progress_msg "(failed to stop)" || true
+ log_end_msg 1 || true
+ ;;
+ esac
+ ;;
+
+ status)
+ check_for_upstart 1
+ status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $?
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" || true
+ exit 1
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: sudo
+# Required-Start: $local_fs $remote_fs
+# Required-Stop:
+# X-Start-Before: rmnologin
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Provide limited super user privileges to specific users
+# Description: Provide limited super user privileges to specific users.
+### END INIT INFO
+
+. /lib/lsb/init-functions
+
+N=/etc/init.d/sudo
+
+set -e
+
+case "$1" in
+ start)
+ # make sure privileges don't persist across reboots
+ if [ -d /var/lib/sudo ]
+ then
+ find /var/lib/sudo -exec touch -d @0 '{}' \;
+ fi
+ ;;
+ stop|reload|restart|force-reload|status)
+ ;;
+ *)
+ echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: udev
+# Required-Start: mountkernfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Start udevd, populate /dev and load drivers.
+### END INIT INFO
+
+# we need to unmount /dev/pts/ and remount it later over the devtmpfs
+unmount_devpts() {
+ if mountpoint -q /dev/pts/; then
+ umount -n -l /dev/pts/
+ fi
+
+ if mountpoint -q /dev/shm/; then
+ umount -n -l /dev/shm/
+ fi
+}
+
+# mount a devtmpfs over /dev, if somebody did not already do it
+mount_devtmpfs() {
+ if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
+ mount -n -o remount,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev
+ return
+ fi
+
+ if ! mount -n -o size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then
+ log_failure_msg "udev requires devtmpfs support, not started"
+ log_end_msg 1
+ fi
+
+ return 0
+}
+
+create_dev_makedev() {
+ if [ -e /sbin/MAKEDEV ]; then
+ ln -sf /sbin/MAKEDEV /dev/MAKEDEV
+ else
+ ln -sf /bin/true /dev/MAKEDEV
+ fi
+}
+
+# If the initramfs does not have /run, the initramfs udev database must
+# be migrated from /dev/.udev/ to /run/udev/.
+move_udev_database() {
+ [ -e "/dev/.udev/" ] || return 0
+ [ ! -e /run/udev/ ] || return 0
+ [ -e /run/ ] || return 0
+ mountpoint -q /run/ || return 0
+
+ mv /dev/.udev/ /run/udev/ || true
+}
+
+supported_kernel() {
+ case "$(uname -r)" in
+ 2.[012345].*|2.6.[0-9]|2.6.[0-9][!0-9]*) return 1 ;;
+ 2.6.[12][0-9]|2.6.[12][0-9][!0-9]*) return 1 ;;
+ 2.6.3[0-1]|2.6.3[0-1][!0-9]*) return 1 ;;
+ esac
+ return 0
+}
+
+# shell version of /usr/bin/tty
+my_tty() {
+ [ -x /bin/readlink ] || return 0
+ [ -e /proc/self/fd/0 ] || return 0
+ readlink --silent /proc/self/fd/0 || true
+}
+
+warn_if_interactive() {
+ if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then
+ return
+ fi
+
+ TTY=$(my_tty)
+ if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then
+ return
+ fi
+
+ printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n"
+ printf "has been run from an interactive shell.\n"
+ printf "It will probably not do what you expect, so this script will wait\n"
+ printf "60 seconds before continuing. Press ^C to stop it.\n"
+ printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n"
+ sleep 60
+}
+
+make_static_nodes() {
+ [ -e /lib/modules/$(uname -r)/modules.devname ] || return 0
+ [ -x /bin/kmod ] || return 0
+
+ /bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \
+ while read type name mode uid gid age arg; do
+ [ -e $name ] && continue
+ case "$type" in
+ c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;;
+ d|d!) mkdir $name ;;
+ *) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;;
+ esac
+
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $name
+ fi
+ done
+}
+
+
+##############################################################################
+
+[ -x /sbin/udevd ] || exit 0
+
+PATH="/sbin:/bin"
+
+# defaults
+tmpfs_size="10M"
+
+if [ -e /etc/udev/udev.conf ]; then
+ . /etc/udev/udev.conf
+fi
+
+. /lib/lsb/init-functions
+
+if ! supported_kernel; then
+ log_failure_msg "udev requires a kernel >= 2.6.32, not started"
+ log_end_msg 1
+fi
+
+if [ ! -e /proc/filesystems ]; then
+ log_failure_msg "udev requires a mounted procfs, not started"
+ log_end_msg 1
+fi
+
+if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
+ log_failure_msg "udev requires devtmpfs support, not started"
+ log_end_msg 1
+fi
+
+if [ ! -d /sys/class/ ]; then
+ log_failure_msg "udev requires a mounted sysfs, not started"
+ log_end_msg 1
+fi
+
+if ! ps --no-headers --format args ax | egrep -q '^\['; then
+ log_warning_msg "udev does not support containers, not started"
+ exit 0
+fi
+
+if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \
+ [ -e /sys/block -a ! -e /sys/class/block ]; then
+ log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected"
+ log_warning_msg "Booting will continue in 30 seconds but many things will be broken"
+ sleep 30
+fi
+
+# When modifying this script, do not forget that between the time that the
+# new /dev has been mounted and udevadm trigger has been run there will be
+# no /dev/null. This also means that you cannot use the "&" shell command.
+
+case "$1" in
+ start)
+ if init_is_upstart 2>/dev/null; then
+ exit 1
+ fi
+ if mountpoint -q /dev/; then
+ TMPFS_MOUNTED=1
+ elif [ -e "/dev/.udev/" ]; then
+ log_warning_msg ".udev/ already exists on the static /dev"
+ fi
+
+ if [ ! -e "/dev/.udev/" -a ! -e "/run/udev/" ]; then
+ warn_if_interactive
+ fi
+
+ if [ -w /sys/kernel/uevent_helper ]; then
+ echo > /sys/kernel/uevent_helper
+ fi
+
+ move_udev_database
+
+ if [ -z "$TMPFS_MOUNTED" ]; then
+ unmount_devpts
+ mount_devtmpfs
+ [ -d /proc/1 ] || mount -n /proc
+ fi
+
+ make_static_nodes
+
+ # clean up parts of the database created by the initramfs udev
+ udevadm info --cleanup-db
+
+ # set the SELinux context for devices created in the initramfs
+ [ -x /sbin/restorecon ] && /sbin/restorecon -R /dev
+
+ log_daemon_msg "Starting the hotplug events dispatcher" "udevd"
+ if udevd --daemon; then
+ log_end_msg $?
+ else
+ log_warning_msg $?
+ log_warning_msg "Waiting 15 seconds and trying to continue anyway"
+ sleep 15
+ fi
+
+ log_action_begin_msg "Synthesizing the initial hotplug events"
+ if udevadm trigger --action=add; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+
+ create_dev_makedev
+
+ # wait for the udevd childs to finish
+ log_action_begin_msg "Waiting for /dev to be fully populated"
+ if udevadm settle; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 0 'timeout'
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping the hotplug events dispatcher" "udevd"
+ if start-stop-daemon --stop --name udevd --user root --quiet --oknodo --retry 5; then
+ log_end_msg $?
+ else
+ log_end_msg $?
+ fi
+ ;;
+
+ restart)
+ if init_is_upstart 2>/dev/null; then
+ exit 1
+ fi
+ log_daemon_msg "Stopping the hotplug events dispatcher" "udevd"
+ if start-stop-daemon --stop --name udevd --user root --quiet --oknodo --retry 5; then
+ log_end_msg $?
+ else
+ log_end_msg $? || true
+ fi
+
+ log_daemon_msg "Starting the hotplug events dispatcher" "udevd"
+ if udevd --daemon; then
+ log_end_msg $?
+ else
+ log_end_msg $?
+ fi
+ ;;
+
+ reload|force-reload)
+ udevadm control --reload-rules
+ ;;
+
+ status)
+ status_of_proc /sbin/udevd udevd && exit 0 || exit $?
+ ;;
+
+ *)
+ echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: udev-finish
+# Required-Start: udev $local_fs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Copy rules generated while the root was ro
+### END INIT INFO
+
+PATH="/sbin:/bin"
+
+. /lib/lsb/init-functions
+
+case "$1" in
+ start) ;;
+ stop|restart|force-reload) exit 0 ;;
+ *) echo "Usage: $0 {start|stop|restart|force-reload}" >&2; exit 1 ;;
+esac
+
+exec /lib/udev/udev-finish
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: ulogd2 ulogd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Starts ulogd2
+# Description: Starts the netfilter userspace log daemon
+### END INIT INFO
+
+# Author: Chris Boot <debian@bootc.net>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="netfilter userspace log daemon"
+NAME=ulogd
+DAEMON=/usr/sbin/$NAME
+DAEMON_USER=ulog
+PIDDIR=/run/ulog
+PIDFILE=$PIDDIR/$NAME.pid
+DAEMON_ARGS="--daemon --uid $DAEMON_USER --pidfile $PIDFILE"
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Make sure our /run directory exists
+ if [ ! -d $PIDDIR ]; then
+ mkdir $PIDDIR
+ chown $DAEMON_USER: $PIDDIR
+ fi
+
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
+ --test > /dev/null || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
+ --pidfile $PIDFILE --name $NAME
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE \
+ --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start; RET=$?
+ case $RET in
+ 0|1) log_end_msg 0; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop; RET=$?
+ case $RET in
+ 0|1) log_end_msg 0; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME"
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload; RET=$?
+ log_end_msg $RET
+ exit $RET
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop; RET=$?
+ case $RET in
+ 0|1)
+ do_start; RET=$?
+ case $RET in
+ 0) log_end_msg 0; exit 0 ;;
+ 1) log_end_msg 1; exit 1 ;; # Old process is still running
+ *) log_end_msg 1; exit 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1; exit 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountfs
+# Required-Start:
+# Required-Stop: umountroot
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Turn off swap and unmount all local file systems.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+umask 022
+
+do_stop () {
+ PROTECTED_MOUNTS="$(sed -n ':a;/^[^ ]* \/ /!{H;n;ba};{H;s/.*//;x;s/\n//;p}' /proc/mounts)"
+ WEAK_MTPTS="" # be gentle, don't use force
+ REG_MTPTS=""
+ TMPFS_MTPTS=""
+ while read -r DEV MTPT FSTYPE REST
+ do
+ echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV $MTPT " && continue
+ case "$MTPT" in
+ /|/proc|/dev|/.dev|/dev/pts|/dev/shm|/dev/.static/dev|/proc/*|/sys|/sys/*|/run|/run/*|/dev/vcs)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ proc|procfs|linprocfs|sysfs|usbfs|usbdevfs|devpts)
+ continue
+ ;;
+ tmpfs)
+ TMPFS_MTPTS="$MTPT $TMPFS_MTPTS"
+ ;;
+ *)
+ if echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV "; then
+ WEAK_MTPTS="$MTPT $WEAK_MTPTS"
+ else
+ REG_MTPTS="$MTPT $REG_MTPTS"
+ fi
+ ;;
+ esac
+ done < /proc/mounts
+
+ #
+ # Make sure tmpfs file systems are umounted before turning off
+ # swap, to avoid running out of memory if the tmpfs filesystems
+ # use a lot of space.
+ #
+ if [ "$TMPFS_MTPTS" ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting temporary filesystems"
+ fstab-decode umount $TMPFS_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount temporary filesystems"
+ fstab-decode umount -v $TMPFS_MTPTS
+ log_end_msg $?
+ fi
+ fi
+
+ #
+ # Deactivate swap
+ #
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Deactivating swap"
+ swapoff -a >/dev/null
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now deactivate swap"
+ swapoff -a -v
+ log_end_msg $?
+ fi
+
+ #
+ # Unmount local filesystems
+ #
+ if [ "$WEAK_MTPTS" ]; then
+ # Do not use -f umount option for WEAK_MTPTS
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting weak filesystems"
+ fstab-decode umount -r -d $WEAK_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount weak filesystems"
+ fstab-decode umount -v -r -d $WEAK_MTPTS
+ log_end_msg $?
+ fi
+ fi
+ if [ "$REG_MTPTS" ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting local filesystems"
+ fstab-decode umount -f -r -d $REG_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount local filesystems"
+ fstab-decode umount -f -v -r -d $REG_MTPTS
+ log_end_msg $?
+ fi
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountnfs
+# Required-Start:
+# Required-Stop: umountfs
+# Should-Stop: $network $portmap nfs-common
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Unmount all network filesystems except the root fs.
+# Description: Also unmounts all virtual filesystems (proc,
+# devpts, usbfs, sysfs) that are not mounted at the
+# top level.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+KERNEL="$(uname -s)"
+RELEASE="$(uname -r)"
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+case "${KERNEL}:${RELEASE}" in
+ Linux:[01].*|Linux:2.[01].*)
+ FLAGS=""
+ ;;
+ Linux:2.[23].*|Linux:2.4.?|Linux:2.4.?-*|Linux:2.4.10|Linux:2.4.10-*)
+ FLAGS="-f"
+ ;;
+ *)
+ FLAGS="-f -l"
+ ;;
+esac
+
+do_stop () {
+ # Write a reboot record to /var/log/wtmp before unmounting
+ halt -w
+
+ # Remove bootclean flag files (precaution against symlink attacks)
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+
+ #
+ # Make list of points to unmount in reverse order of their creation
+ #
+
+ DIRS=""
+ while read -r DEV MTPT FSTYPE OPTS REST
+ do
+ case "$MTPT" in
+ /|/proc|/dev|/dev/pts|/dev/shm|/proc/*|/sys|/run|/run/*)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|ceph)
+ DIRS="$MTPT $DIRS"
+ ;;
+ proc|procfs|linprocfs|devpts|usbfs|usbdevfs|sysfs)
+ DIRS="$MTPT $DIRS"
+ ;;
+ esac
+ case "$OPTS" in
+ _netdev|*,_netdev|_netdev,*|*,_netdev,*)
+ DIRS="$MTPT $DIRS"
+ ;;
+ esac
+ done < /etc/mtab
+
+ if [ "$DIRS" ]
+ then
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Unmounting remote and non-toplevel virtual filesystems"
+ fstab-decode umount $FLAGS $DIRS
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ fi
+
+ # emit unmounted-remote-filesystems hook point so any upstart jobs
+ # that support remote filesystems can be stopped
+ if [ -x /sbin/initctl ]; then
+ initctl --quiet emit unmounted-remote-filesystems 2>/dev/null || true
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|"")
+ do_stop
+ ;;
+ *)
+ echo "Usage: umountnfs.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountroot
+# Required-Start:
+# Required-Stop:
+# Should-Stop: halt reboot kexec
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Mount the root filesystem read-only.
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Mounting root filesystem read-only"
+ MOUNT_FORCE_OPT=
+ [ "$(uname -s)" = "GNU/kFreeBSD" ] && MOUNT_FORCE_OPT=-f
+ # This:
+ # mount -n -o remount,ro /
+ # will act on a bind mount of / if there is one.
+ # See #339023 and the comment in checkroot.sh
+ mount $MOUNT_FORCE_OPT -n -o remount,ro -t dummytype dummydev / 2>/dev/null \
+ || mount $MOUNT_FORCE_OPT -n -o remount,ro dummydev / 2>/dev/null \
+ || mount $MOUNT_FORCE_OPT -n -o remount,ro /
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: urandom
+# Required-Start: $local_fs $time
+# Required-Stop: $local_fs
+# Default-Start: S
+# Default-Stop: 0 6
+# Short-Description: Save and restore random seed between restarts.
+# Description: This script saves the random seed between restarts.
+# It is called from the boot, halt and reboot scripts.
+### END INIT INFO
+
+## Assumption 1: We assume $SAVEDFILE is a file (or a symlink
+## to a file) that resides on a non-volatile medium that persists
+## across reboots.
+## Case 1a: Ideally, it is readable and writeable. Its is unshared,
+## i.e. its contents are unique to this machine. It is protected so
+## that its contents are not known to attackers.
+## Case 1b: Less than ideally, it is read-only. Its contents are
+## unique to this machine and not known to attackers.
+SAVEDFILE=/var/lib/urandom/random-seed
+
+[ -c /dev/urandom ] || exit 0
+
+PATH=/sbin:/bin
+if ! POOLBYTES=$((
+ ($(cat /proc/sys/kernel/random/poolsize 2>/dev/null) + 7) / 8
+)) ; then
+ POOLBYTES=512
+fi
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+do_status () {
+ if [ -f $SAVEDFILE ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator"
+ # Seed the RNG with date and time.
+ # This is helpful in the less-than-ideal case where $SAVEDFILE
+ # is read-only.
+ # The value of this is greatly reduced if $SAVEDFILE is missing,
+ # or its contents are shared machine-to-machine or known to
+ # attackers (since they might well know at what time this
+ # machine booted up).
+ (
+ date +%s.%N
+
+ # Load and then save $POOLBYTES bytes,
+ # which is the size of the entropy pool
+ if [ -f "$SAVEDFILE" ]
+ then
+ cat "$SAVEDFILE"
+ fi
+ # Redirect output of subshell (not individual commands)
+ # to cope with a misfeature in the FreeBSD (not Linux)
+ # /dev/random, where every superuser write/close causes
+ # an explicit reseed of the yarrow.
+ ) >/dev/urandom
+
+ # Write a new seed into $SAVEDFILE because re-using a seed
+ # compromises security. Each time we re-seed, we want the
+ # seed to be as different as possible.
+ # Write it now, in case the machine crashes without doing
+ # an orderly shutdown.
+ # The write will fail if $SAVEDFILE is read-only, but it
+ # doesn't hurt to try.
+ umask 077
+ dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
+ ES=$?
+ umask 022
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ ;;
+ stop)
+ # Carry a random seed from shut-down to start-up;
+ # Write it on shutdown, in case the one written at startup
+ # has been lost, snooped, or otherwise compromised.
+ # see documentation in linux/drivers/char/random.c
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Saving random seed"
+ umask 077
+ dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ *)
+ echo "Usage: urandom start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+# network-interface-container - woarkound for missing events in container
+#
+# This service emits missing net-device-added events for containers.
+# It's needed in cases where devices are created before the container
+# starts and so won't get a udev event.
+
+description "workaround for missing events in container"
+start on container
+
+emits net-device-added
+
+task
+script
+ case "$CONTAINER" in
+ lxc|lxc-libvirt|openvz)
+ initctl emit --no-wait net-device-added INTERFACE=lo || true
+ ;;
+ esac
+end script
--- /dev/null
+# network-interface-security - configure network device security
+#
+# This is a one-time start-up script to load AppArmor profiles needed
+# before the network comes up.
+
+description "configure network device security"
+
+# In order to avoid upstart bug LP: #447654, we cannot have an AND
+# statement here (with the ORs). An "and virtual-filesystems" is desired
+# here to make sure that the securityfs is mounted, but since each of the
+# ORed services already require virtual-filesystems be mounted, this is safe:
+start on (starting network-interface
+ or starting network-manager
+ or starting networking)
+stop on (stopped network-interface JOB=$JOB INTERFACE=$INTERFACE
+ or stopped network-manager JOB=$JOB
+ or stopped networking JOB=$JOB)
+
+# In order to handle the lack of upstart feature LP: #568860, we need to
+# run multiple times, for each of the above "starting" service instances, or
+# else another one might run while we're running, and not wait for us to
+# finish.
+instance $JOB${INTERFACE:+/}${INTERFACE:-}
+
+# Since we need these profiles to be loaded before any of the above services
+# begin running, this service must be a pre-start so that its pre-start
+# script finishes before the above services' start scripts begin.
+pre-start script
+ [ -f /run/network-interface-security ] && exit 0 # already ran
+ [ -d /rofs/etc/apparmor.d ] && exit 0 # do not load on liveCD
+ [ -d /sys/module/apparmor ] || exit 0 # do not load without AppArmor
+ [ -x /sbin/apparmor_parser ] || exit 0 # do not load without parser
+ for link in /etc/apparmor/init/network-interface-security/* ; do
+ [ -L $link ] && /sbin/apparmor_parser -r -W $link || true
+ done
+ > /run/network-interface-security
+end script
--- /dev/null
+# network-interface - configure network device
+#
+# This service causes network devices to be brought up or down as a result
+# of hardware being added or removed, including that which isn't ordinarily
+# removable.
+
+description "configure network device"
+
+emits net-device-up
+emits net-device-down
+emits static-network-up
+
+start on net-device-added
+stop on net-device-removed INTERFACE=$INTERFACE
+
+instance $INTERFACE
+export INTERFACE
+
+pre-start script
+ if [ "$INTERFACE" = lo ]; then
+ # bring this up even if /etc/network/interfaces is broken
+ ifconfig lo 127.0.0.1 up || true
+ initctl emit -n net-device-up \
+ IFACE=lo LOGICAL=lo ADDRFAM=inet METHOD=loopback || true
+ fi
+ mkdir -p /run/network
+ ifup --allow auto $INTERFACE
+ ifup --allow hotplug $INTERFACE
+end script
+
+post-stop script
+ ifdown --force --allow auto $INTERFACE
+ ifdown --force --allow hotplug $INTERFACE
+end script
--- /dev/null
+# networking - configure virtual network devices
+#
+# This task causes virtual network devices that do not have an associated
+# kernel object to be started on boot.
+
+description "configure virtual network devices"
+
+emits static-network-up
+emits net-device-up
+emits deconfiguring-networking
+
+start on (local-filesystems
+ and (stopped udevtrigger or container)) or runlevel [2345] or stopped networking RESULT=failed PROCESS=post-stop EXIT_STATUS=100
+stop on unmounted-remote-filesystems
+
+pre-start script
+ if [ "$UPSTART_EVENTS" = "stopped" ] && [ "$UPSTART_JOB" = "networking" ] && [ "$EXIT_STATUS" = "100" ]; then
+ exit 0
+ fi
+
+ mkdir -p /run/network
+ ifup -a
+end script
+
+post-stop script
+ if [ -z "$UPSTART_STOP_EVENTS" ]; then
+ echo "Stopping or restarting the networking job is not supported."
+ echo "Use ifdown & ifup to reconfigure desired interface."
+ exit 100
+ fi
+
+ log_warning_msg() {
+ echo $*
+ }
+
+ # These checks were taken from the Debian ifupdown.networking.init script
+ check_network_file_systems() {
+ [ -e /proc/mounts ] || return 0
+
+ if [ -e /etc/iscsi/iscsi.initramfs ]; then
+ log_warning_msg "not deconfiguring network interfaces: iSCSI root is mounted."
+ exit 0
+ fi
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network devices still mounted."
+ exit 0
+ ;;
+ esac
+ case $FSTYPE in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|pvfs|pvfs2|fuse.httpfs|fuse.curlftpfs)
+ log_warning_msg "not deconfiguring network interfaces: network file systems still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/mounts
+ }
+
+ check_network_swap() {
+ [ -e /proc/swaps ] || return 0
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network swap still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/swaps
+ }
+
+ check_network_file_systems
+ check_network_swap
+
+ # Anything that manages network interfaces *MUST* wait for this event
+ initctl emit deconfiguring-networking
+ ifdown -a --exclude=lo
+end script
--- /dev/null
+description "Salt Minion"
+
+start on (net-device-up
+ and local-filesystems
+ and runlevel [2345])
+stop on runlevel [!2345]
+
+# The respawn in the minion is known to cause problems
+# because if the main minion process dies it has done
+# so most likely for a good reason. Uncomment these
+# two lines to enable respawn
+#respawn
+#respawn limit 10 5
+
+script
+ # Read configuration variable file if it is present
+ [ -f /etc/default/$UPSTART_JOB ] && . /etc/default/$UPSTART_JOB
+
+ # Activate the virtualenv if defined
+ [ -f $SALT_USE_VIRTUALENV/bin/activate ] && . $SALT_USE_VIRTUALENV/bin/activate
+
+ exec salt-minion
+end script
--- /dev/null
+# ssh - OpenBSD Secure Shell server
+#
+# The OpenSSH server provides secure shell access to the system.
+
+description "OpenSSH server"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+respawn limit 10 5
+umask 022
+
+env SSH_SIGSTOP=1
+expect stop
+
+# 'sshd -D' leaks stderr and confuses things in conjunction with 'console log'
+console none
+
+pre-start script
+ test -x /usr/sbin/sshd || { stop; exit 0; }
+ test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
+
+ mkdir -p -m0755 /var/run/sshd
+end script
+
+# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
+# 'exec' line here instead
+exec /usr/sbin/sshd -D
--- /dev/null
+# startpar-bridge - inject upstart start/stop events into startpar
+#
+# This job serves as a bridge to make startpar aware when an upstart job has
+# started or stopped, in order to make a soft transition between sysvinit
+# scripts and upstart jobs possible
+
+description "startpar bridge for notification of upstart job start/stop"
+author "Steve Langasek <steve.langasek@ubuntu.com>"
+
+start on started JOB!=startpar-bridge or stopped JOB!=startpar-bridge
+instance $JOB-$INSTANCE-$UPSTART_EVENTS
+
+task
+
+exec /lib/startpar/startpar-upstart-inject "$JOB" "$INSTANCE" "$UPSTART_EVENTS"
--- /dev/null
+# fallback-graphics - take actions to initiate fallback graphics
+#
+# if we have cold plugged everything and not yet seen a valid graphics
+# device,
+# shove a fallback framebuffer into the mix and hope for the best.
+
+description "load fallback graphics devices"
+
+# We only want this job to happen once per boot, hence 'startup and ...'.
+start on (startup and
+ (graphics-device-added PRIMARY_DEVICE_FOR_DISPLAY=1
+ or drm-device-added PRIMARY_DEVICE_FOR_DISPLAY=1
+ or stopped udevtrigger or container))
+
+task
+
+script
+ if [ "$PRIMARY_DEVICE_FOR_DISPLAY" = "" ]; then
+ modprobe -q -b vesafb
+ fi
+end script
--- /dev/null
+# udev-finish - save udev log and update rules
+#
+# While udev runs we not only create the log file of initial device
+# creation but udev rules may be generated, we need to copy both of
+# these out of /dev and onto the root filesystem.
+
+description "save udev log and update rules"
+
+start on (startup
+ and filesystem
+ and started udev
+ and stopped udevtrigger
+ and stopped udevmonitor)
+
+pre-start script
+ # Save udev log in /var/log/udev
+ if [ -e /dev/.udev.log ]
+ then
+ mv -f /dev/.udev.log /var/log/udev || :
+ fi
+
+ # Copy any rules generated while the root filesystem was read-only
+ /lib/udev/udev-finish
+end script
--- /dev/null
+# udev - device node and kernel event manager
+#
+# The udev daemon receives events from the kernel about changes in the
+# /sys filesystem and manages the /dev filesystem.
+
+description "device node and kernel event manager"
+
+start on virtual-filesystems
+stop on runlevel [06]
+
+expect fork
+respawn
+
+exec /lib/systemd/systemd-udevd --daemon
--- /dev/null
+# udevmonitor - log initial device creation
+#
+# The set of devices created in the "cold plug" pass is generally
+# useful for debugging, so we monitor this and create a log file
+# from that.
+
+description "log initial device creation"
+
+start on (startup
+ and starting udevtrigger)
+stop on stopped udevtrigger
+
+exec /sbin/udevadm monitor -e >/dev/.udev.log
--- /dev/null
+# udevtrigger - cold plug devices
+#
+# By the time udevd starts, we've already missed all of the events for
+# the devices populated in /sys. This task causes the kernel to resend
+# them.
+
+description "cold plug devices"
+
+start on (startup
+ and started udev
+ and not-container)
+
+task
+
+exec udevadm trigger --action=add
+post-stop exec udevadm settle
--- /dev/null
+# ulogd2 - Netfilter Userspace Logging Daemon
+#
+# ulogd is an advanced netfilter logging daemon.
+
+description "Netfilter Userspace Logging Daemon"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+expect fork
+respawn
+
+exec /usr/sbin/ulogd --daemon --uid ulog
--- /dev/null
+#
+# initramfs.conf
+# Configuration file for mkinitramfs(8). See initramfs.conf(5).
+#
+# Note that configuration options from this file can be overridden
+# by config files in the /etc/initramfs-tools/conf.d directory.
+
+#
+# MODULES: [ most | netboot | dep | list ]
+#
+# most - Add most filesystem and all harddrive drivers.
+#
+# dep - Try and guess which modules to load.
+#
+# netboot - Add the base modules, network modules, but skip block devices.
+#
+# list - Only include modules from the 'additional modules' list
+#
+
+MODULES=most
+
+#
+# BUSYBOX: [ y | n ]
+#
+# Use busybox if available.
+#
+
+BUSYBOX=y
+
+#
+# KEYMAP: [ y | n ]
+#
+# Load a keymap during the initramfs stage.
+#
+
+KEYMAP=n
+
+#
+# COMPRESS: [ gzip | bzip2 | lzma | lzop | xz ]
+#
+
+COMPRESS=gzip
+
+#
+# NFS Section of the config.
+#
+
+#
+# DEVICE: ...
+#
+# Specify a specific network interface, like eth0
+# Overridden by optional ip= bootarg
+#
+
+DEVICE=
+
+#
+# NFSROOT: [ auto | HOST:MOUNT ]
+#
+
+NFSROOT=auto
+
--- /dev/null
+# List of modules that you want to include in your initramfs.
+# They will be loaded at boot time in the order below.
+#
+# Syntax: module_name [args ...]
+#
+# You must run update-initramfs(8) to effect this change.
+#
+# Examples:
+#
+# raid1
+# sd_mod
--- /dev/null
+#
+# Configuration file for update-initramfs(8)
+#
+
+#
+# update_initramfs [ yes | all | no ]
+#
+# Default is yes
+# If set to all update-initramfs will update all initramfs
+# If set to no disables any update to initramfs beside kernel upgrade
+
+update_initramfs=yes
+
+#
+# backup_initramfs [ yes | no ]
+#
+# Default is no
+# If set to no leaves no .bak backup files.
+
+backup_initramfs=no
--- /dev/null
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+# <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty --noclear 38400 tty1
+2:23:respawn:/sbin/getty 38400 tty2
+3:23:respawn:/sbin/getty 38400 tty3
+4:23:respawn:/sbin/getty 38400 tty4
+5:23:respawn:/sbin/getty 38400 tty5
+6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
--- /dev/null
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+# <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty --noclear 38400 tty1
+2:23:respawn:/sbin/getty 38400 tty2
+3:23:respawn:/sbin/getty 38400 tty3
+4:23:respawn:/sbin/getty 38400 tty4
+5:23:respawn:/sbin/getty 38400 tty5
+6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
--- /dev/null
+# /etc/inputrc - global inputrc for libreadline
+# See readline(3readline) and `info rluserman' for more information.
+
+# Be 8 bit clean.
+set input-meta on
+set output-meta on
+
+# To allow the use of 8bit-characters like the german umlauts, uncomment
+# the line below. However this makes the meta key not work as a meta key,
+# which is annoying to those which don't need to type in 8-bit characters.
+
+# set convert-meta off
+
+# try to enable the application keypad when it is called. Some systems
+# need this to enable the arrow keys.
+# set enable-keypad on
+
+# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
+
+# do not bell on tab-completion
+# set bell-style none
+# set bell-style visible
+
+# some defaults / modifications for the emacs mode
+$if mode=emacs
+
+# allow the use of the Home/End keys
+"\e[1~": beginning-of-line
+"\e[4~": end-of-line
+
+# allow the use of the Delete/Insert keys
+"\e[3~": delete-char
+"\e[2~": quoted-insert
+
+# mappings for "page up" and "page down" to step to the beginning/end
+# of the history
+# "\e[5~": beginning-of-history
+# "\e[6~": end-of-history
+
+# alternate mappings for "page up" and "page down" to search the history
+ "\e[5~": history-search-backward
+ "\e[6~": history-search-forward
+
+# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
+"\e[1;5C": forward-word
+"\e[1;5D": backward-word
+"\e[5C": forward-word
+"\e[5D": backward-word
+"\e\e[C": forward-word
+"\e\e[D": backward-word
+
+$if term=rxvt
+"\e[7~": beginning-of-line
+"\e[8~": end-of-line
+"\eOc": forward-word
+"\eOd": backward-word
+$endif
+
+# for non RH/Debian xterm, can't hurt for RH/Debian xterm
+# "\eOH": beginning-of-line
+# "\eOF": end-of-line
+
+# for freebsd console
+# "\e[H": beginning-of-line
+# "\e[F": end-of-line
+
+$endif
--- /dev/null
+# /etc/inputrc - global inputrc for libreadline
+# See readline(3readline) and `info rluserman' for more information.
+
+# Be 8 bit clean.
+set input-meta on
+set output-meta on
+
+# To allow the use of 8bit-characters like the german umlauts, uncomment
+# the line below. However this makes the meta key not work as a meta key,
+# which is annoying to those which don't need to type in 8-bit characters.
+
+# set convert-meta off
+
+# try to enable the application keypad when it is called. Some systems
+# need this to enable the arrow keys.
+# set enable-keypad on
+
+# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
+
+# do not bell on tab-completion
+# set bell-style none
+# set bell-style visible
+
+# some defaults / modifications for the emacs mode
+$if mode=emacs
+
+# allow the use of the Home/End keys
+"\e[1~": beginning-of-line
+"\e[4~": end-of-line
+
+# allow the use of the Delete/Insert keys
+"\e[3~": delete-char
+"\e[2~": quoted-insert
+
+# mappings for "page up" and "page down" to step to the beginning/end
+# of the history
+# "\e[5~": beginning-of-history
+# "\e[6~": end-of-history
+
+# alternate mappings for "page up" and "page down" to search the history
+ "\e[5~": history-search-backward
+# "\e[6~": history-search-forward
+
+# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
+"\e[1;5C": forward-word
+"\e[1;5D": backward-word
+"\e[5C": forward-word
+"\e[5D": backward-word
+"\e\e[C": forward-word
+"\e\e[D": backward-word
+
+$if term=rxvt
+"\e[7~": beginning-of-line
+"\e[8~": end-of-line
+"\eOc": forward-word
+"\eOd": backward-word
+$endif
+
+# for non RH/Debian xterm, can't hurt for RH/Debian xterm
+# "\eOH": beginning-of-line
+# "\eOF": end-of-line
+
+# for freebsd console
+# "\e[H": beginning-of-line
+# "\e[F": end-of-line
+
+$endif
--- /dev/null
+#
+# All local filesystems are mounted (done during boot phase)
+#
+$local_fs +mountall +mountall-bootclean +mountoverflowtmp +umountfs
+
+#
+# Low level networking (ethernet card)
+#
+$network +networking +ifupdown
+
+#
+# Named is operational
+#
+$named +named +dnsmasq +lwresd +bind9 +unbound $network
+
+#
+# All remote filesystems are mounted (note in some cases /usr may
+# be remote. Most applications that care will probably require
+# both $local_fs and $remote_fs)
+#
+$remote_fs $local_fs +mountnfs +mountnfs-bootclean +umountnfs +sendsigs
+
+#
+# System logger is operational
+#
+$syslog +rsyslog +sysklogd +syslog-ng +dsyslog +inetutils-syslogd
+
+#
+# The system time has been set correctly
+#
+$time +hwclock
+
+#
+# Services which need to be interactive
+#
+<interactive> glibc udev console-screen keymap keyboard-setup console-setup cryptdisks cryptdisks-early checkfs-loop
--- /dev/null
+$mail-transport-agent postfix
--- /dev/null
+# lookup table for ematch kinds
+1 cmp
+2 nbyte
+3 u32
+4 meta
+7 canid
+8 ipset
--- /dev/null
+# device group names
+0 default
--- /dev/null
+0x00 default
+0x10 lowdelay
+0x08 throughput
+0x04 reliability
+# This value overlap with ECT, do not use it!
+0x02 mincost
+# These values seems do not want to die, Cisco likes them by a strange reason.
+0x20 priority
+0x40 immediate
+0x60 flash
+0x80 flash-override
+0xa0 critical
+0xc0 internet
+0xe0 network
+# Newer RFC2597 values
+0x28 AF11
+0x30 AF12
+0x38 AF13
+0x48 AF21
+0x50 AF22
+0x58 AF23
+0x68 AF31
+0x70 AF32
+0x78 AF33
+0x88 AF41
+0x90 AF42
+0x98 AF43
--- /dev/null
+#
+# Reserved protocols.
+#
+0 unspec
+1 redirect
+2 kernel
+3 boot
+4 static
+8 gated
+9 ra
+10 mrt
+11 zebra
+12 bird
+13 dnrouted
+14 xorp
+15 ntk
+16 dhcp
+
+#
+# Used by me for gated
+#
+254 gated/aggr
+253 gated/bgp
+252 gated/ospf
+251 gated/ospfase
+250 gated/rip
+249 gated/static
+248 gated/conn
+247 gated/inet
+246 gated/default
--- /dev/null
+#
+# reserved values
+#
+0 cosmos
+#
+# local
+#
+#1 inr.ac
+#2 inr.ruhep
+#3 freenet
+#4 radio-msu
+#5 russia
+#6 internet
--- /dev/null
+#
+# reserved values
+#
+0 global
+255 nowhere
+254 host
+253 link
+#
+# pseudo-reserved
+#
+200 site
--- /dev/null
+#
+# reserved values
+#
+255 local
+254 main
+253 default
+0 unspec
+#
+# local
+#
+#1 inr.ruhep
--- /dev/null
+# Generated by iptables-save v1.4.21 on Mon Sep 26 10:41:38 2016
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [63:15254]
+:fail2ban-postfix - [0:0]
+:fail2ban-ssh - [0:0]
+-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
+-A INPUT -p tcp -m multiport --dports 25,465,587 -j fail2ban-postfix
+-A INPUT -s 220.192.0.0/12 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -s 222.184.0.0/13 -p tcp -m multiport --dports 22 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -p udp -m udp --dport 68 -j ACCEPT
+-A INPUT -p udp -m udp --dport 53 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
+-A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1
+-A INPUT -j REJECT --reject-with icmp-port-unreachable
+-A fail2ban-postfix -j RETURN
+-A fail2ban-ssh -j RETURN
+COMMIT
+# Completed on Mon Sep 26 10:41:38 2016
--- /dev/null
+# Generated by ip6tables-save v1.4.21 on Mon Sep 26 10:41:38 2016
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [160737:106021369]
+-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED -j ACCEPT
+-A INPUT -p ipv6-icmp -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -p udp -m udp --dport 53 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
+-A INPUT -j NFLOG --nflog-prefix "IPv6 INPUT Drop " --nflog-threshold 1
+-A INPUT -j DROP
+-A FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A FORWARD -m conntrack --ctstate RELATED -j ACCEPT
+-A FORWARD -p ipv6-icmp -j ACCEPT
+-A FORWARD -p tcp -m tcp --dport 22 -j ACCEPT
+-A FORWARD -p tcp -m multiport --dports 80,443 -j ACCEPT
+-A FORWARD -d 2001:6f8:1db7::5/128 -p tcp -m multiport --dports 25,465 -j ACCEPT
+-A FORWARD -d 2001:6f8:1db7::5/128 -p tcp -m multiport --dports 587 -j ACCEPT
+-A FORWARD -d 2001:6f8:1db7::5/128 -p tcp -m multiport --dports 143,993 -j ACCEPT
+-A FORWARD -d 2001:6f8:1db7::5/128 -p tcp -m multiport --dports 4190 -j ACCEPT
+-A FORWARD -j NFLOG --nflog-prefix "IPv6 FORWARD Reject " --nflog-threshold 1
+-A FORWARD -j REJECT --reject-with icmp6-port-unreachable
+COMMIT
+# Completed on Mon Sep 26 10:41:38 2016
--- /dev/null
+#
+# Open-iSCSI default configuration.
+# Could be located at /etc/iscsi/iscsid.conf or ~/.iscsid.conf
+#
+# Note: To set any of these values for a specific node/session run
+# the iscsiadm --mode node --op command for the value. See the README
+# and man page for iscsiadm for details on the --op command.
+#
+
+######################
+# iscsid daemon config
+######################
+# If you want iscsid to start the first time a iscsi tool
+# needs to access it, instead of starting it when the init
+# scripts run, set the iscsid startup command here. This
+# should normally only need to be done by distro package
+# maintainers.
+#
+# Default for Fedora and RHEL. (uncomment to activate).
+# iscsid.startup = /etc/rc.d/init.d/iscsid force-start
+#
+# Default for upstream open-iscsi scripts (uncomment to activate).
+iscsid.startup = /usr/sbin/iscsid
+
+
+#############################
+# NIC/HBA and driver settings
+#############################
+# open-iscsi can create a session and bind it to a NIC/HBA.
+# To set this up see the example iface config file.
+
+#*****************
+# Startup settings
+#*****************
+
+# To request that the iscsi initd scripts startup a session set to "automatic".
+# node.startup = automatic
+#
+# To manually startup the session set to "manual". The default is manual.
+node.startup = manual
+
+# For "automatic" startup nodes, setting this to "Yes" will try logins on each
+# available iface until one succeeds, and then stop. The default "No" will try
+# logins on all availble ifaces simultaneously.
+node.leading_login = No
+
+# *************
+# CHAP Settings
+# *************
+
+# To enable CHAP authentication set node.session.auth.authmethod
+# to CHAP. The default is None.
+#node.session.auth.authmethod = CHAP
+
+# To set a CHAP username and password for initiator
+# authentication by the target(s), uncomment the following lines:
+#node.session.auth.username = username
+#node.session.auth.password = password
+
+# To set a CHAP username and password for target(s)
+# authentication by the initiator, uncomment the following lines:
+#node.session.auth.username_in = username_in
+#node.session.auth.password_in = password_in
+
+# To enable CHAP authentication for a discovery session to the target
+# set discovery.sendtargets.auth.authmethod to CHAP. The default is None.
+#discovery.sendtargets.auth.authmethod = CHAP
+
+# To set a discovery session CHAP username and password for the initiator
+# authentication by the target(s), uncomment the following lines:
+#discovery.sendtargets.auth.username = username
+#discovery.sendtargets.auth.password = password
+
+# To set a discovery session CHAP username and password for target(s)
+# authentication by the initiator, uncomment the following lines:
+#discovery.sendtargets.auth.username_in = username_in
+#discovery.sendtargets.auth.password_in = password_in
+
+# ********
+# Timeouts
+# ********
+#
+# See the iSCSI REAME's Advanced Configuration section for tips
+# on setting timeouts when using multipath or doing root over iSCSI.
+#
+# To specify the length of time to wait for session re-establishment
+# before failing SCSI commands back to the application when running
+# the Linux SCSI Layer error handler, edit the line.
+# The value is in seconds and the default is 120 seconds.
+# Special values:
+# - If the value is 0, IO will be failed immediately.
+# - If the value is less than 0, IO will remain queued until the session
+# is logged back in, or until the user runs the logout command.
+node.session.timeo.replacement_timeout = 120
+
+# To specify the time to wait for login to complete, edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.conn[0].timeo.login_timeout = 15
+
+# To specify the time to wait for logout to complete, edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.conn[0].timeo.logout_timeout = 15
+
+# Time interval to wait for on connection before sending a ping.
+node.conn[0].timeo.noop_out_interval = 5
+
+# To specify the time to wait for a Nop-out response before failing
+# the connection, edit this line. Failing the connection will
+# cause IO to be failed back to the SCSI layer. If using dm-multipath
+# this will cause the IO to be failed to the multipath layer.
+node.conn[0].timeo.noop_out_timeout = 5
+
+# To specify the time to wait for abort response before
+# failing the operation and trying a logical unit reset edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.session.err_timeo.abort_timeout = 15
+
+# To specify the time to wait for a logical unit response
+# before failing the operation and trying session re-establishment
+# edit the line.
+# The value is in seconds and the default is 30 seconds.
+node.session.err_timeo.lu_reset_timeout = 30
+
+# To specify the time to wait for a target response
+# before failing the operation and trying session re-establishment
+# edit the line.
+# The value is in seconds and the default is 30 seconds.
+node.session.err_timeo.tgt_reset_timeout = 30
+
+
+#******
+# Retry
+#******
+
+# To specify the number of times iscsid should retry a login
+# if the login attempt fails due to the node.conn[0].timeo.login_timeout
+# expiring modify the following line. Note that if the login fails
+# quickly (before node.conn[0].timeo.login_timeout fires) because the network
+# layer or the target returns an error, iscsid may retry the login more than
+# node.session.initial_login_retry_max times.
+#
+# This retry count along with node.conn[0].timeo.login_timeout
+# determines the maximum amount of time iscsid will try to
+# establish the initial login. node.session.initial_login_retry_max is
+# multiplied by the node.conn[0].timeo.login_timeout to determine the
+# maximum amount.
+#
+# The default node.session.initial_login_retry_max is 8 and
+# node.conn[0].timeo.login_timeout is 15 so we have:
+#
+# node.conn[0].timeo.login_timeout * node.session.initial_login_retry_max =
+# 120 seconds
+#
+# Valid values are any integer value. This only
+# affects the initial login. Setting it to a high value can slow
+# down the iscsi service startup. Setting it to a low value can
+# cause a session to not get logged into, if there are distuptions
+# during startup or if the network is not ready at that time.
+node.session.initial_login_retry_max = 8
+
+################################
+# session and device queue depth
+################################
+
+# To control how many commands the session will queue set
+# node.session.cmds_max to an integer between 2 and 2048 that is also
+# a power of 2. The default is 128.
+node.session.cmds_max = 128
+
+# To control the device's queue depth set node.session.queue_depth
+# to a value between 1 and 1024. The default is 32.
+node.session.queue_depth = 32
+
+##################################
+# MISC SYSTEM PERFORMANCE SETTINGS
+##################################
+
+# For software iscsi (iscsi_tcp) and iser (ib_iser) each session
+# has a thread used to transmit or queue data to the hardware. For
+# cxgb3i you will get a thread per host.
+#
+# Setting the thread's priority to a lower value can lead to higher throughput
+# and lower latencies. The lowest value is -20. Setting the priority to
+# a higher value, can lead to reduced IO performance, but if you are seeing
+# the iscsi or scsi threads dominate the use of the CPU then you may want
+# to set this value higher.
+#
+# Note: For cxgb3i you must set all sessions to the same value, or the
+# behavior is not defined.
+#
+# The default value is -20. The setting must be between -20 and 20.
+node.session.xmit_thread_priority = -20
+
+
+#***************
+# iSCSI settings
+#***************
+
+# To enable R2T flow control (i.e., the initiator must wait for an R2T
+# command before sending any data), uncomment the following line:
+#
+#node.session.iscsi.InitialR2T = Yes
+#
+# To disable R2T flow control (i.e., the initiator has an implied
+# initial R2T of "FirstBurstLength" at offset 0), uncomment the following line:
+#
+# The defaults is No.
+node.session.iscsi.InitialR2T = No
+
+#
+# To disable immediate data (i.e., the initiator does not send
+# unsolicited data with the iSCSI command PDU), uncomment the following line:
+#
+#node.session.iscsi.ImmediateData = No
+#
+# To enable immediate data (i.e., the initiator sends unsolicited data
+# with the iSCSI command packet), uncomment the following line:
+#
+# The default is Yes
+node.session.iscsi.ImmediateData = Yes
+
+# To specify the maximum number of unsolicited data bytes the initiator
+# can send in an iSCSI PDU to a target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 262144
+node.session.iscsi.FirstBurstLength = 262144
+
+# To specify the maximum SCSI payload that the initiator will negotiate
+# with the target for, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the defauls it 16776192
+node.session.iscsi.MaxBurstLength = 16776192
+
+# To specify the maximum number of data bytes the initiator can receive
+# in an iSCSI PDU from a target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 262144
+node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
+
+# To specify the maximum number of data bytes the initiator will send
+# in an iSCSI PDU to the target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1).
+# Zero is a special case. If set to zero, the initiator will use
+# the target's MaxRecvDataSegmentLength for the MaxXmitDataSegmentLength.
+# The default is 0.
+node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
+
+# To specify the maximum number of data bytes the initiator can receive
+# in an iSCSI PDU from a target during a discovery session, edit the
+# following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 32768
+#
+discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
+
+# To allow the targets to control the setting of the digest checking,
+# with the initiator requesting a preference of enabling the checking, uncomment# one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = CRC32C,None
+#node.conn[0].iscsi.DataDigest = CRC32C,None
+#
+# To allow the targets to control the setting of the digest checking,
+# with the initiator requesting a preference of disabling the checking,
+# uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = None,CRC32C
+#node.conn[0].iscsi.DataDigest = None,CRC32C
+#
+# To enable CRC32C digest checking for the header and/or data part of
+# iSCSI PDUs, uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = CRC32C
+#node.conn[0].iscsi.DataDigest = CRC32C
+#
+# To disable digest checking for the header and/or data part of
+# iSCSI PDUs, uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = None
+#node.conn[0].iscsi.DataDigest = None
+#
+# The default is to never use DataDigests or HeaderDigests.
+#
+
+# For multipath configurations, you may want more than one session to be
+# created on each iface record. If node.session.nr_sessions is greater
+# than 1, performing a 'login' for that node will ensure that the
+# appropriate number of sessions is created.
+node.session.nr_sessions = 1
+
+#************
+# Workarounds
+#************
+
+# Some targets like IET prefer after an initiator has sent a task
+# management function like an ABORT TASK or LOGICAL UNIT RESET, that
+# it does not respond to PDUs like R2Ts. To enable this behavior uncomment
+# the following line (The default behavior is Yes):
+node.session.iscsi.FastAbort = Yes
+
+# Some targets like Equalogic prefer that after an initiator has sent
+# a task management function like an ABORT TASK or LOGICAL UNIT RESET, that
+# it continue to respond to R2Ts. To enable this uncomment this line
+# node.session.iscsi.FastAbort = No
--- /dev/null
+Debian GNU/Linux 8 \n \l
+
--- /dev/null
+Debian GNU/Linux 8
--- /dev/null
+#
+# This files tells the 'kbd' package:
+#
+# - whether to load a specific font and boot (and maybe a screen-font map,
+# but you should avoid that if possible).
+# - whether to setup an Application-Charset Map other than the default CP437.
+# - whether to do screen saver/DPMS settings
+# - whether to change the keyboard rate/delay or the state of the
+# keyboard indicators
+# - whether to show a clock
+#
+# You can also specify per-VC settings by suffixing variable names as in
+# the examples below. This only works on framebuffer devices.
+#
+# For consistency with the configuration file of console-tools the
+# following variables and their _vcN versions are also supported:
+# SCREEN_FONT, SCREEN_FONT_MAP and APP_CHARSET_MAP.
+#
+#
+# Example:
+#
+#CONSOLE_FONT=iso01.f16
+#CONSOLE_FONT_vc2=LatArCyrHeb-16
+#
+#CONSOLE_MAP=iso05
+#CONSOLE_MAP_vc2=user
+#
+# Set the following - more euro-friendly default than kernel font.
+#CONSOLE_FONT=latarcyrheb-sun16.psf
+
+# Forget this one unless you _know_ it is necessary for your font:
+#FONT_MAP=iso01
+
+# **** screen saver/DPMS settings: all VCs ****
+# These settings are commented by default to avoid the chance of damage to
+# very old monitors that don't support DPMS signalling.
+
+# screen blanking timeout. monitor remains on, but the screen is cleared to
+# range: 0-60 min (0==never) kernels I've looked at default to 10 minutes.
+# (see linux/drivers/char/console.c)
+BLANK_TIME=0
+
+# blanking method (VESA DPMS mode to use after BLANK_TIME, before powerdown):
+# on: the default, no DPMS signalling. near instant powerup, no power saving
+# vsync: DPMS Standby mode. nearly instant recovery, uses 110/120W (17" screen)
+# hsync: DPMS Suspend mode. typically 3s recovery, uses 15/120W (17" screen)
+# powerdown,off: DPMS Off mode, typ. 10s recovery, uses 5/120W (17" screen)
+
+# Those values are for my 17" Mag, but some monitors do suspend the same as
+# standby. xset dpms force {off|standby|suspend|on} is useful for this, if X
+# supports DPMS on your video card. Set X's DPMS screensaver with xset dpms
+# or use option power_saver in XF86Config
+#
+# DPMS set by default to on, because hsync can cause problems on certain
+# hardware, such as Armada E500 laptops
+BLANK_DPMS=off
+
+# Powerdown time. The console will go to DPMS Off mode POWERDOWN_TIME
+# minutes _after_ blanking. (POWERDOWN_TIME + BLANK_TIME after the last input)
+POWERDOWN_TIME=30
+
+# rate and delay can get only specific values, consult kbdrate(1) for help
+#KEYBOARD_RATE="30"
+#KEYBOARD_DELAY="250"
+
+# Turn on numlock by default
+#LEDS=+num
+
+# Display a clock in the right upper corner of the console by running vcstime
+#DO_VCSTIME=yes
--- /dev/null
+# This sed script is run across the dumpkeys output to remap keys on the console
+
+# This turns caps lock into control
+#s/keycode 58 = Caps_Lock/keycode 58 = Control/;
+
--- /dev/null
+# Kernel image management overrides
+# See kernel-img.conf(5) for details
+do_symlinks = yes
+do_bootloader = no
+do_initrd = yes
+link_in_boot = no
--- /dev/null
+#!/bin/sh
+set -e
+
+# Author: Steve Langasek <steve.langasek@canonical.com>
+#
+# Mark as not-for-autoremoval those kernel packages that are:
+# - the currently booted version
+# - the kernel version we've been called for
+# - the latest kernel version (determined using rules copied from the grub
+# package for deciding which kernel to boot)
+# - the second-latest kernel version, if the booted kernel version is
+# already the latest and this script is called for that same version,
+# to ensure a fallback remains available in the event the newly-installed
+# kernel at this ABI fails to boot
+# In the common case, this results in exactly two kernels saved, but it can
+# result in three kernels being saved. It's better to err on the side of
+# saving too many kernels than saving too few.
+#
+# We generate this list and save it to /etc/apt/apt.conf.d instead of marking
+# packages in the database because this runs from a postinst script, and apt
+# will overwrite the db when it exits.
+
+
+eval $(apt-config shell APT_CONF_D Dir::Etc::parts/d)
+test -n "${APT_CONF_D}" || APT_CONF_D="/etc/apt/apt.conf.d"
+config_file=${APT_CONF_D}/01autoremove-kernels
+
+eval $(apt-config shell DPKG Dir::bin::dpkg/f)
+test -n "$DPKG" || DPKG="/usr/bin/dpkg"
+
+installed_version="$1"
+running_version="$(uname -r)"
+
+
+version_test_gt ()
+{
+ local version_test_gt_sedexp="s/[._-]\(pre\|rc\|test\|git\|old\|trunk\)/~\1/g"
+ local version_a="`echo "$1" | sed -e "$version_test_gt_sedexp"`"
+ local version_b="`echo "$2" | sed -e "$version_test_gt_sedexp"`"
+ $DPKG --compare-versions "$version_a" gt "$version_b"
+ return "$?"
+}
+
+list="$(${DPKG} -l | awk '/^ii[ ]+(linux|kfreebsd|gnumach)-image-[0-9]+\./ && $2 !~ /-dbg$/ { print $2 }' | sed -e 's#\(linux\|kfreebsd\|gnumach\)-image-##')"
+
+latest_version=""
+previous_version=""
+for i in $list; do
+ if version_test_gt "$i" "$latest_version"; then
+ previous_version="$latest_version"
+ latest_version="$i"
+ elif version_test_gt "$i" "$previous_version"; then
+ previous_version="$i"
+ fi
+done
+
+if [ "$latest_version" != "$installed_version" ] \
+ || [ "$latest_version" != "$running_version" ] \
+ || [ "$installed_version" != "$running_version" ]
+then
+ # We have at least two kernels that we have reason to think the
+ # user wants, so don't save the second-newest version.
+ previous_version=
+fi
+
+kernels="$(echo "$latest_version
+$installed_version
+$running_version
+$previous_version" | sort -u | sed -e 's#\.#\\.#g' )"
+
+generateconfig() {
+ cat <<EOF
+// DO NOT EDIT! File autogenerated by $0
+APT::NeverAutoRemove
+{
+EOF
+ apt-config dump --no-empty --format '%v%n' 'APT::VersionedKernelPackages' | while read package; do
+ for kernel in $kernels; do
+ echo " \"^${package}-${kernel}$\";"
+ done
+ done
+ echo '};'
+}
+generateconfig > "${config_file}.dpkg-new"
+mv "${config_file}.dpkg-new" "$config_file"
--- /dev/null
+#!/bin/sh -e
+
+version="$1"
+bootopt=""
+
+[ -x /usr/sbin/update-initramfs ] || exit 0
+
+# passing the kernel version is required
+if [ -z "${version}" ]; then
+ echo >&2 "W: initramfs-tools: ${DPKG_MAINTSCRIPT_PACKAGE:-kernel package} did not pass a version number"
+ exit 2
+fi
+
+# exit if kernel does not need an initramfs
+if [ "$INITRD" = 'No' ]; then
+ exit 0
+fi
+
+# absolute file name of kernel image may be passed as a second argument;
+# create the initrd in the same directory
+if [ -n "$2" ]; then
+ bootdir=$(dirname "$2")
+ bootopt="-b ${bootdir}"
+fi
+
+# avoid running multiple times
+if [ -n "$DEB_MAINT_PARAMS" ]; then
+ eval set -- "$DEB_MAINT_PARAMS"
+ if [ -z "$1" ] || [ "$1" != "configure" ]; then
+ exit 0
+ fi
+fi
+
+# we're good - create initramfs. update runs do_bootloader
+INITRAMFS_TOOLS_KERNEL_HOOK=1 update-initramfs -c -t -k "${version}" ${bootopt} >&2
--- /dev/null
+#! /bin/sh
+set -e
+
+which update-grub >/dev/null 2>&1 || exit 0
+
+if type running-in-container >/dev/null 2>&1 && \
+ running-in-container >/dev/null; then
+ exit 0
+fi
+
+set -- $DEB_MAINT_PARAMS
+mode="${1#\'}"
+mode="${mode%\'}"
+case $0:$mode in
+ # Only run on postinst configure and postrm remove, to avoid wasting
+ # time by calling update-grub multiple times on upgrade and removal.
+ # Also run if we have no DEB_MAINT_PARAMS, in order to work with old
+ # kernel packages.
+ */postinst.d/*:|*/postinst.d/*:configure|*/postrm.d/*:|*/postrm.d/*:remove)
+ if [ -e /boot/grub/grub.cfg ]; then
+ exec update-grub
+ fi
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+version="$1"
+bootopt=""
+
+[ -x /usr/sbin/update-initramfs ] || exit 0
+
+# passing the kernel version is required
+if [ -z "${version}" ]; then
+ echo >&2 "W: initramfs-tools: ${DPKG_MAINTSCRIPT_PACKAGE:-kernel package} did not pass a version number"
+ exit 0
+fi
+
+# exit if custom kernel does not need an initramfs
+if [ "$INITRD" = 'No' ]; then
+ exit 0
+fi
+
+# absolute file name of kernel image may be passed as a second argument;
+# create the initrd in the same directory
+if [ -n "$2" ]; then
+ bootdir=$(dirname "$2")
+ bootopt="-b ${bootdir}"
+fi
+
+# avoid running multiple times
+if [ -n "$DEB_MAINT_PARAMS" ]; then
+ eval set -- "$DEB_MAINT_PARAMS"
+ if [ -z "$1" ] || [ "$1" != "remove" ]; then
+ exit 0
+ fi
+fi
+
+# delete initramfs
+INITRAMFS_TOOLS_KERNEL_HOOK=1 update-initramfs -d -t -k "${version}" ${bootopt} >&2
--- /dev/null
+#! /bin/sh
+set -e
+
+which update-grub >/dev/null 2>&1 || exit 0
+
+if type running-in-container >/dev/null 2>&1 && \
+ running-in-container >/dev/null; then
+ exit 0
+fi
+
+set -- $DEB_MAINT_PARAMS
+mode="${1#\'}"
+mode="${mode%\'}"
+case $0:$mode in
+ # Only run on postinst configure and postrm remove, to avoid wasting
+ # time by calling update-grub multiple times on upgrade and removal.
+ # Also run if we have no DEB_MAINT_PARAMS, in order to work with old
+ # kernel packages.
+ */postinst.d/*:|*/postinst.d/*:configure|*/postrm.d/*:|*/postrm.d/*:remove)
+ if [ -e /boot/grub/grub.cfg ]; then
+ exec update-grub
+ fi
+ ;;
+esac
+
+exit 0
--- /dev/null
+include /etc/ld.so.conf.d/*.conf
+
--- /dev/null
+# libc default configuration
+/usr/local/lib
--- /dev/null
+# Multiarch support
+/lib/x86_64-linux-gnu
+/usr/lib/x86_64-linux-gnu
--- /dev/null
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE dc=example,dc=com
+#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT 12
+#TIMELIMIT 15
+#DEREF never
+
+# TLS certificates (needed for GnuTLS)
+TLS_CACERT /etc/ssl/certs/ca-certificates.crt
+
--- /dev/null
+{"creation_host": "ns1.uhu-banane.de", "creation_dt": "2016-10-31T22:43:37Z"}
\ No newline at end of file
--- /dev/null
+{"e": "AQAB", "d": "WDFxiGOBGIzH4KjkWLCy1VP5GFKPLCk9m5cQ2o3cvqrQgwgULfCTdnlJxu9Rf9IuJDmGoSdPjaC6w3UHyABp8i5PaLy9ALDfzjtChRU4xZV4H-kyMUkaeHlkwdTv1Ks3eJ1AmAzl80yLxyuCg-25rlqP4Oe76RKeeWxFuqfVWCgINFFhGZ6omU7bqDjsJKgGwvLu96bai0623bNO_lzEzDKXDr93td2Y63_soWn1_Ril3r7_2Acro2JkGwsTELpzT2d-uCEvBNMnA2cFBagHps9wE41_0c_VYrY5oNbhZ95iLjHwXXLjRvcXjEym5G7O-UwPLR2fyqaErNq1ylvnHQ", "n": "wpBkdhpmSkgh09VVtvMqGMGjiWuVyXRt1Bu3uvriP5N7PM0xa-f8i3jYZ46qmg-UgkJcsha0X0_cmdZ5be9ikD3r-2Hd3qqdDgekPmxE3Fn7POBzxYhnfhTZBDGvgllC4QJUGcvhojYgjfD350Crw7-hGXqFoT8eiDtZmqeKmFva6Am9A2buPm_VtUbM3J2YQmeX_qHlWo06Nwrmy8hmdKQRTC-C9Gr0WqEyTG-03KecY6s5e2Yld3BoqGYN1K-rf6rOwwRg_P8qWsAXHXceUWmNsE-nlBa7U-LVjqfPSv8Xq8K-bs5n3d1WI2bAAxTb44icCq-dhFxk5chsEME8KQ", "q": "0M8p6UFU8EyaVComkVhyZ1ICerXWc_V_jFXSnDJ0FtfdfVKh_gdurhoV28j4x4eDGJmIZTshmKJArt6MvdhR09wksG6N3LRRE1zRkIL6kZt16HgAU6vRGCGjee2EogoTR6xcMHaLas9gCMY9eLhhKAgj_0M_bJAG7rwjNq6rvec", "p": "7okPfKk6ZcTAfzLlHQFe8brbaobMlCo6aUFLfDZ0R9BZG5Xg2LPBBbk1NHZ_rdI2JYCNZ71BfmkxEw_fhB-U825zTi-mXBvrVfSHnt-FVjt4cScy_X86S49sWNHQMl_iuHm7y0V0fWGKrkXdzgaQ5JrzelMllyE2ChQtA8WIU28", "kty": "RSA", "qi": "W1II7HCEZExSxHn1tIQtx7DBEA0UO3mUmyyg4E3IaX5Vpr4_vs-EGQo-_bFt3j2uEhQwWvRT1GC8-FRMoccgx5DLwQ9EyZKItWkqaVdpjGi8PkIASEaey9n9JToL6Pd4q--M6QEEAvhhJlUaZ6WWYHNj18_PP-Q4zuWtr-ACjsY", "dp": "phN9WeEFDKgBEk6gICK9NPZRIAj8VMhV5MSWRsQvD3TrJX6jjp0Qbei2N3GtkZsDIfcv_KNS_y1EAq6Rg47tiNNEqpIYdJbnse_PoPilABXl1HpjUQWM0-DmoaxrFTeXRbNT4cHYyhbolE-Gj5QYu2F61ZcgW-m-kyPa935HXTc", "dq": "h3IJ3qspPKKD7RpWYCt-MjUJNK3lCNzzOoWlEvrLQNIPcy55s70Ad2CmUyXe8had3AQjbH7ZwRdmW8gyhSbflUyUY_mifcpdWPD5YwMDJBYyenP0ylGGVV_kmb-PLEjazsAoIKuUrdkMk0R8NWVsaDo3l2n4pyQZyxwwv1S4RHs"}
\ No newline at end of file
--- /dev/null
+{"body": {"contact": ["mailto:frank@brehm-online.com"], "agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf", "key": {"e": "AQAB", "kty": "RSA", "n": "wpBkdhpmSkgh09VVtvMqGMGjiWuVyXRt1Bu3uvriP5N7PM0xa-f8i3jYZ46qmg-UgkJcsha0X0_cmdZ5be9ikD3r-2Hd3qqdDgekPmxE3Fn7POBzxYhnfhTZBDGvgllC4QJUGcvhojYgjfD350Crw7-hGXqFoT8eiDtZmqeKmFva6Am9A2buPm_VtUbM3J2YQmeX_qHlWo06Nwrmy8hmdKQRTC-C9Gr0WqEyTG-03KecY6s5e2Yld3BoqGYN1K-rf6rOwwRg_P8qWsAXHXceUWmNsE-nlBa7U-LVjqfPSv8Xq8K-bs5n3d1WI2bAAxTb44icCq-dhFxk5chsEME8KQ"}}, "uri": "https://acme-v01.api.letsencrypt.org/acme/reg/5740345", "new_authzr_uri": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "terms_of_service": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"}
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIF+TCCBOGgAwIBAgISA0T8fTw0sYYaFx1M+6XizptTMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEwMzEyMTQ4MDBaFw0x
+NzAxMjkyMTQ4MDBaMBwxGjAYBgNVBAMTEW5zMS51aHUtYmFuYW5lLmRlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr97Ozlh/yQTv6JgxX0R1kZ1iv5r
+52ROl0w6aXEweIJWy5viuO3/CtgvvHtWyefg2HdE69PxHzh2lCqw43GXcbZE82w4
+NHY7rrfwl5tenSrt8T5S82BdCPSQep1LtUz2gdLTmriSaqhSOZOkHOlvldBpVV9B
+biZ4J/QT2SawRuRdNf0Yi8RxZucE86FUrOhy6NA9wl5PnvIf6gRBl0CHVGqudy9Y
+Unn184bbpDMky7DqTBxkpNueSS0xOzUDxewDOWgB0YvAtq9H8YylyLyjXZZVG+/3
+2M2HtB/dbWOXXxBb/oneIurMAoSppod/MGyuO7C5bdfsrSuFaCw6lFtCIwIDAQAB
+o4IDBTCCAwEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQru5Z+dVSaw77KtNvdy2YB
+YwUBejAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBwBggrBgEFBQcB
+AQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw
+dC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
+cHQub3JnLzCCAQ0GA1UdEQSCAQQwggEAghRuczEuYnJlaG0tb25saW5lLmNvbYIR
+bnMxLnVodS1iYW5hbmUuZGWCFXJlcG8uYnJlaG0tb25saW5lLmNvbYIScmVwby51
+aHUtYmFuYW5lLmRlghJyZXBvLnVodS1iYW5hbmUuZXWCE3JlcG8udWh1LWJhbmFu
+ZS5uZXSCE3JlcG8udWh1LWJhbmFuZS5vcmeCFnJlcG8xLmJyZWhtLW9ubGluZS5j
+b22CE3JlcG8xLnVodS1iYW5hbmUuZGWCE3JlcG8xLnVodS1iYW5hbmUuZXWCFHJl
+cG8xLnVodS1iYW5hbmUubmV0ghRyZXBvMS51aHUtYmFuYW5lLm9yZzCB/gYDVR0g
+BIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEW
+Gmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1Ro
+aXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWlu
+ZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlm
+aWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3Jl
+cG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAmShlCi+Par1MfX/psWc3DMnXd
+/oEmdWPld1r631azCbDsybDhpM//PhSdJCPmzBixWz6xJykUMkxqlTQ/S70zGLC4
+v24d+RpcdIIgxr0qwnF9BTesdXcPWKJ3wFmePkfkIAQbE4mUNNxyMx4g25U+27bk
+0ZuLJGHI5jg6sOpwEE4WYIrj3Xz3m0SZMk2lWLsi3+7eV6xPuCdnEz4hrv6PC2uT
+d2/uN9fRk60iNPtiTQ21ojeEGwTZdSB1TxVRFq64HmZ/rvvuBqh1otaT10x+Edpb
+/tbwrSmBPB8pFyhxLIkdx980ZtT0PBl03/0O+TwvlD8iMbJkuT7NJdET5wJg
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIF+TCCBOGgAwIBAgISA0T8fTw0sYYaFx1M+6XizptTMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEwMzEyMTQ4MDBaFw0x
+NzAxMjkyMTQ4MDBaMBwxGjAYBgNVBAMTEW5zMS51aHUtYmFuYW5lLmRlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr97Ozlh/yQTv6JgxX0R1kZ1iv5r
+52ROl0w6aXEweIJWy5viuO3/CtgvvHtWyefg2HdE69PxHzh2lCqw43GXcbZE82w4
+NHY7rrfwl5tenSrt8T5S82BdCPSQep1LtUz2gdLTmriSaqhSOZOkHOlvldBpVV9B
+biZ4J/QT2SawRuRdNf0Yi8RxZucE86FUrOhy6NA9wl5PnvIf6gRBl0CHVGqudy9Y
+Unn184bbpDMky7DqTBxkpNueSS0xOzUDxewDOWgB0YvAtq9H8YylyLyjXZZVG+/3
+2M2HtB/dbWOXXxBb/oneIurMAoSppod/MGyuO7C5bdfsrSuFaCw6lFtCIwIDAQAB
+o4IDBTCCAwEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQru5Z+dVSaw77KtNvdy2YB
+YwUBejAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBwBggrBgEFBQcB
+AQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw
+dC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
+cHQub3JnLzCCAQ0GA1UdEQSCAQQwggEAghRuczEuYnJlaG0tb25saW5lLmNvbYIR
+bnMxLnVodS1iYW5hbmUuZGWCFXJlcG8uYnJlaG0tb25saW5lLmNvbYIScmVwby51
+aHUtYmFuYW5lLmRlghJyZXBvLnVodS1iYW5hbmUuZXWCE3JlcG8udWh1LWJhbmFu
+ZS5uZXSCE3JlcG8udWh1LWJhbmFuZS5vcmeCFnJlcG8xLmJyZWhtLW9ubGluZS5j
+b22CE3JlcG8xLnVodS1iYW5hbmUuZGWCE3JlcG8xLnVodS1iYW5hbmUuZXWCFHJl
+cG8xLnVodS1iYW5hbmUubmV0ghRyZXBvMS51aHUtYmFuYW5lLm9yZzCB/gYDVR0g
+BIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEW
+Gmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1Ro
+aXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWlu
+ZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlm
+aWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3Jl
+cG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAmShlCi+Par1MfX/psWc3DMnXd
+/oEmdWPld1r631azCbDsybDhpM//PhSdJCPmzBixWz6xJykUMkxqlTQ/S70zGLC4
+v24d+RpcdIIgxr0qwnF9BTesdXcPWKJ3wFmePkfkIAQbE4mUNNxyMx4g25U+27bk
+0ZuLJGHI5jg6sOpwEE4WYIrj3Xz3m0SZMk2lWLsi3+7eV6xPuCdnEz4hrv6PC2uT
+d2/uN9fRk60iNPtiTQ21ojeEGwTZdSB1TxVRFq64HmZ/rvvuBqh1otaT10x+Edpb
+/tbwrSmBPB8pFyhxLIkdx980ZtT0PBl03/0O+TwvlD8iMbJkuT7NJdET5wJg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyv3s7OWH/JBO/
+omDFfRHWRnWK/mvnZE6XTDppcTB4glbLm+K47f8K2C+8e1bJ5+DYd0Tr0/EfOHaU
+KrDjcZdxtkTzbDg0djuut/CXm16dKu3xPlLzYF0I9JB6nUu1TPaB0tOauJJqqFI5
+k6Qc6W+V0GlVX0FuJngn9BPZJrBG5F01/RiLxHFm5wTzoVSs6HLo0D3CXk+e8h/q
+BEGXQIdUaq53L1hSefXzhtukMyTLsOpMHGSk255JLTE7NQPF7AM5aAHRi8C2r0fx
+jKXIvKNdllUb7/fYzYe0H91tY5dfEFv+id4i6swChKmmh38wbK47sLlt1+ytK4Vo
+LDqUW0IjAgMBAAECggEAC0wKz81qoiN3lA8BKroi3HYLi8NUsoUmam2I640Z0SP7
+tFaf16xDCD5tle39qDkdftDa7ESy4pRA+lBQaa+OMMOiS/g0/SvTzdEWRZ6uNiS2
+cR7NQ1B90MkUMIusc0Lv+XiHoymzJ0aIG9d28dTXFpLbdWfVzM5lnbDRaFIHphNB
+un/4dy4ognL8aGsikXayb7zn7yeanvJP+PHien851yl5ocCWehpKccRb/9m5ri0n
+O8AYeY/iBUtFi0yOz3mCj7tjadoSxT04vU8y+5Mda5lT8tAZdND3EdGu/SbWvUr9
+QUUpj7mTSfxqMJDS6Mz46+WaChioqjgTJUwoRPHWcQKBgQDdhHJMIk1zUHtTsllM
+OW0JRhZJoCFwYm185jDHRTSvGGJV0pA4Y77orSDkYcIRUuB1z8nml3ucTpXQm8X3
+aNJj04+xNYMbfq25tTlTW4iqmSBWoyqZob7GCzPHyCUmOJvT0UMFtqUkPDsHftgH
+lo2G12eQdYH966kw06dYBr/N/QKBgQDOkqhn2C6y5OIu4aJVDavf574NmBF/ht/t
+2JIfcTb23cJVOsvbp/ovBHaq+mSeydoiGrXcwpFayHLcMwUbMfCU0GbEulmyPZGw
+MjFvLiesNSYLkN9PUzcPnERqwysqUAFqXtG70FPO3O1I2MIqPkhdWzrTM7/xyrv5
+Bcphrns6nwKBgQDUCwqWEmftMGc9cQXFz1que+atx5j6yV1hJ8AdoAOUcFUBLjRb
+pi+C7ucDdwicKKcwXx03nF34+8ixDcvszuxGHqf3y++ajCKkF/Ot9XrXQwkPpdUL
+hybk0KhaXx4gfiO8GR59A58FFpqyzBri+Jy1LNC4GaO7erBUSuZvftZvyQKBgQCZ
+S2hBt8Hf686Vr8eBiqWzgQwelmzV0Ec4//Bf+OorBKIEEZ/an6sfXRabBznIRE7l
+5CB1dMXdMsdZ9VqitcqtBIJfF1Mc3GfS80yQDxZNyxsylg3BliVUJkj3WWIdAkYq
+o7bMw2qOJpDH8GMWaiXVcbATr2GPkz0vLUbkelDkTQKBgDmNq75+CbjfiOXdGkXp
+QGq/PayrsWgiUVLrLXbUITq2y95ZVS7XzRSGni230flXe93n3AH2LNQh/uUwas0y
+EW+vcZLj+GDgRv3y0GhjpLWq9GAwbAPZBMCxq1G8DWIXnXDFrXwZ9J7biCQJVyUa
+YicuRaV+I75o7Z6yhzj3135l
+-----END PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIIDizCCAnMCAQIwHDEaMBgGA1UEAwwRbnMxLnVodS1iYW5hbmUuZGUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyv3s7OWH/JBO/omDFfRHWRnWK/mvn
+ZE6XTDppcTB4glbLm+K47f8K2C+8e1bJ5+DYd0Tr0/EfOHaUKrDjcZdxtkTzbDg0
+djuut/CXm16dKu3xPlLzYF0I9JB6nUu1TPaB0tOauJJqqFI5k6Qc6W+V0GlVX0Fu
+Jngn9BPZJrBG5F01/RiLxHFm5wTzoVSs6HLo0D3CXk+e8h/qBEGXQIdUaq53L1hS
+efXzhtukMyTLsOpMHGSk255JLTE7NQPF7AM5aAHRi8C2r0fxjKXIvKNdllUb7/fY
+zYe0H91tY5dfEFv+id4i6swChKmmh38wbK47sLlt1+ytK4VoLDqUW0IjAgMBAAGg
+ggEoMIIBJAYJKoZIhvcNAQkOMYIBFTCCAREwggENBgNVHREEggEEMIIBAIIRbnMx
+LnVodS1iYW5hbmUuZGWCFG5zMS5icmVobS1vbmxpbmUuY29tghVyZXBvLmJyZWht
+LW9ubGluZS5jb22CFnJlcG8xLmJyZWhtLW9ubGluZS5jb22CEnJlcG8udWh1LWJh
+bmFuZS5kZYITcmVwbzEudWh1LWJhbmFuZS5kZYIScmVwby51aHUtYmFuYW5lLmV1
+ghNyZXBvMS51aHUtYmFuYW5lLmV1ghNyZXBvLnVodS1iYW5hbmUubmV0ghRyZXBv
+MS51aHUtYmFuYW5lLm5ldIITcmVwby51aHUtYmFuYW5lLm9yZ4IUcmVwbzEudWh1
+LWJhbmFuZS5vcmcwDQYJKoZIhvcNAQELBQADggEBAGwGlhCjNb2lxDridsVoFH2A
+lrprLkNIX1Qn9TA80IsyhXsLmJAgkEq3xL4vhZNQPJT4YZFNFVH1w+U8OMAILpEa
+hqHd773ssQCL0PsZjMtGmuLTCetpkuMsH1lK3ANgPwTcRyXU0kMgYPPRAo0YxYa5
+ctDLdVDQlLrtEHhRhZGWkY60w89E4mOzMSEtRxcUIq5G2RwEGoz9HKF931INYVhP
+x2OEhdsrXVxysYuHSfk671Nw3BkcuJp0L1w9W00gD9fGA292Kiohsbik77oVvYQX
+9N0xGvWgQ8HjVgBspNlzRSJPwPpI9bhkHPIS00vqwneXMQTKOnND6Sg9+4nK/BE=
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyv3s7OWH/JBO/
+omDFfRHWRnWK/mvnZE6XTDppcTB4glbLm+K47f8K2C+8e1bJ5+DYd0Tr0/EfOHaU
+KrDjcZdxtkTzbDg0djuut/CXm16dKu3xPlLzYF0I9JB6nUu1TPaB0tOauJJqqFI5
+k6Qc6W+V0GlVX0FuJngn9BPZJrBG5F01/RiLxHFm5wTzoVSs6HLo0D3CXk+e8h/q
+BEGXQIdUaq53L1hSefXzhtukMyTLsOpMHGSk255JLTE7NQPF7AM5aAHRi8C2r0fx
+jKXIvKNdllUb7/fYzYe0H91tY5dfEFv+id4i6swChKmmh38wbK47sLlt1+ytK4Vo
+LDqUW0IjAgMBAAECggEAC0wKz81qoiN3lA8BKroi3HYLi8NUsoUmam2I640Z0SP7
+tFaf16xDCD5tle39qDkdftDa7ESy4pRA+lBQaa+OMMOiS/g0/SvTzdEWRZ6uNiS2
+cR7NQ1B90MkUMIusc0Lv+XiHoymzJ0aIG9d28dTXFpLbdWfVzM5lnbDRaFIHphNB
+un/4dy4ognL8aGsikXayb7zn7yeanvJP+PHien851yl5ocCWehpKccRb/9m5ri0n
+O8AYeY/iBUtFi0yOz3mCj7tjadoSxT04vU8y+5Mda5lT8tAZdND3EdGu/SbWvUr9
+QUUpj7mTSfxqMJDS6Mz46+WaChioqjgTJUwoRPHWcQKBgQDdhHJMIk1zUHtTsllM
+OW0JRhZJoCFwYm185jDHRTSvGGJV0pA4Y77orSDkYcIRUuB1z8nml3ucTpXQm8X3
+aNJj04+xNYMbfq25tTlTW4iqmSBWoyqZob7GCzPHyCUmOJvT0UMFtqUkPDsHftgH
+lo2G12eQdYH966kw06dYBr/N/QKBgQDOkqhn2C6y5OIu4aJVDavf574NmBF/ht/t
+2JIfcTb23cJVOsvbp/ovBHaq+mSeydoiGrXcwpFayHLcMwUbMfCU0GbEulmyPZGw
+MjFvLiesNSYLkN9PUzcPnERqwysqUAFqXtG70FPO3O1I2MIqPkhdWzrTM7/xyrv5
+Bcphrns6nwKBgQDUCwqWEmftMGc9cQXFz1que+atx5j6yV1hJ8AdoAOUcFUBLjRb
+pi+C7ucDdwicKKcwXx03nF34+8ixDcvszuxGHqf3y++ajCKkF/Ot9XrXQwkPpdUL
+hybk0KhaXx4gfiO8GR59A58FFpqyzBri+Jy1LNC4GaO7erBUSuZvftZvyQKBgQCZ
+S2hBt8Hf686Vr8eBiqWzgQwelmzV0Ec4//Bf+OorBKIEEZ/an6sfXRabBznIRE7l
+5CB1dMXdMsdZ9VqitcqtBIJfF1Mc3GfS80yQDxZNyxsylg3BliVUJkj3WWIdAkYq
+o7bMw2qOJpDH8GMWaiXVcbATr2GPkz0vLUbkelDkTQKBgDmNq75+CbjfiOXdGkXp
+QGq/PayrsWgiUVLrLXbUITq2y95ZVS7XzRSGni230flXe93n3AH2LNQh/uUwas0y
+EW+vcZLj+GDgRv3y0GhjpLWq9GAwbAPZBMCxq1G8DWIXnXDFrXwZ9J7biCQJVyUa
+YicuRaV+I75o7Z6yhzj3135l
+-----END PRIVATE KEY-----
--- /dev/null
+../../archive/ns1.uhu-banane.de/cert1.pem
\ No newline at end of file
--- /dev/null
+../../archive/ns1.uhu-banane.de/chain1.pem
\ No newline at end of file
--- /dev/null
+../../archive/ns1.uhu-banane.de/fullchain1.pem
\ No newline at end of file
--- /dev/null
+../../archive/ns1.uhu-banane.de/privkey1.pem
\ No newline at end of file
--- /dev/null
+# Baseline setting to Include for SSL sites
+
+SSLEngine on
+
+# Intermediate configuration, tweak to your needs
+SSLProtocol all -SSLv2 -SSLv3
+SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
+SSLHonorCipherOrder on
+SSLCompression off
+
+SSLOptions +StrictRequire
+
+# Add vhost name to log entries:
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
+LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
+
+#CustomLog /var/log/apache2/access.log vhost_combined
+#LogLevel warn
+#ErrorLog /var/log/apache2/error.log
+
+# Always ensure Cookies have "Secure" set (JAH 2012/1)
+#Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
--- /dev/null
+# renew_before_expiry = 30 days
+version = 0.8.1
+cert = /etc/letsencrypt/live/ns1.uhu-banane.de/cert.pem
+privkey = /etc/letsencrypt/live/ns1.uhu-banane.de/privkey.pem
+chain = /etc/letsencrypt/live/ns1.uhu-banane.de/chain.pem
+fullchain = /etc/letsencrypt/live/ns1.uhu-banane.de/fullchain.pem
+
+# Options used in the renewal process
+[renewalparams]
+authenticator = apache
+installer = None
+account = 3de664d2ee4d2a37de88887e1ed54531
--- /dev/null
+## some useful aliases
+alias dir ls
+alias less more
+alias zless zmore
+alias bzless bzmore
+alias reconnect "close; cache flush; cd ."
+alias edit "eval -f \"get $0 -o ~/.lftp/edit.tmp.$$ && shell \\\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && $EDITOR ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*\""
+
+## make prompt look better
+set prompt "lftp \S\? \u\@\h:\w> "
+## some may prefer colors (contributed by Matthew <mwormald@optusnet.com.au>)
+#set prompt "\[\e[1;30m\][\[\e[0;34m\]f\[\e[1m\]t\[\e[37m\]p\[\e[30m\]] \[\e[34m\]\u\[\e[0;34m\]\@\[\e[1m\]\h\[\e[1;30m\]:\[\e[1;34m\]\w\[\e[1;30m\]>\[\e[0m\] "
+## Uncomment the following two lines to make switch cls and ls, making
+## cls the default.
+#alias ls command cls
+#alias hostls command ls
+
+## default protocol selection
+#set default-protocol/ftp.* ftp
+#set default-protocol/www.* http
+#set default-protocol/localhost file
+
+## this makes lftp faster but doesn't work with some sites/routers
+#set ftp:sync-mode off
+
+## synchronous mode for broken servers and/or routers
+set sync-mode/ftp.idsoftware.com on
+set sync-mode/ftp.microsoft.com on
+set sync-mode/sunsolve.sun.com on
+## extended regex to match first server message for automatic sync-mode.
+set auto-sync-mode "icrosoft FTP Service|MadGoat|MikroTik"
+
+## if default ftp passive mode does not work, try this:
+# set ftp:passive-mode off
+
+## Set this to follow http redirections
+set xfer:max-redirections 10
+
+## Proxy can help to pass a firewall
+## Environment variables ftp_proxy, http_proxy and no_proxy are used to
+## initialize the below variables automatically. You can set them here too.
+##
+## ftp:proxy must communicate with client over ftp protocol, squid won't do.
+## This can be e.g. TIS-FWTK or rftpd. User and password are optional.
+# set ftp:proxy ftp://[user:pass@]your_ftp_proxy:port
+## ...but squid still can be used to access ftp servers, using hftp protocol:
+# set ftp:proxy http://your.squid.address:port
+## ...if squid allows CONNECT to arbitrary ports, then you can use CONNECT
+## instead of hftp:
+# set ftp:use-hftp no
+##
+## no proxy for host
+# set ftp:proxy/local_host ""
+## or domain
+# set ftp:proxy/*.domain.com ...
+##
+## http:proxy must communicate with client over http protocol, e.g. squid.
+## Default port is 3128.
+# set http:proxy your_http_proxy[:port]
+## hftp:proxy must also be an http proxy. It is used for FTP over HTTP access.
+# set hftp:proxy your_http_proxy[:port]
+##
+## net:no-proxy disables proxy usage for list of domains.
+# set net:no-proxy .domain.com,.otherdom.net
+
+## If you don't have direct ftp access, this setting can be useful to select
+## hftp instead of ftp automatically.
+# set ftp:proxy http://your.http.proxy:port
+
+## This can be used for automatic saving of configuration
+# set at-exit "set > ~/.lftp/settings"
+# source ~/.lftp/settings
+
+## and this is for remembring last site
+## (combine with previous rule if you want)
+# set at-exit "bo a last"
+# open last
+
+## Terminal strings to set titlebars for terminals that don't
+## properly specify tsl and fsl capabilities.
+## Use cmd:set-term-status to enable this.
+set cmd:term-status/*screen* "\e_\T\e\\"
+set cmd:term-status/*xterm* "\e[11;0]\e]2;\T\007\e[11]"
+set cmd:term-status/*rxvt* "\e[11;0]\e]2;\T\007\e[11]"
+# set cmd:set-term-status on
+
+## If you don't like advertising lftp or servers hate it, set this:
+# set ftp:anon-pass "mozilla@"
+# set ftp:client ""
+# set http:user-agent "Mozilla/4.7 [en] (WinNT; I)"
+
+# try inet6 before inet
+set dns:order "inet6 inet"
+
--- /dev/null
+# This is the configuration file for libaudit tunables.
+# It is currently only used for the failure_action tunable.
+
+# failure_action can be: log, ignore, terminate
+failure_action = ignore
+
+
--- /dev/null
+# Locale name alias data base.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+# The format of this file is the same as for the corresponding file of
+# the X Window System, which normally can be found in
+# /usr/lib/X11/locale/locale.alias
+# A single line contains two fields: an alias and a substitution value.
+# All entries are case independent.
+
+# Note: This file is obsolete and is kept around for the time being for
+# backward compatibility. Nobody should rely on the names defined here.
+# Locales should always be specified by their full name.
+
+bokmal nb_NO.ISO-8859-1
+bokmål nb_NO.ISO-8859-1
+catalan ca_ES.ISO-8859-1
+croatian hr_HR.ISO-8859-2
+czech cs_CZ.ISO-8859-2
+danish da_DK.ISO-8859-1
+dansk da_DK.ISO-8859-1
+deutsch de_DE.ISO-8859-1
+dutch nl_NL.ISO-8859-1
+eesti et_EE.ISO-8859-15
+estonian et_EE.ISO-8859-15
+finnish fi_FI.ISO-8859-1
+français fr_FR.ISO-8859-1
+french fr_FR.ISO-8859-1
+galego gl_ES.ISO-8859-1
+galician gl_ES.ISO-8859-1
+german de_DE.ISO-8859-1
+greek el_GR.ISO-8859-7
+hebrew he_IL.ISO-8859-8
+hrvatski hr_HR.ISO-8859-2
+hungarian hu_HU.ISO-8859-2
+icelandic is_IS.ISO-8859-1
+italian it_IT.ISO-8859-1
+japanese ja_JP.eucJP
+japanese.euc ja_JP.eucJP
+ja_JP ja_JP.eucJP
+ja_JP.ujis ja_JP.eucJP
+japanese.sjis ja_JP.SJIS
+korean ko_KR.eucKR
+korean.euc ko_KR.eucKR
+ko_KR ko_KR.eucKR
+lithuanian lt_LT.ISO-8859-13
+no_NO nb_NO.ISO-8859-1
+no_NO.ISO-8859-1 nb_NO.ISO-8859-1
+norwegian nb_NO.ISO-8859-1
+nynorsk nn_NO.ISO-8859-1
+polish pl_PL.ISO-8859-2
+portuguese pt_PT.ISO-8859-1
+romanian ro_RO.ISO-8859-2
+russian ru_RU.KOI8-R
+slovak sk_SK.ISO-8859-2
+slovene sl_SI.ISO-8859-2
+slovenian sl_SI.ISO-8859-2
+spanish es_ES.ISO-8859-1
+swedish sv_SE.ISO-8859-1
+thai th_TH.TIS-620
+turkish tr_TR.ISO-8859-9
--- /dev/null
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+de_AT.UTF-8 UTF-8
+
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+de_BE.UTF-8 UTF-8
+
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+de_CH.UTF-8 UTF-8
+
+# de_DE ISO-8859-1
+de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+de_LU.UTF-8 UTF-8
+
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+en_AU.UTF-8 UTF-8
+
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+en_CA.UTF-8 UTF-8
+
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+en_GB.UTF-8 UTF-8
+
+# en_HK ISO-8859-1
+en_HK.UTF-8 UTF-8
+
+# en_IE ISO-8859-1
+en_IE.UTF-8 UTF-8
+
+# en_IE@euro ISO-8859-15
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+en_NZ.UTF-8 UTF-8
+
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+en_ZA.UTF-8 UTF-8
+
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo ISO-8859-3
+# eo.UTF-8 UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# iw_IL ISO-8859-8
+# iw_IL.UTF-8 UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AN UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
+# en_US.UTF-8 UTF-8
+# de_DE.UTF-8 UTF-8
--- /dev/null
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+de_AT.UTF-8 UTF-8
+
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+de_BE.UTF-8 UTF-8
+
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+de_CH.UTF-8 UTF-8
+
+# de_DE ISO-8859-1
+de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+de_LU.UTF-8 UTF-8
+
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+en_AU.UTF-8 UTF-8
+
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+en_CA.UTF-8 UTF-8
+
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+en_GB.UTF-8 UTF-8
+
+# en_HK ISO-8859-1
+en_HK.UTF-8 UTF-8
+
+# en_IE ISO-8859-1
+en_IE.UTF-8 UTF-8
+
+# en_IE@euro ISO-8859-15
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+en_NZ.UTF-8 UTF-8
+
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo ISO-8859-3
+# eo.UTF-8 UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# iw_IL ISO-8859-8
+# iw_IL.UTF-8 UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AN UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
+# en_US.UTF-8 UTF-8
+# de_DE.UTF-8 UTF-8
--- /dev/null
+\w{3} [ :0-9]{11} [._[:alnum:]-]+ [._[:alnum:]-]+: DIGEST-MD5 common mech free
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: imklog [0-9.]+, log source = /proc/kmsg started.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Kernel logging \(proc\) stopped.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] start$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] exiting on signal [0-9]+.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] rsyslogd was HUPed$
--- /dev/null
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
+# for private user groups, i. e. the uid is the same as gid, and username is
+# the same as the primary group name: for these, the user permissions will be
+# used as group permissions, e. g. 022 will become 002.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user´s group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
--- /dev/null
+# see "man logrotate" for details
+# rotate log files weekly
+weekly
+
+# keep 4 weeks worth of backlogs
+rotate 99
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+compress
+delaycompress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own wtmp, or btmp -- we'll rotate them here
+/var/log/wtmp {
+ missingok
+ monthly
+ create 0664 root utmp
+ rotate 12
+ size 4M
+}
+
+/var/log/btmp {
+ missingok
+ monthly
+ create 0660 root utmp
+ rotate 12
+ size 4M
+}
+
+# system-specific logs may be configured here
--- /dev/null
+/var/log/apache2/*.log {
+ daily
+ missingok
+ rotate 14
+ dateext
+ compress
+ delaycompress
+ notifempty
+ size 4M
+ create 640 root adm
+ sharedscripts
+ postrotate
+ if /etc/init.d/apache2 status > /dev/null ; then \
+ /etc/init.d/apache2 reload > /dev/null; \
+ fi;
+ endscript
+ prerotate
+ if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+ run-parts /etc/logrotate.d/httpd-prerotate; \
+ fi; \
+ endscript
+}
+
+# vim: ts=4 filetype=conf
--- /dev/null
+/var/log/apt/term.log {
+ rotate 12
+ monthly
+ compress
+ missingok
+ notifempty
+}
+
+/var/log/apt/history.log {
+ rotate 12
+ monthly
+ compress
+ missingok
+ notifempty
+}
+
--- /dev/null
+/var/log/aptitude {
+ rotate 6
+ monthly
+ compress
+ missingok
+ notifempty
+}
--- /dev/null
+/var/log/bind/complete-debug.log /var/log/bind/debug.log /var/log/bind/query.log /var/log/bind/security.log {
+ daily
+ olddir /var/log/bind/.old
+ dateext
+ size 4M
+ rotate 10
+ notifempty
+ missingok
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ /usr/sbin/rndc reload
+ endscript
+}
+
+/var/log/bind/named.log {
+ daily
+ olddir /var/log/bind/.old
+ dateext
+ size 10M
+ rotate 20
+ notifempty
+ missingok
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ /usr/sbin/rndc reload
+ endscript
+}
+
+
+# vim: ts=4 filetype=conf
+
--- /dev/null
+/var/log/chrony/*.log {
+ weekly
+ rotate 7
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ sharedscripts
+ create 644
+ postrotate
+ /usr/bin/chronyc -a cyclelogs > /dev/null 2>&1 || true
+ endscript
+}
--- /dev/null
+/var/log/dpkg.log {
+ monthly
+ rotate 12
+ compress
+ delaycompress
+ missingok
+ notifempty
+ create 644 root root
+}
+/var/log/alternatives.log {
+ monthly
+ rotate 12
+ compress
+ delaycompress
+ missingok
+ notifempty
+ create 644 root root
+}
--- /dev/null
+/var/log/exim4/mainlog /var/log/exim4/rejectlog {
+ daily
+ missingok
+ rotate 10
+ compress
+ delaycompress
+ notifempty
+ create 640 Debian-exim adm
+}
--- /dev/null
+/var/log/exim4/paniclog {
+ size 10M
+ missingok
+ rotate 10
+ compress
+ delaycompress
+ notifempty
+ create 640 Debian-exim adm
+}
+
--- /dev/null
+/var/log/fail2ban.log {
+
+ weekly
+ rotate 4
+ compress
+
+ delaycompress
+ missingok
+ postrotate
+ fail2ban-client flushlogs 1>/dev/null
+ endscript
+
+ # If fail2ban runs as non-root it still needs to have write access
+ # to logfiles.
+ # create 640 fail2ban adm
+ create 640 root adm
+}
--- /dev/null
+/var/log/syslog /var/log/messages {
+ rotate 7
+ daily
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ olddir /var/log/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+/var/log/all.log
+/var/log/mail.info
+/var/log/mail.warn
+/var/log/mail.err
+/var/log/mail.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/auth.log
+/var/log/user.log
+/var/log/lpr.log
+/var/log/cron.log
+/var/log/debug
+/var/log/debug.log
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ olddir /var/log/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+/var/log/syslog.d/*.log {
+ rotate 10
+ weekly
+ missingok
+ notifempty
+ size 4M
+ delaycompress
+ dateext
+ compress
+ olddir /var/log/syslog.d/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+# vim: ts=4 filetype=conf et
--- /dev/null
+/var/log/salt/master {
+ weekly
+ missingok
+ dateext
+ rotate 7
+ compress
+ notifempty
+ size +1M
+ sharedscripts
+ postrotate
+ invoke-rc.d salt-master restart > /dev/null
+ endscript
+}
+
+/var/log/salt/minion {
+ weekly
+ missingok
+ dateext
+ rotate 7
+ compress
+ notifempty
+ size +1M
+ sharedscripts
+ postrotate
+ invoke-rc.d salt-minion restart > /dev/null
+ endscript
+}
+
+/var/log/salt/key {
+ weekly
+ missingok
+ dateext
+ rotate 7
+ compress
+ notifempty
+ size +1M
+}
--- /dev/null
+#/var/log/ulog/*.log /var/log/ulog/*.pcap {
+# missingok
+# compress
+# sharedscripts
+# create 640 ulog adm
+# postrotate
+# invoke-rc.d ulogd2 reload > /dev/null
+# endscript
+#}
+
+/var/log/ulog/*.log {
+ weekly
+ dateext
+ rotate 20
+ size 4M
+ compress
+ delaycompress
+ missingok
+ notifempty
+ create 0640 ulog adm
+ sharedscripts
+ postrotate
+ invoke-rc.d ulogd2 reload > /dev/null
+ endscript
+}
+
+# vim: ts=4 filetype=conf
--- /dev/null
+# Generated by LVM2 version 2.02.111(2) (2014-09-01): Mon Jun 6 12:18:51 2016
+
+contents = "Text Format Volume Group"
+version = 1
+
+description = "Created *after* executing 'vgcfgbackup'"
+
+creation_host = "ns1" # Linux ns1 4.3.0-0.bpo.1-amd64 #1 SMP Debian 4.3.5-1~bpo8+1 (2016-02-23) x86_64
+creation_time = 1465208331 # Mon Jun 6 12:18:51 2016
+
+vg00 {
+ id = "NfQk9V-on18-oehX-UB9G-cBqB-KexR-13tXGL"
+ seqno = 5
+ format = "lvm2" # informational
+ status = ["RESIZEABLE", "READ", "WRITE"]
+ flags = []
+ extent_size = 8192 # 4 Megabytes
+ max_lv = 0
+ max_pv = 0
+ metadata_copies = 0
+
+ physical_volumes {
+
+ pv0 {
+ id = "qSrpLq-lfdi-w3YY-WRKN-lu0w-Ds7o-UnOg4f"
+ device = "/dev/vdb1" # Hint only
+
+ status = ["ALLOCATABLE"]
+ flags = []
+ dev_size = 209713152 # 99,999 Gigabytes
+ pe_start = 2048
+ pe_count = 25599 # 99,9961 Gigabytes
+ }
+ }
+
+ logical_volumes {
+
+ home {
+ id = "71S42r-cpKj-aEIS-wpBa-15Dx-HRgh-6S9mdW"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "ns1"
+ creation_time = 1457391565 # 2016-03-07 23:59:25 +0100
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 5120 # 20 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 0
+ ]
+ }
+ }
+
+ swap {
+ id = "z6LwR1-fW0f-00Op-d6QB-yeli-BUEa-0JGxFo"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "ns1"
+ creation_time = 1457391581 # 2016-03-07 23:59:41 +0100
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 1024 # 4 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 5120
+ ]
+ }
+ }
+
+ tmp {
+ id = "Hfjw9G-NOIO-gxOE-ZpPy-6tKl-d4eK-1aR5ZD"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "ns1"
+ creation_time = 1457391589 # 2016-03-07 23:59:49 +0100
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 1024 # 4 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 6144
+ ]
+ }
+ }
+
+ var {
+ id = "0NU0zc-ExFn-fASx-oPFx-Oau1-xtKF-3HZFcY"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "ns1"
+ creation_time = 1457391605 # 2016-03-08 00:00:05 +0100
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 3840 # 15 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 7168
+ ]
+ }
+ }
+ }
+}
--- /dev/null
+# This is an example configuration file for the LVM2 system.
+# It contains the default settings that would be used if there was no
+# /etc/lvm/lvm.conf file.
+#
+# Refer to 'man lvm.conf' for further information including the file layout.
+#
+# To put this file in a different directory and override /etc/lvm set
+# the environment variable LVM_SYSTEM_DIR before running the tools.
+#
+# N.B. Take care that each setting only appears once if uncommenting
+# example settings in this file.
+
+# This section allows you to set the way the configuration settings are handled.
+config {
+
+ # If enabled, any LVM2 configuration mismatch is reported.
+ # This implies checking that the configuration key is understood
+ # by LVM2 and that the value of the key is of a proper type.
+ # If disabled, any configuration mismatch is ignored and default
+ # value is used instead without any warning (a message about the
+ # configuration key not being found is issued in verbose mode only).
+ checks = 1
+
+ # If enabled, any configuration mismatch aborts the LVM2 process.
+ abort_on_errors = 0
+
+ # Directory where LVM looks for configuration profiles.
+ profile_dir = "/etc/lvm/profile"
+}
+
+# This section allows you to configure which block devices should
+# be used by the LVM system.
+devices {
+
+ # Where do you want your volume groups to appear ?
+ dir = "/dev"
+
+ # An array of directories that contain the device nodes you wish
+ # to use with LVM2.
+ scan = [ "/dev" ]
+
+ # If set, the cache of block device nodes with all associated symlinks
+ # will be constructed out of the existing udev database content.
+ # This avoids using and opening any inapplicable non-block devices or
+ # subdirectories found in the device directory. This setting is applied
+ # to udev-managed device directory only, other directories will be scanned
+ # fully. LVM2 needs to be compiled with udev support for this setting to
+ # take effect. N.B. Any device node or symlink not managed by udev in
+ # udev directory will be ignored with this setting on.
+ obtain_device_list_from_udev = 1
+
+ # If several entries in the scanned directories correspond to the
+ # same block device and the tools need to display a name for device,
+ # all the pathnames are matched against each item in the following
+ # list of regular expressions in turn and the first match is used.
+
+ # By default no preferred names are defined.
+ # preferred_names = [ ]
+
+ # Try to avoid using undescriptive /dev/dm-N names, if present.
+ # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ]
+
+ # In case no prefererred name matches or if preferred_names are not
+ # defined at all, builtin rules are used to determine the preference.
+ #
+ # The first builtin rule checks path prefixes and it gives preference
+ # based on this ordering (where "dev" depends on devices/dev setting):
+ # /dev/mapper > /dev/disk > /dev/dm-* > /dev/block
+ #
+ # If the ordering above cannot be applied, the path with fewer slashes
+ # gets preference then.
+ #
+ # If the number of slashes is the same, a symlink gets preference.
+ #
+ # Finally, if all the rules mentioned above are not applicable,
+ # lexicographical order is used over paths and the smallest one
+ # of all gets preference.
+
+
+ # A filter that tells LVM2 to only use a restricted set of devices.
+ # The filter consists of an array of regular expressions. These
+ # expressions can be delimited by a character of your choice, and
+ # prefixed with either an 'a' (for accept) or 'r' (for reject).
+ # The first expression found to match a device name determines if
+ # the device will be accepted or rejected (ignored). Devices that
+ # don't match any patterns are accepted.
+
+ # Be careful if there there are symbolic links or multiple filesystem
+ # entries for the same device as each name is checked separately against
+ # the list of patterns. The effect is that if the first pattern in the
+ # list to match a name is an 'a' pattern for any of the names, the device
+ # is accepted; otherwise if the first pattern in the list to match a name
+ # is an 'r' pattern for any of the names it is rejected; otherwise it is
+ # accepted.
+
+ # Don't have more than one filter line active at once: only one gets used.
+
+ # Run vgscan after you change this parameter to ensure that
+ # the cache file gets regenerated (see below).
+ # If it doesn't do what you expect, check the output of 'vgscan -vvvv'.
+
+ # If lvmetad is used, then see "A note about device filtering while
+ # lvmetad is used" comment that is attached to global/use_lvmetad setting.
+
+ # By default we accept every block device:
+ # filter = [ "a/.*/" ]
+
+ # Exclude the cdrom drive
+ # filter = [ "r|/dev/cdrom|" ]
+
+ # When testing I like to work with just loopback devices:
+ # filter = [ "a/loop/", "r/.*/" ]
+
+ # Or maybe all loops and ide drives except hdc:
+ # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ]
+
+ # Use anchors if you want to be really specific
+ # filter = [ "a|^/dev/hda8$|", "r/.*/" ]
+
+ # Since "filter" is often overridden from command line, it is not suitable
+ # for system-wide device filtering (udev rules, lvmetad). To hide devices
+ # from LVM-specific udev processing and/or from lvmetad, you need to set
+ # global_filter. The syntax is the same as for normal "filter"
+ # above. Devices that fail the global_filter are not even opened by LVM.
+
+ # global_filter = []
+
+ # The results of the filtering are cached on disk to avoid
+ # rescanning dud devices (which can take a very long time).
+ # By default this cache is stored in the /etc/lvm/cache directory
+ # in a file called '.cache'.
+ # It is safe to delete the contents: the tools regenerate it.
+ # (The old setting 'cache' is still respected if neither of
+ # these new ones is present.)
+ # N.B. If obtain_device_list_from_udev is set to 1 the list of
+ # devices is instead obtained from udev and any existing .cache
+ # file is removed.
+ cache_dir = "/run/lvm"
+ cache_file_prefix = ""
+
+ # You can turn off writing this cache file by setting this to 0.
+ write_cache_state = 1
+
+ # Advanced settings.
+
+ # List of pairs of additional acceptable block device types found
+ # in /proc/devices with maximum (non-zero) number of partitions.
+ # types = [ "fd", 16 ]
+
+ # If sysfs is mounted (2.6 kernels) restrict device scanning to
+ # the block devices it believes are valid.
+ # 1 enables; 0 disables.
+ sysfs_scan = 1
+
+ # By default, LVM2 will ignore devices used as component paths
+ # of device-mapper multipath devices.
+ # 1 enables; 0 disables.
+ multipath_component_detection = 1
+
+ # By default, LVM2 will ignore devices used as components of
+ # software RAID (md) devices by looking for md superblocks.
+ # 1 enables; 0 disables.
+ md_component_detection = 1
+
+ # By default, if a PV is placed directly upon an md device, LVM2
+ # will align its data blocks with the md device's stripe-width.
+ # 1 enables; 0 disables.
+ md_chunk_alignment = 1
+
+ # Default alignment of the start of a data area in MB. If set to 0,
+ # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc.
+ # default_data_alignment = 1
+
+ # By default, the start of a PV's data area will be a multiple of
+ # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs.
+ # - minimum_io_size - the smallest request the device can perform
+ # w/o incurring a read-modify-write penalty (e.g. MD's chunk size)
+ # - optimal_io_size - the device's preferred unit of receiving I/O
+ # (e.g. MD's stripe width)
+ # minimum_io_size is used if optimal_io_size is undefined (0).
+ # If md_chunk_alignment is enabled, that detects the optimal_io_size.
+ # This setting takes precedence over md_chunk_alignment.
+ # 1 enables; 0 disables.
+ data_alignment_detection = 1
+
+ # Alignment (in KB) of start of data area when creating a new PV.
+ # md_chunk_alignment and data_alignment_detection are disabled if set.
+ # Set to 0 for the default alignment (see: data_alignment_default)
+ # or page size, if larger.
+ data_alignment = 0
+
+ # By default, the start of the PV's aligned data area will be shifted by
+ # the 'alignment_offset' exposed in sysfs. This offset is often 0 but
+ # may be non-zero; e.g.: certain 4KB sector drives that compensate for
+ # windows partitioning will have an alignment_offset of 3584 bytes
+ # (sector 7 is the lowest aligned logical block, the 4KB sectors start
+ # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary).
+ # But note that pvcreate --dataalignmentoffset will skip this detection.
+ # 1 enables; 0 disables.
+ data_alignment_offset_detection = 1
+
+ # If, while scanning the system for PVs, LVM2 encounters a device-mapper
+ # device that has its I/O suspended, it waits for it to become accessible.
+ # Set this to 1 to skip such devices. This should only be needed
+ # in recovery situations.
+ ignore_suspended_devices = 0
+
+ # ignore_lvm_mirrors: Introduced in version 2.02.104
+ # This setting determines whether logical volumes of "mirror" segment
+ # type are scanned for LVM labels. This affects the ability of
+ # mirrors to be used as physical volumes. If 'ignore_lvm_mirrors'
+ # is set to '1', it becomes impossible to create volume groups on top
+ # of mirror logical volumes - i.e. to stack volume groups on mirrors.
+ #
+ # Allowing mirror logical volumes to be scanned (setting the value to '0')
+ # can potentially cause LVM processes and I/O to the mirror to become
+ # blocked. This is due to the way that the "mirror" segment type handles
+ # failures. In order for the hang to manifest itself, an LVM command must
+ # be run just after a failure and before the automatic LVM repair process
+ # takes place OR there must be failures in multiple mirrors in the same
+ # volume group at the same time with write failures occurring moments
+ # before a scan of the mirror's labels.
+ #
+ # Note that these scanning limitations do not apply to the LVM RAID
+ # types, like "raid1". The RAID segment types handle failures in a
+ # different way and are not subject to possible process or I/O blocking.
+ #
+ # It is encouraged that users set 'ignore_lvm_mirrors' to 1 if they
+ # are using the "mirror" segment type. Users that require volume group
+ # stacking on mirrored logical volumes should consider using the "raid1"
+ # segment type. The "raid1" segment type is not available for
+ # active/active clustered volume groups.
+ #
+ # Set to 1 to disallow stacking and thereby avoid a possible deadlock.
+ ignore_lvm_mirrors = 1
+
+ # During each LVM operation errors received from each device are counted.
+ # If the counter of a particular device exceeds the limit set here, no
+ # further I/O is sent to that device for the remainder of the respective
+ # operation. Setting the parameter to 0 disables the counters altogether.
+ disable_after_error_count = 0
+
+ # Allow use of pvcreate --uuid without requiring --restorefile.
+ require_restorefile_with_uuid = 1
+
+ # Minimum size (in KB) of block devices which can be used as PVs.
+ # In a clustered environment all nodes must use the same value.
+ # Any value smaller than 512KB is ignored.
+
+ # Ignore devices smaller than 2MB such as floppy drives.
+ pv_min_size = 2048
+
+ # The original built-in setting was 512 up to and including version 2.02.84.
+ # pv_min_size = 512
+
+ # Issue discards to a logical volumes's underlying physical volume(s) when
+ # the logical volume is no longer using the physical volumes' space (e.g.
+ # lvremove, lvreduce, etc). Discards inform the storage that a region is
+ # no longer in use. Storage that supports discards advertise the protocol
+ # specific way discards should be issued by the kernel (TRIM, UNMAP, or
+ # WRITE SAME with UNMAP bit set). Not all storage will support or benefit
+ # from discards but SSDs and thinly provisioned LUNs generally do. If set
+ # to 1, discards will only be issued if both the storage and kernel provide
+ # support.
+ # 1 enables; 0 disables.
+ issue_discards = 0
+}
+
+# This section allows you to configure the way in which LVM selects
+# free space for its Logical Volumes.
+allocation {
+
+ # When searching for free space to extend an LV, the "cling"
+ # allocation policy will choose space on the same PVs as the last
+ # segment of the existing LV. If there is insufficient space and a
+ # list of tags is defined here, it will check whether any of them are
+ # attached to the PVs concerned and then seek to match those PV tags
+ # between existing extents and new extents.
+ # Use the special tag "@*" as a wildcard to match any PV tag.
+
+ # Example: LVs are mirrored between two sites within a single VG.
+ # PVs are tagged with either @site1 or @site2 to indicate where
+ # they are situated.
+
+ # cling_tag_list = [ "@site1", "@site2" ]
+ # cling_tag_list = [ "@*" ]
+
+ # Changes made in version 2.02.85 extended the reach of the 'cling'
+ # policies to detect more situations where data can be grouped
+ # onto the same disks. Set this to 0 to revert to the previous
+ # algorithm.
+ maximise_cling = 1
+
+ # Whether to use blkid library instead of native LVM2 code to detect
+ # any existing signatures while creating new Physical Volumes and
+ # Logical Volumes. LVM2 needs to be compiled with blkid wiping support
+ # for this setting to take effect.
+ #
+ # LVM2 native detection code is currently able to recognize these signatures:
+ # - MD device signature
+ # - swap signature
+ # - LUKS signature
+ # To see the list of signatures recognized by blkid, check the output
+ # of 'blkid -k' command. The blkid can recognize more signatures than
+ # LVM2 native detection code, but due to this higher number of signatures
+ # to be recognized, it can take more time to complete the signature scan.
+ use_blkid_wiping = 1
+
+ # Set to 1 to wipe any signatures found on newly-created Logical Volumes
+ # automatically in addition to zeroing of the first KB on the LV
+ # (controlled by the -Z/--zero y option).
+ # The command line option -W/--wipesignatures takes precedence over this
+ # setting.
+ # The default is to wipe signatures when zeroing.
+ #
+ wipe_signatures_when_zeroing_new_lvs = 1
+
+ # Set to 1 to guarantee that mirror logs will always be placed on
+ # different PVs from the mirror images. This was the default
+ # until version 2.02.85.
+ mirror_logs_require_separate_pvs = 0
+
+ # Set to 1 to guarantee that cache_pool metadata will always be
+ # placed on different PVs from the cache_pool data.
+ cache_pool_metadata_require_separate_pvs = 0
+
+ # Specify the minimal chunk size (in kiB) for cache pool volumes.
+ # Using a chunk_size that is too large can result in wasteful use of
+ # the cache, where small reads and writes can cause large sections of
+ # an LV to be mapped into the cache. However, choosing a chunk_size
+ # that is too small can result in more overhead trying to manage the
+ # numerous chunks that become mapped into the cache. The former is
+ # more of a problem than the latter in most cases, so we default to
+ # a value that is on the smaller end of the spectrum. Supported values
+ # range from 32(kiB) to 1048576 in multiples of 32.
+ # cache_pool_chunk_size = 64
+
+ # Set to 1 to guarantee that thin pool metadata will always
+ # be placed on different PVs from the pool data.
+ thin_pool_metadata_require_separate_pvs = 0
+
+ # Specify chunk size calculation policy for thin pool volumes.
+ # Possible options are:
+ # "generic" - if thin_pool_chunk_size is defined, use it.
+ # Otherwise, calculate the chunk size based on
+ # estimation and device hints exposed in sysfs:
+ # the minimum_io_size. The chunk size is always
+ # at least 64KiB.
+ #
+ # "performance" - if thin_pool_chunk_size is defined, use it.
+ # Otherwise, calculate the chunk size for
+ # performance based on device hints exposed in
+ # sysfs: the optimal_io_size. The chunk size is
+ # always at least 512KiB.
+ # thin_pool_chunk_size_policy = "generic"
+
+ # Specify the minimal chunk size (in KB) for thin pool volumes.
+ # Use of the larger chunk size may improve performance for plain
+ # thin volumes, however using them for snapshot volumes is less efficient,
+ # as it consumes more space and takes extra time for copying.
+ # When unset, lvm tries to estimate chunk size starting from 64KB
+ # Supported values are in range from 64 to 1048576.
+ # thin_pool_chunk_size = 64
+
+ # Specify discards behaviour of the thin pool volume.
+ # Select one of "ignore", "nopassdown", "passdown"
+ # thin_pool_discards = "passdown"
+
+ # Set to 0, to disable zeroing of thin pool data chunks before their
+ # first use.
+ # N.B. zeroing larger thin pool chunk size degrades performance.
+ # thin_pool_zero = 1
+}
+
+# This section that allows you to configure the nature of the
+# information that LVM2 reports.
+log {
+
+ # Controls the messages sent to stdout or stderr.
+ # There are three levels of verbosity, 3 being the most verbose.
+ verbose = 0
+
+ # Set to 1 to suppress all non-essential messages from stdout.
+ # This has the same effect as -qq.
+ # When this is set, the following commands still produce output:
+ # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay,
+ # pvs, version, vgcfgrestore -l, vgdisplay, vgs.
+ # Non-essential messages are shifted from log level 4 to log level 5
+ # for syslog and lvm2_log_fn purposes.
+ # Any 'yes' or 'no' questions not overridden by other arguments
+ # are suppressed and default to 'no'.
+ silent = 0
+
+ # Should we send log messages through syslog?
+ # 1 is yes; 0 is no.
+ syslog = 1
+
+ # Should we log error and debug messages to a file?
+ # By default there is no log file.
+ #file = "/var/log/lvm2.log"
+
+ # Should we overwrite the log file each time the program is run?
+ # By default we append.
+ overwrite = 0
+
+ # What level of log messages should we send to the log file and/or syslog?
+ # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive.
+ # 7 is the most verbose (LOG_DEBUG).
+ level = 0
+
+ # Format of output messages
+ # Whether or not (1 or 0) to indent messages according to their severity
+ indent = 1
+
+ # Whether or not (1 or 0) to display the command name on each line output
+ command_names = 0
+
+ # A prefix to use before the message text (but after the command name,
+ # if selected). Default is two spaces, so you can see/grep the severity
+ # of each message.
+ prefix = " "
+
+ # To make the messages look similar to the original LVM tools use:
+ # indent = 0
+ # command_names = 1
+ # prefix = " -- "
+
+ # Set this if you want log messages during activation.
+ # Don't use this in low memory situations (can deadlock).
+ # activation = 0
+
+ # Some debugging messages are assigned to a class and only appear
+ # in debug output if the class is listed here.
+ # Classes currently available:
+ # memory, devices, activation, allocation, lvmetad, metadata, cache,
+ # locking
+ # Use "all" to see everything.
+ debug_classes = [ "memory", "devices", "activation", "allocation",
+ "lvmetad", "metadata", "cache", "locking" ]
+}
+
+# Configuration of metadata backups and archiving. In LVM2 when we
+# talk about a 'backup' we mean making a copy of the metadata for the
+# *current* system. The 'archive' contains old metadata configurations.
+# Backups are stored in a human readable text format.
+backup {
+
+ # Should we maintain a backup of the current metadata configuration ?
+ # Use 1 for Yes; 0 for No.
+ # Think very hard before turning this off!
+ backup = 1
+
+ # Where shall we keep it ?
+ # Remember to back up this directory regularly!
+ backup_dir = "/etc/lvm/backup"
+
+ # Should we maintain an archive of old metadata configurations.
+ # Use 1 for Yes; 0 for No.
+ # On by default. Think very hard before turning this off.
+ archive = 1
+
+ # Where should archived files go ?
+ # Remember to back up this directory regularly!
+ archive_dir = "/etc/lvm/archive"
+
+ # What is the minimum number of archive files you wish to keep ?
+ retain_min = 10
+
+ # What is the minimum time you wish to keep an archive file for ?
+ retain_days = 30
+}
+
+# Settings for the running LVM2 in shell (readline) mode.
+shell {
+
+ # Number of lines of history to store in ~/.lvm_history
+ history_size = 100
+}
+
+
+# Miscellaneous global LVM2 settings
+global {
+ # The file creation mask for any files and directories created.
+ # Interpreted as octal if the first digit is zero.
+ umask = 077
+
+ # Allow other users to read the files
+ #umask = 022
+
+ # Enabling test mode means that no changes to the on disk metadata
+ # will be made. Equivalent to having the -t option on every
+ # command. Defaults to off.
+ test = 0
+
+ # Default value for --units argument
+ units = "h"
+
+ # Since version 2.02.54, the tools distinguish between powers of
+ # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g.
+ # KB, MB, GB).
+ # If you have scripts that depend on the old behaviour, set this to 0
+ # temporarily until you update them.
+ si_unit_consistency = 1
+
+ # Whether or not to display unit suffix for sizes. This setting has
+ # no effect if the units are in human-readable form (global/units="h")
+ # in which case the suffix is always displayed.
+ suffix = 1
+
+ # Whether or not to communicate with the kernel device-mapper.
+ # Set to 0 if you want to use the tools to manipulate LVM metadata
+ # without activating any logical volumes.
+ # If the device-mapper kernel driver is not present in your kernel
+ # setting this to 0 should suppress the error messages.
+ activation = 1
+
+ # If we can't communicate with device-mapper, should we try running
+ # the LVM1 tools?
+ # This option only applies to 2.4 kernels and is provided to help you
+ # switch between device-mapper kernels and LVM1 kernels.
+ # The LVM1 tools need to be installed with .lvm1 suffices
+ # e.g. vgscan.lvm1 and they will stop working after you start using
+ # the new lvm2 on-disk metadata format.
+ # The default value is set when the tools are built.
+ # fallback_to_lvm1 = 0
+
+ # The default metadata format that commands should use - "lvm1" or "lvm2".
+ # The command line override is -M1 or -M2.
+ # Defaults to "lvm2".
+ # format = "lvm2"
+
+ # Location of proc filesystem
+ proc = "/proc"
+
+ # Type of locking to use. Defaults to local file-based locking (1).
+ # Turn locking off by setting to 0 (dangerous: risks metadata corruption
+ # if LVM2 commands get run concurrently).
+ # Type 2 uses the external shared library locking_library.
+ # Type 3 uses built-in clustered locking.
+ # Type 4 uses read-only locking which forbids any operations that might
+ # change metadata.
+ # Type 5 offers dummy locking for tools that do not need any locks.
+ # You should not need to set this directly: the tools will select when
+ # to use it instead of the configured locking_type. Do not use lvmetad or
+ # the kernel device-mapper driver with this locking type.
+ # It is used by the --readonly option that offers read-only access to
+ # Volume Group metadata that cannot be locked safely because it belongs to
+ # an inaccessible domain and might be in use, for example a virtual machine
+ # image or a disk that is shared by a clustered machine.
+ #
+ # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
+ # supported in clustered environment. If use_lvmetad=1 and locking_type=3
+ # is set at the same time, LVM always issues a warning message about this
+ # and then it automatically disables lvmetad use.
+ locking_type = 1
+
+ # Set to 0 to fail when a lock request cannot be satisfied immediately.
+ wait_for_locks = 1
+
+ # If using external locking (type 2) and initialisation fails,
+ # with this set to 1 an attempt will be made to use the built-in
+ # clustered locking.
+ # If you are using a customised locking_library you should set this to 0.
+ fallback_to_clustered_locking = 1
+
+ # If an attempt to initialise type 2 or type 3 locking failed, perhaps
+ # because cluster components such as clvmd are not running, with this set
+ # to 1 an attempt will be made to use local file-based locking (type 1).
+ # If this succeeds, only commands against local volume groups will proceed.
+ # Volume Groups marked as clustered will be ignored.
+ fallback_to_local_locking = 1
+
+ # Local non-LV directory that holds file-based locks while commands are
+ # in progress. A directory like /tmp that may get wiped on reboot is OK.
+ locking_dir = "/run/lock/lvm"
+
+ # Whenever there are competing read-only and read-write access requests for
+ # a volume group's metadata, instead of always granting the read-only
+ # requests immediately, delay them to allow the read-write requests to be
+ # serviced. Without this setting, write access may be stalled by a high
+ # volume of read-only requests.
+ # NB. This option only affects locking_type = 1 viz. local file-based
+ # locking.
+ prioritise_write_locks = 1
+
+ # Other entries can go here to allow you to load shared libraries
+ # e.g. if support for LVM1 metadata was compiled as a shared library use
+ # format_libraries = "liblvm2format1.so"
+ # Full pathnames can be given.
+
+ # Search this directory first for shared libraries.
+ # library_dir = "/lib/lvm2"
+
+ # The external locking library to load if locking_type is set to 2.
+ # locking_library = "liblvm2clusterlock.so"
+
+ # Treat any internal errors as fatal errors, aborting the process that
+ # encountered the internal error. Please only enable for debugging.
+ abort_on_internal_errors = 0
+
+ # Check whether CRC is matching when parsed VG is used multiple times.
+ # This is useful to catch unexpected internal cached volume group
+ # structure modification. Please only enable for debugging.
+ detect_internal_vg_cache_corruption = 0
+
+ # If set to 1, no operations that change on-disk metadata will be permitted.
+ # Additionally, read-only commands that encounter metadata in need of repair
+ # will still be allowed to proceed exactly as if the repair had been
+ # performed (except for the unchanged vg_seqno).
+ # Inappropriate use could mess up your system, so seek advice first!
+ metadata_read_only = 0
+
+ # 'mirror_segtype_default' defines which segtype will be used when the
+ # shorthand '-m' option is used for mirroring. The possible options are:
+ #
+ # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is
+ # characterized by a flexible log solution (core, disk, mirrored)
+ # and by the necessity to block I/O while reconfiguring in the
+ # event of a failure.
+ #
+ # There is an inherent race in the dmeventd failure handling
+ # logic with snapshots of devices using this type of RAID1 that
+ # in the worst case could cause a deadlock.
+ # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10
+ #
+ # "raid1" - This implementation leverages MD's RAID1 personality through
+ # device-mapper. It is characterized by a lack of log options.
+ # (A log is always allocated for every device and they are placed
+ # on the same device as the image - no separate devices are
+ # required.) This mirror implementation does not require I/O
+ # to be blocked in the kernel in the event of a failure.
+ # This mirror implementation is not cluster-aware and cannot be
+ # used in a shared (active/active) fashion in a cluster.
+ #
+ # Specify the '--type <mirror|raid1>' option to override this default
+ # setting.
+ mirror_segtype_default = "raid1"
+
+ # 'raid10_segtype_default' determines the segment types used by default
+ # when the '--stripes/-i' and '--mirrors/-m' arguments are both specified
+ # during the creation of a logical volume.
+ # Possible settings include:
+ #
+ # "raid10" - This implementation leverages MD's RAID10 personality through
+ # device-mapper.
+ #
+ # "mirror" - LVM will layer the 'mirror' and 'stripe' segment types. It
+ # will do this by creating a mirror on top of striped sub-LVs;
+ # effectively creating a RAID 0+1 array. This is suboptimal
+ # in terms of providing redundancy and performance. Changing to
+ # this setting is not advised.
+ # Specify the '--type <raid10|mirror>' option to override this default
+ # setting.
+ raid10_segtype_default = "raid10"
+
+ # The default format for displaying LV names in lvdisplay was changed
+ # in version 2.02.89 to show the LV name and path separately.
+ # Previously this was always shown as /dev/vgname/lvname even when that
+ # was never a valid path in the /dev filesystem.
+ # Set to 1 to reinstate the previous format.
+ #
+ # lvdisplay_shows_full_device_path = 0
+
+ # Whether to use (trust) a running instance of lvmetad. If this is set to
+ # 0, all commands fall back to the usual scanning mechanisms. When set to 1
+ # *and* when lvmetad is running (automatically instantiated by making use of
+ # systemd's socket-based service activation or run as an initscripts service
+ # or run manually), the volume group metadata and PV state flags are obtained
+ # from the lvmetad instance and no scanning is done by the individual
+ # commands. In a setup with lvmetad, lvmetad udev rules *must* be set up for
+ # LVM to work correctly. Without proper udev rules, all changes in block
+ # device configuration will be *ignored* until a manual 'pvscan --cache'
+ # is performed. These rules are installed by default.
+ #
+ # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped
+ # before changing use_lvmetad to 1 and started again afterwards.
+ #
+ # If using lvmetad, the volume activation is also switched to automatic
+ # event-based mode. In this mode, the volumes are activated based on
+ # incoming udev events that automatically inform lvmetad about new PVs
+ # that appear in the system. Once the VG is complete (all the PVs are
+ # present), it is auto-activated. The activation/auto_activation_volume_list
+ # setting controls which volumes are auto-activated (all by default).
+ #
+ # A note about device filtering while lvmetad is used:
+ # When lvmetad is updated (either automatically based on udev events
+ # or directly by pvscan --cache <device> call), the devices/filter
+ # is ignored and all devices are scanned by default. The lvmetad always
+ # keeps unfiltered information which is then provided to LVM commands
+ # and then each LVM command does the filtering based on devices/filter
+ # setting itself.
+ # To prevent scanning devices completely, even when using lvmetad,
+ # the devices/global_filter must be used.
+ # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
+ # supported in clustered environment. If use_lvmetad=1 and locking_type=3
+ # is set at the same time, LVM always issues a warning message about this
+ # and then it automatically disables lvmetad use.
+ use_lvmetad = 0
+
+ # Full path of the utility called to check that a thin metadata device
+ # is in a state that allows it to be used.
+ # Each time a thin pool needs to be activated or after it is deactivated
+ # this utility is executed. The activation will only proceed if the utility
+ # has an exit status of 0.
+ # Set to "" to skip this check. (Not recommended.)
+ # The thin tools are available as part of the device-mapper-persistent-data
+ # package from https://github.com/jthornber/thin-provisioning-tools.
+ #
+ # thin_check_executable = "/usr/sbin/thin_check"
+
+ # Array of string options passed with thin_check command. By default,
+ # option "-q" is for quiet output.
+ # With thin_check version 2.1 or newer you can add "--ignore-non-fatal-errors"
+ # to let it pass through ignorable errors and fix them later.
+ # With thin_check version 3.2 or newer you should add
+ # "--clear-needs-check-flag".
+ #
+ # thin_check_options = [ "-q", "--clear-needs-check-flag" ]
+
+ # Full path of the utility called to repair a thin metadata device
+ # is in a state that allows it to be used.
+ # Each time a thin pool needs repair this utility is executed.
+ # See thin_check_executable how to obtain binaries.
+ #
+ # thin_repair_executable = "/usr/sbin/thin_repair"
+
+ # Array of extra string options passed with thin_repair command.
+ # thin_repair_options = [ "" ]
+
+ # Full path of the utility called to dump thin metadata content.
+ # See thin_check_executable how to obtain binaries.
+ #
+ # thin_dump_executable = "/usr/sbin/thin_dump"
+
+ # If set, given features are not used by thin driver.
+ # This can be helpful not just for testing, but i.e. allows to avoid
+ # using problematic implementation of some thin feature.
+ # Features:
+ # block_size
+ # discards
+ # discards_non_power_2
+ # external_origin
+ # metadata_resize
+ # external_origin_extend
+ #
+ # thin_disabled_features = [ "discards", "block_size" ]
+
+ # Full path of the utility called to check that a cache metadata device
+ # is in a state that allows it to be used.
+ # Each time a cached LV needs to be used or after it is deactivated
+ # this utility is executed. The activation will only proceed if the utility
+ # has an exit status of 0.
+ # Set to "" to skip this check. (Not recommended.)
+ # The cache tools are available as part of the device-mapper-persistent-data
+ # package from https://github.com/jthornber/thin-provisioning-tools.
+ #
+ # cache_check_executable = "/usr/sbin/cache_check"
+
+ # Array of string options passed with cache_check command. By default,
+ # option "-q" is for quiet output.
+ #
+ # cache_check_options = [ "-q" ]
+
+ # Full path of the utility called to repair a cache metadata device.
+ # Each time a cache metadata needs repair this utility is executed.
+ # See cache_check_executable how to obtain binaries.
+ #
+ # cache_repair_executable = "/usr/sbin/cache_repair"
+
+ # Array of extra string options passed with cache_repair command.
+ # cache_repair_options = [ "" ]
+
+ # Full path of the utility called to dump cache metadata content.
+ # See cache_check_executable how to obtain binaries.
+ #
+ # cache_dump_executable = "/usr/sbin/cache_dump"
+}
+
+activation {
+ # Set to 1 to perform internal checks on the operations issued to
+ # libdevmapper. Useful for debugging problems with activation.
+ # Some of the checks may be expensive, so it's best to use this
+ # only when there seems to be a problem.
+ checks = 0
+
+ # Set to 0 to disable udev synchronisation (if compiled into the binaries).
+ # Processes will not wait for notification from udev.
+ # They will continue irrespective of any possible udev processing
+ # in the background. You should only use this if udev is not running
+ # or has rules that ignore the devices LVM2 creates.
+ # The command line argument --nodevsync takes precedence over this setting.
+ # If set to 1 when udev is not running, and there are LVM2 processes
+ # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up.
+ udev_sync = 1
+
+ # Set to 0 to disable the udev rules installed by LVM2 (if built with
+ # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks
+ # for active logical volumes directly itself.
+ # N.B. Manual intervention may be required if this setting is changed
+ # while any logical volumes are active.
+ udev_rules = 1
+
+ # Set to 1 for LVM2 to verify operations performed by udev. This turns on
+ # additional checks (and if necessary, repairs) on entries in the device
+ # directory after udev has completed processing its events.
+ # Useful for diagnosing problems with LVM2/udev interactions.
+ verify_udev_operations = 0
+
+ # If set to 1 and if deactivation of an LV fails, perhaps because
+ # a process run from a quick udev rule temporarily opened the device,
+ # retry the operation for a few seconds before failing.
+ retry_deactivation = 1
+
+ # How to fill in missing stripes if activating an incomplete volume.
+ # Using "error" will make inaccessible parts of the device return
+ # I/O errors on access. You can instead use a device path, in which
+ # case, that device will be used to in place of missing stripes.
+ # But note that using anything other than "error" with mirrored
+ # or snapshotted volumes is likely to result in data corruption.
+ missing_stripe_filler = "error"
+
+ # The linear target is an optimised version of the striped target
+ # that only handles a single stripe. Set this to 0 to disable this
+ # optimisation and always use the striped target.
+ use_linear_target = 1
+
+ # How much stack (in KB) to reserve for use while devices suspended
+ # Prior to version 2.02.89 this used to be set to 256KB
+ reserved_stack = 64
+
+ # How much memory (in KB) to reserve for use while devices suspended
+ reserved_memory = 8192
+
+ # Nice value used while devices suspended
+ process_priority = -18
+
+ # If volume_list is defined, each LV is only activated if there is a
+ # match against the list.
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # If any host tags exist but volume_list is not defined, a default
+ # single-entry list containing "@*" is assumed.
+ #
+ # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # If auto_activation_volume_list is defined, each LV that is to be
+ # activated with the autoactivation option (--activate ay/-a ay) is
+ # first checked against the list. There are two scenarios in which
+ # the autoactivation option is used:
+ #
+ # - automatic activation of volumes based on incoming PVs. If all the
+ # PVs making up a VG are present in the system, the autoactivation
+ # is triggered. This requires lvmetad (global/use_lvmetad=1) and udev
+ # to be running. In this case, "pvscan --cache -aay" is called
+ # automatically without any user intervention while processing
+ # udev events. Please, make sure you define auto_activation_volume_list
+ # properly so only the volumes you want and expect are autoactivated.
+ #
+ # - direct activation on command line with the autoactivation option.
+ # In this case, the user calls "vgchange --activate ay/-a ay" or
+ # "lvchange --activate ay/-a ay" directly.
+ #
+ # By default, the auto_activation_volume_list is not defined and all
+ # volumes will be activated either automatically or by using --activate ay/-a ay.
+ #
+ # N.B. The "activation/volume_list" is still honoured in all cases so even
+ # if the VG/LV passes the auto_activation_volume_list, it still needs to
+ # pass the volume_list for it to be activated in the end.
+
+ # If auto_activation_volume_list is defined but empty, no volumes will be
+ # activated automatically and --activate ay/-a ay will do nothing.
+ #
+ # auto_activation_volume_list = []
+
+ # If auto_activation_volume_list is defined and it's not empty, only matching
+ # volumes will be activated either automatically or by using --activate ay/-a ay.
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # If read_only_volume_list is defined, each LV that is to be activated
+ # is checked against the list, and if it matches, it as activated
+ # in read-only mode. (This overrides '--permission rw' stored in the
+ # metadata.)
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # Each LV can have an 'activation skip' flag stored persistently against it.
+ # During activation, this flag is used to decide whether such an LV is skipped.
+ # The 'activation skip' flag can be set during LV creation and by default it
+ # is automatically set for thin snapshot LVs. The 'auto_set_activation_skip'
+ # enables or disables this automatic setting of the flag while LVs are created.
+ # auto_set_activation_skip = 1
+
+ # For RAID or 'mirror' segment types, 'raid_region_size' is the
+ # size (in KiB) of each:
+ # - synchronization operation when initializing
+ # - each copy operation when performing a 'pvmove' (using 'mirror' segtype)
+ # This setting has replaced 'mirror_region_size' since version 2.02.99
+ raid_region_size = 512
+
+ # Setting to use when there is no readahead value stored in the metadata.
+ #
+ # "none" - Disable readahead.
+ # "auto" - Use default value chosen by kernel.
+ readahead = "auto"
+
+ # 'raid_fault_policy' defines how a device failure in a RAID logical
+ # volume is handled. This includes logical volumes that have the following
+ # segment types: raid1, raid4, raid5*, and raid6*.
+ #
+ # In the event of a failure, the following policies will determine what
+ # actions are performed during the automated response to failures (when
+ # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is
+ # called manually with the options '--repair' and '--use-policies'.
+ #
+ # "warn" - Use the system log to warn the user that a device in the RAID
+ # logical volume has failed. It is left to the user to run
+ # 'lvconvert --repair' manually to remove or replace the failed
+ # device. As long as the number of failed devices does not
+ # exceed the redundancy of the logical volume (1 device for
+ # raid4/5, 2 for raid6, etc) the logical volume will remain
+ # usable.
+ #
+ # "allocate" - Attempt to use any extra physical volumes in the volume
+ # group as spares and replace faulty devices.
+ #
+ raid_fault_policy = "warn"
+
+ # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define
+ # how a device failure affecting a mirror (of "mirror" segment type) is
+ # handled. A mirror is composed of mirror images (copies) and a log.
+ # A disk log ensures that a mirror does not need to be re-synced
+ # (all copies made the same) every time a machine reboots or crashes.
+ #
+ # In the event of a failure, the specified policy will be used to determine
+ # what happens. This applies to automatic repairs (when the mirror is being
+ # monitored by dmeventd) and to manual lvconvert --repair when
+ # --use-policies is given.
+ #
+ # "remove" - Simply remove the faulty device and run without it. If
+ # the log device fails, the mirror would convert to using
+ # an in-memory log. This means the mirror will not
+ # remember its sync status across crashes/reboots and
+ # the entire mirror will be re-synced. If a
+ # mirror image fails, the mirror will convert to a
+ # non-mirrored device if there is only one remaining good
+ # copy.
+ #
+ # "allocate" - Remove the faulty device and try to allocate space on
+ # a new device to be a replacement for the failed device.
+ # Using this policy for the log is fast and maintains the
+ # ability to remember sync state through crashes/reboots.
+ # Using this policy for a mirror device is slow, as it
+ # requires the mirror to resynchronize the devices, but it
+ # will preserve the mirror characteristic of the device.
+ # This policy acts like "remove" if no suitable device and
+ # space can be allocated for the replacement.
+ #
+ # "allocate_anywhere" - Not yet implemented. Useful to place the log device
+ # temporarily on same physical volume as one of the mirror
+ # images. This policy is not recommended for mirror devices
+ # since it would break the redundant nature of the mirror. This
+ # policy acts like "remove" if no suitable device and space can
+ # be allocated for the replacement.
+
+ mirror_log_fault_policy = "allocate"
+ mirror_image_fault_policy = "remove"
+
+ # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define
+ # how to handle automatic snapshot extension. The former defines when the
+ # snapshot should be extended: when its space usage exceeds this many
+ # percent. The latter defines how much extra space should be allocated for
+ # the snapshot, in percent of its current size.
+ #
+ # For example, if you set snapshot_autoextend_threshold to 70 and
+ # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage,
+ # it will be extended by another 20%. For a 1G snapshot, using up 700M will
+ # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will
+ # be extended to 1.44G, and so on.
+ #
+ # Setting snapshot_autoextend_threshold to 100 disables automatic
+ # extensions. The minimum value is 50 (A setting below 50 will be treated
+ # as 50).
+
+ snapshot_autoextend_threshold = 100
+ snapshot_autoextend_percent = 20
+
+ # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define
+ # how to handle automatic pool extension. The former defines when the
+ # pool should be extended: when its space usage exceeds this many
+ # percent. The latter defines how much extra space should be allocated for
+ # the pool, in percent of its current size.
+ #
+ # For example, if you set thin_pool_autoextend_threshold to 70 and
+ # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage,
+ # it will be extended by another 20%. For a 1G pool, using up 700M will
+ # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will
+ # be extended to 1.44G, and so on.
+ #
+ # Setting thin_pool_autoextend_threshold to 100 disables automatic
+ # extensions. The minimum value is 50 (A setting below 50 will be treated
+ # as 50).
+
+ thin_pool_autoextend_threshold = 100
+ thin_pool_autoextend_percent = 20
+
+ # While activating devices, I/O to devices being (re)configured is
+ # suspended, and as a precaution against deadlocks, LVM2 needs to pin
+ # any memory it is using so it is not paged out. Groups of pages that
+ # are known not to be accessed during activation need not be pinned
+ # into memory. Each string listed in this setting is compared against
+ # each line in /proc/self/maps, and the pages corresponding to any
+ # lines that match are not pinned. On some systems locale-archive was
+ # found to make up over 80% of the memory used by the process.
+ # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ]
+
+ # Set to 1 to revert to the default behaviour prior to version 2.02.62
+ # which used mlockall() to pin the whole process's memory while activating
+ # devices.
+ use_mlockall = 0
+
+ # Monitoring is enabled by default when activating logical volumes.
+ # Set to 0 to disable monitoring or use the --ignoremonitoring option.
+ monitoring = 1
+
+ # When pvmove or lvconvert must wait for the kernel to finish
+ # synchronising or merging data, they check and report progress
+ # at intervals of this number of seconds. The default is 15 seconds.
+ # If this is set to 0 and there is only one thing to wait for, there
+ # are no progress reports, but the process is awoken immediately the
+ # operation is complete.
+ polling_interval = 15
+
+ # 'activation_mode' determines how Logical Volumes are activated if
+ # any devices are missing. Possible settings are:
+ #
+ # "complete" - Only allow activation of an LV if all of the Physical
+ # Volumes it uses are present. Other PVs in the Volume
+ # Group may be missing.
+ #
+ # "degraded" - Like "complete", but additionally RAID Logical Volumes of
+ # segment type raid1, raid4, raid5, radid6 and raid10 will
+ # be activated if there is no data loss, i.e. they have
+ # sufficient redundancy to present the entire addressable
+ # range of the Logical Volume.
+ #
+ # "partial" - Allows the activation of any Logical Volume even if
+ # a missing or failed PV could cause data loss with a
+ # portion of the Logical Volume inaccessible.
+ # This setting should not normally be used, but may
+ # sometimes assist with data recovery.
+ #
+ # This setting was introduced in LVM version 2.02.108. It corresponds
+ # with the '--activationmode' option for lvchange and vgchange.
+ activation_mode = "degraded"
+}
+
+# Report settings.
+#
+# report {
+ # Align columns on report output.
+ # aligned=1
+
+ # When buffered reporting is used, the report's content is appended
+ # incrementally to include each object being reported until the report
+ # is flushed to output which normally happens at the end of command
+ # execution. Otherwise, if buffering is not used, each object is
+ # reported as soon as its processing is finished.
+ # buffered=1
+
+ # Show headings for columns on report.
+ # headings=1
+
+ # A separator to use on report after each field.
+ # separator=" "
+
+ # A separator to use for list items when reported.
+ # list_item_separator=","
+
+ # Use a field name prefix for each field reported.
+ # prefixes=0
+
+ # Quote field values when using field name prefixes.
+ # quoted=1
+
+ # Output each column as a row. If set, this also implies report/prefixes=1.
+ # colums_as_rows=0
+
+ # Use binary values "0" or "1" instead of descriptive literal values for
+ # columns that have exactly two valid values to report (not counting the
+ # "unknown" value which denotes that the value could not be determined).
+ #
+ # binary_values_as_numeric = 0
+
+ # Comma separated list of columns to sort by when reporting 'lvm devtypes' command.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_sort="devtype_name"
+
+ # Comma separated list of columns to report for 'lvm devtypes' command.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_cols="devtype_name,devtype_max_partitions,devtype_description"
+
+ # Comma separated list of columns to report for 'lvm devtypes' command in verbose mode.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_cols_verbose="devtype_name,devtype_max_partitions,devtype_description"
+
+ # Comma separated list of columns to sort by when reporting 'lvs' command.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_sort="vg_name,lv_name"
+
+ # Comma separated list of columns to report for 'lvs' command.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_cols="lv_name,vg_name,lv_attr,lv_size,pool_lv,origin,data_percent,metadata_percent,move_pv,mirror_log,copy_percent,convert_lv"
+
+ # Comma separated list of columns to report for 'lvs' command in verbose mode.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_cols_verbose="lv_name,vg_name,seg_count,lv_attr,lv_size,lv_major,lv_minor,lv_kernel_major,lv_kernel_minor,pool_lv,origin,data_percent,metadata_percent,move_pv,copy_percent,mirror_log,convert
+
+ # Comma separated list of columns to sort by when reporting 'vgs' command.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_sort="vg_name"
+
+ # Comma separated list of columns to report for 'vgs' command.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_cols="vg_name,pv_count,lv_count,snap_count,vg_attr,vg_size,vg_free"
+
+ # Comma separated list of columns to report for 'vgs' command in verbose mode.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_cols_verbose="vg_name,vg_attr,vg_extent_size,pv_count,lv_count,snap_count,vg_size,vg_free,vg_uuid,vg_profile"
+
+ # Comma separated list of columns to sort by when reporting 'pvs' command.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_sort="pv_name"
+
+ # Comma separated list of columns to report for 'pvs' command.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free"
+
+ # Comma separated list of columns to report for 'pvs' command in verbose mode.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,dev_size,pv_uuid"
+
+ # Comma separated list of columns to sort by when reporting 'lvs --segments' command.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_sort="vg_name,lv_name,seg_start"
+
+ # Comma separated list of columns to report for 'lvs --segments' command.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_cols="lv_name,vg_name,lv_attr,stripes,segtype,seg_size"
+
+ # Comma separated list of columns to report for 'lvs --segments' command in verbose mode.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_cols_verbose="lv_name,vg_name,lv_attr,seg_start,seg_size,stripes,segtype,stripesize,chunksize"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_sort="pv_name,pvseg_start"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command in verbose mode.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size,lv_name,seg_start_pe,segtype,seg_pe_ranges"
+#}
+
+####################
+# Advanced section #
+####################
+
+# Metadata settings
+#
+# metadata {
+ # Default number of copies of metadata to hold on each PV. 0, 1 or 2.
+ # You might want to override it from the command line with 0
+ # when running pvcreate on new PVs which are to be added to large VGs.
+
+ # pvmetadatacopies = 1
+
+ # Default number of copies of metadata to maintain for each VG.
+ # If set to a non-zero value, LVM automatically chooses which of
+ # the available metadata areas to use to achieve the requested
+ # number of copies of the VG metadata. If you set a value larger
+ # than the the total number of metadata areas available then
+ # metadata is stored in them all.
+ # The default value of 0 ("unmanaged") disables this automatic
+ # management and allows you to control which metadata areas
+ # are used at the individual PV level using 'pvchange
+ # --metadataignore y/n'.
+
+ # vgmetadatacopies = 0
+
+ # Approximate default size of on-disk metadata areas in sectors.
+ # You should increase this if you have large volume groups or
+ # you want to retain a large on-disk history of your metadata changes.
+
+ # pvmetadatasize = 255
+
+ # List of directories holding live copies of text format metadata.
+ # These directories must not be on logical volumes!
+ # It's possible to use LVM2 with a couple of directories here,
+ # preferably on different (non-LV) filesystems, and with no other
+ # on-disk metadata (pvmetadatacopies = 0). Or this can be in
+ # addition to on-disk metadata areas.
+ # The feature was originally added to simplify testing and is not
+ # supported under low memory situations - the machine could lock up.
+ #
+ # Never edit any files in these directories by hand unless you
+ # you are absolutely sure you know what you are doing! Use
+ # the supplied toolset to make changes (e.g. vgcfgrestore).
+
+ # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ]
+#}
+
+# Event daemon
+#
+dmeventd {
+ # mirror_library is the library used when monitoring a mirror device.
+ #
+ # "libdevmapper-event-lvm2mirror.so" attempts to recover from
+ # failures. It removes failed devices from a volume group and
+ # reconfigures a mirror as necessary. If no mirror library is
+ # provided, mirrors are not monitored through dmeventd.
+
+ mirror_library = "libdevmapper-event-lvm2mirror.so"
+
+ # snapshot_library is the library used when monitoring a snapshot device.
+ #
+ # "libdevmapper-event-lvm2snapshot.so" monitors the filling of
+ # snapshots and emits a warning through syslog when the use of
+ # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and
+ # 95% of the snapshot is filled.
+
+ snapshot_library = "libdevmapper-event-lvm2snapshot.so"
+
+ # thin_library is the library used when monitoring a thin device.
+ #
+ # "libdevmapper-event-lvm2thin.so" monitors the filling of
+ # pool and emits a warning through syslog when the use of
+ # the pool exceeds 80%. The warning is repeated when 85%, 90% and
+ # 95% of the pool is filled.
+
+ thin_library = "libdevmapper-event-lvm2thin.so"
+
+ # Full path of the dmeventd binary.
+ #
+ # executable = "/sbin/dmeventd"
+}
--- /dev/null
+5ae61e71da1842a9a24e57c4861406cf
--- /dev/null
+# Magic local data for file(1) command.
+# Insert here your local magic data. Format is described in magic(5).
+
--- /dev/null
+# Magic local data for file(1) command.
+# Insert here your local magic data. Format is described in magic(5).
+
--- /dev/null
+set ask askcc append dot save crt
+ignore Received Message-Id Resent-Message-Id Status Mail-From Return-Path Via Delivered-To
--- /dev/null
+###############################################################################
+#
+# MIME media types and programs that process those types
+#
+# Much of this file is generated automatically by the program "update-mime".
+# Please see the "update-mime" man page for more information.
+#
+# Users can add their own rules if they wish by creating a ".mailcap"
+# file in their home directory. Entries included there will take
+# precedence over those listed here.
+#
+###############################################################################
+
+
+###############################################################################
+#
+# User section follows: Any entries included in this section will take
+# precedence over those created by "update-mime". DO NOT CHANGE the
+# "User Section Begins" and "User Section Ends" lines, or anything outside
+# of this section!
+#
+
+# ----- User Section Begins ----- #
+# ----- User Section Ends ----- #
+
+###############################################################################
+
+text/plain; less '%s'; needsterminal
+application/x-troff-man; /usr/bin/man -X100 -l '%s'; test=test -n "$DISPLAY" -a -e /usr/bin/gxditview; description=Man page
+text/troff; /usr/bin/man -X100 -l '%s'; test=test -n "$DISPLAY" -a -e /usr/bin/gxditview; description=Man page
+application/x-troff-man; /usr/bin/man -l '%s'; needsterminal; description=Man page
+text/troff; /usr/bin/man -l '%s'; needsterminal; description=Man page
+text/html; /usr/bin/sensible-browser %s; description=HTML Text; nametemplate=%s.html
+application/x-troff-man; /usr/bin/nroff -mandoc -Tutf8; copiousoutput; print=/usr/bin/nroff -mandoc -Tutf8 | print text/plain:-
+text/plain; more %s; needsterminal
+text/plain; vim %s; needsterminal
+text/plain; view %s; edit=vim %s; compose=vim %s; test=test -x /usr/bin/vim; needsterminal
+text/plain; view %s; edit=vi %s; compose=vi %s; needsterminal
+application/x-troff-man; /usr/bin/man -Tascii -l '%s' | col -b; copiousoutput; description=Man page
+text/troff; /usr/bin/man -Tascii -l '%s' | col -b; copiousoutput; description=Man page
+text/*; less '%s'; needsterminal
+text/*; view %s; edit=vim %s; compose=vim %s; test=test -x /usr/bin/vim; needsterminal
+application/x-tar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+application/x-gtar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+application/x-ustar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+text/*; more %s; needsterminal
+text/*; view %s; edit=vi %s; compose=vi %s; needsterminal
+application/vnd.debian.binary-package; /usr/lib/mime/debian-view %s; needsterminal; description=Debian GNU/Linux Package; nametemplate=%s.deb
--- /dev/null
+###############################################################################
+#
+# Mailcap.order: This file allows a system-wide override of MIME program
+# preferences. See the mailcap.order(5) man page for more information.
+#
+# After modifying this file, be sure to run /usr/sbin/update-mime (as root)
+# to propagate the changes into the /etc/mailcap file.
+#
+################################################################################
+
--- /dev/null
+ns1.uhu-banane.de
--- /dev/null
+# manpath.config
+#
+# This file is used by the man-db package to configure the man and cat paths.
+# It is also used to provide a manpath for those without one by examining
+# their PATH environment variable. For details see the manpath(5) man page.
+#
+# Lines beginning with `#' are comments and are ignored. Any combination of
+# tabs or spaces may be used as `whitespace' separators.
+#
+# There are three mappings allowed in this file:
+# --------------------------------------------------------
+# MANDATORY_MANPATH manpath_element
+# MANPATH_MAP path_element manpath_element
+# MANDB_MAP global_manpath [relative_catpath]
+#---------------------------------------------------------
+# every automatically generated MANPATH includes these fields
+#
+#MANDATORY_MANPATH /usr/src/pvm3/man
+#
+MANDATORY_MANPATH /usr/man
+MANDATORY_MANPATH /usr/share/man
+MANDATORY_MANPATH /usr/local/share/man
+#---------------------------------------------------------
+# set up PATH to MANPATH mapping
+# ie. what man tree holds man pages for what binary directory.
+#
+# *PATH* -> *MANPATH*
+#
+MANPATH_MAP /bin /usr/share/man
+MANPATH_MAP /usr/bin /usr/share/man
+MANPATH_MAP /sbin /usr/share/man
+MANPATH_MAP /usr/sbin /usr/share/man
+MANPATH_MAP /usr/local/bin /usr/local/man
+MANPATH_MAP /usr/local/bin /usr/local/share/man
+MANPATH_MAP /usr/local/sbin /usr/local/man
+MANPATH_MAP /usr/local/sbin /usr/local/share/man
+MANPATH_MAP /usr/X11R6/bin /usr/X11R6/man
+MANPATH_MAP /usr/bin/X11 /usr/X11R6/man
+MANPATH_MAP /usr/games /usr/share/man
+MANPATH_MAP /opt/bin /opt/man
+MANPATH_MAP /opt/sbin /opt/man
+#---------------------------------------------------------
+# For a manpath element to be treated as a system manpath (as most of those
+# above should normally be), it must be mentioned below. Each line may have
+# an optional extra string indicating the catpath associated with the
+# manpath. If no catpath string is used, the catpath will default to the
+# given manpath.
+#
+# You *must* provide all system manpaths, including manpaths for alternate
+# operating systems, locale specific manpaths, and combinations of both, if
+# they exist, otherwise the permissions of the user running man/mandb will
+# be used to manipulate the manual pages. Also, mandb will not initialise
+# the database cache for any manpaths not mentioned below unless explicitly
+# requested to do so.
+#
+# In a per-user configuration file, this directive only controls the
+# location of catpaths and the creation of database caches; it has no effect
+# on privileges.
+#
+# Any manpaths that are subdirectories of other manpaths must be mentioned
+# *before* the containing manpath. E.g. /usr/man/preformat must be listed
+# before /usr/man.
+#
+# *MANPATH* -> *CATPATH*
+#
+MANDB_MAP /usr/man /var/cache/man/fsstnd
+MANDB_MAP /usr/share/man /var/cache/man
+MANDB_MAP /usr/local/man /var/cache/man/oldlocal
+MANDB_MAP /usr/local/share/man /var/cache/man/local
+MANDB_MAP /usr/X11R6/man /var/cache/man/X11R6
+MANDB_MAP /opt/man /var/cache/man/opt
+#
+#---------------------------------------------------------
+# Program definitions. These are commented out by default as the value
+# of the definition is already the default. To change: uncomment a
+# definition and modify it.
+#
+#DEFINE pager pager -s
+#DEFINE cat cat
+#DEFINE tr tr '\255\267\264\327' '\055\157\047\170'
+#DEFINE grep grep
+#DEFINE troff groff -mandoc
+#DEFINE nroff nroff -mandoc
+#DEFINE eqn eqn
+#DEFINE neqn neqn
+#DEFINE tbl tbl
+#DEFINE col col
+#DEFINE vgrind vgrind
+#DEFINE refer refer
+#DEFINE grap grap
+#DEFINE pic pic -S
+#
+#DEFINE compressor gzip -c7
+#---------------------------------------------------------
+# Misc definitions: same as program definitions above.
+#
+#DEFINE whatis_grep_flags -i
+#DEFINE apropos_grep_flags -iEw
+#DEFINE apropos_regex_grep_flags -iE
+#---------------------------------------------------------
+# Section names. Manual sections will be searched in the order listed here;
+# the default is 1, n, l, 8, 3, 0, 2, 5, 4, 9, 6, 7. Multiple SECTION
+# directives may be given for clarity, and will be concatenated together in
+# the expected way.
+# If a particular extension is not in this list (say, 1mh), it will be
+# displayed with the rest of the section it belongs to. The effect of this
+# is that you only need to explicitly list extensions if you want to force a
+# particular order. Sections with extensions should usually be adjacent to
+# their main section (e.g. "1 1mh 8 ...").
+#
+SECTION 1 n l 8 3 2 3posix 3pm 3perl 5 4 9 6 7
+#
+#---------------------------------------------------------
+# Range of terminal widths permitted when displaying cat pages. If the
+# terminal falls outside this range, cat pages will not be created (if
+# missing) or displayed.
+#
+#MINCATWIDTH 80
+#MAXCATWIDTH 80
+#
+# If CATWIDTH is set to a non-zero number, cat pages will always be
+# formatted for a terminal of the given width, regardless of the width of
+# the terminal actually being used. This should generally be within the
+# range set by MINCATWIDTH and MAXCATWIDTH.
+#
+#CATWIDTH 0
+#
+#---------------------------------------------------------
+# Flags.
+# NOCACHE keeps man from creating cat pages.
+#NOCACHE
--- /dev/null
+###############################################################################
+#
+# MIME media types and the extensions that represent them.
+#
+# The format of this file is a media type on the left and zero or more
+# filename extensions on the right. Programs using this file will map
+# files ending with those extensions to the associated type.
+#
+# This file is part of the "mime-support" package. Please report a bug using
+# the "reportbug" command of the "reportbug" package if you would like new
+# types or extensions to be added.
+#
+# The reason that all types are managed by the mime-support package instead
+# allowing individual packages to install types in much the same way as they
+# add entries in to the mailcap file is so these types can be referenced by
+# other programs (such as a web server) even if the specific support package
+# for that type is not installed.
+#
+# Users can add their own types if they wish by creating a ".mime.types"
+# file in their home directory. Definitions included there will take
+# precedence over those listed here.
+#
+###############################################################################
+
+
+application/activemessage
+application/andrew-inset ez
+application/annodex anx
+application/applefile
+application/atom+xml atom
+application/atomcat+xml atomcat
+application/atomicmail
+application/atomserv+xml atomsrv
+application/batch-SMTP
+application/bbolin lin
+application/beep+xml
+application/cals-1840
+application/commonground
+application/cu-seeme cu
+application/cybercash
+application/davmount+xml davmount
+application/dca-rft
+application/dec-dx
+application/dicom dcm
+application/docbook+xml
+application/dsptype tsp
+application/dvcs
+application/ecmascript es
+application/edi-consent
+application/edi-x12
+application/edifact
+application/eshop
+application/font-sfnt otf ttf
+application/font-tdpfr pfr
+application/font-woff woff
+application/futuresplash spl
+application/ghostview
+application/gzip gz
+application/hta hta
+application/http
+application/hyperstudio
+application/iges
+application/index
+application/index.cmd
+application/index.obj
+application/index.response
+application/index.vnd
+application/iotp
+application/ipp
+application/isup
+application/java-archive jar
+application/java-serialized-object ser
+application/java-vm class
+application/javascript js
+application/json json
+application/m3g m3g
+application/mac-binhex40 hqx
+application/mac-compactpro cpt
+application/macwriteii
+application/marc
+application/mathematica nb nbp
+application/mbox mbox
+application/ms-tnef
+application/msaccess mdb
+application/msword doc dot
+application/mxf mxf
+application/news-message-id
+application/news-transmission
+application/ocsp-request
+application/ocsp-response
+application/octet-stream bin
+application/oda oda
+application/oebps-package+xml opf
+application/ogg ogx
+application/onenote one onetoc2 onetmp onepkg
+application/parityfec
+application/pdf pdf
+application/pgp-encrypted pgp
+application/pgp-keys key
+application/pgp-signature sig
+application/pics-rules prf
+application/pkcs10
+application/pkcs7-mime
+application/pkcs7-signature
+application/pkix-cert
+application/pkix-crl
+application/pkixcmp
+application/postscript ps ai eps epsi epsf eps2 eps3
+application/prs.alvestrand.titrax-sheet
+application/prs.cww
+application/prs.nprend
+application/qsig
+application/rar rar
+application/rdf+xml rdf
+application/remote-printing
+application/riscos
+application/rtf rtf
+application/sdp
+application/set-payment
+application/set-payment-initiation
+application/set-registration
+application/set-registration-initiation
+application/sgml
+application/sgml-open-catalog
+application/sieve
+application/sla stl
+application/slate
+application/smil+xml smi smil
+application/timestamp-query
+application/timestamp-reply
+application/vemmi
+application/whoispp-query
+application/whoispp-response
+application/wita
+application/x400-bp
+application/xhtml+xml xhtml xht
+application/xml xml xsd
+application/xml-dtd
+application/xml-external-parsed-entity
+application/xslt+xml xsl xslt
+application/xspf+xml xspf
+application/zip zip
+application/vnd.3M.Post-it-Notes
+application/vnd.accpac.simply.aso
+application/vnd.accpac.simply.imp
+application/vnd.acucobol
+application/vnd.aether.imp
+application/vnd.android.package-archive apk
+application/vnd.anser-web-certificate-issue-initiation
+application/vnd.anser-web-funds-transfer-initiation
+application/vnd.audiograph
+application/vnd.bmi
+application/vnd.businessobjects
+application/vnd.canon-cpdl
+application/vnd.canon-lips
+application/vnd.cinderella cdy
+application/vnd.claymore
+application/vnd.commerce-battelle
+application/vnd.commonspace
+application/vnd.comsocaller
+application/vnd.contact.cmsg
+application/vnd.cosmocaller
+application/vnd.ctc-posml
+application/vnd.cups-postscript
+application/vnd.cups-raster
+application/vnd.cups-raw
+application/vnd.cybank
+application/vnd.debian.binary-package deb ddeb udeb
+application/vnd.dna
+application/vnd.dpgraph
+application/vnd.dxr
+application/vnd.ecdis-update
+application/vnd.ecowin.chart
+application/vnd.ecowin.filerequest
+application/vnd.ecowin.fileupdate
+application/vnd.ecowin.series
+application/vnd.ecowin.seriesrequest
+application/vnd.ecowin.seriesupdate
+application/vnd.enliven
+application/vnd.epson.esf
+application/vnd.epson.msf
+application/vnd.epson.quickanime
+application/vnd.epson.salt
+application/vnd.epson.ssf
+application/vnd.ericsson.quickcall
+application/vnd.eudora.data
+application/vnd.fdf
+application/vnd.ffsns
+application/vnd.flographit
+application/vnd.font-fontforge-sfd sfd
+application/vnd.framemaker
+application/vnd.fsc.weblaunch
+application/vnd.fujitsu.oasys
+application/vnd.fujitsu.oasys2
+application/vnd.fujitsu.oasys3
+application/vnd.fujitsu.oasysgp
+application/vnd.fujitsu.oasysprs
+application/vnd.fujixerox.ddd
+application/vnd.fujixerox.docuworks
+application/vnd.fujixerox.docuworks.binder
+application/vnd.fut-misnet
+application/vnd.google-earth.kml+xml kml
+application/vnd.google-earth.kmz kmz
+application/vnd.grafeq
+application/vnd.groove-account
+application/vnd.groove-identity-message
+application/vnd.groove-injector
+application/vnd.groove-tool-message
+application/vnd.groove-tool-template
+application/vnd.groove-vcard
+application/vnd.hhe.lesson-player
+application/vnd.hp-HPGL
+application/vnd.hp-PCL
+application/vnd.hp-PCLXL
+application/vnd.hp-hpid
+application/vnd.hp-hps
+application/vnd.httphone
+application/vnd.hzn-3d-crossword
+application/vnd.ibm.MiniPay
+application/vnd.ibm.afplinedata
+application/vnd.ibm.modcap
+application/vnd.informix-visionary
+application/vnd.intercon.formnet
+application/vnd.intertrust.digibox
+application/vnd.intertrust.nncp
+application/vnd.intu.qbo
+application/vnd.intu.qfx
+application/vnd.irepository.package+xml
+application/vnd.is-xpr
+application/vnd.japannet-directory-service
+application/vnd.japannet-jpnstore-wakeup
+application/vnd.japannet-payment-wakeup
+application/vnd.japannet-registration
+application/vnd.japannet-registration-wakeup
+application/vnd.japannet-setstore-wakeup
+application/vnd.japannet-verification
+application/vnd.japannet-verification-wakeup
+application/vnd.koan
+application/vnd.lotus-1-2-3
+application/vnd.lotus-approach
+application/vnd.lotus-freelance
+application/vnd.lotus-notes
+application/vnd.lotus-organizer
+application/vnd.lotus-screencam
+application/vnd.lotus-wordpro
+application/vnd.mcd
+application/vnd.mediastation.cdkey
+application/vnd.meridian-slingshot
+application/vnd.mif
+application/vnd.minisoft-hp3000-save
+application/vnd.mitsubishi.misty-guard.trustweb
+application/vnd.mobius.daf
+application/vnd.mobius.dis
+application/vnd.mobius.msl
+application/vnd.mobius.plc
+application/vnd.mobius.txf
+application/vnd.motorola.flexsuite
+application/vnd.motorola.flexsuite.adsi
+application/vnd.motorola.flexsuite.fis
+application/vnd.motorola.flexsuite.gotap
+application/vnd.motorola.flexsuite.kmr
+application/vnd.motorola.flexsuite.ttc
+application/vnd.motorola.flexsuite.wem
+application/vnd.mozilla.xul+xml xul
+application/vnd.ms-artgalry
+application/vnd.ms-asf
+application/vnd.ms-excel xls xlb xlt
+application/vnd.ms-excel.addin.macroEnabled.12 xlam
+application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
+application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
+application/vnd.ms-excel.template.macroEnabled.12 xltm
+application/vnd.ms-fontobject eot
+application/vnd.ms-lrm
+application/vnd.ms-officetheme thmx
+application/vnd.ms-pki.seccat cat
+#application/vnd.ms-pki.stl stl
+application/vnd.ms-powerpoint ppt pps
+application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
+application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
+application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm
+application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
+application/vnd.ms-powerpoint.template.macroEnabled.12 potm
+application/vnd.ms-project
+application/vnd.ms-tnef
+application/vnd.ms-word.document.macroEnabled.12 docm
+application/vnd.ms-word.template.macroEnabled.12 dotm
+application/vnd.ms-works
+application/vnd.mseq
+application/vnd.msign
+application/vnd.music-niff
+application/vnd.musician
+application/vnd.netfpx
+application/vnd.noblenet-directory
+application/vnd.noblenet-sealer
+application/vnd.noblenet-web
+application/vnd.novadigm.EDM
+application/vnd.novadigm.EDX
+application/vnd.novadigm.EXT
+application/vnd.oasis.opendocument.chart odc
+application/vnd.oasis.opendocument.database odb
+application/vnd.oasis.opendocument.formula odf
+application/vnd.oasis.opendocument.graphics odg
+application/vnd.oasis.opendocument.graphics-template otg
+application/vnd.oasis.opendocument.image odi
+application/vnd.oasis.opendocument.presentation odp
+application/vnd.oasis.opendocument.presentation-template otp
+application/vnd.oasis.opendocument.spreadsheet ods
+application/vnd.oasis.opendocument.spreadsheet-template ots
+application/vnd.oasis.opendocument.text odt
+application/vnd.oasis.opendocument.text-master odm
+application/vnd.oasis.opendocument.text-template ott
+application/vnd.oasis.opendocument.text-web oth
+application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
+application/vnd.openxmlformats-officedocument.presentationml.slide sldx
+application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
+application/vnd.openxmlformats-officedocument.presentationml.template potx
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
+application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
+application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
+application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
+application/vnd.osa.netdeploy
+application/vnd.palm
+application/vnd.pg.format
+application/vnd.pg.osasli
+application/vnd.powerbuilder6
+application/vnd.powerbuilder6-s
+application/vnd.powerbuilder7
+application/vnd.powerbuilder7-s
+application/vnd.powerbuilder75
+application/vnd.powerbuilder75-s
+application/vnd.previewsystems.box
+application/vnd.publishare-delta-tree
+application/vnd.pvi.ptid1
+application/vnd.pwg-xhtml-print+xml
+application/vnd.rapid
+application/vnd.rim.cod cod
+application/vnd.s3sms
+application/vnd.seemail
+application/vnd.shana.informed.formdata
+application/vnd.shana.informed.formtemplate
+application/vnd.shana.informed.interchange
+application/vnd.shana.informed.package
+application/vnd.smaf mmf
+application/vnd.sss-cod
+application/vnd.sss-dtf
+application/vnd.sss-ntf
+application/vnd.stardivision.calc sdc
+application/vnd.stardivision.chart sds
+application/vnd.stardivision.draw sda
+application/vnd.stardivision.impress sdd
+application/vnd.stardivision.math sdf
+application/vnd.stardivision.writer sdw
+application/vnd.stardivision.writer-global sgl
+application/vnd.street-stream
+application/vnd.sun.xml.calc sxc
+application/vnd.sun.xml.calc.template stc
+application/vnd.sun.xml.draw sxd
+application/vnd.sun.xml.draw.template std
+application/vnd.sun.xml.impress sxi
+application/vnd.sun.xml.impress.template sti
+application/vnd.sun.xml.math sxm
+application/vnd.sun.xml.writer sxw
+application/vnd.sun.xml.writer.global sxg
+application/vnd.sun.xml.writer.template stw
+application/vnd.svd
+application/vnd.swiftview-ics
+application/vnd.symbian.install sis
+application/vnd.tcpdump.pcap cap pcap
+application/vnd.triscape.mxs
+application/vnd.trueapp
+application/vnd.truedoc
+application/vnd.tve-trigger
+application/vnd.ufdl
+application/vnd.uplanet.alert
+application/vnd.uplanet.alert-wbxml
+application/vnd.uplanet.bearer-choice
+application/vnd.uplanet.bearer-choice-wbxml
+application/vnd.uplanet.cacheop
+application/vnd.uplanet.cacheop-wbxml
+application/vnd.uplanet.channel
+application/vnd.uplanet.channel-wbxml
+application/vnd.uplanet.list
+application/vnd.uplanet.list-wbxml
+application/vnd.uplanet.listcmd
+application/vnd.uplanet.listcmd-wbxml
+application/vnd.uplanet.signal
+application/vnd.vcx
+application/vnd.vectorworks
+application/vnd.vidsoft.vidconference
+application/vnd.visio vsd vst vsw vss
+application/vnd.vividence.scriptfile
+application/vnd.wap.sic
+application/vnd.wap.slc
+application/vnd.wap.wbxml wbxml
+application/vnd.wap.wmlc wmlc
+application/vnd.wap.wmlscriptc wmlsc
+application/vnd.webturbo
+application/vnd.wordperfect wpd
+application/vnd.wordperfect5.1 wp5
+application/vnd.wrq-hp3000-labelled
+application/vnd.wt.stf
+application/vnd.xara
+application/vnd.xfdl
+application/vnd.yellowriver-custom-menu
+application/zlib
+application/x-123 wk
+application/x-7z-compressed 7z
+application/x-abiword abw
+application/x-apple-diskimage dmg
+application/x-bcpio bcpio
+application/x-bittorrent torrent
+application/x-cab cab
+application/x-cbr cbr
+application/x-cbz cbz
+application/x-cdf cdf cda
+application/x-cdlink vcd
+application/x-chess-pgn pgn
+application/x-comsol mph
+application/x-core
+application/x-cpio cpio
+application/x-csh csh
+application/x-debian-package deb udeb
+application/x-director dcr dir dxr
+application/x-dms dms
+application/x-doom wad
+application/x-dvi dvi
+application/x-executable
+application/x-font pfa pfb gsf
+application/x-font-pcf pcf pcf.Z
+application/x-freemind mm
+application/x-futuresplash spl
+application/x-ganttproject gan
+application/x-gnumeric gnumeric
+application/x-go-sgf sgf
+application/x-graphing-calculator gcf
+application/x-gtar gtar
+application/x-gtar-compressed tgz taz
+application/x-hdf hdf
+#application/x-httpd-eruby rhtml
+#application/x-httpd-php phtml pht php
+#application/x-httpd-php-source phps
+#application/x-httpd-php3 php3
+#application/x-httpd-php3-preprocessed php3p
+#application/x-httpd-php4 php4
+#application/x-httpd-php5 php5
+application/x-hwp hwp
+application/x-ica ica
+application/x-info info
+application/x-internet-signup ins isp
+application/x-iphone iii
+application/x-iso9660-image iso
+application/x-jam jam
+application/x-java-applet
+application/x-java-bean
+application/x-java-jnlp-file jnlp
+application/x-jmol jmz
+application/x-kchart chrt
+application/x-kdelnk
+application/x-killustrator kil
+application/x-koan skp skd skt skm
+application/x-kpresenter kpr kpt
+application/x-kspread ksp
+application/x-kword kwd kwt
+application/x-latex latex
+application/x-lha lha
+application/x-lyx lyx
+application/x-lzh lzh
+application/x-lzx lzx
+application/x-maker frm maker frame fm fb book fbdoc
+application/x-mif mif
+application/x-mpegURL m3u8
+application/x-ms-wmd wmd
+application/x-ms-wmz wmz
+application/x-msdos-program com exe bat dll
+application/x-msi msi
+application/x-netcdf nc
+application/x-ns-proxy-autoconfig pac
+application/x-nwc nwc
+application/x-object o
+application/x-oz-application oza
+application/x-pkcs7-certreqresp p7r
+application/x-pkcs7-crl crl
+application/x-python-code pyc pyo
+application/x-qgis qgs shp shx
+application/x-quicktimeplayer qtl
+application/x-rdp rdp
+application/x-redhat-package-manager rpm
+application/x-rss+xml rss
+application/x-ruby rb
+application/x-rx
+application/x-scilab sci sce
+application/x-scilab-xcos xcos
+application/x-sh sh
+application/x-shar shar
+application/x-shellscript
+application/x-shockwave-flash swf swfl
+application/x-silverlight scr
+application/x-sql sql
+application/x-stuffit sit sitx
+application/x-sv4cpio sv4cpio
+application/x-sv4crc sv4crc
+application/x-tar tar
+application/x-tcl tcl
+application/x-tex-gf gf
+application/x-tex-pk pk
+application/x-texinfo texinfo texi
+application/x-trash ~ % bak old sik
+application/x-troff t tr roff
+application/x-troff-man man
+application/x-troff-me me
+application/x-troff-ms ms
+application/x-ustar ustar
+application/x-videolan
+application/x-wais-source src
+application/x-wingz wz
+application/x-x509-ca-cert crt
+application/x-xcf xcf
+application/x-xfig fig
+application/x-xpinstall xpi
+application/x-xz xz
+
+audio/32kadpcm
+audio/3gpp
+audio/amr amr
+audio/amr-wb awb
+audio/annodex axa
+audio/basic au snd
+audio/csound csd orc sco
+audio/flac flac
+audio/g.722.1
+audio/l16
+audio/midi mid midi kar
+audio/mp4a-latm
+audio/mpa-robust
+audio/mpeg mpga mpega mp2 mp3 m4a
+audio/mpegurl m3u
+audio/ogg oga ogg opus spx
+audio/parityfec
+audio/prs.sid sid
+audio/telephone-event
+audio/tone
+audio/vnd.cisco.nse
+audio/vnd.cns.anp1
+audio/vnd.cns.inf1
+audio/vnd.digital-winds
+audio/vnd.everad.plj
+audio/vnd.lucent.voice
+audio/vnd.nortel.vbk
+audio/vnd.nuera.ecelp4800
+audio/vnd.nuera.ecelp7470
+audio/vnd.nuera.ecelp9600
+audio/vnd.octel.sbc
+audio/vnd.qcelp
+audio/vnd.rhetorex.32kadpcm
+audio/vnd.vmx.cvsd
+audio/x-aiff aif aiff aifc
+audio/x-gsm gsm
+audio/x-mpegurl m3u
+audio/x-ms-wma wma
+audio/x-ms-wax wax
+audio/x-pn-realaudio-plugin
+audio/x-pn-realaudio ra rm ram
+audio/x-realaudio ra
+audio/x-scpls pls
+audio/x-sd2 sd2
+audio/x-wav wav
+
+chemical/x-alchemy alc
+chemical/x-cache cac cache
+chemical/x-cache-csf csf
+chemical/x-cactvs-binary cbin cascii ctab
+chemical/x-cdx cdx
+chemical/x-cerius cer
+chemical/x-chem3d c3d
+chemical/x-chemdraw chm
+chemical/x-cif cif
+chemical/x-cmdf cmdf
+chemical/x-cml cml
+chemical/x-compass cpa
+chemical/x-crossfire bsd
+chemical/x-csml csml csm
+chemical/x-ctx ctx
+chemical/x-cxf cxf cef
+#chemical/x-daylight-smiles smi
+chemical/x-embl-dl-nucleotide emb embl
+chemical/x-galactic-spc spc
+chemical/x-gamess-input inp gam gamin
+chemical/x-gaussian-checkpoint fch fchk
+chemical/x-gaussian-cube cub
+chemical/x-gaussian-input gau gjc gjf
+chemical/x-gaussian-log gal
+chemical/x-gcg8-sequence gcg
+chemical/x-genbank gen
+chemical/x-hin hin
+chemical/x-isostar istr ist
+chemical/x-jcamp-dx jdx dx
+chemical/x-kinemage kin
+chemical/x-macmolecule mcm
+chemical/x-macromodel-input mmd mmod
+chemical/x-mdl-molfile mol
+chemical/x-mdl-rdfile rd
+chemical/x-mdl-rxnfile rxn
+chemical/x-mdl-sdfile sd sdf
+chemical/x-mdl-tgf tgf
+#chemical/x-mif mif
+chemical/x-mmcif mcif
+chemical/x-mol2 mol2
+chemical/x-molconn-Z b
+chemical/x-mopac-graph gpt
+chemical/x-mopac-input mop mopcrt mpc zmt
+chemical/x-mopac-out moo
+chemical/x-mopac-vib mvb
+chemical/x-ncbi-asn1 asn
+chemical/x-ncbi-asn1-ascii prt ent
+chemical/x-ncbi-asn1-binary val aso
+chemical/x-ncbi-asn1-spec asn
+chemical/x-pdb pdb ent
+chemical/x-rosdal ros
+chemical/x-swissprot sw
+chemical/x-vamas-iso14976 vms
+chemical/x-vmd vmd
+chemical/x-xtel xtel
+chemical/x-xyz xyz
+
+image/cgm
+image/g3fax
+image/gif gif
+image/ief ief
+image/jp2 jp2 jpg2
+image/jpeg jpeg jpg jpe
+image/jpm jpm
+image/jpx jpx jpf
+image/naplps
+image/pcx pcx
+image/png png
+image/prs.btif
+image/prs.pti
+image/svg+xml svg svgz
+image/tiff tiff tif
+image/vnd.cns.inf2
+image/vnd.djvu djvu djv
+image/vnd.dwg
+image/vnd.dxf
+image/vnd.fastbidsheet
+image/vnd.fpx
+image/vnd.fst
+image/vnd.fujixerox.edmics-mmr
+image/vnd.fujixerox.edmics-rlc
+image/vnd.microsoft.icon ico
+image/vnd.mix
+image/vnd.net-fpx
+image/vnd.svf
+image/vnd.wap.wbmp wbmp
+image/vnd.xiff
+image/x-canon-cr2 cr2
+image/x-canon-crw crw
+image/x-cmu-raster ras
+image/x-coreldraw cdr
+image/x-coreldrawpattern pat
+image/x-coreldrawtemplate cdt
+image/x-corelphotopaint cpt
+image/x-epson-erf erf
+image/x-icon
+image/x-jg art
+image/x-jng jng
+image/x-ms-bmp bmp
+image/x-nikon-nef nef
+image/x-olympus-orf orf
+image/x-photoshop psd
+image/x-portable-anymap pnm
+image/x-portable-bitmap pbm
+image/x-portable-graymap pgm
+image/x-portable-pixmap ppm
+image/x-rgb rgb
+image/x-xbitmap xbm
+image/x-xpixmap xpm
+image/x-xwindowdump xwd
+
+inode/chardevice
+inode/blockdevice
+inode/directory-locked
+inode/directory
+inode/fifo
+inode/socket
+
+message/delivery-status
+message/disposition-notification
+message/external-body
+message/http
+message/s-http
+message/news
+message/partial
+message/rfc822 eml
+
+model/iges igs iges
+model/mesh msh mesh silo
+model/vnd.dwf
+model/vnd.flatland.3dml
+model/vnd.gdl
+model/vnd.gs-gdl
+model/vnd.gtw
+model/vnd.mts
+model/vnd.vtu
+model/vrml wrl vrml
+model/x3d+vrml x3dv
+model/x3d+xml x3d
+model/x3d+binary x3db
+
+multipart/alternative
+multipart/appledouble
+multipart/byteranges
+multipart/digest
+multipart/encrypted
+multipart/form-data
+multipart/header-set
+multipart/mixed
+multipart/parallel
+multipart/related
+multipart/report
+multipart/signed
+multipart/voice-message
+
+text/cache-manifest appcache
+text/calendar ics icz
+text/css css
+text/csv csv
+text/directory
+text/english
+text/enriched
+text/h323 323
+text/html html htm shtml
+text/iuls uls
+text/mathml mml
+text/parityfec
+text/plain asc txt text pot brf srt
+text/prs.lines.tag
+text/rfc822-headers
+text/richtext rtx
+text/rtf
+text/scriptlet sct wsc
+text/t140
+text/texmacs tm
+text/tab-separated-values tsv
+text/turtle ttl
+text/uri-list
+text/vcard vcf vcard
+text/vnd.abc
+text/vnd.curl
+text/vnd.debian.copyright
+text/vnd.DMClientScript
+text/vnd.flatland.3dml
+text/vnd.fly
+text/vnd.fmi.flexstor
+text/vnd.in3d.3dml
+text/vnd.in3d.spot
+text/vnd.IPTC.NewsML
+text/vnd.IPTC.NITF
+text/vnd.latex-z
+text/vnd.motorola.reflex
+text/vnd.ms-mediapackage
+text/vnd.sun.j2me.app-descriptor jad
+text/vnd.wap.si
+text/vnd.wap.sl
+text/vnd.wap.wml wml
+text/vnd.wap.wmlscript wmls
+text/x-bibtex bib
+text/x-boo boo
+text/x-c++hdr h++ hpp hxx hh
+text/x-c++src c++ cpp cxx cc
+text/x-chdr h
+text/x-component htc
+text/x-crontab
+text/x-csh csh
+text/x-csrc c
+text/x-dsrc d
+text/x-diff diff patch
+text/x-haskell hs
+text/x-java java
+text/x-lilypond ly
+text/x-literate-haskell lhs
+text/x-makefile
+text/x-moc moc
+text/x-pascal p pas
+text/x-pcs-gcd gcd
+text/x-perl pl pm
+text/x-python py
+text/x-scala scala
+text/x-server-parsed-html
+text/x-setext etx
+text/x-sfv sfv
+text/x-sh sh
+text/x-tcl tcl tk
+text/x-tex tex ltx sty cls
+text/x-vcalendar vcs
+
+video/3gpp 3gp
+video/annodex axv
+video/dl dl
+video/dv dif dv
+video/fli fli
+video/gl gl
+video/mpeg mpeg mpg mpe
+video/MP2T ts
+video/mp4 mp4
+video/quicktime qt mov
+video/mp4v-es
+video/ogg ogv
+video/parityfec
+video/pointer
+video/webm webm
+video/vnd.fvt
+video/vnd.motorola.video
+video/vnd.motorola.videop
+video/vnd.mpegurl mxu
+video/vnd.mts
+video/vnd.nokia.interleaved-multimedia
+video/vnd.vivo
+video/x-flv flv
+video/x-la-asf lsf lsx
+video/x-mng mng
+video/x-ms-asf asf asx
+video/x-ms-wm wm
+video/x-ms-wmv wmv
+video/x-ms-wmx wmx
+video/x-ms-wvx wvx
+video/x-msvideo avi
+video/x-sgi-movie movie
+video/x-matroska mpv mkv
+
+x-conference/x-cooltalk ice
+
+x-epoc/x-sisx-app sisx
+x-world/x-vrml vrm vrml wrl
--- /dev/null
+[defaults]
+ base_features = sparse_super,filetype,resize_inode,dir_index,ext_attr
+ default_mntopts = acl,user_xattr
+ enable_periodic_fsck = 0
+ blocksize = 4096
+ inode_size = 256
+ inode_ratio = 16384
+
+[fs_types]
+ ext3 = {
+ features = has_journal
+ }
+ ext4 = {
+ features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize
+ auto_64-bit_support = 1
+ inode_size = 256
+ }
+ ext4dev = {
+ features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize
+ inode_size = 256
+ options = test_fs=1
+ }
+ small = {
+ blocksize = 1024
+ inode_size = 128
+ inode_ratio = 4096
+ }
+ floppy = {
+ blocksize = 1024
+ inode_size = 128
+ inode_ratio = 8192
+ }
+ big = {
+ inode_ratio = 32768
+ }
+ huge = {
+ inode_ratio = 65536
+ }
+ news = {
+ inode_ratio = 4096
+ }
+ largefile = {
+ inode_ratio = 1048576
+ blocksize = -1
+ }
+ largefile4 = {
+ inode_ratio = 4194304
+ blocksize = -1
+ }
+ hurd = {
+ blocksize = 4096
+ inode_size = 128
+ }
--- /dev/null
+# This file blacklists most old-style PCI framebuffer drivers.
+
+blacklist arkfb
+blacklist aty128fb
+blacklist atyfb
+blacklist radeonfb
+blacklist cirrusfb
+blacklist cyber2000fb
+blacklist kyrofb
+blacklist matroxfb_base
+blacklist mb862xxfb
+blacklist neofb
+blacklist pm2fb
+blacklist pm3fb
+blacklist s3fb
+blacklist savagefb
+blacklist sisfb
+blacklist tdfxfb
+blacklist tridentfb
+blacklist vt8623fb
--- /dev/null
+# /etc/modules: kernel modules to load at boot time.
+#
+# This file contains the names of kernel modules that should be loaded
+# at boot time, one per line. Lines beginning with "#" are ignored.
+
--- /dev/null
+Debian GNU/Linux 8.6 (jessie)
+ _ _ _
+| \ | |___/ |
+| \| / __| |
+| |\ \__ \ |
+|_| \_|___/_|
+
+
+Tut der Bauer stark vergreisen, darf er nach Mallorca reisen.
+
+Today is Sweetmorn, the 14th day of The Aftermath in the YOLD 3182
+
--- /dev/null
+ _ _ _
+| \ | |___/ |
+| \| / __| |
+| |\ \__ \ |
+|_| \_|___/_|
+
--- /dev/null
+# MariaDB-specific config file.
+# Read by /etc/mysql/my.cnf
+
+[client]
+# Default is Latin1, if you need UTF-8 set this (also in server section)
+#default-character-set = utf8
+
+[mysqld]
+#
+# * Character sets
+#
+# Default is Latin1, if you need UTF-8 set all this (also in client section)
+#
+#character-set-server = utf8
+#collation-server = utf8_general_ci
+#character_set_server = utf8
+#collation_server = utf8_general_ci
--- /dev/null
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+#
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+[client]
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+# This was formally known as [safe_mysqld]. Both versions are currently parsed.
+[mysqld_safe]
+socket = /var/run/mysqld/mysqld.sock
+nice = 0
+
+[mysqld]
+#
+# * Basic Settings
+#
+user = mysql
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+port = 3306
+basedir = /usr
+datadir = /var/lib/mysql
+tmpdir = /tmp
+lc-messages-dir = /usr/share/mysql
+skip-external-locking
+#
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address = 127.0.0.1
+#
+# * Fine Tuning
+#
+key_buffer = 16M
+max_allowed_packet = 16M
+thread_stack = 192K
+thread_cache_size = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+myisam-recover = BACKUP
+#max_connections = 100
+#table_cache = 64
+#thread_concurrency = 10
+#
+# * Query Cache Configuration
+#
+query_cache_limit = 1M
+query_cache_size = 16M
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file = /var/log/mysql/mysql.log
+#general_log = 1
+#
+# Error log - should be very few entries.
+#
+log_error = /var/log/mysql/error.log
+#
+# Here you can see queries with especially long duration
+#slow_query_log_file = /var/log/mysql/mysql-slow.log
+#slow_query_log = 1
+#long_query_time = 2
+#log_queries_not_using_indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+# other settings you may need to change.
+#server-id = 1
+#log_bin = /var/log/mysql/mysql-bin.log
+expire_logs_days = 10
+max_binlog_size = 100M
+#binlog_do_db = include_database_name
+#binlog_ignore_db = include_database_name
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
+
+
+
+[mysqldump]
+quick
+quote-names
+max_allowed_packet = 16M
+
+[mysql]
+#no-auto-rehash # faster start of mysql but no tab completition
+
+[isamchk]
+key_buffer = 16M
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+# The files must end with '.cnf', otherwise they'll be ignored.
+#
+!includedir /etc/mysql/conf.d/
--- /dev/null
+## Sample initialization file for GNU nano.
+##
+## Please note that you must have configured nano with --enable-nanorc
+## for this file to be read! Also note that this file should not be in
+## DOS or Mac format, and that characters specially interpreted by the
+## shell should not be escaped here.
+##
+## To make sure a value is disabled, use "unset <option>".
+##
+## For the options that take parameters, the default value is given.
+## Other options are unset by default.
+##
+## Quotes inside string parameters don't have to be escaped with
+## backslashes. The last double quote in the string will be treated as
+## its end. For example, for the "brackets" option, ""')>]}" will match
+## ", ', ), >, ], and }.
+
+## Use auto-indentation.
+# set autoindent
+
+## Backup files to filename~.
+# set backup
+
+## The directory to put unique backup files in.
+# set backupdir ""
+
+## Do backwards searches by default.
+# set backwards
+
+## Use bold text instead of reverse video text.
+# set boldtext
+
+## The characters treated as closing brackets when justifying
+## paragraphs. They cannot contain blank characters. Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set brackets ""')>]}"
+
+## Do case sensitive searches by default.
+# set casesensitive
+
+## Constantly display the cursor position in the statusbar. Note that
+## this overrides "quickblank".
+# set const
+
+## Use cut to end of line by default.
+# set cut
+
+## Set the line length for wrapping text and justifying paragraphs.
+## If fill is 0 or less, the line length will be the screen width less
+## this number.
+##
+# set fill -8
+
+## Enable ~/.nano_history for saving and reading search/replace strings.
+set historylog
+
+## The opening and closing brackets that can be found by bracket
+## searches. They cannot contain blank characters. The former set must
+## come before the latter set, and both must be in the same order.
+##
+# set matchbrackets "(<[{)>]}"
+
+## Use the blank line below the titlebar as extra editing space.
+# set morespace
+
+## Enable mouse support, if available for your system. When enabled,
+## mouse clicks can be used to place the cursor, set the mark (with a
+## double click), and execute shortcuts. The mouse will work in the X
+## Window System, and on the console when gpm is running.
+##
+# set mouse
+
+## Allow multiple file buffers (inserting a file will put it into a
+## separate buffer). You must have configured with --enable-multibuffer
+## for this to work.
+##
+# set multibuffer
+
+## Don't convert files from DOS/Mac format.
+# set noconvert
+
+## Don't follow symlinks when writing files.
+# set nofollow
+
+## Don't display the helpful shortcut lists at the bottom of the screen.
+# set nohelp
+
+## Don't add newlines to the ends of files.
+# set nonewlines
+
+## Don't wrap text at all.
+set nowrap
+
+## Set operating directory. nano will not read or write files outside
+## this directory and its subdirectories. Also, the current directory
+## is changed to here, so any files are inserted from this dir. A blank
+## string means the operating directory feature is turned off.
+##
+# set operatingdir ""
+
+## Preserve the XON and XOFF keys (^Q and ^S).
+# set preserve
+
+## The characters treated as closing punctuation when justifying
+## paragraphs. They cannot contain blank characters. Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set punct "!.?"
+
+## Do quick statusbar blanking. Statusbar messages will disappear after
+## 1 keystroke instead of 26. Note that "const" overrides this.
+##
+# set quickblank
+
+## The email-quote string, used to justify email-quoted paragraphs.
+## This is an extended regular expression if your system supports them,
+## otherwise a literal string. Default:
+# set quotestr "^([ ]*[#:>\|}])+"
+## if you have extended regular expression support, otherwise:
+# set quotestr "> "
+
+## Fix Backspace/Delete confusion problem.
+# set rebinddelete
+
+## Fix numeric keypad key confusion problem.
+# set rebindkeypad
+
+## Do extended regular expression searches by default.
+# set regexp
+
+## Make the Home key smarter. When Home is pressed anywhere but at the
+## very beginning of non-whitespace characters on a line, the cursor
+## will jump to that beginning (either forwards or backwards). If the
+## cursor is already at that position, it will jump to the true
+## beginning of the line.
+# set smarthome
+
+## Use smooth scrolling as the default.
+# set smooth
+
+## Use this spelling checker instead of the internal one. This option
+## does not properly have a default value.
+##
+# set speller "aspell -x -c"
+
+## Allow nano to be suspended.
+set suspend
+
+## Use this tab size instead of the default; it must be greater than 0.
+# set tabsize 8
+
+## Convert typed tabs to spaces.
+# set tabstospaces
+
+## Save automatically on exit, don't prompt.
+# set tempfile
+
+## Disallow file modification. Why would you want this in an rcfile? ;)
+# set view
+
+## The two single-column characters used to display the first characters
+## of tabs and spaces. 187 in ISO 8859-1 (0000BB in Unicode) and 183 in
+## ISO-8859-1 (0000B7 in Unicode) seem to be good values for these.
+# set whitespace " "
+
+## Detect word boundaries more accurately by treating punctuation
+## characters as parts of words.
+# set wordbounds
+
+## Enable the new (EXPERIMENTAL) generic undo code, not just for line cuts
+# set undo
+
+## Enable soft line wrapping (AKA full line display)
+# set softwrap
+
+
+## Color setup
+##
+## Format:
+##
+## syntax "short description" ["filename regex" ...]
+##
+## The "none" syntax is reserved; specifying it on the command line is
+## the same as not having a syntax at all. The "default" syntax is
+## special: it takes no filename regexes, and applies to files that
+## don't match any other syntax's filename regexes.
+##
+## color foreground,background "regex" ["regex"...]
+## or
+## icolor foreground,background "regex" ["regex"...]
+##
+## "color" will do case sensitive matches, while "icolor" will do case
+## insensitive matches.
+##
+## Valid colors: white, black, red, blue, green, yellow, magenta, cyan.
+## For foreground colors, you may use the prefix "bright" to get a
+## stronger highlight.
+##
+## To use multi-line regexes, use the start="regex" end="regex"
+## [start="regex" end="regex"...] format.
+##
+## If your system supports transparency, not specifying a background
+## color will use a transparent color. If you don't want this, be sure
+## to set the background color to black or white.
+##
+## If you wish, you may put your syntaxes in separate files. You can
+## make use of such files (which can only include "syntax", "color", and
+## "icolor" commands) as follows:
+##
+## include "/path/to/syntax_file.nanorc"
+##
+## Unless otherwise noted, the name of the syntax file (without the
+## ".nanorc" extension) should be the same as the "short description"
+## name inside that file. These names are kept fairly short to make
+## them easier to remember and faster to type using nano's -Y option.
+##
+## All regexes should be extended regular expressions.
+
+## Key bindings
+## Please see nanorc(5) for more details on this
+##
+## Here are some samples to get you going
+##
+# bind M-W nowrap main
+# bind M-A casesens search
+# bind ^S research main
+
+## Set this if your backspace key sends delete most of the time (2.1.3+)
+# bind kdel backspace all
+
+
+## Nanorc files
+include "/usr/share/nano/nanorc.nanorc"
+
+## C/C++
+include "/usr/share/nano/c.nanorc"
+
+## Cascading Style Sheets
+include "/usr/share/nano/css.nanorc"
+
+## Debian files
+include "/usr/share/nano/debian.nanorc"
+
+## Gentoo files
+include "/usr/share/nano/gentoo.nanorc"
+
+## HTML
+include "/usr/share/nano/html.nanorc"
+
+## PHP
+include "/usr/share/nano/php.nanorc"
+
+## TCL
+include "/usr/share/nano/tcl.nanorc"
+
+## TeX
+include "/usr/share/nano/tex.nanorc"
+
+## Quoted emails (under e.g. mutt)
+include "/usr/share/nano/mutt.nanorc"
+
+## Patch files
+include "/usr/share/nano/patch.nanorc"
+
+## Manpages
+include "/usr/share/nano/man.nanorc"
+
+## Groff
+include "/usr/share/nano/groff.nanorc"
+
+## Perl
+include "/usr/share/nano/perl.nanorc"
+
+## Python
+include "/usr/share/nano/python.nanorc"
+
+## Ruby
+include "/usr/share/nano/ruby.nanorc"
+
+## Java
+include "/usr/share/nano/java.nanorc"
+
+## AWK
+include "/usr/share/nano/awk.nanorc"
+
+## Assembler
+include "/usr/share/nano/asm.nanorc"
+
+## Bourne shell scripts
+include "/usr/share/nano/sh.nanorc"
+
+## POV-Ray
+include "/usr/share/nano/pov.nanorc"
+
+## XML-type files
+include "/usr/share/nano/xml.nanorc"
--- /dev/null
+#!/bin/sh -e
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# kick named as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/sbin ]; then
+ exit 0
+fi
+
+# if named is running, reconfig it.
+rndc reconfig >/dev/null 2>&1 &
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# start or reload Postfix as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+if [ -e /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+fi
+
+if ! init_is_upstart; then
+ exit 0
+fi
+
+# Let's ignore meta entries (ifdown -a)
+if [ "$ADDRFAM" = "meta" ]; then
+ exit 0
+fi
+
+initctl emit -n net-device-down \
+ "IFACE=$IFACE" \
+ "LOGICAL=$LOGICAL" \
+ "ADDRFAM=$ADDRFAM" \
+ "METHOD=$METHOD"
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# kick named as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/sbin ]; then
+ exit 0
+fi
+
+# if named is running, reconfig it.
+rndc reconfig >/dev/null 2>&1 &
+
+exit 0
--- /dev/null
+#! /bin/sh
+# Description: Now that TCP/IP is configured, mount the NFS file
+# systems in /etc/fstab if needed. If possible,
+# start the portmapper before mounting (this is needed for
+# Linux 2.1.x and up).
+#
+# Also mounts SMB filesystems now, so the name of
+# this script is getting increasingly inaccurate.
+
+# Skip the mountnfs hook when being triggered by the networking SysV init
+# script and instead use the systemd built-in mechanisms to mount remote
+# file systems.
+# This avoids a deadlock caused by the rpcbind SysV init script depending
+# on $network and the $network LSB facility being provided by the networking
+# SysV init script.
+if [ -d /run/systemd/system ]; then
+ systemctl list-jobs | grep -q network.target && exit 0
+fi
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+set_env() {
+ # Read through fstab line by line. If it is NFS, set the flag
+ # for mounting NFS file systems. If any NFS partition is found
+ # and it not mounted with the nolock option, we start the
+ # portmapper.
+ #
+ # If any sec={krb5,krb5i,krb5p} option is given, or any of the
+ # file systems are nfs4, we'll need to start rpc.gssd and/or
+ # rpc.idmapd too; we'll leave that to nfs-common.
+
+ start_nfs=no
+ NETFS=""
+ NETDEV=""
+ for file in "$(eval ls $(fstab_files))"; do
+ if [ -f "$file" ]; then
+ while read DEV MTPT FSTYPE OPTS REST; do
+ case "$DEV" in
+ ""|\#*)
+ continue
+ ;;
+ esac
+ case "$OPTS" in
+ noauto|*,noauto|noauto,*|*,noauto,*)
+ continue
+ ;;
+ _netdev|*,_netdev|_netdev,*|*,_netdev,*)
+ NETDEV=yes
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs)
+ # NFS filsystems normally
+ # require statd and
+ # portmap. However, if nolock
+ # is set, portmap and statd
+ # are not required for this
+ # file system.
+ case "$OPTS" in
+ nolock|*,nolock|nolock,*|*,nolock,*)
+ # no action
+ ;;
+ *)
+ start_nfs=yes
+ ;;
+ esac
+
+ # However, Kerberos requires
+ # gssd, so start nfs-common
+ # anyway.
+ case "$OPTS" in
+ sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
+ start_nfs=yes
+ ;;
+ esac
+ ;;
+ nfs4)
+ # NFSv4 requires idmapd, so
+ # start nfs-common no matter
+ # what the options are.
+ start_nfs=yes
+ ;;
+ smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs|ceph)
+ ;;
+ *)
+ FSTYPE=
+ ;;
+ esac
+ if [ "$FSTYPE" ]; then
+ case "$NETFS" in
+ $FSTYPE|*,$FSTYPE|$FSTYPE,*|*,$FSTYPE,*)
+ ;;
+ *)
+ NETFS="$NETFS${NETFS:+,}$FSTYPE"
+ ;;
+ esac
+ fi
+ done < "$file"
+ fi
+ done
+}
+
+do_start() {
+ #
+ # Initialize nfs-common (which starts rpc.statd, rpc.gssd
+ # and/or rpc.idmapd, and loads the right kernel modules if
+ # applicable) if we use Kerberos and/or NFSv4 mounts.
+ #
+ if [ "$start_nfs" = yes ] && [ -x /etc/init.d/nfs-common ]
+ then
+ [ -x /etc/init.d/portmap ] && /etc/init.d/portmap start
+ [ -x /etc/init.d/rpcbind ] && /etc/init.d/rpcbind start
+ /etc/init.d/nfs-common start
+ fi
+
+ pre_mountall
+ if [ "$NETFS" ]
+ then
+ mount -a -t$NETFS
+ fi
+ if [ "$NETDEV" ]; then
+ mount -a -O _netdev
+ fi
+ post_mountall
+}
+
+exit_unless_last_interface() {
+ ifaces="$(ifquery --list)"
+ for i in $ifaces ; do
+ if [ "$i" = "lo" ]; then
+ continue
+ fi
+ if ! ifquery --state $i >/dev/null ; then
+ msg="if-up.d/mountnfs[$IFACE]: waiting for interface $i before doing NFS mounts"
+ log_warning_msg "$msg"
+ exit 0
+ fi
+ done
+}
+
+# Using 'no !=' instead of 'yes =' to make sure async nfs mounting is
+# the default even without a value in /etc/default/rcS
+set_env
+# Exit imediately and do not claim to wait for the last interface if
+# no network file systems are listed in /etc/fstab.
+if [ "$start_nfs" = "no" ] && [ ! "$NETFS" ] && [ ! "$NETDEV" ]; then
+ exit 0
+fi
+
+if [ no != "$ASYNCMOUNTNFS" ]; then
+ # Not for loopback!
+ [ "$IFACE" != "lo" ] || exit 0
+
+ [ "$ADDRFAM" = "inet" ] || [ "$ADDRFAM" = "inet6" ] || exit 0
+
+ # Lock around this otherwise insanity may occur
+ mkdir /var/run/network 2>/dev/null || true
+
+ # Wait until all auto interfaces are up before attemting to mount
+ # network file systems.
+ exit_unless_last_interface
+
+ if mkdir /var/run/network/mountnfs 2>/dev/null ; then
+ :
+ else
+ msg="if-up.d/mountnfs[$IFACE]: lock /var/run/network/mountnfs exist, not mounting"
+ log_failure_msg "$msg"
+ # Log if /usr/ is mounted
+ [ -x /usr/bin/logger ] && /usr/bin/logger -t "if-up.d/mountnfs[$IFACE]" "$msg"
+ exit 0
+ fi
+
+ on_exit() {
+ # Clean up lock when script exits, even if it is interrupted
+ rmdir /var/run/network/mountnfs 2>/dev/null || exit 0
+ }
+ trap on_exit EXIT # Enable emergency handler
+ do_start
+elif [ yes = "$FROMINITD" ] ; then
+ do_start
+fi
--- /dev/null
+#! /bin/sh
+# Reload the OpenSSH server when an interface comes up, to allow it to start
+# listening on new addresses.
+
+set -e
+
+# Don't bother to restart sshd when lo is configured.
+if [ "$IFACE" = lo ]; then
+ exit 0
+fi
+
+# Only run from ifup.
+if [ "$MODE" != start ]; then
+ exit 0
+fi
+
+# OpenSSH only cares about inet and inet6. Get ye gone, strange people
+# still using ipx.
+if [ "$ADDRFAM" != inet ] && [ "$ADDRFAM" != inet6 ]; then
+ exit 0
+fi
+
+# Is /usr mounted?
+if [ ! -e /usr/sbin/sshd ]; then
+ exit 0
+fi
+
+if [ ! -f /var/run/sshd.pid ] || \
+ [ "$(ps -p "$(cat /var/run/sshd.pid)" -o comm=)" != sshd ]; then
+ exit 0
+fi
+
+# We'd like to use 'reload' here, but it has some problems; see #502444. On
+# the other hand, repeated restarts of ssh make systemd unhappy
+# (#756547/#757822), so use reload in that case.
+if [ -d /run/systemd/system ]; then
+ action=reload
+else
+ action=restart
+fi
+invoke-rc.d ssh $action >/dev/null 2>&1 || true
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# don't bother to restart postfix when lo is configured.
+if [ "$IFACE" = "lo" ]; then
+ exit 0
+fi
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+# start or reload Postfix as needed
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -n "$RUNNING" ]; then
+ if [ -x /usr/sbin/sendmail ]; then
+ /usr/sbin/sendmail -q >/dev/null 2>&1
+ fi
+fi
--- /dev/null
+#!/bin/sh -e
+MARK_DEV_PREFIX="/run/network/ifup."
+MARK_STATIC_NETWORK_EMITTED="/run/network/static-network-up-emitted"
+
+if [ -e /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+fi
+
+if ! init_is_upstart; then
+ exit 0
+fi
+
+# Let's ignore meta entries (ifup -a)
+if [ "$ADDRFAM" = "meta" ]; then
+ exit 0
+fi
+
+# lo emission handled by /etc/init/network-interface.conf
+if [ "$IFACE" != lo ]; then
+ initctl emit -n net-device-up \
+ "IFACE=$IFACE" \
+ "LOGICAL=$LOGICAL" \
+ "ADDRFAM=$ADDRFAM" \
+ "METHOD=$METHOD"
+fi
+
+get_auto_interfaces() {
+ # write to stdout a list of interfaces configured as 'auto' in interfaces(5)
+ local found=""
+ # stderr redirected as it outputs things like:
+ # Ignoring unknown interface eth0=eth0.
+ found=$(ifquery --list --allow auto 2>/dev/null) || return
+ set -- ${found}
+ echo "$@"
+}
+
+all_interfaces_up() {
+ # return true if all interfaces listed in /etc/network/interfaces as 'auto'
+ # are up. if no interfaces are found there, then "all [given] were up"
+ local prefix="$1" iface=""
+ for iface in $(get_auto_interfaces); do
+ # if cur interface does is not up, then all have not been brought up
+ [ -f "${prefix}${iface}" ] || return 1
+ done
+ return 0
+}
+
+# touch our own "marker" indicating that this interface has been brought up.
+: > "${MARK_DEV_PREFIX}$IFACE"
+
+if all_interfaces_up "${MARK_DEV_PREFIX}" &&
+ mkdir "${MARK_STATIC_NETWORK_EMITTED}" 2>/dev/null; then
+ initctl emit --no-wait static-network-up
+fi
--- /dev/null
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug eth0
+iface eth0 inet dhcp
+
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+iface eth1 inet6 static
+ address 2001:6f8:1db7::2
+ netmask 64
+
+#allow-hotplug eth2
+#iface eth2 inet dhcp
+
+#allow-hotplug eth3
+#iface eth3 inet dhcp
+
+#allow-hotplug eth4
+#iface eth4 inet dhcp
+
+#allow-hotplug eth5
+#iface eth5 inet dhcp
--- /dev/null
+default 0.0.0.0
+loopback 127.0.0.0
+link-local 169.254.0.0
+
--- /dev/null
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc-reference' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
+passwd: compat
+group: compat
+shadow: compat
+gshadow: files
+
+hosts: files dns
+networks: files
+
+protocols: db files
+services: db files
+ethers: db files
+rpc: db files
+
+netgroup: nis
--- /dev/null
+../usr/lib/os-release
\ No newline at end of file
--- /dev/null
+# ---------------------------------------------------------------------------#
+# /etc/pam.conf #
+# ---------------------------------------------------------------------------#
+#
+# NOTE
+# ----
+#
+# NOTE: Most program use a file under the /etc/pam.d/ directory to setup their
+# PAM service modules. This file is used only if that directory does not exist.
+# ---------------------------------------------------------------------------#
+
+# Format:
+# serv. module ctrl module [path] ...[args..] #
+# name type flag #
+
--- /dev/null
+#
+# The PAM configuration file for the Shadow `chfn' service
+#
+
+# This allows root to change user infomation without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- /dev/null
+# The PAM configuration file for the Shadow 'chpasswd' service
+#
+
+@include common-password
+
--- /dev/null
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth required pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
--- /dev/null
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
--- /dev/null
+# The PAM configuration file for the cron daemon
+
+@include common-auth
+
+# Sets the loginuid process attribute
+session required pam_loginuid.so
+
+# Read environment variables from pam_env's default files, /etc/environment
+# and /etc/security/pam_env.conf.
+session required pam_env.so
+
+# In addition, read system locale information
+session required pam_env.so envfile=/etc/default/locale
+
+@include common-account
+@include common-session-noninteractive
+
+# Sets up user limits, please define limits for cron tasks
+# through /etc/security/limits.conf
+session required pam_limits.so
+
--- /dev/null
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the message of the day upon succesful login.
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_exec.so type=open_session stdout /bin/uname -snrvm
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Sets the loginuid process attribute
+session required pam_loginuid.so
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
--- /dev/null
+# The PAM configuration file for the Shadow 'newusers' service
+#
+
+@include common-password
+
--- /dev/null
+#
+# /etc/pam.d/other - specify the PAM fallback behaviour
+#
+# Note that this file is used for any unspecified service; for example
+#if /etc/pam.d/cron specifies no session modules but cron calls
+#pam_open_session, the session module out of /etc/pam.d/other is
+#used. If you really want nothing to happen then use pam_permit.so or
+#pam_deny.so as appropriate.
+
+# We fall back to the system default in /etc/pam.d/common-*
+#
+
+@include common-auth
+@include common-account
+@include common-password
+@include common-session
--- /dev/null
+#
+# The PAM configuration file for the Shadow `passwd' service
+#
+
+@include common-password
+
--- /dev/null
+#%PAM-1.0
+auth sufficient pam_rootok.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
--- /dev/null
+#%PAM-1.0
+auth include runuser
+session optional pam_keyinit.so force revoke
+-session optional pam_systemd.so
+session include runuser
--- /dev/null
+# PAM configuration for the Secure Shell service
+
+# Standard Un*x authentication.
+@include common-auth
+
+# Disallow non-root logins when /etc/nologin exists.
+account required pam_nologin.so
+
+# Uncomment and edit /etc/security/access.conf if you need to set complex
+# access limits that are hard to express in sshd_config.
+# account required pam_access.so
+
+# Standard Un*x authorization.
+@include common-account
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without this it is possible that a
+# module could execute code in the wrong domain.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# Set the loginuid process attribute.
+session required pam_loginuid.so
+
+# Create a new session keyring.
+session optional pam_keyinit.so force revoke
+
+# Standard Un*x session setup and teardown.
+@include common-session
+
+# Print the message of the day upon successful login.
+# This includes a dynamically generated part from /run/motd.dynamic
+# and a static (admin-editable) part from /etc/motd.
+session optional pam_motd.so motd=/run/motd.dynamic
+session optional pam_motd.so noupdate
+
+# Print the status of the user's mailbox upon successful login.
+session optional pam_mail.so standard noenv # [1]
+
+# Set up user limits from /etc/security/limits.conf.
+session required pam_limits.so
+
+# Read environment variables from /etc/environment and
+# /etc/security/pam_env.conf.
+session required pam_env.so # [1]
+# In Debian 4.0 (etch), locale-related environment variables were moved to
+# /etc/default/locale, so read that as well.
+session required pam_env.so user_readenv=1 envfile=/etc/default/locale
+
+# SELinux needs to intervene at login time to ensure that the process starts
+# in the proper default security context. Only sessions which are intended
+# to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+
+# Standard Un*x password updating.
+@include common-password
--- /dev/null
+#
+# The PAM configuration file for the Shadow `su' service
+#
+
+# This allows root to su without passwords (normal operation)
+auth sufficient pam_rootok.so
+
+# Uncomment this to force users to be a member of group root
+# before they can use `su'. You can also add "group=foo"
+# to the end of this line if you want to use a group other
+# than the default "root" (but this may have side effect of
+# denying "root" user, unless she's a member of "foo" or explicitly
+# permitted earlier by e.g. "sufficient pam_rootok.so").
+# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
+# auth required pam_wheel.so
+
+# Uncomment this if you want wheel members to be able to
+# su without a password.
+# auth sufficient pam_wheel.so trust
+
+# Uncomment this if you want members of a specific group to not
+# be allowed to use su at all.
+# auth required pam_wheel.so deny group=nosu
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on su usage.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+#
+# "nopen" stands to avoid reporting new mail when su'ing to another user
+session optional pam_mail.so nopen
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- /dev/null
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session-noninteractive
--- /dev/null
+#%PAM-1.0
+
+# Used by systemd when launching systemd user instances.
+
+@include common-account
+@include common-session-noninteractive
+auth required pam_deny.so
+password required pam_deny.so
+session optional pam_systemd.so
--- /dev/null
+root:x:0:0:root Ns1:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
+bin:x:2:2:bin:/bin:/usr/sbin/nologin
+sys:x:3:3:sys:/dev:/usr/sbin/nologin
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/usr/sbin/nologin
+man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
+lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
+mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
+news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
+uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
+proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
+list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
+irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
+nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
+systemd-timesync:x:100:103:systemd Time Synchronization,,,:/run/systemd:/bin/false
+systemd-network:x:101:104:systemd Network Management,,,:/run/systemd/netif:/bin/false
+systemd-resolve:x:102:105:systemd Resolver,,,:/run/systemd/resolve:/bin/false
+systemd-bus-proxy:x:103:106:systemd Bus Proxy,,,:/run/systemd:/bin/false
+sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
+Debian-exim:x:105:110::/var/spool/exim4:/bin/false
+postfix:x:106:113::/var/spool/postfix:/bin/false
+bind:x:999:999:Bind daemon user,,,:/var/cache/bind:/bin/false
+ulog:x:107:115::/var/log/ulog:/bin/false
+repo:x:1111:100:Repository user ns1,,,:/home/repo:/bin/bash
--- /dev/null
+root:x:0:0:root Ns1:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
+bin:x:2:2:bin:/bin:/usr/sbin/nologin
+sys:x:3:3:sys:/dev:/usr/sbin/nologin
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/usr/sbin/nologin
+man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
+lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
+mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
+news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
+uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
+proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
+list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
+irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
+nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
+systemd-timesync:x:100:103:systemd Time Synchronization,,,:/run/systemd:/bin/false
+systemd-network:x:101:104:systemd Network Management,,,:/run/systemd/netif:/bin/false
+systemd-resolve:x:102:105:systemd Resolver,,,:/run/systemd/resolve:/bin/false
+systemd-bus-proxy:x:103:106:systemd Bus Proxy,,,:/run/systemd:/bin/false
+sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
+Debian-exim:x:105:110::/var/spool/exim4:/bin/false
+postfix:x:106:113::/var/spool/postfix:/bin/false
+bind:x:999:999:Bind daemon user,,,:/var/cache/bind:/bin/false
+ulog:x:107:115::/var/log/ulog:/bin/false
+repo:x:1111:100::/home/repo:/bin/bash
--- /dev/null
+# Prior to perl 5.8.8-7, libnet was a seperate package with a debconf
+# configuration managed config in /etc/libnet.cfg which is used if
+# present. Remove the following line, or the old file before making
+# changes below.
+return do '/etc/libnet.cfg' if -f '/etc/libnet.cfg';
+
+{
+ nntp_hosts => [ qw {} ],
+ snpp_hosts => [ qw {} ],
+ pop3_hosts => [ qw {} ],
+ smtp_hosts => [ qw {} ],
+ ph_hosts => [ qw {} ],
+ daytime_hosts => [ qw {} ],
+ time_hosts => [ qw {} ],
+ inet_domain => undef,
+ ftp_firewall => qq {},
+ ftp_firewall_type => qq {},
+ ftp_ext_passive => 0,
+ ftp_int_passive => 0,
+ local_netmask => qq {},
+}
--- /dev/null
+# This script is only provided as a transition mechanism for
+# removing the current working directory from the library search path
+# in a user-configurable way.
+#
+# It was considered too risky to remove "." from @INC globally in the
+# jessie security update which introduced this file, but administrators
+# are given the option to to override this default by uncommenting the
+# last line of this file.
+#
+# It is hoped that a future update to jessie might change this default,
+# once more is known about the impact on real world Debian systems.
+#
+# However, please note that this facility is expected to be removed after
+# the Debian stretch release, at which point any code in this file will
+# not have any effect.
+#
+# Please see CVE-2016-1238 for background information on the risks
+# of having "." on @INC.
+
+#pop @INC if $INC[-1] eq '.' and !$ENV{PERL_USE_UNSAFE_INC};
--- /dev/null
+#!/bin/sh
+# Restart aiccu if connection is down
+
+CONFIG=/etc/aiccu.conf
+BINARY=/usr/sbin/aiccu
+DEFAULT=/etc/default/aiccu
+P6=/bin/ping6
+
+. "${PM_FUNCTIONS}"
+
+[ -x $BINARY ] || exit $NA
+[ -f $CONFIG ] || exit $NA
+
+# Is aiccu enabled?
+[ -r $DEFAULT ] && . $DEFAULT
+case "$AICCU_ENABLED" in
+ [Nn]*)
+ exit $NA
+ ;;
+esac
+
+# Is aiccu running?
+invoke-rc.d --quiet aiccu status > /dev/null || exit $NA
+
+case "$1" in
+ hibernate|suspend)
+ # Do nothing
+ ;;
+ thaw|resume)
+ # Restart aiccu if ping6 does not exist
+ [ -x $P6 ] || invoke-rc.d aiccu restart
+
+ # Get aiccu ipv6_interface
+ INT=$(grep ^ipv6_interface $CONFIG | cut -d" " -f 2)
+
+ # Ping f.root-servers.net (Internet Systems Consortium; distributed using anycast)
+ # Restart aiccu if ping failed
+ $P6 -I $INT -c 1 f.root-servers.net >/dev/null 2>&1 || invoke-rc.d aiccu restart
+ ;;
+ *) exit $NA
+ ;;
+esac
--- /dev/null
+# Postfix dynamic maps configuration file.
+#
+#type location of .so file open function (mkmap func)
+#==== ================================ ============= ============
+tcp /usr/lib/postfix/dict_tcp.so dict_tcp_open
+sqlite /usr/lib/postfix/dict_sqlite.so dict_sqlite_open
+pcre /usr/lib/postfix/dict_pcre.so dict_pcre_open
--- /dev/null
+# Managed by config management
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific: Specifying a file name will cause the first
+# line of that file to be used as the name. The Debian default
+# is /etc/mailname.
+myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP Frank Brehms Mail Service $mail_name ($mail_version) (Debian/GNU)
+biff = no
+
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = yes
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+# SASL parameters (http://www.postfix.org/SASL_README.html)
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_path = smtpd
+smtpd_sasl_type = cyrus
+smtpd_sasl_local_domain = $myhostname
+smtpd_sasl_security_options =
+ noanonymous,
+ noplaintext,
+smtpd_sasl_tls_security_options =
+ noanonymous,
+smtpd_tls_auth_only = no
+# TLS parameters (http://www.postfix.org/TLS_README.html)
+# Recipient settings
+smtpd_use_tls = yes
+smtpd_tls_loglevel = 1
+smtpd_tls_security_level = may
+smtpd_tls_cert_file = /etc/postfix/postfix.pem
+smtpd_tls_key_file = /etc/postfix/postfix.pem
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtpd_tls_mandatory_ciphers = high
+smtpd_tls_mandatory_exclude_ciphers =
+ aNULL,
+ MD5,
+smtpd_tls_mandatory_protocols =
+ !SSLv2,
+ !SSLv3,
+tls_preempt_cipherlist = yes
+# Relay/Sender settings
+smtp_tls_loglevel = 1
+smtp_tls_security_level = may
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+smtpd_tls_received_header = yes
+smtpd_tls_session_cache_timeout = 3600s
+
+myhostname = ns1.uhu-banane.de
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+mydestination =
+ ns1.uhu-banane.de,
+ ns1.brehm-online.com,
+ localhost.uhu-banane.de,
+ localhost,
+ localhost.localdomain,
+relayhost = [mail.uhu-banane.net]:submission
+mynetworks =
+ 127.0.0.0/8,
+ [::ffff:127.0.0.0]/104,
+ [::1]/128,
+ 185.48.118.128/32,
+ 2001:6f8:1c00:365::2/128,
+ fe80::1:4eff:feed:632a/128,
+ fe80::4f8:1c00:365:2/128,
+ fe80::4caa:9d73:4396:8258/128,
+mailbox_command = procmail -a "$EXTENSION"
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = loopback-only
+inet_protocols = ipv4
+
+message_size_limit = 41943040
+
+smtpd_relay_restrictions =
+ permit_mynetworks,
+ permit_sasl_authenticated,
+ defer_unauth_destination,
+smtpd_recipient_restrictions =
+ permit_mynetworks,
+ permit_sasl_authenticated,
+ reject_unauth_destination,
+smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
+smtp_tls_enforce_peername = no
+smtp_tls_key_file = /etc/postfix/postfix.pem
+smtp_tls_cert_file = /etc/postfix/postfix.pem
+smtp_use_tls = yes
+smtp_sasl_security_options = noanonymous
+smtp_sasl_auth_enable = yes
+smtp_tls_CApath =
+
+unknown_local_recipient_reject_code = 550
+
+# vim: filetype=pfmain
--- /dev/null
+#
+# Postfix master process configuration file. For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type private unpriv chroot wakeup maxproc command + args
+# (yes) (yes) (yes) (never) (100)
+# ==========================================================================
+smtp inet n - - - - smtpd
+#smtp inet n - - - 1 postscreen
+#smtpd pass - - - - - smtpd
+#dnsblog unix - - - - 0 dnsblog
+#tlsproxy unix - - - - 0 tlsproxy
+#submission inet n - - - - smtpd
+# -o syslog_name=postfix/submission
+# -o smtpd_tls_security_level=encrypt
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#smtps inet n - - - - smtpd
+# -o syslog_name=postfix/smtps
+# -o smtpd_tls_wrappermode=yes
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#628 inet n - - - - qmqpd
+pickup unix n - - 60 1 pickup
+cleanup unix n - - - 0 cleanup
+qmgr unix n - n 300 1 qmgr
+#qmgr unix n - n 300 1 oqmgr
+tlsmgr unix - - - 1000? 1 tlsmgr
+rewrite unix - - - - - trivial-rewrite
+bounce unix - - - - 0 bounce
+defer unix - - - - 0 bounce
+trace unix - - - - 0 bounce
+verify unix - - - - 1 verify
+flush unix n - - 1000? 0 flush
+proxymap unix - - n - - proxymap
+proxywrite unix - - n - 1 proxymap
+smtp unix - - - - - smtp
+relay unix - - - - - smtp
+# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq unix n - - - - showq
+error unix - - - - - error
+retry unix - - - - - error
+discard unix - - - - - discard
+local unix - n n - - local
+virtual unix - n n - - virtual
+lmtp unix - - - - - lmtp
+anvil unix - - - - 1 anvil
+scache unix - - - - 1 scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent. See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop unix - n n - - pipe
+ flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+# mailbox_transport = lmtp:inet:localhost
+# virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus unix - n n - - pipe
+# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix - n n - - pipe
+# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp unix - n n - - pipe
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail unix - n n - - pipe
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp unix - n n - - pipe
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix - n n - 2 pipe
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman unix - n n - - pipe
+ flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+ ${nexthop} ${user}
+
--- /dev/null
+#! /bin/sh
+#
+# This is a short script to quickly generate a self-signed X.509 key for
+# Postfix over SSL. Normally this script would get called by an automatic
+# package installation routine.
+
+test -x /usr/bin/openssl || exit 0
+
+prefix="/usr"
+pemfile="/etc/postfix/postfix.pem"
+randfile="/etc/postfix/postfix.rand"
+conffile="/etc/postfix/postfix-cert.cnf"
+
+if [[ -f "${pemfile}" ]]; then
+ echo "${pemfile} already exists."
+ exit 1
+fi
+
+if [[ ! -f "${conffile}" [] ; then
+ echo "${conffile} does not exists!"
+ exit 2
+fi
+
+cp /dev/null "${pemfile}"
+chmod 600 "${pemfile}"
+chown root "${pemfile}"
+
+cleanup() {
+ rm -f "${pemfile}"
+ rm -f "${randfile}"
+ exit 1
+}
+
+dd if=/dev/urandom of="${randfile}" count=1 2>/dev/null
+/usr/bin/openssl req -new -x509 -days 3650 -nodes \
+ -config "${conffile}" -out "${pemfile}" -keyout "${pemfile}" || cleanup
+/usr/bin/openssl gendh -rand "${randfile}" 512 >> "${pemfile}" || cleanup
+/usr/bin/openssl x509 -subject -dates -fingerprint -noout -in "${pemfile}" || cleanup
+rm -f "${randfile}"
+
--- /dev/null
+#!/bin/sh
+
+# To view the formatted manual page of this file, type:
+# POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man
+
+#++
+# NAME
+# post-install
+# SUMMARY
+# Postfix post-installation script
+# SYNOPSIS
+# postfix post-install [name=value] command ...
+# DESCRIPTION
+# The post-install script performs the finishing touch of a Postfix
+# installation, after the executable programs and configuration
+# files are installed. Usage is one of the following:
+# .IP o
+# While installing Postfix from source code on the local machine, the
+# script is run by the postfix-install script to update selected file
+# or directory permissions and to update Postfix configuration files.
+# .IP o
+# While installing Postfix from a pre-built package, the script is run
+# by the package management procedure to set all file or directory
+# permissions and to update Postfix configuration files.
+# .IP o
+# The script can be used to change installation parameter settings such
+# as mail_owner or setgid_group after Postfix is already installed.
+# .IP o
+# The script can be used to upgrade configuration files and to upgrade
+# file/directory permissions of a secondary Postfix instance.
+# .IP o
+# At Postfix start-up time, the script is run from "postfix check" to
+# create missing queue directories.
+# .PP
+# The post-install script is controlled by installation parameters.
+# Specific parameters are described at the end of this document.
+# All installation parameters must be specified ahead of time via
+# one of the methods described below.
+#
+# Arguments
+# .IP create-missing
+# Create missing queue directories with ownerships and permissions
+# according to the contents of $daemon_directory/postfix-files
+# and optionally in $daemon_directory/postfix-files.d/*, using
+# the mail_owner and setgid_group parameter settings from the
+# command line, process environment or from the installed
+# main.cf file.
+#
+# This is required at Postfix start-up time.
+# .IP set-permissions
+# Set all file/directory ownerships and permissions according to the
+# contents of $daemon_directory/postfix-files and optionally
+# in $daemon_directory/postfix-files.d/*, using the mail_owner
+# and setgid_group parameter settings from the command line,
+# process environment or from the installed main.cf file.
+# Implies create-missing.
+#
+# This is required when installing Postfix from a pre-built package,
+# or when changing the mail_owner or setgid_group installation parameter
+# settings after Postfix is already installed.
+# .IP upgrade-permissions
+# Update ownership and permission of existing files/directories as
+# specified in $daemon_directory/postfix-files and optionally
+# in $daemon_directory/postfix-files.d/*, using the mail_owner
+# and setgid_group parameter settings from the command line,
+# process environment or from the installed main.cf file.
+# Implies create-missing.
+#
+# This is required when upgrading an existing Postfix instance.
+# .IP upgrade-configuration
+# Edit the installed main.cf and master.cf files, in order to account
+# for missing services and to fix deprecated parameter settings.
+#
+# This is required when upgrading an existing Postfix instance.
+# .IP upgrade-source
+# Short-hand for: upgrade-permissions upgrade-configuration.
+#
+# This is recommended when upgrading Postfix from source code.
+# .IP upgrade-package
+# Short-hand for: set-permissions upgrade-configuration.
+#
+# This is recommended when upgrading Postfix from a pre-built package.
+# .IP first-install-reminder
+# Remind the user that they still need to configure main.cf and the
+# aliases file, and that newaliases still needs to be run.
+#
+# This is recommended when Postfix is installed for the first time.
+# MULTIPLE POSTFIX INSTANCES
+# .ad
+# .fi
+# Multiple Postfix instances on the same machine can share command and
+# daemon program files but must have separate configuration and queue
+# directories.
+#
+# To create a secondary Postfix installation on the same machine,
+# copy the configuration files from the primary Postfix instance to
+# a secondary configuration directory and execute:
+#
+# postfix post-install config_directory=secondary-config-directory \e
+# .in +4
+# queue_directory=secondary-queue-directory \e
+# .br
+# create-missing
+# .PP
+# This creates secondary Postfix queue directories, sets their access
+# permissions, and saves the specified installation parameters to the
+# secondary main.cf file.
+#
+# Be sure to list the secondary configuration directory in the
+# alternate_config_directories parameter in the primary main.cf file.
+#
+# To upgrade a secondary Postfix installation on the same machine,
+# execute:
+#
+# postfix post-install config_directory=secondary-config-directory \e
+# .in +4
+# upgrade-permissions upgrade-configuration
+# INSTALLATION PARAMETER INPUT METHODS
+# .ad
+# .fi
+# Parameter settings can be specified through a variety of
+# mechanisms. In order of decreasing precedence these are:
+# .IP "command line"
+# Parameter settings can be given as name=value arguments on
+# the post-install command line. These have the highest precedence.
+# Settings that override the installed main.cf file are saved.
+# .IP "process environment"
+# Parameter settings can be given as name=value environment
+# variables.
+# Settings that override the installed main.cf file are saved.
+# .IP "installed configuration files"
+# If a parameter is not specified via the command line or via the
+# process environment, post-install will attempt to extract its
+# value from the already installed Postfix main.cf configuration file.
+# These settings have the lowest precedence.
+# INSTALLATION PARAMETER DESCRIPTION
+# .ad
+# .fi
+# The description of installation parameters is as follows:
+# .IP config_directory
+# The directory for Postfix configuration files.
+# .IP daemon_directory
+# The directory for Postfix daemon programs. This directory
+# should not be in the command search path of any users.
+# .IP command_directory
+# The directory for Postfix administrative commands. This
+# directory should be in the command search path of adminstrative users.
+# .IP queue_directory
+# The directory for Postfix queues.
+# .IP data_directory
+# The directory for Postfix writable data files (caches, etc.).
+# .IP sendmail_path
+# The full pathname for the Postfix sendmail command.
+# This is the Sendmail-compatible mail posting interface.
+# .IP newaliases_path
+# The full pathname for the Postfix newaliases command.
+# This is the Sendmail-compatible command to build alias databases
+# for the Postfix local delivery agent.
+# .IP mailq_path
+# The full pathname for the Postfix mailq command.
+# This is the Sendmail-compatible command to list the mail queue.
+# .IP mail_owner
+# The owner of the Postfix queue. Its numerical user ID and group ID
+# must not be used by any other accounts on the system.
+# .IP setgid_group
+# The group for mail submission and for queue management commands.
+# Its numerical group ID must not be used by any other accounts on the
+# system, not even by the mail_owner account.
+# .IP html_directory
+# The directory for the Postfix HTML files.
+# .IP manpage_directory
+# The directory for the Postfix on-line manual pages.
+# .IP sample_directory
+# The directory for the Postfix sample configuration files.
+# This feature is obsolete as of Postfix 2.1.
+# .IP readme_directory
+# The directory for the Postfix README files.
+# SEE ALSO
+# postfix-install(1) Postfix primary installation script.
+# FILES
+# $config_directory/main.cf, Postfix installation parameters.
+# $daemon_directory/postfix-files, installation control file.
+# $daemon_directory/postfix-files.d/*, optional control files.
+# $config_directory/install.cf, obsolete configuration file.
+# LICENSE
+# .ad
+# .fi
+# The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+# Wietse Venema
+# IBM T.J. Watson Research
+# P.O. Box 704
+# Yorktown Heights, NY 10598, USA
+#--
+
+umask 022
+
+PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
+SHELL=/bin/sh
+IFS="
+"
+BACKUP_IFS="$IFS"
+debug=:
+#debug=echo
+MOST_PARAMETERS="command_directory daemon_directory data_directory
+ html_directory mail_owner mailq_path manpage_directory
+ newaliases_path queue_directory readme_directory sample_directory
+ sendmail_path setgid_group"
+NON_SHARED="config_directory queue_directory data_directory"
+
+USAGE="Usage: $0 [name=value] command
+ create-missing Create missing queue directories.
+ upgrade-source When installing or upgrading from source code.
+ upgrade-package When installing or upgrading from pre-built package.
+ first-install-reminder Remind of mandatory first-time configuration steps.
+ name=value Specify an installation parameter".
+
+# Process command-line options and parameter settings. Work around
+# brain damaged shells. "IFS=value command" should not make the
+# IFS=value setting permanent. But some broken standard allows it.
+
+create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder=
+obsolete=; keep_list=;
+
+for arg
+do
+ case $arg in
+ *=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
+ create-missing) create=1;;
+ set-perm*) create=1; set_perms=1;;
+ upgrade-perm*) create=1; upgrade_perms=1;;
+ upgrade-conf*) upgrade_conf=1;;
+ upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;;
+ upgrade-package) create=1; upgrade_conf=1; set_perms=1;;
+ first-install*) first_install_reminder=1;;
+ *) echo "$0: Error: $USAGE" 1>&2; exit 1;;
+ esac
+ shift
+done
+
+# Sanity checks.
+
+test -n "$create$upgrade_conf$first_install_reminder" || {
+ echo "$0: Error: $USAGE" 1>&2
+ exit 1
+}
+
+# Bootstrapping problem.
+
+if [ -n "$command_directory" ]
+then
+ POSTCONF="$command_directory/postconf"
+else
+ POSTCONF="postconf"
+fi
+
+$POSTCONF -d mail_version >/dev/null 2>/dev/null || {
+ echo $0: Error: no $POSTCONF command found. 1>&2
+ echo Re-run this command as $0 command_directory=/some/where. 1>&2
+ exit 1
+}
+
+# Also used to require license etc. files only in the default instance.
+
+def_config_directory=`$POSTCONF -d -h config_directory` || exit 1
+test -n "$config_directory" ||
+ config_directory="$def_config_directory"
+
+test -d "$config_directory" || {
+ echo $0: Error: $config_directory is not a directory. 1>&2
+ exit 1
+}
+
+# If this is a secondary instance, don't touch shared files.
+# XXX Solaris does not have "test -e".
+
+instances=`test ! -f $def_config_directory/main.cf ||
+ $POSTCONF -c $def_config_directory -h multi_instance_directories |
+ sed 's/,/ /'` || exit 1
+
+update_shared_files=1
+for name in $instances
+do
+ case "$name" in
+ "$def_config_directory") ;;
+ "$config_directory") update_shared_files=; break;;
+ esac
+done
+
+test -f $daemon_directory/postfix-files || {
+ echo $0: Error: $daemon_directory/postfix-files is not a file. 1>&2
+ exit 1
+}
+
+# SunOS5 fmt(1) truncates lines > 1000 characters.
+
+fake_fmt() {
+ sed '
+ :top
+ /^\( *\)\([^ ][^ ]*\) */{
+ s//\1\2\
+\1/
+ P
+ D
+ b top
+ }
+ ' | fmt
+}
+
+case `uname -s` in
+HP-UX*) FMT=cat;;
+SunOS*) FMT=fake_fmt;;
+ *) FMT=fmt;;
+esac
+
+# If a parameter is not set via the command line or environment,
+# try to use settings from installed configuration files.
+
+# Extract parameter settings from the obsolete install.cf file, as
+# a transitional aid.
+
+grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
+ test -f $config_directory/install.cf && {
+ for name in sendmail_path newaliases_path mailq_path setgid manpages
+ do
+ eval junk=\$$name
+ case "$junk" in
+ "") eval unset $name;;
+ esac
+ eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
+ || exit 1
+ done
+ : ${setgid_group=$setgid}
+ : ${manpage_directory=$manpages}
+ }
+}
+
+# Extract parameter settings from the installed main.cf file.
+
+test -f $config_directory/main.cf && {
+ for name in $MOST_PARAMETERS
+ do
+ eval junk=\$$name
+ case "$junk" in
+ "") eval unset $name;;
+ esac
+ eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
+ done
+}
+
+# Sanity checks
+
+case $manpage_directory in
+ no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2
+ echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;;
+esac
+
+case $setgid_group in
+ no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2
+ echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;;
+esac
+
+for path in "$daemon_directory" "$command_directory" "$queue_directory" \
+ "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
+do
+ case "$path" in
+ /*) ;;
+ *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;;
+ esac
+done
+
+for path in "$html_directory" "$readme_directory"
+do
+ case "$path" in
+ /*) ;;
+ no) ;;
+ *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;;
+ esac
+done
+
+# Find out what parameters were not specified via command line,
+# via environment, or via installed configuration files.
+
+missing=
+for name in $MOST_PARAMETERS
+do
+ eval test -n \"\$$name\" || missing="$missing $name"
+done
+
+# All parameters must be specified at this point.
+
+test -n "$non_interactive" -a -n "$missing" && {
+ cat <<EOF | ${FMT} 1>&2
+$0: Error: some required installation parameters are not defined.
+
+- Either the parameters need to be given in the $config_directory/main.cf
+file from a recent Postfix installation,
+
+- Or the parameters need to be specified through the process
+environment.
+
+- Or the parameters need to be specified as name=value arguments
+on the $0 command line,
+
+The following parameters were missing:
+
+ $missing
+
+EOF
+ exit 1
+}
+
+POSTCONF="$command_directory/postconf"
+
+# Save settings, allowing command line/environment override.
+
+override=
+for name in $MOST_PARAMETERS
+do
+ eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
+ override=1
+ break
+ }
+done
+
+test -n "$override" && {
+ $POSTCONF -c $config_directory -e \
+ "daemon_directory = $daemon_directory" \
+ "command_directory = $command_directory" \
+ "queue_directory = $queue_directory" \
+ "data_directory = $data_directory" \
+ "mail_owner = $mail_owner" \
+ "setgid_group = $setgid_group" \
+ "sendmail_path = $sendmail_path" \
+ "mailq_path = $mailq_path" \
+ "newaliases_path = $newaliases_path" \
+ "html_directory = $html_directory" \
+ "manpage_directory = $manpage_directory" \
+ "sample_directory = $sample_directory" \
+ "readme_directory = $readme_directory" \
+ || exit 1
+}
+
+# Use file/directory status information in $daemon_directory/postfix-files.
+
+test -n "$create" && {
+ postfix_files_d=$daemon_directory/postfix-files.d
+ for postfix_file in $daemon_directory/postfix-files \
+ `test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }`
+ do
+ exec <$postfix_file || exit 1
+ while IFS=: read path type owner group mode flags junk
+ do
+ IFS="$BACKUP_IFS"
+ set_permission=
+ # Skip comments. Skip shared files, if updating a secondary instance.
+ case $path in
+ [$]*) case "$update_shared_files" in
+ 1) $debug keep non-shared or shared $path;;
+ *) non_shared=
+ for name in $NON_SHARED
+ do
+ case $path in
+ "\$$name"*) non_shared=1; break;;
+ esac
+ done
+ case "$non_shared" in
+ 1) $debug keep non-shared $path;;
+ *) $debug skip shared $path; continue;;
+ esac;;
+ esac;;
+ *) continue;;
+ esac
+ # Skip hard links and symbolic links.
+ case $type in
+ [hl]) continue;;
+ [df]) ;;
+ *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;;
+ esac
+ # Expand $name, and canonicalize null fields.
+ for name in path owner group flags
+ do
+ eval junk=\${$name}
+ case $junk in
+ [$]*) eval $name=$junk;;
+ -) eval $name=;;
+ *) ;;
+ esac
+ done
+ # Skip uninstalled files.
+ case $path in
+ no|no/*) continue;;
+ esac
+ # Pick up the flags.
+ case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac
+ case $flags in *c*) create_flag=1;; *) create_flag=;; esac
+ case $flags in *r*) recursive="-R";; *) recursive=;; esac
+ case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac
+ case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \
+ "$def_config_directory" && continue;; esac
+ # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e".
+ if [ -n "$obsolete_flag" ]
+ then
+ test -r $path -a "$type" != "d" && obsolete="$obsolete $path"
+ continue;
+ else
+ keep_list="$keep_list $path"
+ fi
+ # Create missing directories with proper owner/group/mode settings.
+ if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ]
+ then
+ mkdir $path || exit 1
+ set_permission=1
+ # Update all owner/group/mode settings.
+ elif [ -n "$set_perms" ]
+ then
+ set_permission=1
+ # Update obsolete owner/group/mode settings.
+ elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ]
+ then
+ set_permission=1
+ fi
+ test -n "$set_permission" && {
+ chown $recursive $owner $path || exit 1
+ test -z "$group" || chgrp $recursive $group $path || exit 1
+ # Don't "chmod -R"; queue file status is encoded in mode bits.
+ if [ "$type" = "d" -a -n "$recursive" ]
+ then
+ find $path -type d -exec chmod $mode "{}" ";"
+ else
+ chmod $mode $path
+ fi || exit 1
+ }
+ done
+ IFS="$BACKUP_IFS"
+ done
+}
+
+# Upgrade existing Postfix configuration files if necessary.
+
+test -n "$upgrade_conf" && {
+
+ # Postfix 2.0.
+ # Add missing relay service to master.cf.
+
+ grep '^relay' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for relay service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+relay unix - - n - - smtp
+EOF
+ }
+
+ # Postfix 1.1.
+ # Add missing flush service to master.cf.
+
+ grep '^flush.*flush' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for flush service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+flush unix - - n 1000? 0 flush
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing trace service to master.cf.
+
+ grep 'trace.*bounce' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for trace service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+trace unix - - n - 0 bounce
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing verify service to master.cf.
+
+ grep '^verify.*verify' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for verify service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+verify unix - - n - 1 verify
+EOF
+ }
+
+ # Postfix 2.1.
+ # Fix verify service process limit.
+
+ grep '^verify.*[ ]0[ ]*verify' \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, setting verify process limit to 1
+ ed $config_directory/master.cf <<EOF || exit 1
+/^verify.*[ ]0[ ]*verify/
+s/\([ ]\)0\([ ]\)/\11\2/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 1.1.
+ # Change privileged pickup service into unprivileged.
+
+ grep "^pickup[ ]*fifo[ ]*n[ ]*n" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, making the pickup service unprivileged
+ ed $config_directory/master.cf <<EOF || exit 1
+/^pickup[ ]*fifo[ ]*n[ ]*n/
+s/\(n[ ]*\)n/\1-/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 1.1.
+ # Change private cleanup and flush services into public.
+
+ for name in cleanup flush
+ do
+ grep "^$name[ ]*unix[ ]*[-y]" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, making the $name service public
+ ed $config_directory/master.cf <<EOF || exit 1
+/^$name[ ]*unix[ ]*[-y]/
+s/[-y]/n/
+p
+w
+q
+EOF
+ }
+ done
+
+ # Postfix 2.2.
+ # File systems have improved since Postfix came out, and all we
+ # require now is that defer and deferred are hashed because those
+ # can contain lots of files.
+
+ found=`$POSTCONF -c $config_directory -h hash_queue_names`
+ missing=
+ (echo "$found" | grep defer >/dev/null) || missing="$missing defer"
+ (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred"
+ test -n "$missing" && {
+ echo fixing main.cf hash_queue_names for missing $missing
+ $POSTCONF -c $config_directory -e hash_queue_names="$found$missing" ||
+ exit 1
+ }
+
+ # Turn on safety nets for new features that could bounce mail that
+ # would be accepted by a previous Postfix version.
+
+ # [The "unknown_local_recipient_reject_code = 450" safety net,
+ # introduced with Postfix 2.0 and deleted after Postfix 2.3.]
+
+ # Postfix 2.0.
+ # Add missing proxymap service to master.cf.
+
+ grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for proxymap service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+proxymap unix - - n - - proxymap
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing anvil service to master.cf.
+
+ grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for anvil service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+anvil unix - - n - 1 anvil
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing scache service to master.cf.
+
+ grep '^scache.*scache' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for scache service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+scache unix - - n - 1 scache
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing discard service to master.cf.
+
+ grep '^discard.*discard' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for discard service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+discard unix - - n - - discard
+EOF
+ }
+
+ # Postfix 2.2.
+ # Update the tlsmgr fifo->unix service.
+
+ grep "^tlsmgr[ ]*fifo[ ]" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service
+ ed $config_directory/master.cf <<EOF || exit 1
+/^tlsmgr[ ]*fifo[ ]/
+s/fifo/unix/
+s/[0-9][0-9]*/&?/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing tlsmgr service to master.cf.
+
+ grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+tlsmgr unix - - n 1000? 1 tlsmgr
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing retry service to master.cf.
+
+ grep '^retry.*error' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for retry service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+retry unix - - n - - error
+EOF
+ }
+
+ # Postfix 2.5.
+ # Add missing proxywrite service to master.cf.
+
+ grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for proxywrite service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+proxywrite unix - - n - 1 proxymap
+EOF
+ }
+
+ # Postfix 2.5.
+ # Fix a typo in the default master.cf proxywrite entry.
+
+ grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, setting proxywrite process limit to 1
+ ed $config_directory/master.cf <<EOF || exit 1
+/^proxywrite.*-[ ]*proxymap/
+s/-\([ ]*proxymap\)/1\1/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add missing postscreen service to master.cf.
+
+ grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#smtp inet n - n - 1 postscreen
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add missing smtpd (unix-domain) service to master.cf.
+
+ grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#smtpd pass - - n - - smtpd
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add temporary dnsblog (unix-domain) service to master.cf.
+
+ grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#dnsblog unix - - n - 0 dnsblog
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add tlsproxy (unix-domain) service to master.cf.
+
+ grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#tlsproxy unix - - n - 0 tlsproxy
+EOF
+ }
+
+ # Report (but do not remove) obsolete files.
+
+ test -n "$obsolete" && {
+ cat <<EOF | ${FMT}
+
+ Note: the following files or directories still exist but are
+ no longer part of Postfix:
+
+ $obsolete
+
+EOF
+ }
+
+ # Postfix 2.9.
+ # Safety net for incompatible changes in IPv6 defaults.
+ # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN
+ # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX
+ # BEFORE 2.9.
+ # This code assumes that the default is "inet_protocols = ipv4"
+ # when IPv6 support is not compiled in. See util/sys_defs.h.
+
+ test "`$POSTCONF -dh inet_protocols`" = "ipv4" ||
+ test -n "`$POSTCONF -c $config_directory -n inet_protocols`" || {
+ cat <<EOF | ${FMT}
+ COMPATIBILITY: editing $config_directory/main.cf, setting
+ inet_protocols=ipv4. Specify inet_protocols explicitly if you
+ want to enable IPv6.
+ In a future release IPv6 will be enabled by default.
+EOF
+ $POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1
+ }
+
+# Disabled because unhelpful down-stream maintainers disable the safety net.
+# # Postfix 2.10.
+# # Safety net for incompatible changes due to the introduction
+# # of the smtpd_relay_restrictions feature to separate the
+# # mail relay policy from the spam blocking policy.
+# # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT
+# # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM
+# # POSTFIX BEFORE 2.10.
+# test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || {
+# cat <<EOF | ${FMT}
+# COMPATIBILITY: editing $config_directory/main.cf, overriding
+# smtpd_relay_restrictions to prevent inbound mail from
+# unexpectedly bouncing.
+# Specify an empty smtpd_relay_restrictions value to keep using
+# smtpd_recipient_restrictions as before.
+#EOF
+# $POSTCONF -c $config_directory "smtpd_relay_restrictions = \
+# permit_mynetworks permit_sasl_authenticated \
+# defer_unauth_destination" || exit 1
+# }
+}
+
+# A reminder if this is the first time Postfix is being installed.
+
+test -n "$first_install_reminder" && {
+
+ ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'`
+ NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path`
+ cat <<EOF | ${FMT}
+
+ Warning: you still need to edit myorigin/mydestination/mynetworks
+ parameter settings in $config_directory/main.cf.
+
+ See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
+ for information about dialup sites or about sites inside a
+ firewalled network.
+
+ BTW: Check your $ALIASES file and be sure to set up aliases
+ that send mail for root and postmaster to a real person, then
+ run $NEWALIASES_PATH.
+
+EOF
+
+}
+
+exit 0
--- /dev/null
+RANDFILE = /usr/share/postfix.rand
+
+[ req ]
+default_bits = 1024
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+C=DE
+ST=Berlin
+L=Berlin
+O=Frank Brehm
+OU=Mail Server Postfix SSL key
+CN=ns1.uhu-banane.de
+emailAddress=postmaster@brehm-online.com
+
+
+[ cert_type ]
+nsCertType = server
+
+# vim: filetype=dosini
--- /dev/null
+#
+# Do not edit this file.
+#
+# This file controls the postfix-install script for installation of
+# Postfix programs, configuration files and documentation, as well
+# as the post-install script for setting permissions and for updating
+# Postfix configuration files. See the respective manual pages within
+# the script files.
+#
+# Do not list $command_directory in this file, or it will be blown
+# away by a future Postfix uninstallation procedure. You would not
+# want to lose all files in /usr/sbin.
+#
+# Each record in this file describes one file or directory.
+# Fields are separated by ":". Specify a null field as "-".
+# Missing fields or separators at the end are OK.
+#
+# File format:
+# name:type:owner:group:permission:flags
+# No group means don't change group ownership.
+#
+# File types:
+# d=directory
+# f=regular file
+# h=hard link (*)
+# l=symbolic link (*)
+#
+# (*) With hard links and symbolic links, the owner field becomes the
+# source pathname, while the group and permissions are ignored.
+#
+# File flags:
+# No flag means the flag is not active.
+# p=preserve existing file, do not replace (postfix-install).
+# u=update owner/group/mode (post-install upgrade-permissions).
+# c=create missing directory (post-install create-missing).
+# r=apply owner/group recursively (post-install set/upgrade-permissions).
+# o=obsolete, no longer part of Postfix
+# 1=optional for non-default instance (config_dir != built-in default).
+#
+# Note: the "u" flag is for upgrading the permissions of existing files
+# or directories after changes in Postfix architecture. For robustness
+# it is a good idea to "u" all the files that have special ownership or
+# permissions, so that running "make install" fixes any glitches.
+#
+$config_directory:d:root:-:755:u
+$data_directory:d:$mail_owner:-:700:uc
+$daemon_directory:d:root:-:755:u
+$queue_directory:d:root:-:755:uc
+$sample_directory:d:root:-:755:o
+$readme_directory:d:root:-:755
+$html_directory:d:root:-:755
+$queue_directory/active:d:$mail_owner:-:700:ucr
+$queue_directory/bounce:d:$mail_owner:-:700:ucr
+$queue_directory/corrupt:d:$mail_owner:-:700:ucr
+$queue_directory/defer:d:$mail_owner:-:700:ucr
+$queue_directory/deferred:d:$mail_owner:-:700:ucr
+$queue_directory/flush:d:$mail_owner:-:700:ucr
+$queue_directory/hold:d:$mail_owner:-:700:ucr
+$queue_directory/incoming:d:$mail_owner:-:700:ucr
+$queue_directory/private:d:$mail_owner:-:700:uc
+$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc
+$queue_directory/public:d:$mail_owner:$setgid_group:710:uc
+$queue_directory/pid:d:root:-:755:uc
+$queue_directory/saved:d:$mail_owner:-:700:ucr
+$queue_directory/trace:d:$mail_owner:-:700:ucr
+$daemon_directory/anvil:f:root:-:755
+$daemon_directory/bounce:f:root:-:755
+$daemon_directory/dict_cdb.so:f:root:-:755
+$daemon_directory/dict_ldap.so:f:root:-:755
+$daemon_directory/dict_pcre.so:f:root:-:755
+$daemon_directory/dict_mysql.so:f:root:-:755
+$daemon_directory/dict_sqlite.so:f:root:-:755
+$daemon_directory/dict_tcp.so:f:root:-:755
+$daemon_directory/dict_sdbm.so:f:root:-:755
+$daemon_directory/cleanup:f:root:-:755
+$daemon_directory/discard:f:root:-:755
+$daemon_directory/dnsblog:f:root:-:755
+$daemon_directory/error:f:root:-:755
+$daemon_directory/flush:f:root:-:755
+#$daemon_directory/lmtp:f:root:-:755
+$daemon_directory/local:f:root:-:755
+$daemon_directory/main.cf:f:root:-:644
+$daemon_directory/master.cf:f:root:-:644
+$daemon_directory/master:f:root:-:755
+$daemon_directory/oqmgr:f:root:-:755
+$daemon_directory/pickup:f:root:-:755
+$daemon_directory/pipe:f:root:-:755
+$daemon_directory/post-install:f:root:-:755
+$daemon_directory/postfix-files:f:root:-:644
+$daemon_directory/postfix-script:f:root:-:755
+$daemon_directory/postfix-wrapper:f:root:-:755
+$daemon_directory/postmulti-script:f:root:-:755
+$daemon_directory/postscreen:f:root:-:755
+$daemon_directory/proxymap:f:root:-:755
+$daemon_directory/qmgr:f:root:-:755
+$daemon_directory/qmqpd:f:root:-:755
+$daemon_directory/scache:f:root:-:755
+$daemon_directory/showq:f:root:-:755
+$daemon_directory/smtp:f:root:-:755
+$daemon_directory/smtpd:f:root:-:755
+$daemon_directory/spawn:f:root:-:755
+$daemon_directory/tlsproxy:f:root:-:755
+$daemon_directory/tlsmgr:f:root:-:755
+$daemon_directory/trivial-rewrite:f:root:-:755
+$daemon_directory/verify:f:root:-:755
+$daemon_directory/virtual:f:root:-:755
+/usr/lib/libpostfix-dns.so.1:f:root:-:755
+/usr/lib/libpostfix-global.so.1:f:root:-:755
+/usr/lib/libpostfix-tls.so.1:f:root:-:755
+/usr/lib/libpostfix-master.so.1:f:root:-:755
+/usr/lib/libpostfix-util.so.1:f:root:-:755
+$daemon_directory/nqmgr:h:$daemon_directory/qmgr
+$daemon_directory/lmtp:h:$daemon_directory/smtp
+$command_directory/postalias:f:root:-:755
+$command_directory/postcat:f:root:-:755
+$command_directory/postconf:f:root:-:755
+$command_directory/postfix:f:root:-:755
+$command_directory/postkick:f:root:-:755
+$command_directory/postlock:f:root:-:755
+$command_directory/postlog:f:root:-:755
+$command_directory/postmap:f:root:-:755
+$command_directory/postmulti:f:root:-:755
+$command_directory/postsuper:f:root:-:755
+$command_directory/postdrop:f:root:$setgid_group:2755:u
+$command_directory/postqueue:f:root:$setgid_group:2755:u
+$sendmail_path:f:root:-:755
+$newaliases_path:l:$sendmail_path
+$mailq_path:l:$sendmail_path
+$config_directory/LICENSE:f:root:-:644:1
+$config_directory/TLS_LICENSE:f:root:-:644:1
+$config_directory/access:f:root:-:644:p1
+$config_directory/aliases:f:root:-:644:p1
+$config_directory/bounce.cf.default:f:root:-:644:1
+$config_directory/canonical:f:root:-:644:p1
+$config_directory/dynamicmaps.cf:f:root:-:644:p1
+$config_directory/cidr_table:f:root:-:644:o
+$config_directory/generic:f:root:-:644:p1
+$config_directory/generics:f:root:-:644:o
+$config_directory/header_checks:f:root:-:644:p1
+$config_directory/install.cf:f:root:-:644:o
+$config_directory/main.cf.default:f:root:-:644:1
+$config_directory/main.cf:f:root:-:644:p
+$config_directory/makedefs.out:f:root:-:644:1
+$config_directory/master.cf:f:root:-:644:p
+$config_directory/pcre_table:f:root:-:644:o
+$config_directory/postfix-files:f:root:-:644:o
+$config_directory/regexp_table:f:root:-:644:o
+$config_directory/relocated:f:root:-:644:p1
+$config_directory/tcp_table:f:root:-:644:o
+$config_directory/transport:f:root:-:644:p1
+$config_directory/virtual:f:root:-:644:p1
+$config_directory/postfix-script:f:root:-:755:o
+$config_directory/postfix-script-sgid:f:root:-:755:o
+$config_directory/postfix-script-nosgid:f:root:-:755:o
+$config_directory/post-install:f:root:-:755:o
+$manpage_directory/man1/mailq.1:f:root:-:644
+$manpage_directory/man1/newaliases.1:f:root:-:644
+$manpage_directory/man1/postalias.1:f:root:-:644
+$manpage_directory/man1/postcat.1:f:root:-:644
+$manpage_directory/man1/postconf.1:f:root:-:644
+$manpage_directory/man1/postdrop.1:f:root:-:644
+$manpage_directory/man1/postfix.1:f:root:-:644
+$manpage_directory/man1/postkick.1:f:root:-:644
+$manpage_directory/man1/postlock.1:f:root:-:644
+$manpage_directory/man1/postlog.1:f:root:-:644
+$manpage_directory/man1/postmap.1:f:root:-:644
+$manpage_directory/man1/postmulti.1:f:root:-:644
+$manpage_directory/man1/postqueue.1:f:root:-:644
+$manpage_directory/man1/postsuper.1:f:root:-:644
+$manpage_directory/man1/sendmail.1:f:root:-:644
+$manpage_directory/man5/access.5:f:root:-:644
+$manpage_directory/man5/aliases.5:f:root:-:644
+$manpage_directory/man5/body_checks.5:f:root:-:644
+$manpage_directory/man5/bounce.5:f:root:-:644
+$manpage_directory/man5/canonical.5:f:root:-:644
+$manpage_directory/man5/cidr_table.5:f:root:-:644
+$manpage_directory/man5/generics.5:f:root:-:644:o
+$manpage_directory/man5/generic.5:f:root:-:644
+$manpage_directory/man5/header_checks.5:f:root:-:644
+$manpage_directory/man5/ldap_table.5:f:root:-:644
+$manpage_directory/man5/lmdb_table.5:f:root:-:644
+$manpage_directory/man5/master.5:f:root:-:644
+$manpage_directory/man5/memcache_table.5:f:root:-:644
+$manpage_directory/man5/mysql_table.5:f:root:-:644
+$manpage_directory/man5/socketmap_table.5:f:root:-:644
+$manpage_directory/man5/sqlite_table.5:f:root:-:644
+$manpage_directory/man5/nisplus_table.5:f:root:-:644
+$manpage_directory/man5/pcre_table.5:f:root:-:644
+$manpage_directory/man5/pgsql_table.5:f:root:-:644
+$manpage_directory/man5/postconf.5:f:root:-:644
+$manpage_directory/man5/postfix-wrapper.5:f:root:-:644
+$manpage_directory/man5/regexp_table.5:f:root:-:644
+$manpage_directory/man5/relocated.5:f:root:-:644
+$manpage_directory/man5/tcp_table.5:f:root:-:644
+$manpage_directory/man5/transport.5:f:root:-:644
+$manpage_directory/man5/virtual.5:f:root:-:644
+$manpage_directory/man8/bounce.8:f:root:-:644
+$manpage_directory/man8/cleanup.8:f:root:-:644
+$manpage_directory/man8/anvil.8:f:root:-:644
+$manpage_directory/man8/defer.8:f:root:-:644
+$manpage_directory/man8/discard.8:f:root:-:644
+$manpage_directory/man8/dnsblog.8:f:root:-:644
+$manpage_directory/man8/error.8:f:root:-:644
+$manpage_directory/man8/flush.8:f:root:-:644
+$manpage_directory/man8/lmtp.8:f:root:-:644
+$manpage_directory/man8/local.8:f:root:-:644
+$manpage_directory/man8/master.8:f:root:-:644
+$manpage_directory/man8/nqmgr.8:f:root:-:644:o
+$manpage_directory/man8/oqmgr.8:f:root:-:644:
+$manpage_directory/man8/pickup.8:f:root:-:644
+$manpage_directory/man8/pipe.8:f:root:-:644
+$manpage_directory/man8/postscreen.8:f:root:-:644
+$manpage_directory/man8/proxymap.8:f:root:-:644
+$manpage_directory/man8/qmgr.8:f:root:-:644
+$manpage_directory/man8/qmqpd.8:f:root:-:644
+$manpage_directory/man8/scache.8:f:root:-:644
+$manpage_directory/man8/showq.8:f:root:-:644
+$manpage_directory/man8/smtp.8:f:root:-:644
+$manpage_directory/man8/smtpd.8:f:root:-:644
+$manpage_directory/man8/spawn.8:f:root:-:644
+$manpage_directory/man8/tlsproxy.8:f:root:-:644
+$manpage_directory/man8/tlsmgr.8:f:root:-:644
+$manpage_directory/man8/trace.8:f:root:-:644
+$manpage_directory/man8/trivial-rewrite.8:f:root:-:644
+$manpage_directory/man8/verify.8:f:root:-:644
+$manpage_directory/man8/virtual.8:f:root:-:644
+$sample_directory/sample-aliases.cf:f:root:-:644:o
+$sample_directory/sample-auth.cf:f:root:-:644:o
+$sample_directory/sample-canonical.cf:f:root:-:644:o
+$sample_directory/sample-compatibility.cf:f:root:-:644:o
+$sample_directory/sample-debug.cf:f:root:-:644:o
+$sample_directory/sample-filter.cf:f:root:-:644:o
+$sample_directory/sample-flush.cf:f:root:-:644:o
+$sample_directory/sample-ipv6.cf:f:root:-:644:o
+$sample_directory/sample-ldap.cf:f:root:-:644:o
+$sample_directory/sample-lmtp.cf:f:root:-:644:o
+$sample_directory/sample-local.cf:f:root:-:644:o
+$sample_directory/sample-mime.cf:f:root:-:644:o
+$sample_directory/sample-misc.cf:f:root:-:644:o
+$sample_directory/sample-pcre-access.cf:f:root:-:644:o
+$sample_directory/sample-pcre-body.cf:f:root:-:644:o
+$sample_directory/sample-pcre-header.cf:f:root:-:644:o
+$sample_directory/sample-pgsql-aliases.cf:f:root:-:644:o
+$sample_directory/sample-qmqpd.cf:f:root:-:644:o
+$sample_directory/sample-rate.cf:f:root:-:644:o
+$sample_directory/sample-regexp-access.cf:f:root:-:644:o
+$sample_directory/sample-regexp-body.cf:f:root:-:644:o
+$sample_directory/sample-regexp-header.cf:f:root:-:644:o
+$sample_directory/sample-relocated.cf:f:root:-:644:o
+$sample_directory/sample-resource.cf:f:root:-:644:o
+$sample_directory/sample-rewrite.cf:f:root:-:644:o
+$sample_directory/sample-scheduler.cf:f:root:-:644:o
+$sample_directory/sample-smtp.cf:f:root:-:644:o
+$sample_directory/sample-smtpd.cf:f:root:-:644:o
+$sample_directory/sample-tls.cf:f:root:-:644:o
+$sample_directory/sample-transport.cf:f:root:-:644:o
+$sample_directory/sample-verify.cf:f:root:-:644:o
+$sample_directory/sample-virtual.cf:f:root:-:644:o
+$readme_directory/AAAREADME:f:root:-:644
+$readme_directory/ADDRESS_CLASS_README:f:root:-:644
+$readme_directory/ADDRESS_REWRITING_README:f:root:-:644
+$readme_directory/ADDRESS_VERIFICATION_README:f:root:-:644
+$readme_directory/BACKSCATTER_README:f:root:-:644
+$readme_directory/BASIC_CONFIGURATION_README:f:root:-:644
+$readme_directory/BUILTIN_FILTER_README:f:root:-:644
+$readme_directory/CDB_README:f:root:-:644
+$readme_directory/CONNECTION_CACHE_README:f:root:-:644
+$readme_directory/CONTENT_INSPECTION_README:f:root:-:644
+$readme_directory/DATABASE_README:f:root:-:644
+$readme_directory/DB_README:f:root:-:644
+$readme_directory/DEBUG_README:f:root:-:644
+$readme_directory/DSN_README:f:root:-:644
+$readme_directory/ETRN_README:f:root:-:644
+$readme_directory/FILTER_README:f:root:-:644
+$readme_directory/FORWARD_SECRECY_README:f:root:-:644
+$readme_directory/HOSTING_README:f:root:-:644:o
+$readme_directory/INSTALL:f:root:-:644
+$readme_directory/IPV6_README:f:root:-:644
+$readme_directory/LDAP_README:f:root:-:644
+$readme_directory/LINUX_README:f:root:-:644
+$readme_directory/LMDB_README:f:root:-:644
+$readme_directory/LOCAL_RECIPIENT_README:f:root:-:644
+$readme_directory/MACOSX_README:f:root:-:644:o
+$readme_directory/MAILDROP_README:f:root:-:644
+$readme_directory/MEMCACHE_README:f:root:-:644
+$readme_directory/MILTER_README:f:root:-:644
+$readme_directory/MULTI_INSTANCE_README:f:root:-:644
+$readme_directory/MYSQL_README:f:root:-:644
+$readme_directory/SQLITE_README:f:root:-:644
+$readme_directory/NFS_README:f:root:-:644
+$readme_directory/OVERVIEW:f:root:-:644
+$readme_directory/PACKAGE_README:f:root:-:644
+$readme_directory/PCRE_README:f:root:-:644
+$readme_directory/PGSQL_README:f:root:-:644
+$readme_directory/POSTSCREEN_README:f:root:-:644
+$readme_directory/QMQP_README:f:root:-:644:o
+$readme_directory/QSHAPE_README:f:root:-:644
+$readme_directory/RELEASE_NOTES:f:root:-:644
+$readme_directory/RESTRICTION_CLASS_README:f:root:-:644
+$readme_directory/SASL_README:f:root:-:644
+$readme_directory/SCHEDULER_README:f:root:-:644
+$readme_directory/SMTPD_ACCESS_README:f:root:-:644
+$readme_directory/SMTPD_POLICY_README:f:root:-:644
+$readme_directory/SMTPD_PROXY_README:f:root:-:644
+$readme_directory/SOHO_README:f:root:-:644
+$readme_directory/STANDARD_CONFIGURATION_README:f:root:-:644
+$readme_directory/STRESS_README:f:root:-:644
+$readme_directory/TLS_LEGACY_README:f:root:-:644
+$readme_directory/TLS_README:f:root:-:644
+$readme_directory/TUNING_README:f:root:-:644
+$readme_directory/ULTRIX_README:f:root:-:644
+$readme_directory/UUCP_README:f:root:-:644
+$readme_directory/VERP_README:f:root:-:644
+$readme_directory/VIRTUAL_README:f:root:-:644
+$readme_directory/XCLIENT_README:f:root:-:644
+$readme_directory/XFORWARD_README:f:root:-:644
+$html_directory/ADDRESS_CLASS_README.html:f:root:-:644
+$html_directory/ADDRESS_REWRITING_README.html:f:root:-:644
+$html_directory/ADDRESS_VERIFICATION_README.html:f:root:-:644
+$html_directory/BACKSCATTER_README.html:f:root:-:644
+$html_directory/BASIC_CONFIGURATION_README.html:f:root:-:644
+$html_directory/BUILTIN_FILTER_README.html:f:root:-:644
+$html_directory/CDB_README.html:f:root:-:644
+$html_directory/CONNECTION_CACHE_README.html:f:root:-:644
+$html_directory/CONTENT_INSPECTION_README.html:f:root:-:644
+$html_directory/CYRUS_README.html:f:root:-:644:o
+$html_directory/DATABASE_README.html:f:root:-:644
+$html_directory/DB_README.html:f:root:-:644
+$html_directory/DEBUG_README.html:f:root:-:644
+$html_directory/DSN_README.html:f:root:-:644
+$html_directory/ETRN_README.html:f:root:-:644
+$html_directory/FILTER_README.html:f:root:-:644
+$html_directory/FORWARD_SECRECY_README.html:f:root:-:644
+$html_directory/INSTALL.html:f:root:-:644
+$html_directory/IPV6_README.html:f:root:-:644
+$html_directory/LDAP_README.html:f:root:-:644
+$html_directory/LINUX_README.html:f:root:-:644
+$html_directory/LMDB_README.html:f:root:-:644
+$html_directory/LOCAL_RECIPIENT_README.html:f:root:-:644
+$html_directory/MAILDROP_README.html:f:root:-:644
+$html_directory/MILTER_README.html:f:root:-:644
+$html_directory/MULTI_INSTANCE_README.html:f:root:-:644
+$html_directory/MYSQL_README.html:f:root:-:644
+$html_directory/SQLITE_README.html:f:root:-:644
+$html_directory/NFS_README.html:f:root:-:644
+$html_directory/OVERVIEW.html:f:root:-:644
+$html_directory/PACKAGE_README.html:f:root:-:644
+$html_directory/PCRE_README.html:f:root:-:644
+$html_directory/PGSQL_README.html:f:root:-:644
+$html_directory/POSTSCREEN_README.html:f:root:-:644
+$html_directory/QMQP_README.html:f:root:-:644:o
+$html_directory/QSHAPE_README.html:f:root:-:644
+$html_directory/RESTRICTION_CLASS_README.html:f:root:-:644
+$html_directory/SASL_README.html:f:root:-:644
+$html_directory/SCHEDULER_README.html:f:root:-:644
+$html_directory/SMTPD_ACCESS_README.html:f:root:-:644
+$html_directory/SMTPD_POLICY_README.html:f:root:-:644
+$html_directory/SMTPD_PROXY_README.html:f:root:-:644
+$html_directory/SOHO_README.html:f:root:-:644
+$html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644
+$html_directory/STRESS_README.html:f:root:-:644
+$html_directory/TLS_LEGACY_README.html:f:root:-:644
+$html_directory/TLS_README.html:f:root:-:644
+$html_directory/TUNING_README.html:f:root:-:644
+$html_directory/ULTRIX_README.html:f:root:-:644:o
+$html_directory/UUCP_README.html:f:root:-:644
+$html_directory/VERP_README.html:f:root:-:644
+$html_directory/VIRTUAL_README.html:f:root:-:644
+$html_directory/XCLIENT_README.html:f:root:-:644
+$html_directory/XFORWARD_README.html:f:root:-:644
+$html_directory/access.5.html:f:root:-:644
+$html_directory/aliases.5.html:f:root:-:644
+$html_directory/anvil.8.html:f:root:-:644
+$html_directory/bounce.8.html:f:root:-:644
+$html_directory/canonical.5.html:f:root:-:644
+$html_directory/cidr_table.5.html:f:root:-:644
+$html_directory/cleanup.8.html:f:root:-:644
+$html_directory/defer.8.html:h:$html_directory/bounce.8.html:-:644
+$html_directory/discard.8.html:f:root:-:644
+$html_directory/dnsblog.8.html:f:root:-:644
+$html_directory/error.8.html:f:root:-:644
+$html_directory/flush.8.html:f:root:-:644
+$html_directory/generics.5.html:f:root:-:644:o
+$html_directory/generic.5.html:f:root:-:644
+$html_directory/header_checks.5.html:f:root:-:644
+$html_directory/index.html:f:root:-:644
+$html_directory/ldap_table.5.html:f:root:-:644
+$html_directory/lmtp.8.html:f:root:-:644
+$html_directory/local.8.html:f:root:-:644
+$html_directory/mailq.1.html:f:root:-:644
+$html_directory/master.5.html:f:root:-:644
+$html_directory/master.8.html:f:root:-:644
+$html_directory/memcache_table.5.html:f:root:-:644
+$html_directory/mysql_table.5.html:f:root:-:644
+$html_directory/sqlite_table.5.html:f:root:-:644
+$html_directory/nisplus_table.5.html:f:root:-:644
+$html_directory/newaliases.1.html:h:$html_directory/mailq.1.html:-:644
+$html_directory/oqmgr.8.html:f:root:-:644
+$html_directory/pcre_table.5.html:f:root:-:644
+$html_directory/pgsql_table.5.html:f:root:-:644
+$html_directory/pickup.8.html:f:root:-:644
+$html_directory/pipe.8.html:f:root:-:644
+$html_directory/postalias.1.html:f:root:-:644
+$html_directory/postcat.1.html:f:root:-:644
+$html_directory/postconf.1.html:f:root:-:644
+$html_directory/postconf.5.html:f:root:-:644
+$html_directory/postdrop.1.html:f:root:-:644
+$html_directory/postfix-logo.jpg:f:root:-:644
+$html_directory/postfix-manuals.html:f:root:-:644
+$html_directory/postfix-wrapper.5.html:f:root:-:644
+$html_directory/postfix.1.html:f:root:-:644
+$html_directory/postkick.1.html:f:root:-:644
+$html_directory/postlock.1.html:f:root:-:644
+$html_directory/postlog.1.html:f:root:-:644
+$html_directory/postmap.1.html:f:root:-:644
+$html_directory/postmulti.1.html:f:root:-:644
+$html_directory/postqueue.1.html:f:root:-:644
+$html_directory/postscreen.8.html:f:root:-:644
+$html_directory/postsuper.1.html:f:root:-:644
+$html_directory/qshape.1.html:f:root:-:644
+$html_directory/proxymap.8.html:f:root:-:644
+$html_directory/qmgr.8.html:f:root:-:644
+$html_directory/qmqp-sink.1.html:f:root:-:644
+$html_directory/qmqp-source.1.html:f:root:-:644
+$html_directory/qmqpd.8.html:f:root:-:644
+$html_directory/regexp_table.5.html:f:root:-:644
+$html_directory/relocated.5.html:f:root:-:644
+$html_directory/sendmail.1.html:h:$html_directory/mailq.1.html:-:644
+$html_directory/showq.8.html:f:root:-:644
+$html_directory/smtp-sink.1.html:f:root:-:644
+$html_directory/smtp-source.1.html:f:root:-:644
+$html_directory/smtp.8.html:h:$html_directory/lmtp.8.html:-:644
+$html_directory/smtpd.8.html:f:root:-:644
+$html_directory/spawn.8.html:f:root:-:644
+$html_directory/tlsproxy.8.html:f:root:-:644
+$html_directory/tcp_table.5.html:f:root:-:644
+$html_directory/trace.8.html:h:$html_directory/bounce.8.html:-:644
+$html_directory/transport.5.html:f:root:-:644
+$html_directory/trivial-rewrite.8.html:f:root:-:644
+$html_directory/verify.8.html:f:root:-:644
+$html_directory/virtual.5.html:f:root:-:644
+$html_directory/virtual.8.html:f:root:-:644
--- /dev/null
+#!/bin/sh
+
+#++
+# NAME
+# postfix-script 1
+# SUMMARY
+# execute Postfix administrative commands
+# SYNOPSIS
+# \fBpostfix-script\fR \fIcommand\fR
+# DESCRIPTION
+# The \fBpostfix-script\fR script executes Postfix administrative
+# commands in an environment that is set up by the \fBpostfix\fR(1)
+# command.
+# SEE ALSO
+# master(8) Postfix master program
+# postfix(1) Postfix administrative interface
+# LICENSE
+# .ad
+# .fi
+# The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+# Wietse Venema
+# IBM T.J. Watson Research
+# P.O. Box 704
+# Yorktown Heights, NY 10598, USA
+#--
+
+# Avoid POSIX death due to SIGHUP when some parent process exits.
+
+trap '' 1
+
+case $daemon_directory in
+"") echo This script must be run by the postfix command. 1>&2
+ echo Do not run directly. 1>&2
+ exit 1
+esac
+
+LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
+INFO="$LOGGER -p info"
+WARN="$LOGGER -p warn"
+ERROR="$LOGGER -p error"
+FATAL="$LOGGER -p fatal"
+PANIC="$LOGGER -p panic"
+
+if [ "X${1#quiet-}" != "X${1}" ]; then
+ INFO=:
+ x=${1#quiet-}
+ shift
+ set -- $x "$@"
+fi
+
+umask 022
+SHELL=/bin/sh
+
+#
+# Can't do much without these in place.
+#
+cd $command_directory || {
+ $FATAL no Postfix command directory $command_directory!
+ exit 1
+}
+cd $daemon_directory || {
+ $FATAL no Postfix daemon directory $daemon_directory!
+ exit 1
+}
+test -f master || {
+ $FATAL no Postfix master program $daemon_directory/master!
+ exit 1
+}
+cd $config_directory || {
+ $FATAL no Postfix configuration directory $config_directory!
+ exit 1
+}
+cd $queue_directory || {
+ $FATAL no Postfix queue directory $queue_directory!
+ exit 1
+}
+def_config_directory=`$command_directory/postconf -dh config_directory` || {
+ $FATAL cannot execute $command_directory/postconf!
+ exit 1
+}
+
+# If this is a secondary instance, don't touch shared files.
+
+instances=`test ! -f $def_config_directory/main.cf ||
+ $command_directory/postconf -c $def_config_directory \
+ -h multi_instance_directories | sed 's/,/ /'` || {
+ $FATAL cannot execute $command_directory/postconf!
+ exit 1
+}
+
+check_shared_files=1
+for name in $instances
+do
+ case "$name" in
+ "$def_config_directory") ;;
+ "$config_directory") check_shared_files=; break;;
+ esac
+done
+
+#
+# Parse JCL
+#
+case $1 in
+
+start_msg)
+
+ echo "Start postfix"
+ ;;
+
+stop_msg)
+
+ echo "Stop postfix"
+ ;;
+
+quick-start)
+
+ $daemon_directory/master -t 2>/dev/null || {
+ $FATAL the Postfix mail system is already running
+ exit 1
+ }
+ $daemon_directory/postfix-script quick-check || {
+ $FATAL Postfix integrity check failed!
+ exit 1
+ }
+ $INFO starting the Postfix mail system
+ $daemon_directory/master &
+ ;;
+
+start)
+
+ $daemon_directory/master -t 2>/dev/null || {
+ $FATAL the Postfix mail system is already running
+ exit 1
+ }
+ if [ -f $queue_directory/quick-start ]
+ then
+ rm -f $queue_directory/quick-start
+ else
+ $daemon_directory/postfix-script check-fatal || {
+ $FATAL Postfix integrity check failed!
+ exit 1
+ }
+ # Foreground this so it can be stopped. All inodes are cached.
+ $daemon_directory/postfix-script check-warn
+ fi
+ $INFO starting the Postfix mail system
+ # NOTE: wait in foreground process to get the initialization status.
+ $daemon_directory/master -w || {
+ $FATAL "mail system startup failed"
+ exit 1
+ }
+ ;;
+
+drain)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 1
+ }
+ $INFO stopping the Postfix mail system
+ kill -9 `sed 1q pid/master.pid`
+ ;;
+
+quick-stop)
+
+ $daemon_directory/postfix-script stop
+ touch $queue_directory/quick-start
+ ;;
+
+stop)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 0
+ }
+ $INFO stopping the Postfix mail system
+ kill `sed 1q pid/master.pid`
+ for i in 5 4 3 2 1
+ do
+ $daemon_directory/master -t && exit 0
+ $INFO waiting for the Postfix mail system to terminate
+ sleep 1
+ done
+ $WARN stopping the Postfix mail system with force
+ pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
+ kill -9 -$pid
+ ;;
+
+abort)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 0
+ }
+ $INFO aborting the Postfix mail system
+ kill `sed 1q pid/master.pid`
+ ;;
+
+reload)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 1
+ }
+ $INFO refreshing the Postfix mail system
+ $command_directory/postsuper active || exit 1
+ kill -HUP `sed 1q pid/master.pid`
+ $command_directory/postsuper &
+ ;;
+
+flush)
+
+ cd $queue_directory || {
+ $FATAL no Postfix queue directory $queue_directory!
+ exit 1
+ }
+ $command_directory/postqueue -f
+ ;;
+
+check)
+
+ $daemon_directory/postfix-script check-fatal || exit 1
+ $daemon_directory/postfix-script check-warn
+ exit 0
+ ;;
+
+status)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $INFO the Postfix mail system is not running
+ exit 1
+ }
+ $INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
+ exit 0
+ ;;
+
+quick-check)
+ # This command is NOT part of the public interface.
+
+ $SHELL $daemon_directory/post-install create-missing || {
+ $WARN unable to create missing queue directories
+ exit 1
+ }
+
+ # Look for incomplete installations.
+
+ test -f $config_directory/master.cf || {
+ $FATAL no $config_directory/master.cf file found
+ exit 1
+ }
+ exit 0
+ ;;
+
+check-fatal)
+ # This command is NOT part of the public interface.
+
+ $daemon_directory/postfix-script quick-check
+
+ # See if all queue files are in the right place. This is slow.
+ # We must scan all queues for mis-named queue files before the
+ # mail system can run.
+
+ $command_directory/postsuper || exit 1
+ exit 0
+ ;;
+
+check-warn)
+ # This command is NOT part of the public interface.
+
+ todo="$config_directory $queue_directory $queue_directory/pid"
+ test -n "$check_shared_files" && todo="$daemon_directory $todo"
+
+ for dir in $todo
+ do
+ ls -lLd $dir | (grep " root " >/dev/null ||
+ $WARN not owned by root: $dir)
+ done
+
+ # Some people break Postfix's security model.
+ ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
+ $WARN group or other writable: $queue_directory
+
+ todo="$config_directory/*"
+ test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
+
+ find $todo ! -user root \
+ -exec $WARN not owned by root: {} \;
+
+ todo="$config_directory/."
+ test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
+
+ find $todo \
+ \( -perm -020 -o -perm -002 \) -type f \
+ -exec $WARN group or other writable: {} \;
+
+ find $data_directory/. ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: {} \;
+
+ ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
+ $WARN group or other writable: $data_directory
+
+ find `ls -d $queue_directory/* | \
+ egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
+ ! \( -type p -o -type s \) ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: {} \;
+
+ todo="$queue_directory/public $queue_directory/maildrop"
+ test -n "$check_shared_files" &&
+ todo="$command_directory/postqueue $command_directory/postdrop $todo"
+
+ find $todo \
+ -prune ! -group $setgid_group \
+ -exec $WARN not owned by group $setgid_group: {} \;
+
+ test -n "$check_shared_files" &&
+ find $command_directory/postqueue $command_directory/postdrop \
+ -prune ! -perm -02111 \
+ -exec $WARN not set-gid or not owner+group+world executable: {} \;
+
+ for name in `ls -d $queue_directory/* | \
+ egrep '/(bin|etc|lib|usr)$'` ; \
+ do \
+ find $name ! -user root \
+ -exec $WARN not owned by root: {} \; ; \
+ done
+
+ # WARNING: this should not descend into the maildrop directory.
+ # maildrop is the least trusted Postfix directory.
+
+ find $queue_directory/maildrop/. -prune ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
+
+ for dir in bin etc lib sbin usr
+ do
+ test -d $dir && find $dir -type f -print | while read path
+ do
+ test -f /$path && {
+ cmp -s $path /$path ||
+ $WARN $queue_directory/$path and /$path differ
+ }
+ done
+ done
+
+ find corrupt -type f -exec $WARN damaged message: {} \;
+
+ # XXX also: look for weird stuff, weird permissions, etc.
+
+ test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
+ -f /usr/lib/sendmail && {
+ cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
+ $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
+ $WARN Replace one by a symbolic link to the other
+ }
+ }
+ exit 0
+ ;;
+
+set-permissions|upgrade-configuration)
+ $daemon_directory/post-install create-missing "$@"
+ ;;
+
+post-install)
+ # Currently not part of the public interface.
+ shift
+ $daemon_directory/post-install "$@"
+ ;;
+
+/*)
+ # Currently not part of the public interface.
+ "$@"
+ ;;
+
+*)
+ $ERROR "unknown command: '$1'"
+ $FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
+ exit 1
+ ;;
+
+esac
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMdEjw58wsRFmrbJ
+JOhMBYHNgSlAY8POog2cqQWv0SPfK6eKMNWST6tnBrI/S6qc8aprOTr2JxDSoG8t
+gxl6CdAKNFi9xGrXowe7aY/Xk72AcsResm72P4RbEpYvfN2lQOXjNwhODZD+wyNy
+IOrj1NnHZ1f0mz+xhiZPJyyVD2QLAgMBAAECgYBC/gCeXUFZnRD7nLokwtIjJoTi
+6nvf64s9ykpk2AwW5EOX6vSqCKtyM4vjxzXYITV6FtxBv1m45Sb82a82lHnReIW5
+4ae927Ef38YEorcNS3oq6IRgGBWM0t5a58Jz5AAE6SePI/LgLgfCegGxTLfHkCKL
+b3lnZkhTvE7APqIhKQJBAObU7gc9vUkQyOSiuh04YvhHCA5IpW3aYQk9/SL+kPu2
+EehUEsJktT1inDdGnv8aolxtU/KFSj1GUvzvl8FmI50CQQDc/ppqeRDzrfA88Xi7
+rGVF9fVswphkFwxVIM8fOwStfmiPmn0KJ56YKlffs0DWzpfDWVenE5cK0oCxCJl+
+PvnHAkEAg45hZoEaaxUE2cGgftzPEx8wiSuAFP68BQ9uQM6DBOI8jIO1+VJ6NNUJ
+oTs/jLa6SCELEhJDQG7fB0bp35B9xQJAVxqG9GZpdxJcuTiX1Kjbddq+9DIy7Ghl
+NPxshqu1aUiEn+1NUX5SNTmjTwmRCdl92cJSGQlQpDRaAu0Xyrm5qwJBAIjBYKpg
+0TaEw6g3rmXh2uUcKX8r0y+PdC5E3jplzTUwym2VV6shfyJ6CihvR6Ob3IGyQyBa
+mThe7HFiFVBwl1w=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIC+zCCAmSgAwIBAgIJAPgeULySAVERMA0GCSqGSIb3DQEBCwUAMIGzMQswCQYD
+VQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xFDASBgNV
+BAoMC0ZyYW5rIEJyZWhtMSQwIgYDVQQLDBtNYWlsIFNlcnZlciBQb3N0Zml4IFNT
+TCBrZXkxGjAYBgNVBAMMEW5zMS51aHUtYmFuYW5lLmRlMSowKAYJKoZIhvcNAQkB
+Fhtwb3N0bWFzdGVyQGJyZWhtLW9ubGluZS5jb20wHhcNMTYwMzA3MTc1NTIwWhcN
+MjYwMzA1MTc1NTIwWjCBszELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEP
+MA0GA1UEBwwGQmVybGluMRQwEgYDVQQKDAtGcmFuayBCcmVobTEkMCIGA1UECwwb
+TWFpbCBTZXJ2ZXIgUG9zdGZpeCBTU0wga2V5MRowGAYDVQQDDBFuczEudWh1LWJh
+bmFuZS5kZTEqMCgGCSqGSIb3DQEJARYbcG9zdG1hc3RlckBicmVobS1vbmxpbmUu
+Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHRI8OfMLERZq2ySToTAWB
+zYEpQGPDzqINnKkFr9Ej3yunijDVkk+rZwayP0uqnPGqazk69icQ0qBvLYMZegnQ
+CjRYvcRq16MHu2mP15O9gHLEXrJu9j+EWxKWL3zdpUDl4zcITg2Q/sMjciDq49TZ
+x2dX9Js/sYYmTycslQ9kCwIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJ
+KoZIhvcNAQELBQADgYEAK+nnUT4gsgjNofap8Z1YGMQ7rRHoWZ7iWk/4tIXLT+z5
+7OrCy+RbIqgV9Wv+I2ohsSew84Npq2T/Hc+tHUaCf5WQ+i/OTXSzIzxqEuf2ZVCG
+qR1uMUJKRQ4GScdqKDdRNdJ5E4mDqTFYUDr5X0HOe3BAv0lL/fbZL2CcC5wgCvg=
+-----END CERTIFICATE-----
+-----BEGIN DH PARAMETERS-----
+MEYCQQCD3bneuI1Rv1gt8IqX8lNfte2Wd+4XoNLHmT9WbMJgpofrT/Nptx+8RHor
+W/A2qUEfE+XjdBdmvzAlNC5drk8DAgEC
+-----END DH PARAMETERS-----
--- /dev/null
+# Managed by config management
+# Don't change it manually
+#
+
+mail.brehm-online.com vmail:uhu
+helga-six.brehm-online.com vmail:uhu
+mail.uhu-banane.net vmail@uhu-banane.net:up2UdLCE
+
+
+# vim: syntax=conf ts=8
--- /dev/null
+#!/bin/sh -e
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# kick named as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/sbin ]; then
+ exit 0
+fi
+
+# if named is running, reconfig it.
+rndc reconfig >/dev/null 2>&1 &
+
+exit 0
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is down
+# so that it won't try to contact the server.
+# John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+
+/bin/pidof chronyd > /dev/null || exit 0
+# Don't mark the connection offline unless we know ppp brought it up.
+test -e /var/run/chrony-ppp-up || exit 0
+KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+/usr/bin/chronyc << EOF
+password $PASSWORD
+offline
+EOF
+rm -f /var/run/chrony-ppp-up
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# start or reload Postfix as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# kick named as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/sbin ]; then
+ exit 0
+fi
+
+# if named is running, reconfig it.
+rndc reconfig >/dev/null 2>&1 &
+
+exit 0
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is up so that it can
+# contact the server. John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+
+/bin/pidof chronyd > /dev/null || exit 0
+KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+/usr/bin/chronyc << EOF
+password $PASSWORD
+online
+burst 5/10
+quit
+EOF
+touch /var/run/chrony-ppp-up
+exit 0
--- /dev/null
+#!/bin/sh
+
+if [ -n "$EX4DEBUG" ]; then
+ echo "now debugging $0 $@"
+ set -x
+fi
+
+[ -x /usr/lib/exim4/exim4 ] || exit 0
+
+[ -f /etc/default/exim4 ] && . /etc/default/exim4
+
+if [ "${QUEUERUNNER}" != "no" ] ; then
+# Flush exim queue
+ /usr/sbin/exim4 -qqf ${QUEUERUNNEROPTIONS} ${COMMONOPTIONS}
+fi
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# don't bother to restart postfix when lo is configured.
+if [ "$IFACE" = "lo" ]; then
+ exit 0
+fi
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+# start or reload Postfix as needed
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -n "$RUNNING" ]; then
+ if [ -x /usr/sbin/sendmail ]; then
+ /usr/sbin/sendmail -q >/dev/null 2>&1
+ fi
+fi
--- /dev/null
+# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
+# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
+
+if [ "`id -u`" -eq 0 ]; then
+ PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+else
+ PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
+fi
+export PATH
+
+if [ "$PS1" ]; then
+ if [ "$BASH" ] && [ "$BASH" != "/bin/sh" ]; then
+ # The file bash.bashrc already sets the default PS1.
+ # PS1='\h:\w\$ '
+ if [ -f /etc/bash.bashrc ]; then
+ . /etc/bash.bashrc
+ fi
+ else
+ if [ "`id -u`" -eq 0 ]; then
+ PS1='# '
+ else
+ PS1='$ '
+ fi
+ fi
+fi
+
+if [ -d /etc/profile.d ]; then
+ for i in /etc/profile.d/*.sh; do
+ if [ -r $i ]; then
+ . $i
+ fi
+ done
+ unset i
+fi
--- /dev/null
+# Z97-byobu.sh - allow any user to opt into auto-launching byobu
+# Copyright (C) 2011 Canonical Ltd.
+#
+# Authors: Dustin Kirkland <kirkland@byobu.co>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# Allow any user to opt into auto-launching byobu by setting LC_BYOBU=1
+# Apologies for borrowing the LC_BYOBU namespace, but:
+# a) it's reasonable to assume that no one else is using LC_BYOBU
+# b) LC_* is sent and receieved by most /etc/ssh/ssh*_config
+if [ -n "$LC_BYOBU" ] && [ "$LC_BYOBU" -gt 0 ] && [ -r "/usr/bin/byobu-launch" ]; then
+ . /usr/bin/byobu-launch
+elif [ "$LC_TERMTYPE" = "byobu" ] && [ -r "/usr/bin/byobu-launch" ]; then
+ . /usr/bin/byobu-launch
+elif [ "$LC_TERMTYPE" = "byobu-screen" ] && [ -r "/usr/bin/byobu-launch" ]; then
+ export BYOBU_BACKEND="screen"
+ . /usr/bin/byobu-launch
+elif [ "$LC_TERMTYPE" = "byobu-tmux" ] && [ -r "/usr/bin/byobu-launch" ]; then
+ export BYOBU_BACKEND="tmux"
+ . /usr/bin/byobu-launch
+fi
+
+# vi: syntax=sh ts=4 noexpandtab
--- /dev/null
+# Check for interactive bash and that we haven't already been sourced.
+if [ -n "$BASH_VERSION" -a -n "$PS1" -a -z "$BASH_COMPLETION_COMPAT_DIR" ]; then
+
+# Check for recent enough version of bash.
+bash=${BASH_VERSION%.*}; bmajor=${bash%.*}; bminor=${bash#*.}
+if [ $bmajor -gt 4 ] || [ $bmajor -eq 4 -a $bminor -ge 1 ]; then
+ [ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \
+ . "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion"
+ if shopt -q progcomp && [ -r /usr/share/bash-completion/bash_completion ]; then
+ # Source completion code.
+ . /usr/share/bash-completion/bash_completion
+ fi
+fi
+unset bash bmajor bminor
+
+fi
--- /dev/null
+# If not running interactively, don't do anything
+[ -z "$PS1" ] && return
+
+# Check for bash
+[ -z "$BASH_VERSION" ] && return
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=50000
+HISTFILESIZE=50000
+HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S '
+HISTCONTROL=ignoredups:ignorespace
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# coloring grep:
+export GREP_OPTIONS='--color=auto'
+export GREP_COLOR='1;32'
+# hold these special chars when piping to less
+export LESS="--RAW-CONTROL-CHARS"
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# make less more friendly for non-text input files, see lesspipe(1)
+[[ -x /bin/lesspipe ]] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [[ -z "${debian_chroot:-}" && -r /etc/debian_chroot ]]; then
+ debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, overwrite the one in /etc/profile)
+PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+force_color_prompt=yes
+
+if [[ -n "$force_color_prompt" ]]; then
+ if [[ -x /usr/bin/tput ]] && tput setaf 1 >&/dev/null; then
+ # We have color support; assume it's compliant with Ecma-48
+ # (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+ # a case would tend to support setf rather than setaf.)
+ color_prompt=yes
+ else
+ color_prompt=
+ fi
+fi
+
+prompt_status() {
+ local e=$?;
+ [[ $e != 0 ]] && echo -e "$e ";
+}
+
+if [[ "$color_prompt" = yes ]]; then
+ if type -t __git_ps1 >/dev/null ; then
+ if [[ "$UID" = 0 ]]; then
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;35m\] \$ \[\033[00m\]'
+ else
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;32m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;35m\] > \[\033[00m\]'
+ fi
+ else
+ if [[ "$UID" = 0 ]]; then
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w \[\033[01;35m\]\$ \[\033[00m\]'
+ else
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;32m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w \[\033[01;35m\]> \[\033[00m\]'
+ fi
+ fi
+else
+ PS1='${debian_chroot:+($debian_chroot)}$(prompt_status)\u@\h:\w\$ '
+fi
+
+# enable color support of ls and also add handy aliases
+if [[ -x /usr/bin/dircolors ]]; then
+ test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+ alias ls='ls --color=auto'
+ #alias dir='dir --color=auto'
+ #alias vdir='vdir --color=auto'
+
+# alias grep='grep --color=auto'
+# alias fgrep='fgrep --color=auto'
+# alias egrep='egrep --color=auto'
+fi
+
+# Save each command to the history file as it's executed. #517342
+# This does mean sessions get interleaved when reading later on, but this
+# way the history is always up to date. History is not synced across live
+# sessions though; that is what `history -n` does.
+# Disabled by default due to concerns related to system recovery when $HOME
+# is under duress, or lives somewhere flaky (like NFS). Constantly syncing
+# the history will halt the shell prompt until it's finished.
+PROMPT_COMMAND='history -a'
+
+# Commented out, don't overwrite xterm -T "title" -n "icontitle" by default.
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+ xterm*|rxvt*)
+ PROMPT_COMMAND='history -a; echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
+ ;;
+ *)
+ ;;
+esac
+
+alias ..='cd ..'
+alias ...='cd ../..'
+alias cd..='cd ..'
+alias cd...='cd ../..'
+alias l='ls -l'
+alias la='ls -la'
+alias ll='ls -lA'
+alias md='mkdir -p'
+if type -t whoami >/dev/null; then
+ alias pl="ps -fu $(whoami)"
+fi
+alias rd='rmdir'
+
+if [[ "$(type -t colordiff)" = "file" ]] ; then
+ alias diff="$(type -p colordiff)"
+fi
+
+if [[ -f ~/.bash_aliases ]]; then
+ . ~/.bash_aliases
+fi
+
+# enable bash completion in interactive shells
+if ! shopt -oq posix; then
+ if [[ -f /usr/share/bash-completion/bash_completion ]]; then
+ . /usr/share/bash-completion/bash_completion
+ elif [[ -f /etc/bash_completion ]]; then
+ . /etc/bash_completion
+ fi
+fi
+
+# if the command-not-found package is installed, use it
+if [[ -x /usr/lib/command-not-found || -x /usr/share/command-not-found/command-not-found ]]; then
+ function command_not_found_handle {
+ # check because c-n-f could've been removed in the meantime
+ if [[ -x /usr/lib/command-not-found ]]; then
+ /usr/bin/python /usr/lib/command-not-found -- "$1"
+ return $?
+ elif [[ -x /usr/share/command-not-found/command-not-found ]]; then
+ /usr/bin/python /usr/share/command-not-found/command-not-found -- "$1"
+ return $?
+ else
+ printf "%s: command not found\n" "$1" >&2
+ return 127
+ fi
+ }
+fi
+
+unset color_prompt force_color_prompt
+
+# vim: ts=4 expandtab
--- /dev/null
+# Internet (IP) protocols
+#
+# Updated from http://www.iana.org/assignments/protocol-numbers and other
+# sources.
+# New protocols will be added on request if they have been officially
+# assigned by IANA and are not historical.
+# If you need a huge list of used numbers please install the nmap package.
+
+ip 0 IP # internet protocol, pseudo protocol number
+hopopt 0 HOPOPT # IPv6 Hop-by-Hop Option [RFC1883]
+icmp 1 ICMP # internet control message protocol
+igmp 2 IGMP # Internet Group Management
+ggp 3 GGP # gateway-gateway protocol
+ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'')
+st 5 ST # ST datagram mode
+tcp 6 TCP # transmission control protocol
+egp 8 EGP # exterior gateway protocol
+igp 9 IGP # any private interior gateway (Cisco)
+pup 12 PUP # PARC universal packet protocol
+udp 17 UDP # user datagram protocol
+hmp 20 HMP # host monitoring protocol
+xns-idp 22 XNS-IDP # Xerox NS IDP
+rdp 27 RDP # "reliable datagram" protocol
+iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905]
+dccp 33 DCCP # Datagram Congestion Control Prot. [RFC4340]
+xtp 36 XTP # Xpress Transfer Protocol
+ddp 37 DDP # Datagram Delivery Protocol
+idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport
+ipv6 41 IPv6 # Internet Protocol, version 6
+ipv6-route 43 IPv6-Route # Routing Header for IPv6
+ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6
+idrp 45 IDRP # Inter-Domain Routing Protocol
+rsvp 46 RSVP # Reservation Protocol
+gre 47 GRE # General Routing Encapsulation
+esp 50 IPSEC-ESP # Encap Security Payload [RFC2406]
+ah 51 IPSEC-AH # Authentication Header [RFC2402]
+skip 57 SKIP # SKIP
+ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6
+ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
+ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
+rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB)
+vmtp 81 VMTP # Versatile Message Transport
+eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco)
+ospf 89 OSPFIGP # Open Shortest Path First IGP
+ax.25 93 AX.25 # AX.25 frames
+ipip 94 IPIP # IP-within-IP Encapsulation Protocol
+etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378]
+encap 98 ENCAP # Yet Another IP encapsulation [RFC1241]
+# 99 # any private encryption scheme
+pim 103 PIM # Protocol Independent Multicast
+ipcomp 108 IPCOMP # IP Payload Compression Protocol
+vrrp 112 VRRP # Virtual Router Redundancy Protocol [RFC5798]
+l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661]
+isis 124 ISIS # IS-IS over IPv4
+sctp 132 SCTP # Stream Control Transmission Protocol
+fc 133 FC # Fibre Channel
+mobility-header 135 Mobility-Header # Mobility Support for IPv6 [RFC3775]
+udplite 136 UDPLite # UDP-Lite [RFC3828]
+mpls-in-ip 137 MPLS-in-IP # MPLS-in-IP [RFC4023]
+manet 138 # MANET Protocols [RFC5498]
+hip 139 HIP # Host Identity Protocol
+shim6 140 Shim6 # Shim6 Protocol [RFC5533]
+wesp 141 WESP # Wrapped Encapsulating Security Payload
+rohc 142 ROHC # Robust Header Compression
--- /dev/null
+[DEFAULT]
+# how to byte-compile (comma separated: standard, optimize)
+byte-compile = standard
--- /dev/null
+# install the apport exception handler if available
+try:
+ import apport_python_hook
+except ImportError:
+ pass
+else:
+ apport_python_hook.install()
--- /dev/null
+# install the apport exception handler if available
+try:
+ import apport_python_hook
+except ImportError:
+ pass
+else:
+ apport_python_hook.install()
--- /dev/null
+[DEFAULT]
+# how to byte-compile (comma separated: standard, optimize)
+byte-compile = standard
--- /dev/null
+#!/bin/sh -e
+#
+# rc.local
+#
+# This script is executed at the end of each multiuser runlevel.
+# Make sure that the script will "exit 0" on success or any other
+# value on error.
+#
+# In order to enable or disable this script just change the execution
+# bits.
+#
+# By default this script does nothing.
+
+exit 0
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/sendsigs
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/umountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/umountfs
\ No newline at end of file
--- /dev/null
+../init.d/umountroot
\ No newline at end of file
--- /dev/null
+../init.d/halt
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed once when entering
+runlevel 0.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and to make the system ready
+for shutdown.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and thus to put the system in
+single-user mode.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/killprocs
\ No newline at end of file
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/single
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+../init.d/aiccu
\ No newline at end of file
--- /dev/null
+../init.d/apache2
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/exim4
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/bind9
\ No newline at end of file
--- /dev/null
+../init.d/sendsigs
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/umountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/umountfs
\ No newline at end of file
--- /dev/null
+../init.d/umountroot
\ No newline at end of file
--- /dev/null
+../init.d/reboot
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed once when entering
+runlevel 6.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and to make the system ready
+for reboot.
+
+For more information see /etc/init.d/README.
--- /dev/null
+The scripts in this directory whose names begin with an 'S' are
+executed once when booting the system, even when booting directly into
+single user mode.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a script in this directory, rename it so that it begins
+with a 'K' and run 'update-rc.d script defaults' to update the order
+using the script dependencies.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/hostname.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountkernfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/udev
\ No newline at end of file
--- /dev/null
+../init.d/mountdevsubfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/keymap.sh
\ No newline at end of file
--- /dev/null
+../init.d/keyboard-setup
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/lvm2
\ No newline at end of file
--- /dev/null
+../init.d/checkroot.sh
\ No newline at end of file
--- /dev/null
+../init.d/checkfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/checkroot-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/kmod
\ No newline at end of file
--- /dev/null
+../init.d/mountall.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountall-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/procps
\ No newline at end of file
--- /dev/null
+../init.d/udev-finish
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/mountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountnfs-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/kbd
\ No newline at end of file
--- /dev/null
+../init.d/console-setup
\ No newline at end of file
--- /dev/null
+../init.d/bootmisc.sh
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+domain uhu-banane.de
+search uhu-banane.de brehm-online.com hennig-berlin.org
+nameserver 127.0.0.1
+nameserver 185.48.118.6
+nameserver 185.48.116.10
--- /dev/null
+#!/bin/sh -e
+
+# we only need to copy this in if the service is already running.
+# if it's not running, it'll get picked up by the init script on start.
+/etc/init.d/postfix status >/dev/null 2>&1 || exit 0
+
+QUEUEDIR="$(/usr/sbin/postconf -h queue_directory 2>/dev/null || true)"
+if [ -n "$QUEUEDIR" ]; then
+ cp /etc/resolv.conf ${QUEUEDIR}/etc/resolv.conf
+ /etc/init.d/postfix reload >/dev/null 2>&1 || exit 0
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh
+#
+# This is not a mistake. This shell script (/etc/rmt) has been provided
+# for compatibility with other Unix-like systems, some of which have
+# utilities that expect to find (and execute) rmt in the /etc directory
+# on remote systems.
+#
+exec /usr/sbin/rmt
--- /dev/null
+# This file contains user readable names that can be used in place of rpc
+# program numbers.
+
+portmapper 100000 portmap sunrpc
+rstatd 100001 rstat rstat_svc rup perfmeter
+rusersd 100002 rusers
+nfs 100003 nfsprog
+ypserv 100004 ypprog
+mountd 100005 mount showmount
+ypbind 100007
+walld 100008 rwall shutdown
+yppasswdd 100009 yppasswd
+etherstatd 100010 etherstat
+rquotad 100011 rquotaprog quota rquota
+sprayd 100012 spray
+3270_mapper 100013
+rje_mapper 100014
+selection_svc 100015 selnsvc
+database_svc 100016
+rexd 100017 rex
+alis 100018
+sched 100019
+llockmgr 100020
+nlockmgr 100021
+x25.inr 100022
+statmon 100023
+status 100024
+bootparam 100026
+ypupdated 100028 ypupdate
+keyserv 100029 keyserver
+tfsd 100037
+nsed 100038
+nsemntd 100039
+ypxfrd 100069
+pcnfsd 150001
+amd 300019 amq
+sgi_fam 391002
+ugidd 545580417
+fypxfrd 600100069 freebsd-ypxfrd
+bwnfsd 788585389
--- /dev/null
+# /etc/rsyslog.conf Configuration file for rsyslog.
+#
+# For more information see
+# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+
+# Check config syntax on startup and abort if unclean (default: off)
+$AbortOnUncleanConfig on
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog # provides kernel logging support
+#$ModLoad immark # provides --MARK-- message capability
+module(load="immark" Interval="3600")
+
+# provides UDP syslog reception
+#$ModLoad imudp
+#$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+module(load="impstats"
+ interval="43200"
+ severity="7"
+ log.syslog="off"
+ /* need to turn log stream logging off! */
+ log.file="/var/log/syslog.d/stats.log")
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+module(
+ load="builtin:omfile"
+ Template="RSYSLOG_FileFormat"
+ FileCreateMode="0644"
+ DirCreateMode="0755"
+ fileOwnerNum="0"
+ fileGroupNum="0"
+ dirOwnerNum="0"
+ dirGroupNum="0"
+)
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# First some standard log files. Log by facility.
+#
+#auth,authpriv.* /var/log/auth.log
+#*.*;auth,authpriv.none -/var/log/syslog
+#cron.* /var/log/cron.log
+#daemon.* -/var/log/daemon.log
+#kern.* -/var/log/kern.log
+#lpr.* -/var/log/lpr.log
+#mail.* -/var/log/mail.log
+#user.* -/var/log/user.log
+
+#
+# Logging for the mail system. Split it up so that
+# it is easy to write scripts to parse these files.
+#
+#mail.info -/var/log/mail.info
+#mail.warn -/var/log/mail.warn
+#mail.err /var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+#news.crit /var/log/news/news.crit
+#news.err /var/log/news/news.err
+#news.notice -/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+#*.=debug;\
+# auth,authpriv.none;\
+# news.none;mail.none -/var/log/debug
+#*.=info;*.=notice;*.=warn;\
+# auth,authpriv.none;\
+# cron,daemon.none;\
+# mail,news.none -/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg :omusrmsg:*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+# news.=crit;news.=err;news.=notice;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn /dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
+# you must invoke `xconsole' with the `-file' option:
+#
+# $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+# busy site..
+#
+daemon.*;mail.*;\
+ news.err;\
+ *.=debug;*.=info;\
+ *.=notice;*.=warn |/dev/xconsole
--- /dev/null
+*.=debug;auth,authpriv,news,mail.none action(
+ type="omfile"
+ File="/var/log/debug.log"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action(
+ type="omfile"
+ File="/var/log/messages"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+# Uncomment the following directive to re-enable the
+# deprecated "/var/log/syslog" log file (don't forget to re-enable log
+# rotation in "/etc/logrotate.d/rsyslog" if you do that!)
+#*.*;auth,authpriv.none,mail.none action(
+# type="omfile"
+# File="/var/log/syslog"
+# FileOwner="root"
+# FileGroup="adm"
+#)
+
+*.emerg action(
+ type="omusrmsg"
+ Users="*"
+ action.execOnlyOnceEveryInterval="10"
+)
+
+# Create an additional socket for the default chroot location
+# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744)
+#input(type="imuxsock" Socket="/var/empty/dev/log")
+
+
+# vim: filetype=conf
--- /dev/null
+template (
+ name="facility"
+ type="string"
+ string="/var/log/syslog.d/%syslogfacility-text%.log"
+)
+
+*.* action(
+ type="omfile"
+ DynaFile="facility"
+ DirCreateMode="0755"
+ FileCreateMode="0644"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+*.* action(
+ type="omfile"
+ File="/var/log/all.log"
+ FileOwner="root"
+ FileGroup="adm"
+ Sync="off"
+)
+
+*.warn;news,mail.none action(
+ type="omfile"
+ File="/dev/tty12"
+ FileOwner="root"
+ FileGroup="root"
+)
+
+# vim: filetype=conf
--- /dev/null
+# Create an additional socket in postfix's chroot in order not to break
+# mail logging when rsyslog is restarted. If the directory is missing,
+# rsyslog will silently skip creating the socket.
+$AddUnixListenSocket /var/spool/postfix/dev/log
--- /dev/null
+##### Primary configuration settings #####
+##########################################
+# This configuration file is used to manage the behavior of the Salt Minion.
+# With the exception of the location of the Salt Master Server, values that are
+# commented out but have an empty line after the comment are defaults that need
+# not be set in the config. If there is no blank line after the comment, the
+# value is presented as an example and is not the default.
+
+# Per default the minion will automatically include all config files
+# from minion.d/*.conf (minion.d is a directory in the same directory
+# as the main minion config file).
+#default_include: minion.d/*.conf
+
+# Set the location of the salt master server. If the master server cannot be
+# resolved, then the minion will fail to start.
+#master: salt
+
+# Set http proxy information for the minion when doing requests
+#proxy_host:
+#proxy_port:
+#proxy_username:
+#proxy_password:
+
+# If multiple masters are specified in the 'master' setting, the default behavior
+# is to always try to connect to them in the order they are listed. If random_master is
+# set to True, the order will be randomized instead. This can be helpful in distributing
+# the load of many minions executing salt-call requests, for example, from a cron job.
+# If only one master is listed, this setting is ignored and a warning will be logged.
+# NOTE: If master_type is set to failover, use master_shuffle instead.
+#random_master: False
+
+# Use if master_type is set to failover.
+#master_shuffle: False
+
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable. Multiple hot masters are configured by setting this
+# value to "str". Failover masters can be requested by setting
+# to "failover". MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: str
+
+# Poll interval in seconds for checking if the master is still there. Only
+# respected if master_type above is "failover". To disable the interval entirely,
+# set the value to -1. (This may be necessary on machines which have high numbers
+# of TCP connections, such as load balancers.)
+# master_alive_interval: 30
+
+# If the minion is in multi-master mode and the master_type configuration option
+# is set to "failover", this setting can be set to "True" to force the minion
+# to fail back to the first master in the list if the first master is back online.
+#master_failback: False
+
+# If the minion is in multi-master mode, the "master_type" configuration is set to
+# "failover", and the "master_failback" option is enabled, the master failback
+# interval can be set to ping the top master with this interval, in seconds.
+#master_failback_interval: 0
+
+# Set whether the minion should connect to the master via IPv6:
+#ipv6: False
+
+# Set the number of seconds to wait before attempting to resolve
+# the master hostname if name resolution fails. Defaults to 30 seconds.
+# Set to zero if the minion should shutdown and not retry.
+# retry_dns: 30
+
+# Set the port used by the master reply and authentication server.
+#master_port: 4506
+
+# The user to run salt.
+#user: root
+
+# The user to run salt remote execution commands as via sudo. If this option is
+# enabled then sudo will be used to change the active user executing the remote
+# command. If enabled the user will need to be allowed access via the sudoers
+# file for the user that the salt minion is configured to run as. The most
+# common option would be to use the root user. If this option is set the user
+# option should also be set to a non-root user. If migrating from a root minion
+# to a non root minion the minion cache should be cleared and the minion pki
+# directory will need to be changed to the ownership of the new user.
+#sudo_user: root
+
+# Specify the location of the daemon process ID file.
+#pidfile: /var/run/salt-minion.pid
+
+# The root directory prepended to these options: pki_dir, cachedir, log_file,
+# sock_dir, pidfile.
+#root_dir: /
+
+# The path to the minion's configuration file.
+#conf_file: /etc/salt/minion
+
+# The directory to store the pki information in
+#pki_dir: /etc/salt/pki/minion
+
+# Explicitly declare the id for this minion to use, if left commented the id
+# will be the hostname as returned by the python call: socket.getfqdn()
+# Since salt uses detached ids it is possible to run multiple minions on the
+# same machine but with different ids, this can be useful for salt compute
+# clusters.
+#id:
+
+# Cache the minion id to a file when the minion's id is not statically defined
+# in the minion config. Defaults to "True". This setting prevents potential
+# problems when automatic minion id resolution changes, which can cause the
+# minion to lose connection with the master. To turn off minion id caching,
+# set this config to ``False``.
+#minion_id_caching: True
+
+# Append a domain to a hostname in the event that it does not exist. This is
+# useful for systems where socket.getfqdn() does not actually result in a
+# FQDN (for instance, Solaris).
+#append_domain:
+
+# Custom static grains for this minion can be specified here and used in SLS
+# files just like all other grains. This example sets 4 custom grains, with
+# the 'roles' grain having two values that can be matched against.
+#grains:
+# roles:
+# - webserver
+# - memcache
+# deployment: datacenter4
+# cabinet: 13
+# cab_u: 14-15
+#
+# Where cache data goes.
+# This data may contain sensitive data and should be protected accordingly.
+#cachedir: /var/cache/salt/minion
+
+# Append minion_id to these directories. Helps with
+# multiple proxies and minions running on the same machine.
+# Allowed elements in the list: pki_dir, cachedir, extension_modules
+# Normally not needed unless running several proxies and/or minions on the same machine
+# Defaults to ['cachedir'] for proxies, [] (empty list) for regular minions
+#append_minionid_config_dirs:
+
+# Verify and set permissions on configuration directories at startup.
+#verify_env: True
+
+# The minion can locally cache the return data from jobs sent to it, this
+# can be a good way to keep track of jobs the minion has executed
+# (on the minion side). By default this feature is disabled, to enable, set
+# cache_jobs to True.
+#cache_jobs: False
+
+# Set the directory used to hold unix sockets.
+#sock_dir: /var/run/salt/minion
+
+# Set the default outputter used by the salt-call command. The default is
+# "nested".
+#output: nested
+#
+# By default output is colored. To disable colored output, set the color value
+# to False.
+#color: True
+
+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
+# Backup files that are replaced by file.managed and file.recurse under
+# 'cachedir'/file_backups relative to their original location and appended
+# with a timestamp. The only valid setting is "minion". Disabled by default.
+#
+# Alternatively this can be specified for each file in state files:
+# /etc/ssh/sshd_config:
+# file.managed:
+# - source: salt://ssh/sshd_config
+# - backup: minion
+#
+#backup_mode: minion
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the time, in
+# seconds, between those reconnection attempts.
+#acceptance_wait_time: 10
+
+# If this is nonzero, the time between reconnection attempts will increase by
+# acceptance_wait_time seconds per iteration, up to this maximum. If this is
+# set to zero, the time between reconnection attempts will stay constant.
+#acceptance_wait_time_max: 0
+
+# If the master rejects the minion's public key, retry instead of exiting.
+# Rejected keys will be handled the same as waiting on acceptance.
+#rejected_retry: False
+
+# When the master key changes, the minion will try to re-auth itself to receive
+# the new master key. In larger environments this can cause a SYN flood on the
+# master because all minions try to re-auth immediately. To prevent this and
+# have a minion wait for a random amount of time, use this optional parameter.
+# The wait-time will be a random number of seconds between 0 and the defined value.
+#random_reauth_delay: 60
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the timeout value,
+# in seconds, for each individual attempt. After this timeout expires, the minion
+# will wait for acceptance_wait_time seconds before trying again. Unless your master
+# is under unusually heavy load, this should be left at the default.
+#auth_timeout: 60
+
+# Number of consecutive SaltReqTimeoutError that are acceptable when trying to
+# authenticate.
+#auth_tries: 7
+
+# The number of attempts to connect to a master before giving up.
+# Set this to -1 for unlimited attempts. This allows for a master to have
+# downtime and the minion to reconnect to it later when it comes back up.
+# In 'failover' mode, it is the number of attempts for each set of masters.
+# In this mode, it will cycle through the list of masters for each attempt.
+#
+# This is different than auth_tries because auth_tries attempts to
+# retry auth attempts with a single master. auth_tries is under the
+# assumption that you can connect to the master but not gain
+# authorization from it. master_tries will still cycle through all
+# the masters in a given try, so it is appropriate if you expect
+# occasional downtime from the master(s).
+#master_tries: 1
+
+# If authentication fails due to SaltReqTimeoutError during a ping_interval,
+# cause sub minion process to restart.
+#auth_safemode: False
+
+# Ping Master to ensure connection is alive (minutes).
+#ping_interval: 0
+
+# To auto recover minions if master changes IP address (DDNS)
+# auth_tries: 10
+# auth_safemode: False
+# ping_interval: 90
+#
+# Minions won't know master is missing until a ping fails. After the ping fail,
+# the minion will attempt authentication and likely fails out and cause a restart.
+# When the minion restarts it will resolve the masters IP and attempt to reconnect.
+
+# If you don't have any problems with syn-floods, don't bother with the
+# three recon_* settings described below, just leave the defaults!
+#
+# The ZeroMQ pull-socket that binds to the masters publishing interface tries
+# to reconnect immediately, if the socket is disconnected (for example if
+# the master processes are restarted). In large setups this will have all
+# minions reconnect immediately which might flood the master (the ZeroMQ-default
+# is usually a 100ms delay). To prevent this, these three recon_* settings
+# can be used.
+# recon_default: the interval in milliseconds that the socket should wait before
+# trying to reconnect to the master (1000ms = 1 second)
+#
+# recon_max: the maximum time a socket should wait. each interval the time to wait
+# is calculated by doubling the previous time. if recon_max is reached,
+# it starts again at recon_default. Short example:
+#
+# reconnect 1: the socket will wait 'recon_default' milliseconds
+# reconnect 2: 'recon_default' * 2
+# reconnect 3: ('recon_default' * 2) * 2
+# reconnect 4: value from previous interval * 2
+# reconnect 5: value from previous interval * 2
+# reconnect x: if value >= recon_max, it starts again with recon_default
+#
+# recon_randomize: generate a random wait time on minion start. The wait time will
+# be a random value between recon_default and recon_default +
+# recon_max. Having all minions reconnect with the same recon_default
+# and recon_max value kind of defeats the purpose of being able to
+# change these settings. If all minions have the same values and your
+# setup is quite large (several thousand minions), they will still
+# flood the master. The desired behavior is to have timeframe within
+# all minions try to reconnect.
+#
+# Example on how to use these settings. The goal: have all minions reconnect within a
+# 60 second timeframe on a disconnect.
+# recon_default: 1000
+# recon_max: 59000
+# recon_randomize: True
+#
+# Each minion will have a randomized reconnect value between 'recon_default'
+# and 'recon_default + recon_max', which in this example means between 1000ms
+# 60000ms (or between 1 and 60 seconds). The generated random-value will be
+# doubled after each attempt to reconnect. Lets say the generated random
+# value is 11 seconds (or 11000ms).
+# reconnect 1: wait 11 seconds
+# reconnect 2: wait 22 seconds
+# reconnect 3: wait 33 seconds
+# reconnect 4: wait 44 seconds
+# reconnect 5: wait 55 seconds
+# reconnect 6: wait time is bigger than 60 seconds (recon_default + recon_max)
+# reconnect 7: wait 11 seconds
+# reconnect 8: wait 22 seconds
+# reconnect 9: wait 33 seconds
+# reconnect x: etc.
+#
+# In a setup with ~6000 thousand hosts these settings would average the reconnects
+# to about 100 per second and all hosts would be reconnected within 60 seconds.
+# recon_default: 100
+# recon_max: 5000
+# recon_randomize: False
+#
+#
+# The loop_interval sets how long in seconds the minion will wait between
+# evaluating the scheduler and running cleanup tasks. This defaults to a
+# sane 60 seconds, but if the minion scheduler needs to be evaluated more
+# often lower this value
+#loop_interval: 60
+
+# The grains can be merged, instead of overridden, using this option.
+# This allows custom grains to defined different subvalues of a dictionary
+# grain. By default this feature is disabled, to enable set grains_deep_merge
+# to ``True``.
+#grains_deep_merge: False
+
+# The grains_refresh_every setting allows for a minion to periodically check
+# its grains to see if they have changed and, if so, to inform the master
+# of the new grains. This operation is moderately expensive, therefore
+# care should be taken not to set this value too low.
+#
+# Note: This value is expressed in __minutes__!
+#
+# A value of 10 minutes is a reasonable default.
+#
+# If the value is set to zero, this check is disabled.
+#grains_refresh_every: 1
+
+# Cache grains on the minion. Default is False.
+#grains_cache: False
+
+# Cache rendered pillar data on the minion. Default is False.
+# This may cause 'cachedir'/pillar to contain sensitive data that should be
+# protected accordingly.
+#minion_pillar_cache: False
+
+# Grains cache expiration, in seconds. If the cache file is older than this
+# number of seconds then the grains cache will be dumped and fully re-populated
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
+# is not enabled.
+# grains_cache_expiration: 300
+
+# Determines whether or not the salt minion should run scheduled mine updates.
+# Defaults to "True". Set to "False" to disable the scheduled mine updates
+# (this essentially just does not add the mine update function to the minion's
+# scheduler).
+#mine_enabled: True
+
+# Determines whether or not scheduled mine updates should be accompanied by a job
+# return for the job cache. Defaults to "False". Set to "True" to include job
+# returns in the job cache for mine updates.
+#mine_return_job: False
+
+# Example functions that can be run via the mine facility
+# NO mine functions are established by default.
+# Note these can be defined in the minion's pillar as well.
+#mine_functions:
+# test.ping: []
+# network.ip_addrs:
+# interface: eth0
+# cidr: '10.0.0.0/8'
+
+# Windows platforms lack posix IPC and must rely on slower TCP based inter-
+# process communications. Set ipc_mode to 'tcp' on such systems
+#ipc_mode: ipc
+
+# Overwrite the default tcp ports used by the minion when in tcp mode
+#tcp_pub_port: 4510
+#tcp_pull_port: 4511
+
+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# minion event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# To detect failed master(s) and fire events on connect/disconnect, set
+# master_alive_interval to the number of seconds to poll the masters for
+# connection events.
+#
+#master_alive_interval: 30
+
+# The minion can include configuration from other files. To enable this,
+# pass a list of paths to this option. The paths can be either relative or
+# absolute; if relative, they are considered to be relative to the directory
+# the main minion configuration file lives in (this file). Paths can make use
+# of shell-style globbing. If no files are matched by a path passed to this
+# option then the minion will log a warning message.
+#
+# Include a config file from some other path:
+# include: /etc/salt/extra_config
+#
+# Include config from several files and directories:
+#include:
+# - /etc/salt/extra_config
+# - /etc/roles/webserver
+
+# The syndic minion can verify that it is talking to the correct master via the
+# key fingerprint of the higher-level master with the "syndic_finger" config.
+#syndic_finger: ''
+#
+#
+#
+##### Minion module management #####
+##########################################
+# Disable specific modules. This allows the admin to limit the level of
+# access the master has to the minion.
+#disable_modules: [cmd,test]
+#disable_returners: []
+#
+# Modules can be loaded from arbitrary paths. This enables the easy deployment
+# of third party modules. Modules for returners and minions can be loaded.
+# Specify a list of extra directories to search for minion modules and
+# returners. These paths must be fully qualified!
+#module_dirs: []
+#returner_dirs: []
+#states_dirs: []
+#render_dirs: []
+#utils_dirs: []
+#
+# A module provider can be statically overwritten or extended for the minion
+# via the providers option, in this case the default module will be
+# overwritten by the specified module. In this example the pkg module will
+# be provided by the yumpkg5 module instead of the system default.
+#providers:
+# pkg: yumpkg5
+#
+# Enable Cython modules searching and loading. (Default: False)
+#cython_enable: False
+#
+# Specify a max size (in bytes) for modules on import. This feature is currently
+# only supported on *nix operating systems and requires psutil.
+# modules_max_memory: -1
+
+
+##### State Management Settings #####
+###########################################
+# The state management system executes all of the state templates on the minion
+# to enable more granular control of system state management. The type of
+# template and serialization used for state management needs to be configured
+# on the minion, the default renderer is yaml_jinja. This is a yaml file
+# rendered from a jinja template, the available options are:
+# yaml_jinja
+# yaml_mako
+# yaml_wempy
+# json_jinja
+# json_mako
+# json_wempy
+#
+#renderer: yaml_jinja
+#
+# The failhard option tells the minions to stop immediately after the first
+# failure detected in the state execution. Defaults to False.
+#failhard: False
+#
+# Reload the modules prior to a highstate run.
+#autoload_dynamic_modules: True
+#
+# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
+# the dynamic modules on the master, this means that if a dynamic module is
+# not on the master it will be deleted from the minion. By default, this is
+# enabled and can be disabled by changing this value to False.
+#clean_dynamic_modules: True
+#
+# Normally, the minion is not isolated to any single environment on the master
+# when running states, but the environment can be isolated on the minion side
+# by statically setting it. Remember that the recommended way to manage
+# environments is to isolate via the top file.
+#environment: None
+#
+# Isolates the pillar environment on the minion side. This functions the same
+# as the environment setting, but for pillar instead of states.
+#pillarenv: None
+#
+# If using the local file directory, then the state top file name needs to be
+# defined, by default this is top.sls.
+#state_top: top.sls
+#
+# Run states when the minion daemon starts. To enable, set startup_states to:
+# 'highstate' -- Execute state.highstate
+# 'sls' -- Read in the sls_list option and execute the named sls files
+# 'top' -- Read top_file option and execute based on that file on the Master
+#startup_states: ''
+#
+# List of states to run when the minion starts up if startup_states is 'sls':
+#sls_list:
+# - edit.vim
+# - hyper
+#
+# Top file to execute if startup_states is 'top':
+#top_file: ''
+
+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to True. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
+##### File Directory Settings #####
+##########################################
+# The Salt Minion can redirect all file server operations to a local directory,
+# this allows for the same state tree that is on the master to be used if
+# copied completely onto the minion. This is a literal copy of the settings on
+# the master but used to reference a local directory on the minion.
+
+# Set the file client. The client defaults to looking on the master server for
+# files, but can be directed to look at the local file directory setting
+# defined below by setting it to "local". Setting a local file_client runs the
+# minion in masterless mode.
+#file_client: remote
+
+# The file directory works on environments passed to the minion, each environment
+# can have multiple root directories, the subdirectories in the multiple file
+# roots cannot match, otherwise the downloaded files will not be able to be
+# reliably ensured. A base environment is required to house the top file.
+# Example:
+# file_roots:
+# base:
+# - /srv/salt/
+# dev:
+# - /srv/salt/dev/services
+# - /srv/salt/dev/states
+# prod:
+# - /srv/salt/prod/services
+# - /srv/salt/prod/states
+#
+#file_roots:
+# base:
+# - /srv/salt
+
+# Uncomment the line below if you do not want the file_server to follow
+# symlinks when walking the filesystem tree. This is set to True
+# by default. Currently this only applies to the default roots
+# fileserver_backend.
+#fileserver_followsymlinks: False
+#
+# Uncomment the line below if you do not want symlinks to be
+# treated as the files they are pointing to. By default this is set to
+# False. By uncommenting the line below, any detected symlink while listing
+# files on the Master will not be returned to the Minion.
+#fileserver_ignoresymlinks: True
+#
+# By default, the Salt fileserver recurses fully into all defined environments
+# to attempt to find files. To limit this behavior so that the fileserver only
+# traverses directories with SLS files and special Salt directories like _modules,
+# enable the option below. This might be useful for installations where a file root
+# has a very large number of files and performance is negatively impacted. Default
+# is False.
+#fileserver_limit_traversal: False
+
+# The hash_type is the hash to use when discovering the hash of a file in
+# the local fileserver. The default is sha256, sha224, sha384 and sha512 are also supported.
+#
+# WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
+# Warning: Prior to changing this value, the minion should be stopped and all
+# Salt caches should be cleared.
+#hash_type: sha256
+
+# The Salt pillar is searched for locally if file_client is set to local. If
+# this is the case, and pillar data is defined, then the pillar_roots need to
+# also be configured on the minion:
+#pillar_roots:
+# base:
+# - /srv/pillar
+
+# Set a hard-limit on the size of the files that can be pushed to the master.
+# It will be interpreted as megabytes. Default: 100
+#file_recv_max_size: 100
+#
+#
+###### Security settings #####
+###########################################
+# Enable "open mode", this mode still maintains encryption, but turns off
+# authentication, this is only intended for highly secure environments or for
+# the situation where your keys end up in a bad state. If you run in open mode
+# you do so at your own risk!
+#open_mode: False
+
+# Enable permissive access to the salt keys. This allows you to run the
+# master or minion as root, but have a non-root group be given access to
+# your pki_dir. To make the access explicit, root must belong to the group
+# you've given access to. This is potentially quite insecure.
+#permissive_pki_access: False
+
+# The state_verbose and state_output settings can be used to change the way
+# state system data is printed to the display. By default all data is printed.
+# The state_verbose setting can be set to True or False, when set to False
+# all data that has a result of True and no changes will be suppressed.
+#state_verbose: True
+
+# The state_output setting changes if the output is the full multi line
+# output for each changed state if set to 'full', but if set to 'terse'
+# the output will be shortened to a single line.
+#state_output: full
+
+# The state_output_diff setting changes whether or not the output from
+# successful states is returned. Useful when even the terse output of these
+# states is cluttering the logs. Set it to True to ignore them.
+#state_output_diff: False
+
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
+# Fingerprint of the master public key to validate the identity of your Salt master
+# before the initial key exchange. The master fingerprint can be found by running
+# "salt-key -F master" on the Salt master.
+#master_finger: ''
+
+
+###### Thread settings #####
+###########################################
+# Disable multiprocessing support, by default when a minion receives a
+# publication a new process is spawned and the command is executed therein.
+#multiprocessing: True
+
+
+##### Logging settings #####
+##########################################
+# The location of the minion log file
+# The minion log can be sent to a regular file, local path name, or network
+# location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
+# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
+# format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
+#log_file: /var/log/salt/minion
+#log_file: file:///dev/log
+#log_file: udp://loghost:10514
+#
+#log_file: /var/log/salt/minion
+#key_logfile: /var/log/salt/key
+
+# The level of messages to send to the console.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
+# Default: 'warning'
+#log_level: warning
+
+# The level of messages to send to the log file.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
+# Default: 'warning'
+#log_level_logfile:
+
+# The date and time format used in log messages. Allowed date/time formatting
+# can be seen here: http://docs.python.org/library/time.html#time.strftime
+#log_datefmt: '%H:%M:%S'
+#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
+
+# The format of the console logging messages. Allowed formatting options can
+# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
+#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+
+# This can be used to control logging levels more specificically. This
+# example sets the main salt library at the 'warning' level, but sets
+# 'salt.modules' to log at the 'debug' level:
+# log_granular_levels:
+# 'salt': 'warning'
+# 'salt.modules': 'debug'
+#
+#log_granular_levels: {}
+
+# To diagnose issues with minions disconnecting or missing returns, ZeroMQ
+# supports the use of monitor sockets to log connection events. This
+# feature requires ZeroMQ 4.0 or higher.
+#
+# To enable ZeroMQ monitor sockets, set 'zmq_monitor' to 'True' and log at a
+# debug level or higher.
+#
+# A sample log event is as follows:
+#
+# [DEBUG ] ZeroMQ event: {'endpoint': 'tcp://127.0.0.1:4505', 'event': 512,
+# 'value': 27, 'description': 'EVENT_DISCONNECTED'}
+#
+# All events logged will include the string 'ZeroMQ event'. A connection event
+# should be logged as the minion starts up and initially connects to the
+# master. If not, check for debug log level and that the necessary version of
+# ZeroMQ is installed.
+#
+#zmq_monitor: False
+
+###### Module configuration #####
+###########################################
+# Salt allows for modules to be passed arbitrary configuration data, any data
+# passed here in valid yaml format will be passed on to the salt minion modules
+# for use. It is STRONGLY recommended that a naming convention be used in which
+# the module name is followed by a . and then the value. Also, all top level
+# data must be applied via the yaml dict construct, some examples:
+#
+# You can specify that all modules should run in test mode:
+#test: True
+#
+# A simple value for the test module:
+#test.foo: foo
+#
+# A list for the test module:
+#test.bar: [baz,quo]
+#
+# A dict for the test module:
+#test.baz: {spam: sausage, cheese: bread}
+#
+#
+###### Update settings ######
+###########################################
+# Using the features in Esky, a salt minion can both run as a frozen app and
+# be updated on the fly. These options control how the update process
+# (saltutil.update()) behaves.
+#
+# The url for finding and downloading updates. Disabled by default.
+#update_url: False
+#
+# The list of services to restart after a successful update. Empty by default.
+#update_restart_services: []
+
+
+###### Keepalive settings ######
+############################################
+# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
+# the OS. If connections between the minion and the master pass through
+# a state tracking device such as a firewall or VPN gateway, there is
+# the risk that it could tear down the connection the master and minion
+# without informing either party that their connection has been taken away.
+# Enabling TCP Keepalives prevents this from happening.
+
+# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
+# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
+#tcp_keepalive: True
+
+# How long before the first keepalive should be sent in seconds. Default 300
+# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
+# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
+#tcp_keepalive_idle: 300
+
+# How many lost probes are needed to consider the connection lost. Default -1
+# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
+#tcp_keepalive_cnt: -1
+
+# How often, in seconds, to send keepalives after the first one. Default -1 to
+# use OS defaults, typically 75 seconds on Linux, see
+# /proc/sys/net/ipv4/tcp_keepalive_intvl.
+#tcp_keepalive_intvl: -1
+
+
+###### Windows Software settings ######
+############################################
+# Location of the repository cache file on the master:
+#win_repo_cachefile: 'salt://win/repo/winrepo.p'
+
+
+###### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
+
+
+###### Miscellaneous settings ######
+############################################
+# Default match type for filtering events tags: startswith, endswith, find, regex, fnmatch
+#event_match_type: startswith
--- /dev/null
+schedule:
+ __mine_interval: {enabled: true, function: mine.update, jid_include: true, maxrunning: 2,
+ minutes: 60, return_job: false}
--- /dev/null
+ns1.uhu-banane.de
\ No newline at end of file
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAn3mFqkDH0/UkVWBOFLx1zkgYGA4YntQjpcYcKas7+3IrZ9V4
+Os/DHtfTLIC5FuZgL0T6/FYx/RxnZa9nyJ90NJyb8QFlUPAFsIGMxfF78oed0vkE
++y6TjYsiKMYvVCBhq0U9pH7w4a3ZjAmouQSdqrmq6017GnFUU9nYGd3tSP8Y0ke1
+W7FwhOAgR7BNjSIV6uYR177NtHab2fprvfRRlNiYAd97GI+m8E+/+c4Y3LwweKK8
+lQo+btnalUzWXD7RhfMgWAWKP4lDqBL5/zDp5r3VxMA7rlrVp3vSPmSPgQAb1nwx
+O1AJ1JvMBQB0Hd7UcOmYgMjzCcxNDUYRnwnrQQIDAQABAoIBAFlFvuSa1QI7VbaR
+bcQ/57atNweoRHINEVOIflV5LN/Kfq/mmSJbEcBfUzCzcml2V1u+wr2lRuCJGPyc
+X324fWXCUa1teZkAdD7llrdsQlV3Q4tJqVcvMJxoyZuHrhDq+6HT5fkCsrezCXhS
+I+hGxDhBLYQBYKthy7IQ3d9FE8LrYE2DHa1tVteuRc2vtCbtEHEeHYXX31maQiOe
+KIYosdfuIKi245aqO9Ps/QXXQFYFtylKWCzTciW+LpNiBONE3Sz6JO+M00GFgPwW
+SqfmiRw3ZC7TXhIhpds2wW92/IoDJ5iKM8141OkFEd0Xciub9s0QMiQgTPpAAivM
+Kfpm/G0CgYEAwu5RGULfqRS9Bix743Uxav4MFn6DEZao9yP6Up/VtcVfSnSYCC7d
+S+hpNX3Hwu40QXi6jk0x8Q5LoRZ4MuOGMMeCnBV2+6pU62nn+XtpXPHszBiTLDiF
+6r2cGSCOXMKvLWGord/WhhsaxKhS8BLx3A44+3XXTW/GsNz97QIoLYsCgYEA0W+T
+P9oGV5FCuQBdMA2zsuLB6tpdT7XuqjQVNl+9GUiXHZfxznBS0SqaaXHwkDBRmFOV
+Pp8u/xjjxaL45ONIfwN77RsVkxvt7TtcZMskQnKQCtmurvkDGtFyY1lbDSVwOvUu
+FaGgZJxpwEpdkU6wBaEkfqwnA3VMDLA9uDMPu+MCgYEAipfuyUsmwoygKLeQDhTQ
+4gVmisfAYM0BrVXDMOO7itWd/s4PGiJX7RR9WS7ozMuYE8TGv05bZ8yGMS5Mn8Ht
+MtlnH5qTUjO01PwjltoL+612c1Y1rYcyj8foKGVhUsqIyndY+ubfG9JBofkbnt2Z
+YKAsG32ZatFCL5WwZMbX0ikCgYBrIQqOJ8UEt94Mab5BHVElGM6ehjIi2uoJD/kl
+xhUhQLtjvNxIf7YtHgC8HTczWjPymhaGYMCWZjHkX3e3BPeJWMvkPe1sQWYT6kBZ
+onuaraU2l6C+CcvnxOkhHozvjY356n43PGSh8kw5uxBfioOJbaMQVJjkMPTErMX1
+WdEbhwKBgD92W9kEGJ2YcexmwiaXL6lkbLQNbCaRLUTcZG/z86FY6RBsf5S2f3jI
+4eiaTddxaatnOvx64I66LCLPAiZqVUjXyzLmwZ0Ve98ZVR7WeNG3tnNEohNbXpIS
+bXfKoo8t7w9uQJi4k7dESBaxJ6HKVzgF+XXViWfX7zvyNdjNGp7y
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
--- /dev/null
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3mFqkDH0/UkVWBOFLx1
+zkgYGA4YntQjpcYcKas7+3IrZ9V4Os/DHtfTLIC5FuZgL0T6/FYx/RxnZa9nyJ90
+NJyb8QFlUPAFsIGMxfF78oed0vkE+y6TjYsiKMYvVCBhq0U9pH7w4a3ZjAmouQSd
+qrmq6017GnFUU9nYGd3tSP8Y0ke1W7FwhOAgR7BNjSIV6uYR177NtHab2fprvfRR
+lNiYAd97GI+m8E+/+c4Y3LwweKK8lQo+btnalUzWXD7RhfMgWAWKP4lDqBL5/zDp
+5r3VxMA7rlrVp3vSPmSPgQAb1nwxO1AJ1JvMBQB0Hd7UcOmYgMjzCcxNDUYRnwnr
+QQIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file
--- /dev/null
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUbxQYMDoCPQTWHREbbu
+lTBJ+BNLjeUalhTgXjaR7uNiGryiOoLGtSiQFwiYClJ/7QqUoSG7A9c5Xw1Qv6CI
+H73sBAdniAFaC9jeY+4Pe22QlrIuE9AoWGNw9X2gDQ1/9MHGaFnlumDW5pLNvP+i
+nd3DRVNuhSR+S0/sTJUbFpzXXIzN0WijIBLA+oqlR/ANPc89Y+XhXUaVje48yW0l
+oEiedhRzHPGS5mGwyDs9MqLano1LeRdu4kdyhboljqX3c/SsVgc/Q3oD42+XerI1
+rz+mkLBNzHhNQWn6k6W8PdiYTnRXH6WUyMMxniBR/5QPWx3Owu5aeSy23Dhl6SRc
+EQIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file
--- /dev/null
+##### Primary configuration settings #####
+##########################################
+# This configuration file is used to manage the behavior of all Salt Proxy
+# Minions on this host.
+# With the exception of the location of the Salt Master Server, values that are
+# commented out but have an empty line after the comment are defaults that need
+# not be set in the config. If there is no blank line after the comment, the
+# value is presented as an example and is not the default.
+
+# Per default the minion will automatically include all config files
+# from minion.d/*.conf (minion.d is a directory in the same directory
+# as the main minion config file).
+#default_include: minion.d/*.conf
+
+# Backwards compatibility option for proxymodules created before 2015.8.2
+# This setting will default to 'False' in the 2016.3.0 release
+# Setting this to True adds proxymodules to the __opts__ dictionary.
+# This breaks several Salt features (basically anything that serializes
+# __opts__ over the wire) but retains backwards compatibility.
+#add_proxymodule_to_opts: True
+
+# Set the location of the salt master server. If the master server cannot be
+# resolved, then the minion will fail to start.
+#master: salt
+
+# If a proxymodule has a function called 'grains', then call it during
+# regular grains loading and merge the results with the proxy's grains
+# dictionary. Otherwise it is assumed that the module calls the grains
+# function in a custom way and returns the data elsewhere
+#
+# Default to False for 2016.3 and Carbon. Switch to True for Nitrogen.
+# proxy_merge_grains_in_module: False
+
+# If multiple masters are specified in the 'master' setting, the default behavior
+# is to always try to connect to them in the order they are listed. If random_master is
+# set to True, the order will be randomized instead. This can be helpful in distributing
+# the load of many minions executing salt-call requests, for example, from a cron job.
+# If only one master is listed, this setting is ignored and a warning will be logged.
+#random_master: False
+
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable. Multiple hot masters are configured by setting this
+# value to "str". Failover masters can be requested by setting
+# to "failover". MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: str
+
+# Poll interval in seconds for checking if the master is still there. Only
+# respected if master_type above is "failover".
+# master_alive_interval: 30
+
+# Set whether the minion should connect to the master via IPv6:
+#ipv6: False
+
+# Set the number of seconds to wait before attempting to resolve
+# the master hostname if name resolution fails. Defaults to 30 seconds.
+# Set to zero if the minion should shutdown and not retry.
+# retry_dns: 30
+
+# Set the port used by the master reply and authentication server.
+#master_port: 4506
+
+# The user to run salt.
+#user: root
+
+# Setting sudo_user will cause salt to run all execution modules under an sudo
+# to the user given in sudo_user. The user under which the salt minion process
+# itself runs will still be that provided in the user config above, but all
+# execution modules run by the minion will be rerouted through sudo.
+#sudo_user: saltdev
+
+# Specify the location of the daemon process ID file.
+#pidfile: /var/run/salt-minion.pid
+
+# The root directory prepended to these options: pki_dir, cachedir, log_file,
+# sock_dir, pidfile.
+#root_dir: /
+
+# The directory to store the pki information in
+#pki_dir: /etc/salt/pki/minion
+
+# Where cache data goes.
+# This data may contain sensitive data and should be protected accordingly.
+#cachedir: /var/cache/salt/minion
+
+# Append minion_id to these directories. Helps with
+# multiple proxies and minions running on the same machine.
+# Allowed elements in the list: pki_dir, cachedir, extension_modules
+# Normally not needed unless running several proxies and/or minions on the same machine
+# Defaults to ['cachedir'] for proxies, [] (empty list) for regular minions
+# append_minionid_config_dirs:
+# - cachedir
+
+
+
+# Verify and set permissions on configuration directories at startup.
+#verify_env: True
+
+# The minion can locally cache the return data from jobs sent to it, this
+# can be a good way to keep track of jobs the minion has executed
+# (on the minion side). By default this feature is disabled, to enable, set
+# cache_jobs to True.
+#cache_jobs: False
+
+# Set the directory used to hold unix sockets.
+#sock_dir: /var/run/salt/minion
+
+# Set the default outputter used by the salt-call command. The default is
+# "nested".
+#output: nested
+#
+# By default output is colored. To disable colored output, set the color value
+# to False.
+#color: True
+
+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
+# Backup files that are replaced by file.managed and file.recurse under
+# 'cachedir'/file_backups relative to their original location and appended
+# with a timestamp. The only valid setting is "minion". Disabled by default.
+#
+# Alternatively this can be specified for each file in state files:
+# /etc/ssh/sshd_config:
+# file.managed:
+# - source: salt://ssh/sshd_config
+# - backup: minion
+#
+#backup_mode: minion
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the time, in
+# seconds, between those reconnection attempts.
+#acceptance_wait_time: 10
+
+# If this is nonzero, the time between reconnection attempts will increase by
+# acceptance_wait_time seconds per iteration, up to this maximum. If this is
+# set to zero, the time between reconnection attempts will stay constant.
+#acceptance_wait_time_max: 0
+
+# If the master rejects the minion's public key, retry instead of exiting.
+# Rejected keys will be handled the same as waiting on acceptance.
+#rejected_retry: False
+
+# When the master key changes, the minion will try to re-auth itself to receive
+# the new master key. In larger environments this can cause a SYN flood on the
+# master because all minions try to re-auth immediately. To prevent this and
+# have a minion wait for a random amount of time, use this optional parameter.
+# The wait-time will be a random number of seconds between 0 and the defined value.
+#random_reauth_delay: 60
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the timeout value,
+# in seconds, for each individual attempt. After this timeout expires, the minion
+# will wait for acceptance_wait_time seconds before trying again. Unless your master
+# is under unusually heavy load, this should be left at the default.
+#auth_timeout: 60
+
+# Number of consecutive SaltReqTimeoutError that are acceptable when trying to
+# authenticate.
+#auth_tries: 7
+
+# If authentication fails due to SaltReqTimeoutError during a ping_interval,
+# cause sub minion process to restart.
+#auth_safemode: False
+
+# Ping Master to ensure connection is alive (minutes).
+#ping_interval: 0
+
+# To auto recover minions if master changes IP address (DDNS)
+# auth_tries: 10
+# auth_safemode: False
+# ping_interval: 90
+#
+# Minions won't know master is missing until a ping fails. After the ping fail,
+# the minion will attempt authentication and likely fails out and cause a restart.
+# When the minion restarts it will resolve the masters IP and attempt to reconnect.
+
+# If you don't have any problems with syn-floods, don't bother with the
+# three recon_* settings described below, just leave the defaults!
+#
+# The ZeroMQ pull-socket that binds to the masters publishing interface tries
+# to reconnect immediately, if the socket is disconnected (for example if
+# the master processes are restarted). In large setups this will have all
+# minions reconnect immediately which might flood the master (the ZeroMQ-default
+# is usually a 100ms delay). To prevent this, these three recon_* settings
+# can be used.
+# recon_default: the interval in milliseconds that the socket should wait before
+# trying to reconnect to the master (1000ms = 1 second)
+#
+# recon_max: the maximum time a socket should wait. each interval the time to wait
+# is calculated by doubling the previous time. if recon_max is reached,
+# it starts again at recon_default. Short example:
+#
+# reconnect 1: the socket will wait 'recon_default' milliseconds
+# reconnect 2: 'recon_default' * 2
+# reconnect 3: ('recon_default' * 2) * 2
+# reconnect 4: value from previous interval * 2
+# reconnect 5: value from previous interval * 2
+# reconnect x: if value >= recon_max, it starts again with recon_default
+#
+# recon_randomize: generate a random wait time on minion start. The wait time will
+# be a random value between recon_default and recon_default +
+# recon_max. Having all minions reconnect with the same recon_default
+# and recon_max value kind of defeats the purpose of being able to
+# change these settings. If all minions have the same values and your
+# setup is quite large (several thousand minions), they will still
+# flood the master. The desired behavior is to have timeframe within
+# all minions try to reconnect.
+#
+# Example on how to use these settings. The goal: have all minions reconnect within a
+# 60 second timeframe on a disconnect.
+# recon_default: 1000
+# recon_max: 59000
+# recon_randomize: True
+#
+# Each minion will have a randomized reconnect value between 'recon_default'
+# and 'recon_default + recon_max', which in this example means between 1000ms
+# 60000ms (or between 1 and 60 seconds). The generated random-value will be
+# doubled after each attempt to reconnect. Lets say the generated random
+# value is 11 seconds (or 11000ms).
+# reconnect 1: wait 11 seconds
+# reconnect 2: wait 22 seconds
+# reconnect 3: wait 33 seconds
+# reconnect 4: wait 44 seconds
+# reconnect 5: wait 55 seconds
+# reconnect 6: wait time is bigger than 60 seconds (recon_default + recon_max)
+# reconnect 7: wait 11 seconds
+# reconnect 8: wait 22 seconds
+# reconnect 9: wait 33 seconds
+# reconnect x: etc.
+#
+# In a setup with ~6000 thousand hosts these settings would average the reconnects
+# to about 100 per second and all hosts would be reconnected within 60 seconds.
+# recon_default: 100
+# recon_max: 5000
+# recon_randomize: False
+#
+#
+# The loop_interval sets how long in seconds the minion will wait between
+# evaluating the scheduler and running cleanup tasks. This defaults to a
+# sane 60 seconds, but if the minion scheduler needs to be evaluated more
+# often lower this value
+#loop_interval: 60
+
+# The grains_refresh_every setting allows for a minion to periodically check
+# its grains to see if they have changed and, if so, to inform the master
+# of the new grains. This operation is moderately expensive, therefore
+# care should be taken not to set this value too low.
+#
+# Note: This value is expressed in __minutes__!
+#
+# A value of 10 minutes is a reasonable default.
+#
+# If the value is set to zero, this check is disabled.
+#grains_refresh_every: 1
+
+# Cache grains on the minion. Default is False.
+#grains_cache: False
+
+# Grains cache expiration, in seconds. If the cache file is older than this
+# number of seconds then the grains cache will be dumped and fully re-populated
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
+# is not enabled.
+# grains_cache_expiration: 300
+
+# Windows platforms lack posix IPC and must rely on slower TCP based inter-
+# process communications. Set ipc_mode to 'tcp' on such systems
+#ipc_mode: ipc
+
+# Overwrite the default tcp ports used by the minion when in tcp mode
+#tcp_pub_port: 4510
+#tcp_pull_port: 4511
+
+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# minion event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# To detect failed master(s) and fire events on connect/disconnect, set
+# master_alive_interval to the number of seconds to poll the masters for
+# connection events.
+#
+#master_alive_interval: 30
+
+# The minion can include configuration from other files. To enable this,
+# pass a list of paths to this option. The paths can be either relative or
+# absolute; if relative, they are considered to be relative to the directory
+# the main minion configuration file lives in (this file). Paths can make use
+# of shell-style globbing. If no files are matched by a path passed to this
+# option then the minion will log a warning message.
+#
+# Include a config file from some other path:
+# include: /etc/salt/extra_config
+#
+# Include config from several files and directories:
+#include:
+# - /etc/salt/extra_config
+# - /etc/roles/webserver
+#
+#
+#
+##### Minion module management #####
+##########################################
+# Disable specific modules. This allows the admin to limit the level of
+# access the master has to the minion.
+#disable_modules: [cmd,test]
+#disable_returners: []
+#
+# Modules can be loaded from arbitrary paths. This enables the easy deployment
+# of third party modules. Modules for returners and minions can be loaded.
+# Specify a list of extra directories to search for minion modules and
+# returners. These paths must be fully qualified!
+#module_dirs: []
+#returner_dirs: []
+#states_dirs: []
+#render_dirs: []
+#utils_dirs: []
+#
+# A module provider can be statically overwritten or extended for the minion
+# via the providers option, in this case the default module will be
+# overwritten by the specified module. In this example the pkg module will
+# be provided by the yumpkg5 module instead of the system default.
+#providers:
+# pkg: yumpkg5
+#
+# Enable Cython modules searching and loading. (Default: False)
+#cython_enable: False
+#
+# Specify a max size (in bytes) for modules on import. This feature is currently
+# only supported on *nix operating systems and requires psutil.
+# modules_max_memory: -1
+
+
+##### State Management Settings #####
+###########################################
+# The state management system executes all of the state templates on the minion
+# to enable more granular control of system state management. The type of
+# template and serialization used for state management needs to be configured
+# on the minion, the default renderer is yaml_jinja. This is a yaml file
+# rendered from a jinja template, the available options are:
+# yaml_jinja
+# yaml_mako
+# yaml_wempy
+# json_jinja
+# json_mako
+# json_wempy
+#
+#renderer: yaml_jinja
+#
+# The failhard option tells the minions to stop immediately after the first
+# failure detected in the state execution. Defaults to False.
+#failhard: False
+#
+# Reload the modules prior to a highstate run.
+#autoload_dynamic_modules: True
+#
+# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
+# the dynamic modules on the master, this means that if a dynamic module is
+# not on the master it will be deleted from the minion. By default, this is
+# enabled and can be disabled by changing this value to False.
+#clean_dynamic_modules: True
+#
+# Normally, the minion is not isolated to any single environment on the master
+# when running states, but the environment can be isolated on the minion side
+# by statically setting it. Remember that the recommended way to manage
+# environments is to isolate via the top file.
+#environment: None
+#
+# If using the local file directory, then the state top file name needs to be
+# defined, by default this is top.sls.
+#state_top: top.sls
+#
+# Run states when the minion daemon starts. To enable, set startup_states to:
+# 'highstate' -- Execute state.highstate
+# 'sls' -- Read in the sls_list option and execute the named sls files
+# 'top' -- Read top_file option and execute based on that file on the Master
+#startup_states: ''
+#
+# List of states to run when the minion starts up if startup_states is 'sls':
+#sls_list:
+# - edit.vim
+# - hyper
+#
+# Top file to execute if startup_states is 'top':
+#top_file: ''
+
+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to True. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
+##### File Directory Settings #####
+##########################################
+# The Salt Minion can redirect all file server operations to a local directory,
+# this allows for the same state tree that is on the master to be used if
+# copied completely onto the minion. This is a literal copy of the settings on
+# the master but used to reference a local directory on the minion.
+
+# Set the file client. The client defaults to looking on the master server for
+# files, but can be directed to look at the local file directory setting
+# defined below by setting it to "local". Setting a local file_client runs the
+# minion in masterless mode.
+#file_client: remote
+
+# The file directory works on environments passed to the minion, each environment
+# can have multiple root directories, the subdirectories in the multiple file
+# roots cannot match, otherwise the downloaded files will not be able to be
+# reliably ensured. A base environment is required to house the top file.
+# Example:
+# file_roots:
+# base:
+# - /srv/salt/
+# dev:
+# - /srv/salt/dev/services
+# - /srv/salt/dev/states
+# prod:
+# - /srv/salt/prod/services
+# - /srv/salt/prod/states
+#
+#file_roots:
+# base:
+# - /srv/salt
+
+# By default, the Salt fileserver recurses fully into all defined environments
+# to attempt to find files. To limit this behavior so that the fileserver only
+# traverses directories with SLS files and special Salt directories like _modules,
+# enable the option below. This might be useful for installations where a file root
+# has a very large number of files and performance is negatively impacted. Default
+# is False.
+#fileserver_limit_traversal: False
+
+# The hash_type is the hash to use when discovering the hash of a file in
+# the local fileserver. The default is sha256 but sha224, sha384 and sha512
+# are also supported.
+#
+# WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
+# Warning: Prior to changing this value, the minion should be stopped and all
+# Salt caches should be cleared.
+#hash_type: sha256
+
+# The Salt pillar is searched for locally if file_client is set to local. If
+# this is the case, and pillar data is defined, then the pillar_roots need to
+# also be configured on the minion:
+#pillar_roots:
+# base:
+# - /srv/pillar
+#
+#
+###### Security settings #####
+###########################################
+# Enable "open mode", this mode still maintains encryption, but turns off
+# authentication, this is only intended for highly secure environments or for
+# the situation where your keys end up in a bad state. If you run in open mode
+# you do so at your own risk!
+#open_mode: False
+
+# Enable permissive access to the salt keys. This allows you to run the
+# master or minion as root, but have a non-root group be given access to
+# your pki_dir. To make the access explicit, root must belong to the group
+# you've given access to. This is potentially quite insecure.
+#permissive_pki_access: False
+
+# The state_verbose and state_output settings can be used to change the way
+# state system data is printed to the display. By default all data is printed.
+# The state_verbose setting can be set to True or False, when set to False
+# all data that has a result of True and no changes will be suppressed.
+#state_verbose: True
+
+# The state_output setting changes if the output is the full multi line
+# output for each changed state if set to 'full', but if set to 'terse'
+# the output will be shortened to a single line.
+#state_output: full
+
+# The state_output_diff setting changes whether or not the output from
+# successful states is returned. Useful when even the terse output of these
+# states is cluttering the logs. Set it to True to ignore them.
+#state_output_diff: False
+
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
+# Fingerprint of the master public key to validate the identity of your Salt master
+# before the initial key exchange. The master fingerprint can be found by running
+# "salt-key -F master" on the Salt master.
+#master_finger: ''
+
+
+###### Thread settings #####
+###########################################
+# Disable multiprocessing support, by default when a minion receives a
+# publication a new process is spawned and the command is executed therein.
+#multiprocessing: True
+
+
+##### Logging settings #####
+##########################################
+# The location of the minion log file
+# The minion log can be sent to a regular file, local path name, or network
+# location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
+# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
+# format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
+#log_file: /var/log/salt/minion
+#log_file: file:///dev/log
+#log_file: udp://loghost:10514
+#
+#log_file: /var/log/salt/minion
+#key_logfile: /var/log/salt/key
+
+# The level of messages to send to the console.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
+# Default: 'warning'
+#log_level: warning
+
+# The level of messages to send to the log file.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
+# Default: 'warning'
+#log_level_logfile:
+
+# The date and time format used in log messages. Allowed date/time formatting
+# can be seen here: http://docs.python.org/library/time.html#time.strftime
+#log_datefmt: '%H:%M:%S'
+#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
+
+# The format of the console logging messages. Allowed formatting options can
+# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
+#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+
+# This can be used to control logging levels more specificically. This
+# example sets the main salt library at the 'warning' level, but sets
+# 'salt.modules' to log at the 'debug' level:
+# log_granular_levels:
+# 'salt': 'warning'
+# 'salt.modules': 'debug'
+#
+#log_granular_levels: {}
+
+# To diagnose issues with minions disconnecting or missing returns, ZeroMQ
+# supports the use of monitor sockets # to log connection events. This
+# feature requires ZeroMQ 4.0 or higher.
+#
+# To enable ZeroMQ monitor sockets, set 'zmq_monitor' to 'True' and log at a
+# debug level or higher.
+#
+# A sample log event is as follows:
+#
+# [DEBUG ] ZeroMQ event: {'endpoint': 'tcp://127.0.0.1:4505', 'event': 512,
+# 'value': 27, 'description': 'EVENT_DISCONNECTED'}
+#
+# All events logged will include the string 'ZeroMQ event'. A connection event
+# should be logged on the as the minion starts up and initially connects to the
+# master. If not, check for debug log level and that the necessary version of
+# ZeroMQ is installed.
+#
+#zmq_monitor: False
+
+###### Module configuration #####
+###########################################
+# Salt allows for modules to be passed arbitrary configuration data, any data
+# passed here in valid yaml format will be passed on to the salt minion modules
+# for use. It is STRONGLY recommended that a naming convention be used in which
+# the module name is followed by a . and then the value. Also, all top level
+# data must be applied via the yaml dict construct, some examples:
+#
+# You can specify that all modules should run in test mode:
+#test: True
+#
+# A simple value for the test module:
+#test.foo: foo
+#
+# A list for the test module:
+#test.bar: [baz,quo]
+#
+# A dict for the test module:
+#test.baz: {spam: sausage, cheese: bread}
+#
+#
+###### Update settings ######
+###########################################
+# Using the features in Esky, a salt minion can both run as a frozen app and
+# be updated on the fly. These options control how the update process
+# (saltutil.update()) behaves.
+#
+# The url for finding and downloading updates. Disabled by default.
+#update_url: False
+#
+# The list of services to restart after a successful update. Empty by default.
+#update_restart_services: []
+
+
+###### Keepalive settings ######
+############################################
+# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
+# the OS. If connections between the minion and the master pass through
+# a state tracking device such as a firewall or VPN gateway, there is
+# the risk that it could tear down the connection the master and minion
+# without informing either party that their connection has been taken away.
+# Enabling TCP Keepalives prevents this from happening.
+
+# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
+# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
+#tcp_keepalive: True
+
+# How long before the first keepalive should be sent in seconds. Default 300
+# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
+# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
+#tcp_keepalive_idle: 300
+
+# How many lost probes are needed to consider the connection lost. Default -1
+# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
+#tcp_keepalive_cnt: -1
+
+# How often, in seconds, to send keepalives after the first one. Default -1 to
+# use OS defaults, typically 75 seconds on Linux, see
+# /proc/sys/net/ipv4/tcp_keepalive_intvl.
+#tcp_keepalive_intvl: -1
+
+
+###### Windows Software settings ######
+############################################
+# Location of the repository cache file on the master:
+#win_repo_cachefile: 'salt://win/repo/winrepo.p'
+
+
+###### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
--- /dev/null
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+
+console
+
+# Local X displays (allows empty passwords with pam_unix's nullok_secure)
+:0
+:0.0
+:0.1
+:1
+:1.0
+:1.1
+:2
+:2.0
+:2.1
+:3
+:3.0
+:3.1
+#...
+
+
+# ==========================================================
+#
+# TTYs sorted by major number according to Documentation/devices.txt
+#
+# ==========================================================
+
+# Virtual consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
+
+# UART serial ports
+ttyS0
+ttyS1
+ttyS2
+ttyS3
+ttyS4
+ttyS5
+#...ttyS191
+
+# Serial Mux devices (Linux/PA-RISC only)
+ttyB0
+ttyB1
+#...
+
+# Chase serial card
+ttyH0
+ttyH1
+#...
+
+# Cyclades serial cards
+ttyC0
+ttyC1
+#...ttyC31
+
+# Digiboard serial cards
+ttyD0
+ttyD1
+#...
+
+# Stallion serial cards
+ttyE0
+ttyE1
+#...ttyE255
+
+# Specialix serial cards
+ttyX0
+ttyX1
+#...
+
+# Comtrol Rocketport serial cards
+ttyR0
+ttyR1
+#...
+
+# SDL RISCom serial cards
+ttyL0
+ttyL1
+#...
+
+# Hayes ESP serial card
+ttyP0
+ttyP1
+#...
+
+# Computone IntelliPort II serial card
+ttyF0
+ttyF1
+#...ttyF255
+
+# Specialix IO8+ serial card
+ttyW0
+ttyW1
+#...
+
+# Comtrol VS-1000 serial controller
+ttyV0
+ttyV1
+#...
+
+# ISI serial card
+ttyM0
+ttyM1
+#...
+
+# Technology Concepts serial card
+ttyT0
+ttyT1
+#...
+
+# Specialix RIO serial card
+ttySR0
+ttySR1
+#...ttySR511
+
+# Chase Research AT/PCI-Fast serial card
+ttyCH0
+ttyCH1
+#...ttyCH63
+
+# Moxa Intellio serial card
+ttyMX0
+ttyMX1
+#...ttyMX127
+
+# SmartIO serial card
+ttySI0
+ttySI1
+#...
+
+# USB dongles
+ttyUSB0
+ttyUSB1
+ttyUSB2
+#...
+
+# LinkUp Systems L72xx UARTs
+ttyLU0
+ttyLU1
+ttyLU2
+ttyLU3
+
+# StrongARM builtin serial ports
+ttySA0
+ttySA1
+ttySA2
+
+# SCI serial port (SuperH) ports and SC26xx serial ports
+ttySC0
+ttySC1
+ttySC2
+ttySC3
+
+# ARM "AMBA" serial ports
+ttyAM0
+ttyAM1
+ttyAM2
+ttyAM3
+ttyAM4
+ttyAM5
+ttyAM6
+ttyAM7
+ttyAM8
+ttyAM9
+ttyAM10
+ttyAM11
+ttyAM12
+ttyAM13
+ttyAM14
+ttyAM15
+
+# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU)
+ttyAMA0
+ttyAMA1
+ttyAMA2
+ttyAMA3
+
+# DataBooster serial ports
+ttyDB0
+ttyDB1
+ttyDB2
+ttyDB3
+ttyDB4
+ttyDB5
+ttyDB6
+ttyDB7
+
+# SGI Altix console ports
+ttySG0
+
+# Motorola i.MX ports
+ttySMX0
+ttySMX1
+ttySMX2
+
+# Marvell MPSC ports
+ttyMM0
+ttyMM1
+
+# PPC CPM (SCC or SMC) ports
+ttyCPM0
+ttyCPM1
+ttyCPM2
+ttyCPM3
+ttyCPM4
+ttyCPM5
+
+# Altix serial cards
+ttyIOC0
+ttyIOC1
+#...ttyIOC31
+
+# NEC VR4100 series SIU
+ttyVR0
+
+# NEC VR4100 series SSIU
+ttyVR1
+
+# Altix ioc4 serial cards
+ttyIOC84
+ttyIOC85
+#...ttyIOC115
+
+# Altix ioc3 serial cards
+ttySIOC0
+ttySIOC1
+#...ttySIOC31
+
+# PPC PSC ports
+ttyPSC0
+ttyPSC1
+ttyPSC2
+ttyPSC3
+ttyPSC4
+ttyPSC5
+
+# ATMEL serial ports
+ttyAT0
+ttyAT1
+#...ttyAT15
+
+# Hilscher netX serial port
+ttyNX0
+ttyNX1
+#...ttyNX15
+
+# Xilinx uartlite - port
+ttyUL0
+ttyUL1
+ttyUL2
+ttyUL3
+
+# Xen virtual console - port 0
+xvc0
+
+# pmac_zilog - port
+ttyPZ0
+ttyPZ1
+ttyPZ2
+ttyPZ3
+
+# TX39/49 serial port
+ttyTX0
+ttyTX1
+ttyTX2
+ttyTX3
+ttyTX4
+ttyTX5
+ttyTX6
+ttyTX7
+
+# SC26xx serial ports (see SCI serial ports (SuperH))
+
+# MAX3100 serial ports
+ttyMAX0
+ttyMAX1
+ttyMAX2
+ttyMAX3
+
+# OMAP serial ports
+ttyO0
+ttyO1
+ttyO2
+ttyO3
+
+# User space serial ports
+ttyU0
+ttyU1
+
+# A2232 serial card
+ttyY0
+ttyY1
+
+# IBM 3270 terminal Unix tty access
+3270/tty1
+3270/tty2
+#...
+
+# IBM iSeries/pSeries virtual console
+hvc0
+hvc1
+#...
+#IBM pSeries console ports
+hvsi0
+hvsi1
+hvsi2
+
+# Equinox SST multi-port serial boards
+ttyEQ0
+ttyEQ1
+#...ttyEQ1027
+
+# ==========================================================
+#
+# Not in Documentation/Devices.txt
+#
+# ==========================================================
+
+# Embedded Freescale i.MX ports
+ttymxc0
+ttymxc1
+ttymxc2
+ttymxc3
+ttymxc4
+ttymxc5
+
+# LXC (Linux Containers)
+lxc/console
+lxc/tty1
+lxc/tty2
+lxc/tty3
+lxc/tty4
+
+# Serial Console for MIPS Swarm
+duart0
+duart1
+
+# s390 and s390x ports in LPAR mode
+ttysclp0
--- /dev/null
+# Login access control table.
+#
+# Comment line must start with "#", no space at front.
+# Order of lines is important.
+#
+# When someone logs in, the table is scanned for the first entry that
+# matches the (user, host) combination, or, in case of non-networked
+# logins, the first entry that matches the (user, tty) combination. The
+# permissions field of that table entry determines whether the login will
+# be accepted or refused.
+#
+# Format of the login access control table is three fields separated by a
+# ":" character:
+#
+# [Note, if you supply a 'fieldsep=|' argument to the pam_access.so
+# module, you can change the field separation character to be
+# '|'. This is useful for configurations where you are trying to use
+# pam_access with X applications that provide PAM_TTY values that are
+# the display variable like "host:0".]
+#
+# permission : users : origins
+#
+# The first field should be a "+" (access granted) or "-" (access denied)
+# character.
+#
+# The second field should be a list of one or more login names, group
+# names, or ALL (always matches). A pattern of the form user@host is
+# matched when the login name matches the "user" part, and when the
+# "host" part matches the local machine name.
+#
+# The third field should be a list of one or more tty names (for
+# non-networked logins), host names, domain names (begin with "."), host
+# addresses, internet network numbers (end with "."), ALL (always
+# matches), NONE (matches no tty on non-networked logins) or
+# LOCAL (matches any string that does not contain a "." character).
+#
+# You can use @netgroupname in host or user patterns; this even works
+# for @usergroup@@hostgroup patterns.
+#
+# The EXCEPT operator makes it possible to write very compact rules.
+#
+# The group file is searched only when a name does not match that of the
+# logged-in user. Both the user's primary group is matched, as well as
+# groups in which users are explicitly listed.
+# To avoid problems with accounts, which have the same name as a group,
+# you can use brackets around group names '(group)' to differentiate.
+# In this case, you should also set the "nodefgroup" option.
+#
+# TTY NAMES: Must be in the form returned by ttyname(3) less the initial
+# "/dev" (e.g. tty1 or vc/1)
+#
+##############################################################################
+#
+# Disallow non-root logins on tty1
+#
+#-:ALL EXCEPT root:tty1
+#
+# Disallow console logins to all but a few accounts.
+#
+#-:ALL EXCEPT wheel shutdown sync:LOCAL
+#
+# Same, but make sure that really the group wheel and not the user
+# wheel is used (use nodefgroup argument, too):
+#
+#-:ALL EXCEPT (wheel) shutdown sync:LOCAL
+#
+# Disallow non-local logins to privileged accounts (group wheel).
+#
+#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
+#
+# Some accounts are not allowed to login from anywhere:
+#
+#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
+#
+# All other accounts are allowed to login from anywhere.
+#
+##############################################################################
+# All lines from here up to the end are building a more complex example.
+##############################################################################
+#
+# User "root" should be allowed to get access via cron .. tty5 tty6.
+#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
+#
+# User "root" should be allowed to get access from hosts with ip addresses.
+#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
+#+ : root : 127.0.0.1
+#
+# User "root" should get access from network 192.168.201.
+# This term will be evaluated by string matching.
+# comment: It might be better to use network/netmask instead.
+# The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
+#+ : root : 192.168.201.
+#
+# User "root" should be able to have access from domain.
+# Uses string matching also.
+#+ : root : .foo.bar.org
+#
+# User "root" should be denied to get access from all other sources.
+#- : root : ALL
+#
+# User "foo" and members of netgroup "nis_group" should be
+# allowed to get access from all sources.
+# This will only work if netgroup service is available.
+#+ : @nis_group foo : ALL
+#
+# User "john" should get access from ipv4 net/mask
+#+ : john : 127.0.0.0/24
+#
+# User "john" should get access from ipv4 as ipv6 net/mask
+#+ : john : ::ffff:127.0.0.0/127
+#
+# User "john" should get access from ipv6 host address
+#+ : john : 2001:4ca0:0:101::1
+#
+# User "john" should get access from ipv6 host address (same as above)
+#+ : john : 2001:4ca0:0:101:0:0:0:1
+#
+# User "john" should get access from ipv6 net/mask
+#+ : john : 2001:4ca0:0:101::/64
+#
+# All other users should be denied to get access from all sources.
+#- : ALL : ALL
--- /dev/null
+#
+# This is the configuration file for the pam_group module.
+#
+
+#
+# *** Please note that giving group membership on a session basis is
+# *** NOT inherently secure. If a user can create an executable that
+# *** is setgid a group that they are infrequently given membership
+# *** of, they can basically obtain group membership any time they
+# *** like. Example: games are allowed between the hours of 6pm and 6am
+# *** user joe logs in at 7pm writes a small C-program toplay.c that
+# *** invokes their favorite shell, compiles it and does
+# *** "chgrp play toplay; chmod g+s toplay". They are basically able
+# *** to play games any time... You have been warned. AGM
+#
+
+#
+# The syntax of the lines is as follows:
+#
+# services;ttys;users;times;groups
+#
+# white space is ignored and lines maybe extended with '\\n' (escaped
+# newlines). From reading these comments, it is clear that
+# text following a '#' is ignored to the end of the line.
+#
+# the combination of individual users/terminals etc is a logic list
+# namely individual tokens that are optionally prefixed with '!' (logical
+# not) and separated with '&' (logical and) and '|' (logical or).
+#
+# services
+# is a logic list of PAM service names that the rule applies to.
+#
+# ttys
+# is a logic list of terminal names that this rule applies to.
+#
+# users
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
+#
+# NB. For these items the simple wildcard '*' may be used only once.
+# With netgroups no wildcards or logic operators are allowed.
+#
+# times
+# It is used to indicate "when" these groups are to be given to the
+# user. The format here is a logic list of day/time-range
+# entries the days are specified by a sequence of two character
+# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
+# that repeated days are unset MoMo = no day, and MoWk = all weekdays
+# bar Monday. The two character combinations accepted are
+#
+# Mo Tu We Th Fr Sa Su Wk Wd Al
+#
+# the last two being week-end days and all 7 days of the week
+# respectively. As a final example, AlFr means all days except Friday.
+#
+# Each day/time-range can be prefixed with a '!' to indicate "anything
+# but"
+#
+# The time-range part is two 24-hour times HHMM separated by a hyphen
+# indicating the start and finish time (if the finish time is smaller
+# than the start time it is deemed to apply on the following day).
+#
+# groups
+# The (comma or space separated) list of groups that the user
+# inherits membership of. These groups are added if the previous
+# fields are satisfied by the user's request
+#
+# For a rule to be active, ALL of service+ttys+users must be satisfied
+# by the applying process.
+#
+
+#
+# Note, to get this to work as it is currently typed you need
+#
+# 1. to run an application as root
+# 2. add the following groups to the /etc/group file:
+# floppy, play, sound
+#
+
+#
+# Here is a simple example: running 'xsh' on tty* (any ttyXXX device),
+# the user 'us' is given access to the floppy (through membership of
+# the floppy group)
+#
+
+#xsh;tty*&!ttyp*;us;Al0000-2400;floppy
+
+#
+# another example: running 'xsh' on tty* (any ttyXXX device),
+# the user 'sword' is given access to games (through membership of
+# the sound and play group) after work hours.
+#
+
+#xsh; tty* ;sword;!Wk0900-1800;sound, play
+#xsh; tty* ;*;Al0900-1800;floppy
+
+#
+# yet another example: any member of the group 'admin' running
+# 'xsh' on tty*, is granted access (at any time) to the group 'plugdev'
+#
+
+#xsh; tty* ;%admin;Al0000-2400;plugdev
+
+#
+# End of group.conf file
+#
--- /dev/null
+# /etc/security/limits.conf
+#
+#Each line describes a limit for a user in the form:
+#
+#<domain> <type> <item> <value>
+#
+#Where:
+#<domain> can be:
+# - a user name
+# - a group name, with @group syntax
+# - the wildcard *, for default entry
+# - the wildcard %, can be also used with %group syntax,
+# for maxlogin limit
+# - NOTE: group and wildcard limits are not applied to root.
+# To apply a limit to the root user, <domain> must be
+# the literal username root.
+#
+#<type> can have the two values:
+# - "soft" for enforcing the soft limits
+# - "hard" for enforcing hard limits
+#
+#<item> can be one of the following:
+# - core - limits the core file size (KB)
+# - data - max data size (KB)
+# - fsize - maximum filesize (KB)
+# - memlock - max locked-in-memory address space (KB)
+# - nofile - max number of open files
+# - rss - max resident set size (KB)
+# - stack - max stack size (KB)
+# - cpu - max CPU time (MIN)
+# - nproc - max number of processes
+# - as - address space limit (KB)
+# - maxlogins - max number of logins for this user
+# - maxsyslogins - max number of logins on the system
+# - priority - the priority to run user process with
+# - locks - max number of file locks the user can hold
+# - sigpending - max number of pending signals
+# - msgqueue - max memory used by POSIX message queues (bytes)
+# - nice - max nice priority allowed to raise to values: [-20, 19]
+# - rtprio - max realtime priority
+# - chroot - change root to directory (Debian-specific)
+#
+#<domain> <type> <item> <value>
+#
+
+#* soft core 0
+#root hard core 100000
+#* hard rss 10000
+#@student hard nproc 20
+#@faculty soft nproc 20
+#@faculty hard nproc 50
+#ftp hard nproc 0
+#ftp - chroot /ftp
+#@student - maxlogins 4
+
+# End of file
--- /dev/null
+# /etc/security/namespace.conf
+#
+# See /usr/share/doc/pam-*/txts/README.pam_namespace for more information.
+#
+# Uncommenting the following three lines will polyinstantiate
+# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will
+# be polyinstantiated based on the MLS level part of the security context as well as user
+# name, Polyinstantion will not be performed for user root and adm for directories
+# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users.
+# The user name and context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+#/tmp /tmp-inst/ level root,adm
+#/var/tmp /var/tmp/tmp-inst/ level root,adm
+#$HOME $HOME/$USER.inst/ level
--- /dev/null
+#!/bin/sh -p
+# It receives polydir path as $1, the instance path as $2,
+# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3,
+# and user name in $4.
+#
+# The following section will copy the contents of /etc/skel if this is a
+# newly created home directory.
+if [ "$3" = 1 ]; then
+ # This line will fix the labeling on all newly created directories
+ [ -x /sbin/restorecon ] && /sbin/restorecon "$1"
+ user="$4"
+ passwd=$(getent passwd "$user")
+ homedir=$(echo "$passwd" | cut -f6 -d":")
+ if [ "$1" = "$homedir" ]; then
+ gid=$(echo "$passwd" | cut -f4 -d":")
+ cp -rT /etc/skel "$homedir"
+ chown -R "$user":"$gid" "$homedir"
+ mask=$(awk '/^UMASK/{gsub("#.*$", "", $2); print $2; exit}' /etc/login.defs)
+ mode=$(printf "%o" $((0777 & ~$mask)))
+ chmod ${mode:-700} "$homedir"
+ [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir"
+ fi
+fi
+
+exit 0
--- /dev/null
+#
+# This is the configuration file for pam_env, a PAM module to load in
+# a configurable list of environment variables for a
+#
+# The original idea for this came from Andrew G. Morgan ...
+#<quote>
+# Mmm. Perhaps you might like to write a pam_env module that reads a
+# default environment from a file? I can see that as REALLY
+# useful... Note it would be an "auth" module that returns PAM_IGNORE
+# for the auth part and sets the environment returning PAM_SUCCESS in
+# the setcred function...
+#</quote>
+#
+# What I wanted was the REMOTEHOST variable set, purely for selfish
+# reasons, and AGM didn't want it added to the SimpleApps login
+# program (which is where I added the patch). So, my first concern is
+# that variable, from there there are numerous others that might/would
+# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER .....
+#
+# Of course, these are a different kind of variable than REMOTEHOST in
+# that they are things that are likely to be configured by
+# administrators rather than set by logging in, how to treat them both
+# in the same config file?
+#
+# Here is my idea:
+#
+# Each line starts with the variable name, there are then two possible
+# options for each variable DEFAULT and OVERRIDE.
+# DEFAULT allows and administrator to set the value of the
+# variable to some default value, if none is supplied then the empty
+# string is assumed. The OVERRIDE option tells pam_env that it should
+# enter in its value (overriding the default value) if there is one
+# to use. OVERRIDE is not used, "" is assumed and no override will be
+# done.
+#
+# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
+#
+# (Possibly non-existent) environment variables may be used in values
+# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
+# be used in values using the @{string} syntax. Both the $ and @
+# characters can be backslash escaped to be used as literal values
+# values can be delimited with "", escaped " not supported.
+# Note that many environment variables that you would like to use
+# may not be set by the time the module is called.
+# For example, HOME is used below several times, but
+# many PAM applications don't make it available by the time you need it.
+#
+#
+# First, some special variables
+#
+# Set the REMOTEHOST variable for any hosts that are remote, default
+# to "localhost" rather than not being set at all
+#REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
+#
+# Set the DISPLAY variable if it seems reasonable
+#DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
+#
+#
+# Now some simple variables
+#
+#PAGER DEFAULT=less
+#MANPAGER DEFAULT=less
+#LESS DEFAULT="M q e h15 z23 b80"
+#NNTPSERVER DEFAULT=localhost
+#PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
+#:/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+#
+# silly examples of escaped variables, just to show how they work.
+#
+#DOLLAR DEFAULT=\$
+#DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
+#DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
+#ATSIGN DEFAULT="" OVERRIDE=\@
--- /dev/null
+# /etc/security/sepermit.conf
+#
+# Each line contains either:
+# - an user name
+# - a group name, with @group syntax
+# - a SELinux user name, with %seuser syntax
+# Each line can contain optional arguments separated by :
+# The possible arguments are:
+# - exclusive - only single login session will
+# be allowed for the user and the user's processes
+# will be killed on logout
--- /dev/null
+# this is an example configuration file for the pam_time module. Its syntax
+# was initially based heavily on that of the shadow package (shadow-960129).
+#
+# the syntax of the lines is as follows:
+#
+# services;ttys;users;times
+#
+# white space is ignored and lines maybe extended with '\\n' (escaped
+# newlines). As should be clear from reading these comments,
+# text following a '#' is ignored to the end of the line.
+#
+# the combination of individual users/terminals etc is a logic list
+# namely individual tokens that are optionally prefixed with '!' (logical
+# not) and separated with '&' (logical and) and '|' (logical or).
+#
+# services
+# is a logic list of PAM service names that the rule applies to.
+#
+# ttys
+# is a logic list of terminal names that this rule applies to.
+#
+# users
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
+#
+# NB. For these items the simple wildcard '*' may be used only once.
+#
+# times
+# the format here is a logic list of day/time-range
+# entries the days are specified by a sequence of two character
+# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
+# that repeated days are unset MoMo = no day, and MoWk = all weekdays
+# bar Monday. The two character combinations accepted are
+#
+# Mo Tu We Th Fr Sa Su Wk Wd Al
+#
+# the last two being week-end days and all 7 days of the week
+# respectively. As a final example, AlFr means all days except Friday.
+#
+# each day/time-range can be prefixed with a '!' to indicate "anything
+# but"
+#
+# The time-range part is two 24-hour times HHMM separated by a hyphen
+# indicating the start and finish time (if the finish time is smaller
+# than the start time it is deemed to apply on the following day).
+#
+# for a rule to be active, ALL of service+ttys+users must be satisfied
+# by the applying process.
+#
+
+#
+# Here is a simple example: running blank on tty* (any ttyXXX device),
+# the users 'you' and 'me' are denied service all of the time
+#
+
+#blank;tty* & !ttyp*;you|me;!Al0000-2400
+
+# Another silly example, user 'root' is denied xsh access
+# from pseudo terminals at the weekend and on mondays.
+
+#xsh;ttyp*;root;!WdMo0000-2400
+
+#
+# End of example file.
+#
--- /dev/null
+# Authors: Jason Tang <jtang@tresys.com>
+#
+# Copyright (C) 2004-2005 Tresys Technology, LLC
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#
+# Specify how libsemanage will interact with a SELinux policy manager.
+# The four options are:
+#
+# "source" - libsemanage manipulates a source SELinux policy
+# "direct" - libsemanage will write directly to a module store.
+# /foo/bar - Write by way of a policy management server, whose
+# named socket is at /foo/bar. The path must begin
+# with a '/'.
+# foo.com:4242 - Establish a TCP connection to a remote policy
+# management server at foo.com. If there is a colon
+# then the remainder is interpreted as a port number;
+# otherwise default to port 4242.
+module-store = direct
+
+# When generating the final linked and expanded policy, by default
+# semanage will set the policy version to POLICYDB_VERSION_MAX, as
+# given in <sepol/policydb.h>. Change this setting if a different
+# version is necessary.
+#policy-version = 19
+
+# expand-check check neverallow rules when executing all semanage commands.
+# Large penalty in time if you turn this on.
+expand-check=0
--- /dev/null
+# Network services, Internet style
+#
+# Note that it is presently the policy of IANA to assign a single well-known
+# port number for both TCP and UDP; hence, officially ports have two entries
+# even if the protocol doesn't support UDP operations.
+#
+# Updated from http://www.iana.org/assignments/port-numbers and other
+# sources like http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/services .
+# New ports will be added on request if they have been officially assigned
+# by IANA and used in the real-world or are needed by a debian package.
+# If you need a huge list of used numbers please install the nmap package.
+
+tcpmux 1/tcp # TCP port service multiplexer
+echo 7/tcp
+echo 7/udp
+discard 9/tcp sink null
+discard 9/udp sink null
+systat 11/tcp users
+daytime 13/tcp
+daytime 13/udp
+netstat 15/tcp
+qotd 17/tcp quote
+msp 18/tcp # message send protocol
+msp 18/udp
+chargen 19/tcp ttytst source
+chargen 19/udp ttytst source
+ftp-data 20/tcp
+ftp 21/tcp
+fsp 21/udp fspd
+ssh 22/tcp # SSH Remote Login Protocol
+ssh 22/udp
+telnet 23/tcp
+smtp 25/tcp mail
+time 37/tcp timserver
+time 37/udp timserver
+rlp 39/udp resource # resource location
+nameserver 42/tcp name # IEN 116
+whois 43/tcp nicname
+tacacs 49/tcp # Login Host Protocol (TACACS)
+tacacs 49/udp
+re-mail-ck 50/tcp # Remote Mail Checking Protocol
+re-mail-ck 50/udp
+domain 53/tcp # Domain Name Server
+domain 53/udp
+mtp 57/tcp # deprecated
+tacacs-ds 65/tcp # TACACS-Database Service
+tacacs-ds 65/udp
+bootps 67/tcp # BOOTP server
+bootps 67/udp
+bootpc 68/tcp # BOOTP client
+bootpc 68/udp
+tftp 69/udp
+gopher 70/tcp # Internet Gopher
+gopher 70/udp
+rje 77/tcp netrjs
+finger 79/tcp
+http 80/tcp www # WorldWideWeb HTTP
+http 80/udp # HyperText Transfer Protocol
+link 87/tcp ttylink
+kerberos 88/tcp kerberos5 krb5 kerberos-sec # Kerberos v5
+kerberos 88/udp kerberos5 krb5 kerberos-sec # Kerberos v5
+supdup 95/tcp
+hostnames 101/tcp hostname # usually from sri-nic
+iso-tsap 102/tcp tsap # part of ISODE
+acr-nema 104/tcp dicom # Digital Imag. & Comm. 300
+acr-nema 104/udp dicom
+csnet-ns 105/tcp cso-ns # also used by CSO name server
+csnet-ns 105/udp cso-ns
+rtelnet 107/tcp # Remote Telnet
+rtelnet 107/udp
+pop2 109/tcp postoffice pop-2 # POP version 2
+pop2 109/udp pop-2
+pop3 110/tcp pop-3 # POP version 3
+pop3 110/udp pop-3
+sunrpc 111/tcp portmapper # RPC 4.0 portmapper
+sunrpc 111/udp portmapper
+auth 113/tcp authentication tap ident
+sftp 115/tcp
+uucp-path 117/tcp
+nntp 119/tcp readnews untp # USENET News Transfer Protocol
+ntp 123/tcp
+ntp 123/udp # Network Time Protocol
+pwdgen 129/tcp # PWDGEN service
+pwdgen 129/udp
+loc-srv 135/tcp epmap # Location Service
+loc-srv 135/udp epmap
+netbios-ns 137/tcp # NETBIOS Name Service
+netbios-ns 137/udp
+netbios-dgm 138/tcp # NETBIOS Datagram Service
+netbios-dgm 138/udp
+netbios-ssn 139/tcp # NETBIOS session service
+netbios-ssn 139/udp
+imap2 143/tcp imap # Interim Mail Access P 2 and 4
+imap2 143/udp imap
+snmp 161/tcp # Simple Net Mgmt Protocol
+snmp 161/udp
+snmp-trap 162/tcp snmptrap # Traps for SNMP
+snmp-trap 162/udp snmptrap
+cmip-man 163/tcp # ISO mgmt over IP (CMOT)
+cmip-man 163/udp
+cmip-agent 164/tcp
+cmip-agent 164/udp
+mailq 174/tcp # Mailer transport queue for Zmailer
+mailq 174/udp
+xdmcp 177/tcp # X Display Mgr. Control Proto
+xdmcp 177/udp
+nextstep 178/tcp NeXTStep NextStep # NeXTStep window
+nextstep 178/udp NeXTStep NextStep # server
+bgp 179/tcp # Border Gateway Protocol
+bgp 179/udp
+prospero 191/tcp # Cliff Neuman's Prospero
+prospero 191/udp
+irc 194/tcp # Internet Relay Chat
+irc 194/udp
+smux 199/tcp # SNMP Unix Multiplexer
+smux 199/udp
+at-rtmp 201/tcp # AppleTalk routing
+at-rtmp 201/udp
+at-nbp 202/tcp # AppleTalk name binding
+at-nbp 202/udp
+at-echo 204/tcp # AppleTalk echo
+at-echo 204/udp
+at-zis 206/tcp # AppleTalk zone information
+at-zis 206/udp
+qmtp 209/tcp # Quick Mail Transfer Protocol
+qmtp 209/udp
+z3950 210/tcp wais # NISO Z39.50 database
+z3950 210/udp wais
+ipx 213/tcp # IPX
+ipx 213/udp
+imap3 220/tcp # Interactive Mail Access
+imap3 220/udp # Protocol v3
+pawserv 345/tcp # Perf Analysis Workbench
+pawserv 345/udp
+zserv 346/tcp # Zebra server
+zserv 346/udp
+fatserv 347/tcp # Fatmen Server
+fatserv 347/udp
+rpc2portmap 369/tcp
+rpc2portmap 369/udp # Coda portmapper
+codaauth2 370/tcp
+codaauth2 370/udp # Coda authentication server
+clearcase 371/tcp Clearcase
+clearcase 371/udp Clearcase
+ulistserv 372/tcp # UNIX Listserv
+ulistserv 372/udp
+ldap 389/tcp # Lightweight Directory Access Protocol
+ldap 389/udp
+imsp 406/tcp # Interactive Mail Support Protocol
+imsp 406/udp
+svrloc 427/tcp # Server Location
+svrloc 427/udp
+https 443/tcp # http protocol over TLS/SSL
+https 443/udp
+snpp 444/tcp # Simple Network Paging Protocol
+snpp 444/udp
+microsoft-ds 445/tcp # Microsoft Naked CIFS
+microsoft-ds 445/udp
+kpasswd 464/tcp
+kpasswd 464/udp
+urd 465/tcp ssmtp smtps # URL Rendesvous Directory for SSM
+saft 487/tcp # Simple Asynchronous File Transfer
+saft 487/udp
+isakmp 500/tcp # IPsec - Internet Security Association
+isakmp 500/udp # and Key Management Protocol
+rtsp 554/tcp # Real Time Stream Control Protocol
+rtsp 554/udp
+nqs 607/tcp # Network Queuing system
+nqs 607/udp
+npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
+npmp-local 610/udp dqs313_qmaster
+npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
+npmp-gui 611/udp dqs313_execd
+hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS
+hmmp-ind 612/udp dqs313_intercell
+asf-rmcp 623/udp # ASF Remote Management and Control Protocol
+qmqp 628/tcp
+qmqp 628/udp
+ipp 631/tcp # Internet Printing Protocol
+ipp 631/udp
+#
+# UNIX specific services
+#
+exec 512/tcp
+biff 512/udp comsat
+login 513/tcp
+who 513/udp whod
+shell 514/tcp cmd # no passwords used
+syslog 514/udp
+printer 515/tcp spooler # line printer spooler
+talk 517/udp
+ntalk 518/udp
+route 520/udp router routed # RIP
+timed 525/udp timeserver
+tempo 526/tcp newdate
+courier 530/tcp rpc
+conference 531/tcp chat
+netnews 532/tcp readnews
+netwall 533/udp # for emergency broadcasts
+gdomap 538/tcp # GNUstep distributed objects
+gdomap 538/udp
+uucp 540/tcp uucpd # uucp daemon
+klogin 543/tcp # Kerberized `rlogin' (v5)
+kshell 544/tcp krcmd # Kerberized `rsh' (v5)
+dhcpv6-client 546/tcp
+dhcpv6-client 546/udp
+dhcpv6-server 547/tcp
+dhcpv6-server 547/udp
+afpovertcp 548/tcp # AFP over TCP
+afpovertcp 548/udp
+idfp 549/tcp
+idfp 549/udp
+remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
+nntps 563/tcp snntp # NNTP over SSL
+nntps 563/udp snntp
+submission 587/tcp # Submission [RFC4409]
+submission 587/udp
+ldaps 636/tcp # LDAP over SSL
+ldaps 636/udp
+tinc 655/tcp # tinc control port
+tinc 655/udp
+silc 706/tcp
+silc 706/udp
+kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
+#
+webster 765/tcp # Network dictionary
+webster 765/udp
+rsync 873/tcp
+rsync 873/udp
+ftps-data 989/tcp # FTP over SSL (data)
+ftps 990/tcp
+telnets 992/tcp # Telnet over SSL
+telnets 992/udp
+imaps 993/tcp # IMAP over SSL
+imaps 993/udp
+ircs 994/tcp # IRC over SSL
+ircs 994/udp
+pop3s 995/tcp # POP-3 over SSL
+pop3s 995/udp
+#
+# From ``Assigned Numbers'':
+#
+#> The Registered Ports are not controlled by the IANA and on most systems
+#> can be used by ordinary user processes or programs executed by ordinary
+#> users.
+#
+#> Ports are used in the TCP [45,106] to name the ends of logical
+#> connections which carry long term conversations. For the purpose of
+#> providing services to unknown callers, a service contact port is
+#> defined. This list specifies the port used by the server process as its
+#> contact port. While the IANA can not control uses of these ports it
+#> does register or list uses of these ports as a convienence to the
+#> community.
+#
+socks 1080/tcp # socks proxy server
+socks 1080/udp
+proofd 1093/tcp
+proofd 1093/udp
+rootd 1094/tcp
+rootd 1094/udp
+openvpn 1194/tcp
+openvpn 1194/udp
+rmiregistry 1099/tcp # Java RMI Registry
+rmiregistry 1099/udp
+kazaa 1214/tcp
+kazaa 1214/udp
+nessus 1241/tcp # Nessus vulnerability
+nessus 1241/udp # assessment scanner
+lotusnote 1352/tcp lotusnotes # Lotus Note
+lotusnote 1352/udp lotusnotes
+ms-sql-s 1433/tcp # Microsoft SQL Server
+ms-sql-s 1433/udp
+ms-sql-m 1434/tcp # Microsoft SQL Monitor
+ms-sql-m 1434/udp
+ingreslock 1524/tcp
+ingreslock 1524/udp
+prospero-np 1525/tcp # Prospero non-privileged
+prospero-np 1525/udp
+datametrics 1645/tcp old-radius
+datametrics 1645/udp old-radius
+sa-msg-port 1646/tcp old-radacct
+sa-msg-port 1646/udp old-radacct
+kermit 1649/tcp
+kermit 1649/udp
+groupwise 1677/tcp
+groupwise 1677/udp
+l2f 1701/tcp l2tp
+l2f 1701/udp l2tp
+radius 1812/tcp
+radius 1812/udp
+radius-acct 1813/tcp radacct # Radius Accounting
+radius-acct 1813/udp radacct
+msnp 1863/tcp # MSN Messenger
+msnp 1863/udp
+unix-status 1957/tcp # remstats unix-status server
+log-server 1958/tcp # remstats log server
+remoteping 1959/tcp # remstats remoteping server
+cisco-sccp 2000/tcp # Cisco SCCP
+cisco-sccp 2000/udp
+search 2010/tcp ndtp
+pipe-server 2010/tcp pipe_server
+nfs 2049/tcp # Network File System
+nfs 2049/udp # Network File System
+gnunet 2086/tcp
+gnunet 2086/udp
+rtcm-sc104 2101/tcp # RTCM SC-104 IANA 1/29/99
+rtcm-sc104 2101/udp
+gsigatekeeper 2119/tcp
+gsigatekeeper 2119/udp
+gris 2135/tcp # Grid Resource Information Server
+gris 2135/udp
+cvspserver 2401/tcp # CVS client/server operations
+cvspserver 2401/udp
+venus 2430/tcp # codacon port
+venus 2430/udp # Venus callback/wbc interface
+venus-se 2431/tcp # tcp side effects
+venus-se 2431/udp # udp sftp side effect
+codasrv 2432/tcp # not used
+codasrv 2432/udp # server port
+codasrv-se 2433/tcp # tcp side effects
+codasrv-se 2433/udp # udp sftp side effect
+mon 2583/tcp # MON traps
+mon 2583/udp
+dict 2628/tcp # Dictionary server
+dict 2628/udp
+f5-globalsite 2792/tcp
+f5-globalsite 2792/udp
+gsiftp 2811/tcp
+gsiftp 2811/udp
+gpsd 2947/tcp
+gpsd 2947/udp
+gds-db 3050/tcp gds_db # InterBase server
+gds-db 3050/udp gds_db
+icpv2 3130/tcp icp # Internet Cache Protocol
+icpv2 3130/udp icp
+iscsi-target 3260/tcp
+mysql 3306/tcp
+mysql 3306/udp
+nut 3493/tcp # Network UPS Tools
+nut 3493/udp
+distcc 3632/tcp # distributed compiler
+distcc 3632/udp
+daap 3689/tcp # Digital Audio Access Protocol
+daap 3689/udp
+svn 3690/tcp subversion # Subversion protocol
+svn 3690/udp subversion
+suucp 4031/tcp # UUCP over SSL
+suucp 4031/udp
+sysrqd 4094/tcp # sysrq daemon
+sysrqd 4094/udp
+sieve 4190/tcp # ManageSieve Protocol
+epmd 4369/tcp # Erlang Port Mapper Daemon
+epmd 4369/udp
+remctl 4373/tcp # Remote Authenticated Command Service
+remctl 4373/udp
+f5-iquery 4353/tcp # F5 iQuery
+f5-iquery 4353/udp
+ipsec-nat-t 4500/udp # IPsec NAT-Traversal [RFC3947]
+iax 4569/tcp # Inter-Asterisk eXchange
+iax 4569/udp
+mtn 4691/tcp # monotone Netsync Protocol
+mtn 4691/udp
+radmin-port 4899/tcp # RAdmin Port
+radmin-port 4899/udp
+rfe 5002/udp # Radio Free Ethernet
+rfe 5002/tcp
+mmcc 5050/tcp # multimedia conference control tool (Yahoo IM)
+mmcc 5050/udp
+sip 5060/tcp # Session Initiation Protocol
+sip 5060/udp
+sip-tls 5061/tcp
+sip-tls 5061/udp
+aol 5190/tcp # AIM
+aol 5190/udp
+xmpp-client 5222/tcp jabber-client # Jabber Client Connection
+xmpp-client 5222/udp jabber-client
+xmpp-server 5269/tcp jabber-server # Jabber Server Connection
+xmpp-server 5269/udp jabber-server
+cfengine 5308/tcp
+cfengine 5308/udp
+mdns 5353/tcp # Multicast DNS
+mdns 5353/udp
+postgresql 5432/tcp postgres # PostgreSQL Database
+postgresql 5432/udp postgres
+freeciv 5556/tcp rptp # Freeciv gameplay
+freeciv 5556/udp
+amqps 5671/tcp # AMQP protocol over TLS/SSL
+amqp 5672/tcp
+amqp 5672/udp
+amqp 5672/sctp
+ggz 5688/tcp # GGZ Gaming Zone
+ggz 5688/udp
+x11 6000/tcp x11-0 # X Window System
+x11 6000/udp x11-0
+x11-1 6001/tcp
+x11-1 6001/udp
+x11-2 6002/tcp
+x11-2 6002/udp
+x11-3 6003/tcp
+x11-3 6003/udp
+x11-4 6004/tcp
+x11-4 6004/udp
+x11-5 6005/tcp
+x11-5 6005/udp
+x11-6 6006/tcp
+x11-6 6006/udp
+x11-7 6007/tcp
+x11-7 6007/udp
+gnutella-svc 6346/tcp # gnutella
+gnutella-svc 6346/udp
+gnutella-rtr 6347/tcp # gnutella
+gnutella-rtr 6347/udp
+sge-qmaster 6444/tcp sge_qmaster # Grid Engine Qmaster Service
+sge-qmaster 6444/udp sge_qmaster
+sge-execd 6445/tcp sge_execd # Grid Engine Execution Service
+sge-execd 6445/udp sge_execd
+mysql-proxy 6446/tcp # MySQL Proxy
+mysql-proxy 6446/udp
+afs3-fileserver 7000/tcp bbs # file server itself
+afs3-fileserver 7000/udp bbs
+afs3-callback 7001/tcp # callbacks to cache managers
+afs3-callback 7001/udp
+afs3-prserver 7002/tcp # users & groups database
+afs3-prserver 7002/udp
+afs3-vlserver 7003/tcp # volume location database
+afs3-vlserver 7003/udp
+afs3-kaserver 7004/tcp # AFS/Kerberos authentication
+afs3-kaserver 7004/udp
+afs3-volser 7005/tcp # volume managment server
+afs3-volser 7005/udp
+afs3-errors 7006/tcp # error interpretation service
+afs3-errors 7006/udp
+afs3-bos 7007/tcp # basic overseer process
+afs3-bos 7007/udp
+afs3-update 7008/tcp # server-to-server updater
+afs3-update 7008/udp
+afs3-rmtsys 7009/tcp # remote cache manager service
+afs3-rmtsys 7009/udp
+font-service 7100/tcp xfs # X Font Service
+font-service 7100/udp xfs
+http-alt 8080/tcp webcache # WWW caching service
+http-alt 8080/udp
+bacula-dir 9101/tcp # Bacula Director
+bacula-dir 9101/udp
+bacula-fd 9102/tcp # Bacula File Daemon
+bacula-fd 9102/udp
+bacula-sd 9103/tcp # Bacula Storage Daemon
+bacula-sd 9103/udp
+xmms2 9667/tcp # Cross-platform Music Multiplexing System
+xmms2 9667/udp
+nbd 10809/tcp # Linux Network Block Device
+zabbix-agent 10050/tcp # Zabbix Agent
+zabbix-agent 10050/udp
+zabbix-trapper 10051/tcp # Zabbix Trapper
+zabbix-trapper 10051/udp
+amanda 10080/tcp # amanda backup services
+amanda 10080/udp
+dicom 11112/tcp
+hkp 11371/tcp # OpenPGP HTTP Keyserver
+hkp 11371/udp
+bprd 13720/tcp # VERITAS NetBackup
+bprd 13720/udp
+bpdbm 13721/tcp # VERITAS NetBackup
+bpdbm 13721/udp
+bpjava-msvc 13722/tcp # BP Java MSVC Protocol
+bpjava-msvc 13722/udp
+vnetd 13724/tcp # Veritas Network Utility
+vnetd 13724/udp
+bpcd 13782/tcp # VERITAS NetBackup
+bpcd 13782/udp
+vopied 13783/tcp # VERITAS NetBackup
+vopied 13783/udp
+db-lsp 17500/tcp # Dropbox LanSync Protocol
+dcap 22125/tcp # dCache Access Protocol
+gsidcap 22128/tcp # GSI dCache Access Protocol
+wnn6 22273/tcp # wnn6
+wnn6 22273/udp
+
+#
+# Datagram Delivery Protocol services
+#
+rtmp 1/ddp # Routing Table Maintenance Protocol
+nbp 2/ddp # Name Binding Protocol
+echo 4/ddp # AppleTalk Echo Protocol
+zip 6/ddp # Zone Information Protocol
+
+#=========================================================================
+# The remaining port numbers are not as allocated by IANA.
+#=========================================================================
+
+# Kerberos (Project Athena/MIT) services
+# Note that these are for Kerberos v4, and are unofficial. Sites running
+# v4 should uncomment these and comment out the v5 entries above.
+#
+kerberos4 750/udp kerberos-iv kdc # Kerberos (server)
+kerberos4 750/tcp kerberos-iv kdc
+kerberos-master 751/udp kerberos_master # Kerberos authentication
+kerberos-master 751/tcp
+passwd-server 752/udp passwd_server # Kerberos passwd server
+krb-prop 754/tcp krb_prop krb5_prop hprop # Kerberos slave propagation
+krbupdate 760/tcp kreg # Kerberos registration
+swat 901/tcp # swat
+kpop 1109/tcp # Pop with Kerberos
+knetd 2053/tcp # Kerberos de-multiplexor
+zephyr-srv 2102/udp # Zephyr server
+zephyr-clt 2103/udp # Zephyr serv-hm connection
+zephyr-hm 2104/udp # Zephyr hostmanager
+eklogin 2105/tcp # Kerberos encrypted rlogin
+# Hmmm. Are we using Kv4 or Kv5 now? Worrying.
+# The following is probably Kerberos v5 --- ajt@debian.org (11/02/2000)
+kx 2111/tcp # X over Kerberos
+iprop 2121/tcp # incremental propagation
+#
+# Unofficial but necessary (for NetBSD) services
+#
+supfilesrv 871/tcp # SUP server
+supfiledbg 1127/tcp # SUP debugging
+
+#
+# Services added for the Debian GNU/Linux distribution
+#
+linuxconf 98/tcp # LinuxConf
+poppassd 106/tcp # Eudora
+poppassd 106/udp
+moira-db 775/tcp moira_db # Moira database
+moira-update 777/tcp moira_update # Moira update protocol
+moira-ureg 779/udp moira_ureg # Moira user registration
+spamd 783/tcp # spamassassin daemon
+omirr 808/tcp omirrd # online mirror
+omirr 808/udp omirrd
+customs 1001/tcp # pmake customs server
+customs 1001/udp
+skkserv 1178/tcp # skk jisho server port
+predict 1210/udp # predict -- satellite tracking
+rmtcfg 1236/tcp # Gracilis Packeten remote config server
+wipld 1300/tcp # Wipl network monitor
+xtel 1313/tcp # french minitel
+xtelw 1314/tcp # french minitel
+support 1529/tcp # GNATS
+cfinger 2003/tcp # GNU Finger
+frox 2121/tcp # frox: caching ftp proxy
+ninstall 2150/tcp # ninstall service
+ninstall 2150/udp
+zebrasrv 2600/tcp # zebra service
+zebra 2601/tcp # zebra vty
+ripd 2602/tcp # ripd vty (zebra)
+ripngd 2603/tcp # ripngd vty (zebra)
+ospfd 2604/tcp # ospfd vty (zebra)
+bgpd 2605/tcp # bgpd vty (zebra)
+ospf6d 2606/tcp # ospf6d vty (zebra)
+ospfapi 2607/tcp # OSPF-API
+isisd 2608/tcp # ISISd vty (zebra)
+afbackup 2988/tcp # Afbackup system
+afbackup 2988/udp
+afmbackup 2989/tcp # Afmbackup system
+afmbackup 2989/udp
+xtell 4224/tcp # xtell server
+fax 4557/tcp # FAX transmission service (old)
+hylafax 4559/tcp # HylaFAX client-server protocol (new)
+distmp3 4600/tcp # distmp3host daemon
+munin 4949/tcp lrrd # Munin
+enbd-cstatd 5051/tcp # ENBD client statd
+enbd-sstatd 5052/tcp # ENBD server statd
+pcrd 5151/tcp # PCR-1000 Daemon
+noclog 5354/tcp # noclogd with TCP (nocol)
+noclog 5354/udp # noclogd with UDP (nocol)
+hostmon 5355/tcp # hostmon uses TCP (nocol)
+hostmon 5355/udp # hostmon uses UDP (nocol)
+rplay 5555/udp # RPlay audio service
+nrpe 5666/tcp # Nagios Remote Plugin Executor
+nsca 5667/tcp # Nagios Agent - NSCA
+mrtd 5674/tcp # MRT Routing Daemon
+bgpsim 5675/tcp # MRT Routing Simulator
+canna 5680/tcp # cannaserver
+syslog-tls 6514/tcp # Syslog over TLS [RFC5425]
+sane-port 6566/tcp sane saned # SANE network scanner daemon
+ircd 6667/tcp # Internet Relay Chat
+zope-ftp 8021/tcp # zope management by ftp
+tproxy 8081/tcp # Transparent Proxy
+omniorb 8088/tcp # OmniORB
+omniorb 8088/udp
+clc-build-daemon 8990/tcp # Common lisp build daemon
+xinetd 9098/tcp
+mandelspawn 9359/udp mandelbrot # network mandelbrot
+git 9418/tcp # Git Version Control System
+zope 9673/tcp # zope server
+webmin 10000/tcp
+kamanda 10081/tcp # amanda backup services (Kerberos)
+kamanda 10081/udp
+amandaidx 10082/tcp # amanda backup services
+amidxtape 10083/tcp # amanda backup services
+smsqp 11201/tcp # Alamin SMS gateway
+smsqp 11201/udp
+xpilot 15345/tcp # XPilot Contact Port
+xpilot 15345/udp
+sgi-cmsd 17001/udp # Cluster membership services daemon
+sgi-crsd 17002/udp
+sgi-gcd 17003/udp # SGI Group membership daemon
+sgi-cad 17004/tcp # Cluster Admin daemon
+isdnlog 20011/tcp # isdn logging system
+isdnlog 20011/udp
+vboxd 20012/tcp # voice box system
+vboxd 20012/udp
+binkp 24554/tcp # binkp fidonet protocol
+asp 27374/tcp # Address Search Protocol
+asp 27374/udp
+csync2 30865/tcp # cluster synchronization tool
+dircproxy 57000/tcp # Detachable IRC Proxy
+tfido 60177/tcp # fidonet EMSI over telnet
+fido 60179/tcp # fidonet EMSI over TCP
+
+# Local services
--- /dev/null
+/var/lib/sgml-base/supercatalog
\ No newline at end of file
--- /dev/null
+CATALOG /usr/share/sgml/dtd/xml-core/catalog
--- /dev/null
+root:$6$WKhSglZ1$24U2gJHqKWkB7n1heWzGNjQLmfddvrKcADE1XlvMiCFzFc7mDqzdPAP1G2LmVB.9jBaHmkQlQwDynY/Y1Awz6.:16867:0:99999:7:::
+daemon:*:16861:0:99999:7:::
+bin:*:16861:0:99999:7:::
+sys:*:16861:0:99999:7:::
+sync:*:16861:0:99999:7:::
+games:*:16861:0:99999:7:::
+man:*:16861:0:99999:7:::
+lp:*:16861:0:99999:7:::
+mail:*:16861:0:99999:7:::
+news:*:16861:0:99999:7:::
+uucp:*:16861:0:99999:7:::
+proxy:*:16861:0:99999:7:::
+www-data:*:16861:0:99999:7:::
+backup:*:16861:0:99999:7:::
+list:*:16861:0:99999:7:::
+irc:*:16861:0:99999:7:::
+gnats:*:16861:0:99999:7:::
+nobody:*:16861:0:99999:7:::
+systemd-timesync:*:16861:0:99999:7:::
+systemd-network:*:16861:0:99999:7:::
+systemd-resolve:*:16861:0:99999:7:::
+systemd-bus-proxy:*:16861:0:99999:7:::
+sshd:*:16861:0:99999:7:::
+Debian-exim:!:16867:0:99999:7:::
+postfix:*:16867:0:99999:7:::
+bind:!:16868::::::
+ulog:*:16920:0:99999:7:::
+repo:!:17100:0:99999:7:::
--- /dev/null
+root:$6$WKhSglZ1$24U2gJHqKWkB7n1heWzGNjQLmfddvrKcADE1XlvMiCFzFc7mDqzdPAP1G2LmVB.9jBaHmkQlQwDynY/Y1Awz6.:16867:0:99999:7:::
+daemon:*:16861:0:99999:7:::
+bin:*:16861:0:99999:7:::
+sys:*:16861:0:99999:7:::
+sync:*:16861:0:99999:7:::
+games:*:16861:0:99999:7:::
+man:*:16861:0:99999:7:::
+lp:*:16861:0:99999:7:::
+mail:*:16861:0:99999:7:::
+news:*:16861:0:99999:7:::
+uucp:*:16861:0:99999:7:::
+proxy:*:16861:0:99999:7:::
+www-data:*:16861:0:99999:7:::
+backup:*:16861:0:99999:7:::
+list:*:16861:0:99999:7:::
+irc:*:16861:0:99999:7:::
+gnats:*:16861:0:99999:7:::
+nobody:*:16861:0:99999:7:::
+systemd-timesync:*:16861:0:99999:7:::
+systemd-network:*:16861:0:99999:7:::
+systemd-resolve:*:16861:0:99999:7:::
+systemd-bus-proxy:*:16861:0:99999:7:::
+sshd:*:16861:0:99999:7:::
+Debian-exim:!:16867:0:99999:7:::
+postfix:*:16867:0:99999:7:::
+bind:!:16868::::::
+ulog:*:16920:0:99999:7:::
--- /dev/null
+# /etc/shells: valid login shells
+/bin/sh
+/bin/dash
+/bin/bash
+/bin/rbash
+/bin/zsh
+/usr/bin/zsh
+/usr/bin/tmux
--- /dev/null
+# ~/.bash_logout: executed by bash(1) when login shell exits.
+
+# when leaving the console clear the screen to increase privacy
+
+if [ "$SHLVL" = 1 ]; then
+ [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
+fi
--- /dev/null
+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+ *i*) ;;
+ *) return;;
+esac
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# If this is an xterm set the title to user@host:dir
+#case "$TERM" in
+#xterm*|rxvt*)
+# PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+# ;;
+#*)
+# ;;
+#esac
+
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+ . ~/.bash_aliases
+fi
+
--- /dev/null
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+ # include .bashrc if it exists
+ if [ -f "$HOME/.bashrc" ]; then
+ . "$HOME/.bashrc"
+ fi
+fi
+
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+ PATH="$HOME/bin:$PATH"
+fi
--- /dev/null
+# Time Type Tests Tries Size Generator Modulus
+20120821044040 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A770E2EC9F
+20120821044046 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7711F2C6B
+20120821044047 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771225323
+20120821044048 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712507AB
+20120821044050 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712A2DB3
+20120821044051 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712CACEF
+20120821044053 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7713959C3
+20120821044057 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7715BBA13
+20120821044103 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77191592F
+20120821044104 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771938E1F
+20120821044106 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771A1E127
+20120821044108 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771B3CDFB
+20120821044109 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771B71913
+20120821044111 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771C2759F
+20120821044113 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771CF8ABF
+20120821044114 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771D2B49B
+20120821044116 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771DF6193
+20120821044117 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771E67E33
+20120821044120 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771FA581B
+20120821044121 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772027DDB
+20120821044123 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772093F8B
+20120821044124 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7720EEF6F
+20120821044125 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77216CAD7
+20120821044126 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77219A90B
+20120821044129 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7722A0103
+20120821044130 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772343DBF
+20120821044133 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772460C3F
+20120821044137 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7726A4E0F
+20120821044138 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772716D8B
+20120821044141 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7728D719B
+20120821044143 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77297AA8B
+20120821044145 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772A8794B
+20120821044147 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772B4D6AB
+20120821044149 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772BD325F
+20120821044150 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772BDAE07
+20120821044151 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772C95CE3
+20120821044502 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F96361507
+20120821044515 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F965885BF
+20120821044519 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F966006C7
+20120821044528 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9674A0EB
+20120821044539 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F969457F3
+20120821044544 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F969BE79B
+20120821044606 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F96E1E827
+20120821044623 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9714284B
+20120821044630 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97231CB7
+20120821044636 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F972E01DF
+20120821044647 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974BCED3
+20120821044650 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974C3A43
+20120821044653 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974E8F73
+20120821044701 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9763403B
+20120821044705 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9767666B
+20120821044708 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9768D81F
+20120821044726 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F979FD437
+20120821044729 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97A29BC7
+20120821044732 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97A56447
+20120821044737 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97AEDBDB
+20120821044740 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97B187F3
+20120821044746 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97BC6EE3
+20120821044757 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97DCCDEB
+20120821044817 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F981975F7
+20120821044831 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F983EC267
+20120821044841 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F985A032F
+20120821044846 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9863B0AB
+20120821044852 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F986E5C7F
+20120821044911 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98A8FF6B
+20120821044917 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98B40E4B
+20120821044924 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98C5840F
+20120821044940 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98F22CEB
+20120821044947 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99040FFF
+20120821044954 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99139AE3
+20120821045010 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9940BEFB
+20120821045017 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9954379F
+20120821045020 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99548C23
+20120821045023 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99562FC3
+20120821045028 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9960CDCF
+20120821045038 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F997AC0B3
+20120821045045 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F998D9B6B
+20120821045050 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9994BB77
+20120821045059 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99AC001B
+20120821045101 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99AC5547
+20120821045107 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99B86567
+20120821045110 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99BA2677
+20120821045128 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99EF4523
+20120821045154 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A419DAB
+20120821045214 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A7D1E67
+20120821045218 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A826443
+20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+20120821050118 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293682361D5F
+20120821050218 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936828ADA17
+20120821050243 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293682A8A7CB
+20120821050427 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368341AC87
+20120821050515 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936837F8657
+20120821050545 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683A3DFD3
+20120821050554 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683A9635F
+20120821050636 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683DF582B
+20120821050648 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683E86803
+20120821050758 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684495A13
+20120821050807 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936844FAB5B
+20120821050849 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368486D99B
+20120821050916 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684A776A7
+20120821050942 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684C4FF73
+20120821051003 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684DB980F
+20120821051010 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684DD4FBF
+20120821051158 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685721537
+20120821051206 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685768253
+20120821051231 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685930F13
+20120821051240 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685987B0B
+20120821051324 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685D5E36B
+20120821051349 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685F3AB7F
+20120821051424 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686206187
+20120821051516 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368668EB4B
+20120821051540 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368686EB87
+20120821051622 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686BCCF13
+20120821051703 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686F13B9F
+20120821051715 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686FB2D4F
+20120821051837 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936876ED7DF
+20120821051843 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936876F05DB
+20120821051930 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293687AEDE8F
+20120821052131 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293688637CFF
+20120821053137 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942284EA9F
+20120821053209 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94228B7F67
+20120821053317 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9422A2B3C7
+20120821053841 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94232DEF87
+20120821054039 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942359AB7B
+20120821054334 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9423A371A7
+20120821054455 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9423C1CEEF
+20120821054844 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424273F1F
+20120821055307 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424987667
+20120821055436 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424B90BAB
+20120821055700 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424F6C7CF
+20120821060224 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94258ADCEF
+20120821060334 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9425A1FCEB
+20120821060420 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9425AEBF43
+20120821060927 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942634C34F
+20120821061829 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94272F0D4F
+20120821062020 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94275B00B7
+20120821062241 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9427941F5F
+20120821063416 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9428D5E367
+20120821063648 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942917E127
+20120821064052 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9429825A2B
+20120821064951 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942A74C4EB
+20120821065736 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942B4640D3
+20120821071146 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942CCD6D1B
+20120821071337 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942CF9321B
+20120821072545 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942E48654F
+20120821075022 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9430F1B6A3
+20120821080229 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9432356F63
+20120821081230 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94333D9363
+20120821081746 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9433C6A7A7
+20120821081811 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9433C94C93
+20120821084945 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45B27D047
+20120821091240 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45C370A33
+20120821092428 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45CBB9FBB
+20120821093047 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45D001E73
+20120821095420 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45E104D6F
+20120821095624 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45E21E2BF
+20120821102749 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45F9B1B7B
+20120821105854 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4610E205F
+20120821110658 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA461631FBF
+20120821110744 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA461635E3B
+20120821115206 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4636E0DF7
+20120821121256 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4645F38B3
+20120821121421 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46467609B
+20120821122649 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA464F87D6B
+20120821122854 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46508F94B
+20120821125200 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4661CBC5B
+20120821130613 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA466BC6B33
+20120821131115 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA466ED9CC7
+20120821132817 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA467B278B3
+20120821135349 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA468D8351B
+20120821141206 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA469A817A7
+20120821144909 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46B488EF7
+20120821150021 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46BC5D5E7
+20120821153843 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46D774723
+20120821162006 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46F5488DB
+20120821170404 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA47157A067
+20120821173305 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA472A1E94B
+20120821173936 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA472E0E57F
+20120821174533 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4731F7433
+20120821180053 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA473C7CE3F
+20120821180952 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4742A8237
+20120821181124 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA474343C5B
+20120821183540 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4754D89DB
+20120821183852 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA47569B47F
+20120821184512 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475AC57DB
+20120821184603 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475AD78CB
+20120821184701 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475B0038F
+20120821185939 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4763BD72F
+20120821190630 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA476853BB7
+20120821190945 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA476A47843
+20120821195501 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA478A96AEF
+20120705232031 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B241215BB
+20120705233800 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B246EC93B
+20120706002709 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2582B477
+20120706013826 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B271419A3
+20120706014732 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B273FB1BB
+20120706021008 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B27B7E59F
+20120705225552 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B29C4E81B
+20120705233754 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2AB07037
+20120705234834 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2AE25CBB
+20120706024556 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2EDFAA6F
+20120705233556 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B30EE83EB
+20120706002117 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B31E6F727
+20120705233808 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B37267537
+20120706001148 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B3DF98C1F
+20120706013155 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B3FBB98EB
+20120706025705 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B418898A7
+20120706022948 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B4707179B
+20120705233534 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B4F3D25C7
+20120706014542 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B520205CB
+20120706030026 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B539518DB
+20120706003519 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B566E0243
+20120706032218 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B59E508EF
+20120706033523 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B5A254F5F
+20120705235242 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B5B60C48F
+20120706022615 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B646A1B3B
+20120706032540 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B6594B14F
+20120706001843 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B677C3593
+20120705054703 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453518A0F7
+20120705060217 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445353B291F
+20120705100916 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344537DF8F1B
+20120705112627 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344538AF7C7B
+20120705121419 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445392BB61F
+20120705162623 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453BD5FE03
+20120705171958 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453C6257EF
+20120705222541 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453FBF1073
+20120705120012 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344544BA2363
+20120705143238 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445464ED33B
+20120705175610 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445486B9E93
+20120705143839 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344551AEBB1B
+20120705164833 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344553053057
+20120705195911 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344560200E33
+20120705051445 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445620DCB9B
+20120705090103 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456453E2C3
+20120705102457 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456520F7B3
+20120705045958 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456CC34FE7
+20120705064048 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456DBB1643
+20120705100057 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456FACFC3F
+20120705130216 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445716EEFD3
+20120705184211 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344574BD3B0F
+20120705075506 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234457918ED6F
+20120705111016 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445857E1707
+20120705051124 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234458C6078E3
+20120705054255 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234458CA4E313
+20120705155949 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459281E7B3
+20120705065517 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344597A57CB3
+20120705082307 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445987253DB
+20120705182442 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459E124B2F
+20120705184956 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459E442F5B
+20120705071209 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445A1E0FD83
+20120705155527 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445A6BDA473
+20120705103912 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445ADCE429F
+20120705115451 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AE75FB83
+20120705133531 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AF5813A3
+20120705144902 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AFF92FDF
+20120705160631 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445B0A9AF9F
+20120705194100 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445B296E223
--- /dev/null
+
+# This is the ssh client system-wide configuration file. See
+# ssh_config(5) for more information. This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+# 1. command line options
+# 2. user-specific file
+# 3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options. For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+# ForwardAgent no
+# ForwardX11 no
+# ForwardX11Trusted yes
+# RhostsRSAAuthentication no
+# RSAAuthentication yes
+# PasswordAuthentication yes
+# HostbasedAuthentication no
+# GSSAPIAuthentication no
+# GSSAPIDelegateCredentials no
+# GSSAPIKeyExchange no
+# GSSAPITrustDNS no
+# BatchMode no
+# CheckHostIP yes
+# AddressFamily any
+# ConnectTimeout 0
+ StrictHostKeyChecking no
+# IdentityFile ~/.ssh/identity
+# IdentityFile ~/.ssh/id_rsa
+# IdentityFile ~/.ssh/id_dsa
+# Port 22
+# Protocol 2,1
+# Cipher 3des
+# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
+# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+# EscapeChar ~
+# Tunnel no
+# TunnelDevice any:any
+# PermitLocalCommand no
+# VisualHostKey no
+# ProxyCommand ssh -q -W %h:%p gateway.example.com
+# RekeyLimit 1G 1h
+ SendEnv LANG LC_*
+ HashKnownHosts no
+ GSSAPIAuthentication yes
+ GSSAPIDelegateCredentials no
--- /dev/null
+-----BEGIN DSA PRIVATE KEY-----
+MIIBuwIBAAKBgQDhKBV52k+axdL4Ra+uSp1q1DJO8VRraBC9nIe9ibmnfIVUwrwU
+hJwfjUxZZZv5u3b+2U9CtolvSdttaoXU2wvTv0ov0/AMd/uYHtqSKZ630kvfYT3W
+w05Ys7Qog13YANPDhFtV+lpSP0nS+FOkszYYdce5hMDlZVcsBOX2xonCVwIVAKpo
+2m49qze3u9yfJEzGTAfcgwk1AoGBANIbK66wRqXwTPAMpBiJkO4O5fI/ks1IIjjL
+kwHjMKFybqWUjYvYDyNdXW9Bp+fRbMxVJ9RqJ2GnllO18WKhoauJFLm3ckc1oK37
+ALDUocw9Tz5UG7YHzk4b9ZmfyHmgyi07ejx9BtEHhJxdixzA3m9ITebErKRA8YAh
+TrWlmCbeAoGADhLw+LfFunqiGTgry4pWrr5kg3Ey3MdaFvkZY/3akz3jYFsdxxK2
+DIfTDleHmKAqCSw4PlYyWFuSc0yzTQuVUxBe08AJMz28EF9JC96imM5+b3C+RjO6
+Vqcxy13ejZC/7fUMK79p3R7v3S6L5NwT42lOGjT1sBowH3CiCRMvwJcCFBylS1pW
+EdYTjgkqcv6L+SYbfdX+
+-----END DSA PRIVATE KEY-----
--- /dev/null
+ssh-dss AAAAB3NzaC1kc3MAAACBAOEoFXnaT5rF0vhFr65KnWrUMk7xVGtoEL2ch72Juad8hVTCvBSEnB+NTFllm/m7dv7ZT0K2iW9J221qhdTbC9O/Si/T8Ax3+5ge2pIpnrfSS99hPdbDTliztCiDXdgA08OEW1X6WlI/SdL4U6SzNhh1x7mEwOVlVywE5fbGicJXAAAAFQCqaNpuPas3t7vcnyRMxkwH3IMJNQAAAIEA0hsrrrBGpfBM8AykGImQ7g7l8j+SzUgiOMuTAeMwoXJupZSNi9gPI11db0Gn59FszFUn1GonYaeWU7XxYqGhq4kUubdyRzWgrfsAsNShzD1PPlQbtgfOThv1mZ/IeaDKLTt6PH0G0QeEnF2LHMDeb0hN5sSspEDxgCFOtaWYJt4AAACADhLw+LfFunqiGTgry4pWrr5kg3Ey3MdaFvkZY/3akz3jYFsdxxK2DIfTDleHmKAqCSw4PlYyWFuSc0yzTQuVUxBe08AJMz28EF9JC96imM5+b3C+RjO6Vqcxy13ejZC/7fUMK79p3R7v3S6L5NwT42lOGjT1sBowH3CiCRMvwJc= root@debian
--- /dev/null
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIB/Z4WO6U0owmtj/8rd0p3t+RD41H+MOid1FKsevm0RioAoGCCqGSM49
+AwEHoUQDQgAEV76I5AtDk+JAcTT7oTx/5f/gcvjUvQQINI31G81n+piASh54BeSu
+G7/QbnA6LA60WitD1S/2rYNsmOzucPT/Wg==
+-----END EC PRIVATE KEY-----
--- /dev/null
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFe+iOQLQ5PiQHE0+6E8f+X/4HL41L0ECDSN9RvNZ/qYgEoeeAXkrhu/0G5wOiwOtForQ9Uv9q2DbJjs7nD0/1o= root@debian
--- /dev/null
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBt+E0FDTVZsrlXKmK2Sc7O+qgMiVrSPl55sOyHoqFTmAAAAJAA10kEANdJ
+BAAAAAtzc2gtZWQyNTUxOQAAACBt+E0FDTVZsrlXKmK2Sc7O+qgMiVrSPl55sOyHoqFTmA
+AAAECMwZcXWgL7p0VmFaZLkw/cL6onAVpNdUUAGN+GnTTMAm34TQUNNVmyuVcqYrZJzs76
+qAyJWtI+Xnmw7IeioVOYAAAAC3Jvb3RAZGViaWFuAQI=
+-----END OPENSSH PRIVATE KEY-----
--- /dev/null
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG34TQUNNVmyuVcqYrZJzs76qAyJWtI+Xnmw7IeioVOY root@debian
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA6Jg+OBEmCsU3P2vuW+rKj3V5TjMIebYTeCkiYg8eYC9Drz4Q
+Gz9Gw5x/Ojzd52FCQUoQlSBeN3i3uYHgYHQBG6IDkyLTn6AxJNmn6ozIJxMyKYzt
+sL837TwujlTUJbvDGQCyFVXBGDbuPP/OnVqgGusd1VofXL5oU54L7PhdcCkaOZvN
+GZfMlLYz5Faq/i4b1i4GiuU57mARBtq8wkhoRk6BW3s+I9ow+cCQSGrQDYv8/koI
+1hICZPA87Vjo7JrK20++RS24DqeZgL58DCqM4yRm1J8gx+UoMraG9HipIgpu+b47
+EQzv9yk5QT5ibsoLWZsHOYVNiEbPbxPC05/9OQIDAQABAoIBABQYQxfY825ux20l
+R/yM9l8aiRZmdk79mgUBmMTcBYXNz40uUXnpJ5XyyVMguxMoZe76FSCtITatqUHP
+pLDwlL/saV6m3Z2m21gRrd4nt4sYr3bDhC2G96/5SRRm48U2yY45bylEtWAALuj6
+OMGDeN2afoNWO+tpT94Zg3I/quLrn/xhP2NaipjirDX5uIfAZmJm25oibl4uzuE5
+Ac3Ce63U/ppFURZOi2azDO+O3IjWjY850OZ9ANEgwHa9vUDIDDsYPY6N3P8wHFvY
+9wDnsiMnXzrNmSS5DA70M+TEwJ6Jctg+CVGB7LiGmqBa8KmxZT/giDswth6ksiiD
+u89mBZkCgYEA9PwBkHVXMZfEUkcgJ/faVAGc5f6dx05aIdcX7BCT1UHsqzQ/g4Pg
+EDGdZmjz77MDSEu206CoQLuSNOtzpfMupuV4QiVo0nWVwi5Mv2800ZHrvr0NGBFg
+i2BHLshq/ifkiDIjx7yNhB79nRudb0jnG+plDNx9L3mI24dUrGh7cz8CgYEA8w2e
+xMxQnQDdwcEdnxTA65p00rxLZ2Jjka7oNKwV/W+ZP7cbYpDNSg0FyojvOygGvmIf
+dH57miON4sY0S6G9TGuOkicHj+pnfxEYiW/lOg7eqfuubj+Y7GXpBXo+b5k08L2d
+0PFsa9L0wkOUbL6GedI9Hen3JfQ1u5rML1NHCYcCgYEAkyK7ycg/yyBMn+Hp9TdO
+IIArfJMUrfxn88UcsAIw17dVbmnd754Ht5Ik57oHMCKCySv4LVhjVSWSpUf4WGYa
+0dAmDwwqzaQjgtGN9LfUsD2EqjUfJSJiqrLzbayfXfAVuJrslGyxTfXS+kX4ozrU
+2xZHBJd0dEv5H2hDOZ0y778CgYBhLmT5Eyh4XkxMmEabwNSSX6OuTxNnNvPQ4DqA
+NP5l4yVHUJNmibdLkIFsRexBnvNzVBB3p8sMCoNE1TM7umPSFn9e+LQRWwwexlsl
+ONRSrndhR/yqoEso2madhg9I191PFMHxNVbAlgy/T/4crOFf/CvrtgzX5BlH9dEG
+aynQKQKBgQDOqW/WZCh5d8FWF5jRo167cGA1bkgaEgUIobpFxBezJYnDOIELEPM4
+2t3HKYmgPPIIkl9NseT+bhXdUXGcTm0hSMPb8QLTC3D/SuJyzPkkJgjtvoQEy7U1
+tAqiLs9apvc6GBJ9Cnfzp9RsiJP4lnXZ1dyRG7PvDYNUDuMNJ8QK3A==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDomD44ESYKxTc/a+5b6sqPdXlOMwh5thN4KSJiDx5gL0OvPhAbP0bDnH86PN3nYUJBShCVIF43eLe5geBgdAEbogOTItOfoDEk2afqjMgnEzIpjO2wvzftPC6OVNQlu8MZALIVVcEYNu48/86dWqAa6x3VWh9cvmhTngvs+F1wKRo5m80Zl8yUtjPkVqr+LhvWLgaK5TnuYBEG2rzCSGhGToFbez4j2jD5wJBIatANi/z+SgjWEgJk8DztWOjsmsrbT75FLbgOp5mAvnwMKozjJGbUnyDH5Sgytob0eKkiCm75vjsRDO/3KTlBPmJuygtZmwc5hU2IRs9vE8LTn/05 root@debian
--- /dev/null
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+# Use these options to restrict which interfaces/protocols sshd will bind to
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+#Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 1024
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin without-password
+StrictModes yes
+
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile %h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+RhostsRSAAuthentication no
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+#PasswordAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
--- /dev/null
+thawte_Primary_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Comodo_Secure_Services_root.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_EV_CA_2.pem
\ No newline at end of file
--- /dev/null
+WoSign_China.pem
\ No newline at end of file
--- /dev/null
+USERTrust_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Qualified_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2_G3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Root_CA_Generalitat_Valenciana.pem
\ No newline at end of file
--- /dev/null
+WellsSecure_Public_Root_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+Starfield_Services_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+CFCA_EV_ROOT.pem
\ No newline at end of file
--- /dev/null
+Global_Chambersign_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R4.pem
\ No newline at end of file
--- /dev/null
+Starfield_Services_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_EC1.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Juur-SK.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Comodo_Trusted_Services_root.pem
\ No newline at end of file
--- /dev/null
+EE_Certification_Centre_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DST_Root_CA_X3.pem
\ No newline at end of file
--- /dev/null
+AddTrust_External_Root.pem
\ No newline at end of file
--- /dev/null
+Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
\ No newline at end of file
--- /dev/null
+China_Internet_Network_Information_Center_EV_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+Certplus_Class_2_Primary_CA.pem
\ No newline at end of file
--- /dev/null
+China_Internet_Network_Information_Center_EV_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+SecureSign_RootCA11.pem
\ No newline at end of file
--- /dev/null
+ssl-cert-snakeoil.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Universal_Root_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R5.pem
\ No newline at end of file
--- /dev/null
+DST_ACES_CA_X6.pem
\ No newline at end of file
--- /dev/null
+Taiwan_GRCA.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_2009.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Public_Sector_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_2.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_3.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R3.pem
\ No newline at end of file
--- /dev/null
+Chambers_of_Commerce_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2_G3.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R1.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+Starfield_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_High_Assurance_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Certification_Authority_of_WoSign_G2.pem
\ No newline at end of file
--- /dev/null
+CA_WoSign_ECC_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+NetLock_Express_=Class_C=_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R5.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R2.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Commercial.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_3_Root_CA.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DST_Root_CA_X3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Network_Solutions_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+Cybertrust_Global_Root.pem
\ No newline at end of file
--- /dev/null
+EC-ACC.pem
\ No newline at end of file
--- /dev/null
+USERTrust_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+ACEDICOM_Root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GA_CA.pem
\ No newline at end of file
--- /dev/null
+Baltimore_CyberTrust_Root.pem
\ No newline at end of file
--- /dev/null
+EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem
\ No newline at end of file
--- /dev/null
+Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
\ No newline at end of file
--- /dev/null
+AddTrust_External_Root.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Gold_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+ACCVRAIZ1.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+Hongkong_Post_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Entrust.net_Premium_2048_Secure_Server_CA.pem
\ No newline at end of file
--- /dev/null
+IGC_A.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+COMODO_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
\ No newline at end of file
--- /dev/null
+Network_Solutions_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+Certum_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Platinum_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Izenpe.com.pem
\ No newline at end of file
--- /dev/null
+Certum_Trusted_Network_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R2.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Public_Sector_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Starfield_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Deutsche_Telekom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Gold_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Silver_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Universal_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+E-Tugra_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_1_G3.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_3.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+TC_TrustCenter_Class_3_CA_II.pem
\ No newline at end of file
--- /dev/null
+Comodo_Trusted_Services_root.pem
\ No newline at end of file
--- /dev/null
+spi-cacert-2008.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA_2.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_CA.pem
\ No newline at end of file
--- /dev/null
+ApplicationCA_-_Japanese_Government.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Silver_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+IGC_A.pem
\ No newline at end of file
--- /dev/null
+TURKTRUST_Certificate_Services_Provider_Root_2007.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_CA.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+COMODO_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+NetLock_Business_=Class_B=_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+TeliaSonera_Root_CA_v1.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA.pem
\ No newline at end of file
--- /dev/null
+WoSign_China.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
\ No newline at end of file
--- /dev/null
+TWCA_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Actalis_Authentication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G2.pem
\ No newline at end of file
--- /dev/null
+NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Universal_Root_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Express_=Class_C=_Root.pem
\ No newline at end of file
--- /dev/null
+TeliaSonera_Root_CA_v1.pem
\ No newline at end of file
--- /dev/null
+Taiwan_GRCA.pem
\ No newline at end of file
--- /dev/null
+Baltimore_CyberTrust_Root.pem
\ No newline at end of file
--- /dev/null
+TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_1_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Certum_Root_CA.pem
\ No newline at end of file
--- /dev/null
+AC_Raíz_Certicámara_S.A..pem
\ No newline at end of file
--- /dev/null
+Visa_eCommerce_Root.pem
\ No newline at end of file
--- /dev/null
+XRamp_Global_CA_Root.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_CA_1.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_1_G3.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_Global_eBusiness_CA.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_1_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Comodo_AAA_Services_root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Trusted_Root_G4.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+XRamp_Global_CA_Root.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Autorité_Racine.pem
\ No newline at end of file
--- /dev/null
+Cybertrust_Global_Root.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3.pem
\ No newline at end of file
--- /dev/null
+DST_ACES_CA_X6.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_eBusiness_CA_1.pem
\ No newline at end of file
--- /dev/null
+TC_TrustCenter_Class_3_CA_II.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+WellsSecure_Public_Root_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G3.pem
\ No newline at end of file
--- /dev/null
+WoSign.pem
\ No newline at end of file
--- /dev/null
+Deutsche_Telekom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA_2009.pem
\ No newline at end of file
--- /dev/null
+DigiCert_High_Assurance_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Qualified_=Class_QA=_Root.pem
\ No newline at end of file
--- /dev/null
+RSA_Security_2048_v3.pem
\ No newline at end of file
--- /dev/null
+Starfield_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Low-Value_Services_Root.pem
\ No newline at end of file
--- /dev/null
+NetLock_Qualified_=Class_QA=_Root.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Networking.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_G2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA_2.pem
\ No newline at end of file
--- /dev/null
+certSIGN_ROOT_CA.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA_2.pem
\ No newline at end of file
--- /dev/null
+CNNIC_ROOT.pem
\ No newline at end of file
--- /dev/null
+COMODO_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Public_Services_Root.pem
\ No newline at end of file
--- /dev/null
+PSCProcert.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G2.pem
\ No newline at end of file
--- /dev/null
+certSIGN_ROOT_CA.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R1.pem
\ No newline at end of file
--- /dev/null
+EE_Certification_Centre_Root_CA.pem
\ No newline at end of file
--- /dev/null
+CFCA_EV_ROOT.pem
\ No newline at end of file
--- /dev/null
+Actalis_Authentication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Networking.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R2.pem
\ No newline at end of file
--- /dev/null
+Certum_Trusted_Network_CA.pem
\ No newline at end of file
--- /dev/null
+WoSign.pem
\ No newline at end of file
--- /dev/null
+Hongkong_Post_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_EV_CA_2.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium_ECC.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G2.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_EV_RootCA1.pem
\ No newline at end of file
--- /dev/null
+ePKI_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_EV_RootCA1.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Email_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Global_Chambersign_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ACEDICOM_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AC_Raíz_Certicámara_S.A..crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Low-Value_Services_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Public_Services_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Qualified_Certificates_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ApplicationCA_-_Japanese_Government.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_2_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig_Root_R1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_WoSign_ECC_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Camerfirma_Chambers_of_Commerce_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Camerfirma_Global_Chambersign_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certification_Authority_of_WoSign_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certigna.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certinomis_-_Autorité_Racine.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certinomis_-_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certplus_Class_2_Primary_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certum_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ComSign_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_Secure_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_Trusted_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Deutsche_Telekom_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EC-ACC.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EE_Certification_Centre_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_Global_eBusiness_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_eBusiness_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Global_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IGC_A.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Izenpe.com.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Juur-SK.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Business_=Class_B=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Express_=Class_C=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Notary_=Class_A=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Qualified_=Class_QA=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/PSCProcert.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/RSA_Security_2048_v3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Root_CA_Generalitat_Valenciana.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/S-TRUST_Universal_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SecureTrust_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Secure_Global_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_EV_RootCA1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Sonera_Class_1_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Platinum_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_EV_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TC_TrustCenter_Class_3_CA_II.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TURKTRUST_Certificate_Services_Provider_Root_2007.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Taiwan_GRCA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/UTN_USERFirst_Email_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/UTN_USERFirst_Hardware_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Visa_eCommerce_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WellsSecure_Public_Root_Certificate_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WoSign.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WoSign_China.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt
\ No newline at end of file
--- /dev/null
+Camerfirma_Global_Chambersign_Root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Trusted_Root_G4.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Public_Services_Root.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Visa_eCommerce_Root.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Platinum_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+ACCVRAIZ1.pem
\ No newline at end of file
--- /dev/null
+SecureSign_RootCA11.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Notary_=Class_A=_Root.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+EC-ACC.pem
\ No newline at end of file
--- /dev/null
+Entrust.net_Premium_2048_Secure_Server_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R4.pem
\ No newline at end of file
--- /dev/null
+TWCA_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_CA.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Hardware_Root_CA.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GA_CA.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_EC1.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Secure_Global_CA.pem
\ No newline at end of file
--- /dev/null
+CA_Disig.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium.pem
\ No newline at end of file
--- /dev/null
+TWCA_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+TWCA_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+NetLock_Business_=Class_B=_Root.pem
\ No newline at end of file
--- /dev/null
+Atos_TrustedRoot_2011.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+ComSign_CA.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+CNNIC_ROOT.pem
\ No newline at end of file
--- /dev/null
+Secure_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Universal_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_2009.pem
\ No newline at end of file
--- /dev/null
+Chambers_of_Commerce_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G3.pem
\ No newline at end of file
--- /dev/null
+Trustis_FPS_Root_CA.pem
\ No newline at end of file
--- /dev/null
+PSCProcert.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Email_Root_CA.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+AC_Raíz_Certicámara_S.A..pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G2.pem
\ No newline at end of file
--- /dev/null
+RSA_Security_2048_v3.pem
\ No newline at end of file
--- /dev/null
+Comodo_Secure_Services_root.pem
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ
+BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND
+VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb
+qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY
+HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo
+G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA
+lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr
+IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/
+0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH
+k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47
+4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO
+m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa
+cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl
+uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI
+KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls
+ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG
+AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2
+VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT
+VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG
+CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA
+cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA
+QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA
+7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA
+cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA
+QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA
+czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu
+aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt
+aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud
+DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF
+BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp
+D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU
+JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m
+AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD
+vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms
+tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH
+7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h
+I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA
+h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
+d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
+pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
+AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
+CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
+MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
+RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
+09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
+XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
+Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
+t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
+X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
+MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
+fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
+2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
+K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
+ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
+BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
+RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
+bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
+fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
+gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
+I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
+5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
+ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
+MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
+o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
+zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
+GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
+r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
+Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
+CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
+ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa
+QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw
+NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft
+ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu
+QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG
+qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL
+fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ
+Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4
+Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ
+54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b
+MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j
+ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej
+YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt
+A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF
+rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ
+pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB
+lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy
+YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50
+7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs
+YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6
+xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc
+unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/
+Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp
+ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42
+gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0
+jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+
+XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD
+W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/
+RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
+MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
+BYn8eNZcLCZDqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC
+SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1
+ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv
+UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX
+4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9
+KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/
+gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb
+rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ
+51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F
+be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe
+KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F
+v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn
+fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7
+jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz
+ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt
+ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL
+e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70
+jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz
+WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V
+SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j
+pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX
+X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok
+fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R
+K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU
+ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
+LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
+LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
+MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
+QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
+VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
+CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
+tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
+dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
+PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
++Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
+BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
+MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
+ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
+IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
+7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
+43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
+eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
+pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
+WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
+MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
+ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
+BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
+6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
+GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
+dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
+1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
+62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
+BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
+MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
+cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
+b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
+IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
+iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
+GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
+4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
+XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
+MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
+EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
+BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
+xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
+87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
+2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
+WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
+0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
+A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
+pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
+ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
+aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
+hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
+hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
+dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
+P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
+iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
+xqE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL
+MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp
+cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP
+Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr
+ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL
+MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1
+yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr
+VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/
+nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG
+XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj
+vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt
+Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g
+N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
+nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL
+MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp
+cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y
+YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua
+kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL
+QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp
+6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG
+yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i
+QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO
+tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu
+QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ
+Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u
+olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
+x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
+dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG
+A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U
+cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf
+qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ
+JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ
++jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS
+s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5
+HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7
+70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG
+V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S
+qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S
+5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia
+C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX
+OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE
+FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
+BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2
+KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg
+Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B
+8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ
+MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc
+0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ
+u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF
+u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH
+YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8
+GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
+RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
+KeC2uAloGRwYQw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
+cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ
+BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt
+VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D
+0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9
+ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G
+A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs
+aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
+flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEc
+MBoGA1UEChMTSmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRp
+b25DQTAeFw0wNzEyMTIxNTAwMDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYT
+AkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zlcm5tZW50MRYwFAYDVQQLEw1BcHBs
+aWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp23gdE6H
+j6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4fl+K
+f5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55
+IrmTwcrNwVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cw
+FO5cjFW6WY2H/CPek9AEjP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDiht
+QWEjdnjDuGWk81quzMKq2edY3rZ+nYVunyoKb58DKTCXKB28t89UKU5RMfkntigm
+/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRUWssmP3HMlEYNllPqa0jQ
+k/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNVBAYTAkpQ
+MRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOC
+seODvOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBADlqRHZ3ODrso2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJ
+hyzjVOGjprIIC8CFqMjSnHH2HZ9g/DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+
+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYDio+nEhEMy/0/ecGc/WLuo89U
+DNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmWdupwX3kSa+Sj
+B1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL
+rosot4LKGAfmt1t06SAZf7IbiVQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
+AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
+EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM
+FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC
+REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp
+Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM
+VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+
+SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ
+4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L
+cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi
+eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG
+A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3
+DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j
+vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP
+DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc
+maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
+lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
+KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy
+MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg
+Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9
+thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM
+cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG
+L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i
+NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h
+X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b
+m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy
+Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja
+EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T
+KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF
+6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh
+OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD
+VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD
+VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp
+cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv
+ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl
+AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF
+661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9
+am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1
+ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481
+PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS
+3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k
+SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF
+3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM
+ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g
+StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
+Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
+jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
+RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
+VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
+DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
+ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
+VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
+mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
+IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
+mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
+XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
+dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
+jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
+BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
+DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
+9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
+jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
+Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
+ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
+R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDUzCCAjugAwIBAgIBATANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3Mg
+Q2xhc3MgMiBDQSAxMB4XDTA2MTAxMzEwMjUwOVoXDTE2MTAxMzEwMjUwOVowSzEL
+MAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MR0wGwYD
+VQQDDBRCdXlwYXNzIENsYXNzIDIgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAIs8B0XY9t/mx8q6jUPFR42wWsE425KEHK8T1A9vNkYgxC7McXA0
+ojTTNy7Y3Tp3L8DrKehc0rWpkTSHIln+zNvnma+WwajHQN2lFYxuyHyXA8vmIPLX
+l18xoS830r7uvqmtqEyeIWZDO6i88wmjONVZJMHCR3axiFyCO7srpgTXjAePzdVB
+HfCuuCkslFJgNJQ72uA40Z0zPhX0kzLFANq1KWYOOngPIVJfAuWSeyXTkh4vFZ2B
+5J2O6O+JzhRMVB0cgRJNcKi+EAUXfh/RuFdV7c27UsKwHnjCTTZoy1YmwVLBvXb3
+WNVyfh9EdrsAiR0WnVE1703CVu9r4Iw7DekCAwEAAaNCMEAwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUP42aWYv8e3uco684sDntkHGA1sgwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAVGn4TirnoB6NLJzKyQJHyIdFkhb5jatLP
+gcIV1Xp+DCmsNx4cfHZSldq1fyOhKXdlyTKdqC5Wq2B2zha0jX94wNWZUYN/Xtm+
+DKhQ7SLHrQVMdvvt7h5HZPb3J31cKA9FxVxiXqaakZG3Uxcu3K1gnZZkOb1naLKu
+BctN518fV4bVIJwo+28TOPX2EZL2fZleHwzoq0QkKXJAPTZSr4xYkHPB7GEseaHs
+h7U/2k3ZIQAw3pDaDtMaSKk+hQsUi4y8QZ5q9w5wwDX3OaJdZtB7WZ+oRxKaJyOk
+LY4ng5IgodcVf/EuGO70SH8vf/GhGLWhC5SgYiAynB321O+/TIho
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
+Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow
+TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw
+HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr
+6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV
+L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91
+1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx
+MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ
+QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB
+arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr
+Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi
+FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS
+P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN
+9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP
+AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz
+uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h
+9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s
+A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t
+OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo
++fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7
+KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2
+DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us
+H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ
+I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
+5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h
+3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz
+Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
+Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow
+TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw
+HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y
+ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E
+N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9
+tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX
+0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c
+/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X
+KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY
+zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS
+O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D
+34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP
+K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3
+AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv
+Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj
+QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV
+cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS
+IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2
+HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa
+O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv
+033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u
+dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE
+kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41
+3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD
+u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
+4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJTSzET
+MBEGA1UEBxMKQnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UE
+AxMIQ0EgRGlzaWcwHhcNMDYwMzIyMDEzOTM0WhcNMTYwMzIyMDEzOTM0WjBKMQsw
+CQYDVQQGEwJTSzETMBEGA1UEBxMKQnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcg
+YS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCS9jHBfYj9mQGp2HvycXXxMcbzdWb6UShGhJd4NLxs/LxFWYgmGErE
+Nx+hSkS943EE9UQX4j/8SFhvXJ56CbpRNyIjZkMhsDxkovhqFQ4/61HhVKndBpnX
+mjxUizkDPw/Fzsbrg3ICqB9x8y34dQjbYkzo+s7552oftms1grrijxaSfQUMbEYD
+XcDtab86wYqg6I7ZuUUohwjstMoVvoLdtUSLLa2GDGhibYVW8qwUYzrG0ZmsNHhW
+S8+2rT+MitcE5eN4TPWGqvWP+j1scaMtymfraHtuM6kMgiioTGohQBUgDCZbg8Kp
+FhXAJIJdKxatymP2dACw30PEEGBWZ2NFAgMBAAGjgf8wgfwwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUjbJJaJ1yCCW5wCf1UJNWSEZx+Y8wDgYDVR0PAQH/BAQD
+AgEGMDYGA1UdEQQvMC2BE2Nhb3BlcmF0b3JAZGlzaWcuc2uGFmh0dHA6Ly93d3cu
+ZGlzaWcuc2svY2EwZgYDVR0fBF8wXTAtoCugKYYnaHR0cDovL3d3dy5kaXNpZy5z
+ay9jYS9jcmwvY2FfZGlzaWcuY3JsMCygKqAohiZodHRwOi8vY2EuZGlzaWcuc2sv
+Y2EvY3JsL2NhX2Rpc2lnLmNybDAaBgNVHSAEEzARMA8GDSuBHpGT5goAAAABAQEw
+DQYJKoZIhvcNAQEFBQADggEBAF00dGFMrzvY/59tWDYcPQuBDRIrRhCA/ec8J9B6
+yKm2fnQwM6M6int0wHl5QpNt/7EpFIKrIYwvF/k/Ji/1WcbvgAa3mkkp7M5+cTxq
+EEHA9tOasnxakZzArFvITV734VP/Q3f8nktnbNfzg9Gg4H8l37iYC5oyOGwwoPP/
+CBUz91BKez6jPiCp3C9WgArtQVCwyfTssuMmRAAOb54GvCKWU3BlxFAKRmukLyeB
+EicTXxChds6KezfqwzlhA5WYOudsiCUI/HloDYd9Yvi0X/vF2Ey9WLw/Q1vUHgFN
+PGO+I++MzVpQuGhU+QqZMxEA4Z7CRneC9VkGjCFMhwnN5ag=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
+BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
+MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
+MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
+EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
+D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
+OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
+fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
+IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
+oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
+/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
+rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
+3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
+7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
+yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
+qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
+hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
+xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
+SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
+HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
+emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
+AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
+7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
+DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
+F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
+a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
+Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
+BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
+MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy
+MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
+EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe
+NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH
+PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I
+x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe
+QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR
+yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO
+QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912
+H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ
+QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD
+i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs
+nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1
+rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI
+hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM
+tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf
+GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb
+lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka
++elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal
+TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i
+nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3
+gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr
+G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
+zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
+L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
+MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
+ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
+IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
+AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
+unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
+BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
+7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
+0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
+roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
+A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
+aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
+26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
+BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
+EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
+BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
+aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
+AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
+p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
+1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
+XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
+eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
+tGWaIZDgqtCYvDi1czyL+Nw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
+MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
+NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
+A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
+A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
+Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
+QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
+eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
+B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
+z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
+AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
+ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
+TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
+MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
+VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
+VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
+bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
+AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
+bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
+ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
+VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
+ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
+AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
+CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
+EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
+NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
+MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
+KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
+1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
+1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
+aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
+BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
+MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
+ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
+JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
+gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
+5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
+fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
+2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
+KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
+fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
+3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
+SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
+LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
+XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
+BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
+DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ
+BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4
+QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny
+gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw
+zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q
+130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2
+JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw
+ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT
+AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj
+AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG
+9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h
+bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc
+fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu
+HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
+t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
+WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
+MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
+BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
+Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
+cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
+aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
+F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
+8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
+rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
+/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
+7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
+28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
+lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
+nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
+0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
+5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
+WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
+jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
+KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
+ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
+OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
+619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
+2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
+o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
+nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
+5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
+pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
+dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
+BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
+MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
+BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz
+MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx
+FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g
+Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2
+fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl
+LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV
+WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF
+TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb
+5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc
+CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri
+wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ
+wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG
+m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4
+F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng
+WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0
+2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF
+AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/
+0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw
+F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS
+g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj
+qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN
+h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/
+ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V
+btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj
+Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
+8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
+gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
+PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
+cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9
+MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz
+IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ
+ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR
+VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL
+kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd
+EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas
+H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0
+HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud
+DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4
+QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu
+Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/
+AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8
+yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR
+FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA
+ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
+kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
+l7+ijrRU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
+AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
+QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP
+MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do
+0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ
+UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d
+RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ
+OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv
+JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C
+AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O
+BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ
+LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY
+MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ
+44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I
+Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
+i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
+9u6wWk5JRFRYX0KD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
+jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
+ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
+ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
+Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
+AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
+HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
+uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
+TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
+xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
+CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
+O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
+6GAqm4VKQPNriiTsBhYscw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
+MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
+ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU
+cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3
+WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg
+Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw
+IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH
+UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM
+TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU
+BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM
+kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x
+AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y
+sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL
+I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8
+J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
+VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
+03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
+TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx
+MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j
+aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP
+T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03
+sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL
+TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5
+/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp
+7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz
+EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt
+hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP
+a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot
+aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg
+TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV
+PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv
+cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL
+tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd
+BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB
+ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT
+ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL
+jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS
+ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy
+P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19
+xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d
+Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN
+5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe
+/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z
+AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
+5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz
+IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz
+MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj
+dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw
+EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp
+MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9
+28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq
+VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q
+DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR
+5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL
+ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a
+Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl
+UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s
++12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5
+Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj
+ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx
+hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV
+HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1
++HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN
+YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t
+L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy
+ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt
+IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w
+DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW
+PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF
+5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1
+glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH
+FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2
+pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD
+xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG
+tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq
+jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De
+fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
+OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
+d0jQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
+Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
+Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
+aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
+Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
+SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
+aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
+ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
+7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
+DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
+zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
+hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
+4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
+gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
+NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
+FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
+j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
+52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
+echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
+ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
+zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
+wy39FCqQmbkHzJ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
+TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
+MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
+Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
+IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
+dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
+V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
+GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
+v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
+AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
+Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
+76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
+OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
+ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
+yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
+buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
+2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
+YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
+GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
+BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
+3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
+YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
+rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
+ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
+oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
+MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
+QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
+b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
+AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
+GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
+Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
+G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
+l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
+smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw
+MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW
+/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g
+PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY
+SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv
+IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
+RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
+zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
+BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
+ZQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw
+MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
+ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
+T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR
+FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J
+cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
+BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
+BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
+fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
+GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
+MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
+EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
+Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
+6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
+pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
+9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
+/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
+Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
++pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
+qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
+SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
+u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
+Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
+crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
+FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
+/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
+wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
+4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
+2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
+FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
+CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
+boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
+jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
+S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
+QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
+0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
+NVOFBkpdn627G190
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
+ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
+fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
+BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
+cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
+HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
+CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
+3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
+6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
+HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
+EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
+Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
+Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
+DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
+5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
+Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
+gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
+aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
+izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
+aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
+MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
+VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
+fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
+TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
+fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
+1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
+kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
+A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
+ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
+dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
+Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
+HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
+pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
+jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
+xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
+dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0
+MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG
+EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT
+CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK
+8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2
+98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb
+2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC
+ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi
+Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB
+o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl
+ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD
+AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL
+AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd
+foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M
+cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq
+8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp
+hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk
+Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U
+AGegcQCCSA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
+A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
+bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE
+ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS
+b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5
+7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS
+J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y
+HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP
+t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz
+FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY
+XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
+MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw
+hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js
+MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA
+A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj
+Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx
+XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o
+omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
+A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
+WL1WMRJOEcgh4LMRkWXbtKaIOM5V
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
+MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
+IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
+IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
+RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
+U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
+IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
+ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
+QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
+rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
+NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
+QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
+txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
+BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
+tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
+IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
+6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
+Cm26OWMohpLzGITY+9HPBVZkVw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c
+JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP
+mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+
+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4
+VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/
+AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB
+AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
+BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun
+pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC
+dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
+fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
+NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
+H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA
+n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc
+biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp
+EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA
+bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu
+YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB
+AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW
+BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI
+QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I
+0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni
+lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9
+B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
+ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
+IhNzbM8m9Yop5w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg
+RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf
+Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q
+RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD
+AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
+JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
+6pZjamVFkpUBtA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
+2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
+1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
+q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
+tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
+vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
+BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
+5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
+1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
+NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
+Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
+8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
+pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
+MrY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x
+IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF
+K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG
+fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO
+Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
+AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
+oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
+sycX
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
+ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
+xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
+ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
+DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
+jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
+CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
+EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
+fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
+uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
+chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
+9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
+ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
+SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
++SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
+fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
+sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
+cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
+0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
+4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
+r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
+/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
+gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
+ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
+MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
+VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
+FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
+ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
+gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
+fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
+ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
+ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
+c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
+dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
+aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
+hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
+QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
+h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
+nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
+rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
+9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
+PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
+Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
+rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
+OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
+xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
+7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
+aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
+SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
+ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
+AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
+R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
+JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
+Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha
+ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM
+HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03
+UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42
+tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R
+ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM
+lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp
+/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G
+A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G
+A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj
+dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy
+MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl
+cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js
+L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL
+BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni
+acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0
+o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K
+zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8
+PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
+Johw1+qRzT65ysCQblrGXnRl11z+o+I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw
+NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV
+BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn
+ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0
+3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z
+qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR
+p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8
+HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw
+ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea
+HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw
+Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh
+c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E
+RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt
+dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku
+Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp
+3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05
+nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF
+CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
+xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
+KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5zCCA8+gAwIBAgIITK9zQhyOdAIwDQYJKoZIhvcNAQEFBQAwgYAxODA2BgNV
+BAMML0VCRyBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMTcwNQYDVQQKDC5FQkcgQmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXpt
+ZXRsZXJpIEEuxZ4uMQswCQYDVQQGEwJUUjAeFw0wNjA4MTcwMDIxMDlaFw0xNjA4
+MTQwMDMxMDlaMIGAMTgwNgYDVQQDDC9FQkcgRWxla3Ryb25payBTZXJ0aWZpa2Eg
+SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTE3MDUGA1UECgwuRUJHIEJpbGnFn2ltIFRl
+a25vbG9qaWxlcmkgdmUgSGl6bWV0bGVyaSBBLsWeLjELMAkGA1UEBhMCVFIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDuoIRh0DpqZhAy2DE4f6en5f2h
+4fuXd7hxlugTlkaDT7byX3JWbhNgpQGR4lvFzVcfd2NR/y8927k/qqk153nQ9dAk
+tiHq6yOU/im/+4mRDGSaBUorzAzu8T2bgmmkTPiab+ci2hC6X5L8GCcKqKpE+i4s
+tPtGmggDg3KriORqcsnlZR9uKg+ds+g75AxuetpX/dfreYteIAbTdgtsApWjluTL
+dlHRKJ2hGvxEok3MenaoDT2/F08iiFD9rrbskFBKW5+VQarKD7JK/oCZTqNGFav4
+c0JqwmZ2sQomFd2TkuzbqV9UIlKRcF0T6kjsbgNs2d1s/OsNA/+mgxKb8amTD8Um
+TDGyY5lhcucqZJnSuOl14nypqZoaqsNW2xCaPINStnuWt6yHd6i58mcLlEOzrz5z
++kI2sSXFCjEmN1ZnuqMLfdb3ic1nobc6HmZP9qBVFCVMLDMNpkGMvQQxahByCp0O
+Lna9XvNRiYuoP1Vzv9s6xiQFlpJIqkuNKgPlV5EQ9GooFW5Hd4RcUXSfGenmHmMW
+OeMRFeNYGkS9y8RsZteEBt8w9DeiQyJ50hBs37vmExH8nYQKE3vwO9D8owrXieqW
+fo1IhR5kX9tUoqzVegJ5a9KK8GfaZXINFHDk6Y54jzJ0fFfy1tb0Nokb+Clsi7n2
+l9GkLqq+CxnCRelwXQIDAJ3Zo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
+/wQEAwIBBjAdBgNVHQ4EFgQU587GT/wWZ5b6SqMHwQSny2re2kcwHwYDVR0jBBgw
+FoAU587GT/wWZ5b6SqMHwQSny2re2kcwDQYJKoZIhvcNAQEFBQADggIBAJuYml2+
+8ygjdsZs93/mQJ7ANtyVDR2tFcU22NU57/IeIl6zgrRdu0waypIN30ckHrMk2pGI
+6YNw3ZPX6bqz3xZaPt7gyPvT/Wwp+BVGoGgmzJNSroIBk5DKd8pNSe/iWtkqvTDO
+TLKBtjDOWU/aWR1qeqRFsIImgYZ29fUQALjuswnoT4cCB64kXPBfrAowzIpAoHME
+wfuJJPaaHFy3PApnNgUIMbOv2AFoKuB4j3TeuFGkjGwgPaL7s9QJ/XvCgKqTbCmY
+Iai7FvOpEl90tYeY8pUm3zTvilORiF0alKM/fCL414i6poyWqD1SNGKfAB5UVUJn
+xk1Gj7sURT0KlhaOEKGXmdXTMIXM3rRyt7yKPBgpaP3ccQfuJDlq+u2lrDgv+R4Q
+DgZxGhBM/nV+/x5XOULK1+EVoVZVWRvRo68R2E7DpSvvkL/A7IITW43WciyTTo9q
+Kd+FPNMN4KIYEsxVL0e3p5sC/kH2iExt2qkBR4NkJ2IQgtYSe14DHzSpyZH+r11t
+hie3I6p1GMog57AP14kOpmciY/SDQSsGS7tY1dHXt7kQY9iJSrSq3RZj9W6+YKH4
+7ejWkE8axsWgKdOnIaj1Wjz3x0miIZpKlVIglnKaZsv30oZDfCK+lvm9AahH3eU7
+QPl1K5srRmSGjR70j/sHd9DqSaIcjVIUpgqT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG
+EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g
+KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD
+ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu
+bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg
+ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R
+85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm
+4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV
+HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd
+QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t
+lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB
+o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4
+opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo
+dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW
+ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN
+AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y
+/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k
+SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy
+Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
+Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
+nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
+MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
+czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
+CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy
+MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl
+ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS
+b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy
+euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO
+bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw
+WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d
+MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE
+1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD
+VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/
+zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB
+BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF
+BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV
+v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG
+E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u
+uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
+iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
+GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3
+MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
+LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
+YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
+A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
+K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
+sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
+MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
+XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
+HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
+4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub
+j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo
+U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
+zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b
+u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
+bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
+fF6adulZkMV8gzURZVE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
+VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
+Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
+KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw
+NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
+NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy
+ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV
+BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo
+Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4
+4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9
+KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI
+rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi
+94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB
+sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi
+gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo
+kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE
+vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA
+A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t
+O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua
+AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
+9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/
+eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
+0vdXcDazv/wor3ElhVsT/h5/WrQ8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
+A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
+d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu
+dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq
+RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy
+MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD
+VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0
+L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g
+Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt
+ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH
+Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
+R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
+hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
+VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
+cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
+IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz
+dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy
+NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu
+dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt
+dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0
+aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T
+RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN
+cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW
+wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1
+U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0
+jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN
+BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/
+jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
+Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
+1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
+nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
+VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw
+IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL
+SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH
+SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh
+ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X
+DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1
+TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ
+fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA
+sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU
+WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS
+nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH
+dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip
+NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC
+AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF
+MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH
+ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB
+uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl
+PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP
+JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/
+gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2
+j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6
+5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB
+o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS
+/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z
+Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
+W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
+hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBT
+ZWN1cmUgZUJ1c2luZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQw
+MDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5j
+LjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENBLTEwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ1MRo
+RvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBu
+WqDZQu4aIZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKw
+Env+j6YDAgMBAAGjZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFEp4MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRK
+eDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQFAAOBgQB1W6ibAxHm6VZM
+zfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5lSE/9dR+
+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN
+/Bf+KpYrtWKmpj29f5JZzVoqgrI3eQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
+ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIw
+MDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0VxdWlmYXggU2Vj
+dXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEdsb2JhbCBlQnVzaW5l
+c3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRVPEnC
+UdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc
+58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/
+o5brhTMhHD4ePmBudpxnhcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAH
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1dr
+aGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUA
+A4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkA
+Z70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv
+8qIYNMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
+BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
+aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV
+BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1
+Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz
+MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+
+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp
+em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN
+ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY
+B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH
+D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF
+Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo
+q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D
+k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH
+fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut
+dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM
+ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8
+zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn
+rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX
+U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6
+Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5
+XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF
+Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR
+HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY
+GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c
+77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3
++GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK
+vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6
+FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
+yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
+AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
+y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
+NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
+IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
+R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
+PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
+Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
+TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
+5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
+S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
+2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
+EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
+EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
+/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
+A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
+abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
+I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
+4iIprn2DQKi6bA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
+R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx
+MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
+Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9
+AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA
+ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0
+7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W
+kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI
+mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ
+KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1
+6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl
+4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K
+oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
+UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
+AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
+MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
+KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2
+MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV
+BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw
+NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV
+BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL
+So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal
+tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG
+CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
+qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
+rD6ogRLQy7rQkgu2npaqBA+K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
+mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
+MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ
+BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg
+MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0
+BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz
++uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm
+hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn
+5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W
+JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL
+DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC
+huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB
+AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB
+zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN
+kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD
+AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
+SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
+spki4cErx5z481+oghLrGREt
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD
+VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1
+c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81
+WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG
+FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq
+XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL
+se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb
+KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd
+IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73
+y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt
+hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc
+QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4
+Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV
+HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ
+KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z
+dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ
+L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr
+Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo
+ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY
+T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz
+GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
+1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV
+OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
+6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
+QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
+BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0
+IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV
+VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8
+cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT
+QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh
+F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v
+c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w
+mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd
+VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX
+teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ
+f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe
+Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+
+nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB
+/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY
+MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc
+aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX
+IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn
+ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z
+uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN
+Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja
+QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
+koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
+ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
+DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
+bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD
+aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx
+MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy
+cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG
+A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl
+BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed
+KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7
+G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2
+zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4
+ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG
+HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2
+Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V
+yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e
+beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r
+6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh
+wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog
+zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW
+BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr
+ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp
+ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt
+YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC
+CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow
+KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI
+hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ
+UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz
+X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x
+fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz
+a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd
+Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd
+SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O
+AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso
+M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
+v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
+09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
+MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
+bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
+DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
+QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ
+FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F
+uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
+kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
+ewv4n4Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
+MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
+bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
+DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
+QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc
+8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke
+hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI
+KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
+515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
+xwy8p2Fp8fc74SrL+SvzZpA3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
+MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
+RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
+gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
+KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
+QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
+XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
+LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
+RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
+jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
+6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
+mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
+Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
+WD9f
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
+MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
+YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
+MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
+ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
+MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
+ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
+PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
+wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
+EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
+avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
+sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
+/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
+IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
+OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
+TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
+HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
+dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
+ReYNnyicsbkqWletNw+vHX/bvZ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
+EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
+ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz
+NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
+EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE
+AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD
+E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH
+/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy
+DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh
+GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR
+tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA
+AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE
+FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX
+WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu
+9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr
+gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
+2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO
+LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
+4uJEvlz36hz1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
+RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
+dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p
+YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw
+NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK
+EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl
+cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
+c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz
+dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ
+fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns
+bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD
+75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP
+FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp
+5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu
+b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA
+A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p
+6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8
+TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7
+dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
+Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
+l7WdmplNsDz4SgCbZN2fOUvRJ9e4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
+FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
+Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG
+A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr
+b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ
+jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn
+PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh
+ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9
+nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h
+q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED
+MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC
+mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3
+7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB
+oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs
+EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
+fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
+AmvZWg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw
+MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw
+JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT
+3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU
++ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp
+S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1
+bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi
+T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL
+vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK
+Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK
+dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT
+c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv
+l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N
+iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD
+ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH
+6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt
+LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93
+nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3
++wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK
+W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT
+AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq
+l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
+4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ
+mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
+7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
+VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN
+MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0
+MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7
+ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy
+RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS
+bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF
+/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R
+3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw
+EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy
+9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V
+GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ
+2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV
+WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD
+W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
+BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN
+AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj
+t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV
+DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9
+TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G
+lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW
+mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df
+WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5
++bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ
+tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
+GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
+8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYT
+AkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQ
+TS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG
+9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMB4XDTAyMTIxMzE0MjkyM1oXDTIw
+MTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAM
+BgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEO
+MAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2
+LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaI
+s9z4iPf930Pfeo2aSVz2TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2
+xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCWSo7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4
+u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYyHF2fYPepraX/z9E0+X1b
+F8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNdfrGoRpAx
+Vs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGd
+PDPQtQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNV
+HSAEDjAMMAoGCCqBegF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAx
+NjAfBgNVHSMEGDAWgBSjBS8YYFDCiQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUF
+AAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RKq89toB9RlPhJy3Q2FLwV3duJ
+L92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3QMZsyK10XZZOY
+YLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg
+Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2a
+NjSaTFR+FwNIlQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R
+0982gaEbeC9xs/FZTEYYKKuF0mBWWg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
+MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
+ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD
+VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j
+b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq
+scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO
+xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H
+LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX
+uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD
+yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+
+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q
+rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN
+BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L
+hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB
+QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+
+HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu
+Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg
+QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB
+BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx
+MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA
+A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb
+laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56
+awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo
+JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw
+LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT
+VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk
+LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb
+UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/
+QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
+QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5jCCA86gAwIBAgIEO45L/DANBgkqhkiG9w0BAQUFADBdMRgwFgYJKoZIhvcN
+AQkBFglwa2lAc2suZWUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKExlBUyBTZXJ0aWZp
+dHNlZXJpbWlza2Vza3VzMRAwDgYDVQQDEwdKdXVyLVNLMB4XDTAxMDgzMDE0MjMw
+MVoXDTE2MDgyNjE0MjMwMVowXTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMQsw
+CQYDVQQGEwJFRTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEQ
+MA4GA1UEAxMHSnV1ci1TSzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AIFxNj4zB9bjMI0TfncyRsvPGbJgMUaXhvSYRqTCZUXP00B841oiqBB4M8yIsdOB
+SvZiF3tfTQou0M+LI+5PAk676w7KvRhj6IAcjeEcjT3g/1tf6mTll+g/mX8MCgkz
+ABpTpyHhOEvWgxutr2TC+Rx6jGZITWYfGAriPrsfB2WThbkasLnE+w0R9vXW+RvH
+LCu3GFH+4Hv2qEivbDtPL+/40UceJlfwUR0zlv/vWT3aTdEVNMfqPxZIe5EcgEMP
+PbgFPtGzlc3Yyg/CQ2fbt5PgIoIuvvVoKIO5wTtpeyDaTpxt4brNj3pssAki14sL
+2xzVWiZbDcDq5WDQn/413z8CAwEAAaOCAawwggGoMA8GA1UdEwEB/wQFMAMBAf8w
+ggEWBgNVHSAEggENMIIBCTCCAQUGCisGAQQBzh8BAQEwgfYwgdAGCCsGAQUFBwIC
+MIHDHoHAAFMAZQBlACAAcwBlAHIAdABpAGYAaQBrAGEAYQB0ACAAbwBuACAAdgDk
+AGwAagBhAHMAdABhAHQAdQBkACAAQQBTAC0AaQBzACAAUwBlAHIAdABpAGYAaQB0
+AHMAZQBlAHIAaQBtAGkAcwBrAGUAcwBrAHUAcwAgAGEAbABhAG0ALQBTAEsAIABz
+AGUAcgB0AGkAZgBpAGsAYQBhAHQAaQBkAGUAIABrAGkAbgBuAGkAdABhAG0AaQBz
+AGUAawBzMCEGCCsGAQUFBwIBFhVodHRwOi8vd3d3LnNrLmVlL2Nwcy8wKwYDVR0f
+BCQwIjAgoB6gHIYaaHR0cDovL3d3dy5zay5lZS9qdXVyL2NybC8wHQYDVR0OBBYE
+FASqekej5ImvGs8KQKcYP2/v6X2+MB8GA1UdIwQYMBaAFASqekej5ImvGs8KQKcY
+P2/v6X2+MA4GA1UdDwEB/wQEAwIB5jANBgkqhkiG9w0BAQUFAAOCAQEAe8EYlFOi
+CfP+JmeaUOTDBS8rNXiRTHyoERF5TElZrMj3hWVcRrs7EKACr81Ptcw2Kuxd/u+g
+kcm2k298gFTsxwhwDY77guwqYHhpNjbRxZyLabVAyJRld/JXIWY7zoVAtjNjGr95
+HvxcHdMdkxuLDF2FvZkwMhgJkVLpfKG6/2SSmuz+Ne6ML678IIbsSt4beDI3poHS
+na9aEhbKmVv8b20OxaAehsmR0FyYgl9jDIpaq9iVpszLita/ZEuOyoqysOkhMp6q
+qIWYNIE5ITuoOlIyPfZrN4YGWhWY3PARZv40ILcD9EEQfTmEeZZyY7aWAuVrua0Z
+TbvGRNs2yyqcjg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y
+OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx
+FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp
+Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP
+kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc
+cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U
+fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7
+N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC
+xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1
++rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG
+SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h
+mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk
+ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775
+tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
+2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
+HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAw
+cjELMAkGA1UEBhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNy
+b3NlYyBMdGQuMRQwEgYDVQQLEwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9z
+ZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0MDYxMjI4NDRaFw0xNzA0MDYxMjI4
+NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVzdDEWMBQGA1UEChMN
+TWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMTGU1p
+Y3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2u
+uO/TEdyB5s87lozWbxXGd36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+
+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/NoqdNAoI/gqyFxuEPkEeZlApxcpMqyabA
+vjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjcQR/Ji3HWVBTji1R4P770
+Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJPqW+jqpx
+62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcB
+AQRbMFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3Aw
+LQYIKwYBBQUHMAKGIWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAP
+BgNVHRMBAf8EBTADAQH/MIIBcwYDVR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIB
+AQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3LmUtc3ppZ25vLmh1L1NaU1ov
+MIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0AdAB2AOEAbgB5
+ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn
+AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABT
+AHoAbwBsAGcA4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABh
+ACAAcwB6AGUAcgBpAG4AdAAgAGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABo
+AHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMAegBpAGcAbgBvAC4AaAB1AC8AUwBa
+AFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6Ly93d3cuZS1zemln
+bm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NOPU1p
+Y3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxP
+PU1pY3Jvc2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZv
+Y2F0aW9uTGlzdDtiaW5hcnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuB
+EGluZm9AZS1zemlnbm8uaHWkdzB1MSMwIQYDVQQDDBpNaWNyb3NlYyBlLVN6aWdu
+w7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhTWjEWMBQGA1UEChMNTWlj
+cm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhVMIGsBgNV
+HSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJI
+VTERMA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDAS
+BgNVBAsTC2UtU3ppZ25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBS
+b290IENBghEAzLjnv04pGv2i3GalHCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS
+8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMTnGZjWS7KXHAM/IO8VbH0jgds
+ZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FEaGAHQzAxQmHl
+7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a
+86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfR
+hUZLphK3dehKyVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/
+MPMMNz7UwiiAc7EBt51alhQBS6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB
+pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz
+IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT
+lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz
+AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5
+VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG
+ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2
+BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG
+AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M
+U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh
+bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
++C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
+bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
+uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
+XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQD
+EylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikgVGFudXNpdHZhbnlraWFkbzAeFw05
+OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5l
+dExvY2sgVXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xK
+gZjupNTKihe5In+DCnVMm8Bp2GQ5o+2So/1bXHQawEfKOml2mrriRBf8TKPV/riX
+iK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr1nGTLbO/CVRY7QbrqHvc
+Q7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8E
+BAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1G
+SUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFu
+b3MgU3pvbGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBh
+bGFwamFuIGtlc3p1bHQuIEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExv
+Y2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGln
+aXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0
+IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh
+c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGph
+biBhIGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJo
+ZXRvIGF6IGVsbGVub3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBP
+UlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmlj
+YXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBo
+dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNA
+bmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06
+sPgzTEdM43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXa
+n3BukxowOR0w2y7jfLKRstE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKS
+NitjrFgBazMpUIaD8QFI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQD
+EytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBDKSBUYW51c2l0dmFueWtpYWRvMB4X
+DTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJBgNVBAYTAkhVMREw
+DwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9u
+c2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMr
+TmV0TG9jayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNA
+OoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3ZW3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC
+2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63euyucYT2BDMIJTLrdKwW
+RMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0P
+AQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEW
+ggJNRklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0
+YWxhbm9zIFN6b2xnYWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFz
+b2sgYWxhcGphbiBrZXN6dWx0LiBBIGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBO
+ZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1iaXp0b3NpdGFzYSB2ZWRpLiBB
+IGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0ZWxlIGF6IGVs
+b2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs
+ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25s
+YXBqYW4gYSBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kg
+a2VyaGV0byBheiBlbGxlbm9yemVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4g
+SU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5kIHRoZSB1c2Ugb2YgdGhpcyBjZXJ0
+aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQUyBhdmFpbGFibGUg
+YXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwgYXQg
+Y3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmY
+ta3UzbM2xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2g
+pO0u9f38vf5NNwgMvOOWgyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4
+Fp1hBWeAyNDYpQcCNJgEjTME1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhV
+MRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMe
+TmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0
+dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFzcyBB
+KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oXDTE5MDIxOTIzMTQ0
+N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhC
+dWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQu
+MRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBL
+b3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSMD7tM9DceqQWC2ObhbHDqeLVu0ThEDaiD
+zl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZz+qMkjvN9wfcZnSX9EUi
+3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC/tmwqcm8
+WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LY
+Oph7tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2Esi
+NCubMvJIH5+hCoR64sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCC
+ApswDgYDVR0PAQH/BAQDAgAGMBIGA1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4
+QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZRUxFTSEgRXplbiB0
+YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRhdGFz
+aSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu
+IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtm
+ZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMg
+ZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVs
+amFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJhc2EgbWVndGFsYWxoYXRv
+IGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBzOi8vd3d3
+Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6
+ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1
+YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3Qg
+dG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRs
+b2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNAbmV0bG9jay5uZXQuMA0G
+CSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5ayZrU3/b39/zcT0mwBQO
+xmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjPytoUMaFP
+0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQ
+QeJBCWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxk
+f1qbFFgBJ34TUMdrKuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK
+8CtmdWOMovsEPoMOmzbwGOQmIMOM8CgHrTwXZoi1/baI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQD
+EzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVneXpvaSAoQ2xhc3MgUUEpIFRhbnVz
+aXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0bG9jay5odTAeFw0w
+MzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5l
+dExvY2sgTWlub3NpdGV0dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZh
+bnlraWFkbzEeMBwGCSqGSIb3DQEJARYPaW5mb0BuZXRsb2NrLmh1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRVCacbvWy5FPSKAtt2/Goq
+eKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e8ia6AFQe
+r7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO5
+3Lhbm+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWd
+vLrqOU+L73Sa58XQ0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0l
+mT+1fMptsK6ZmfoIYOcZwvK9UdPM0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4IC
+wDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwggJ1Bglg
+hkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2YW55IGEgTmV0
+TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh
+biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQg
+ZWxla3Ryb25pa3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywg
+dmFsYW1pbnQgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6
+b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwgYXogQWx0YWxhbm9zIFN6ZXJ6b2Rl
+c2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kgZWxqYXJhcyBtZWd0
+ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczovL3d3
+dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0Bu
+ZXRsb2NrLm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBh
+bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRo
+ZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMgYXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3
+Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0IGluZm9AbmV0bG9jay5u
+ZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3DQEBBQUA
+A4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQ
+MznNwNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+
+NFAwLvt/MpqNPfMgW/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCR
+VCHnpgu0mfVRQdzNo0ci2ccBgcTcR08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY
+83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR5qq5aKrN9p2QdRLqOBrKROi3
+macqaJVmlaut74nLYKkGEsaUR+ko
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
+MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
+MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
+dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV
+UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO
+ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz
+c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP
+OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl
+mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF
+BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4
+qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw
+gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu
+bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp
+dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8
+6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/
+h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
+/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv
+wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
+pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
+ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
+aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl
+ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w
+NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G
+A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD
+VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX
+SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR
+VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2
+w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF
+mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg
+4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9
+4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw
+EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx
+SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2
+ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8
+vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa
+hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
+Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
+/L7fCg0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
+MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
+Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i
+YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x
+CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG
+b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh
+bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3
+HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx
+WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX
+1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk
+u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P
+99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r
+M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB
+BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh
+cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
+gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
+ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
+aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
+Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
+YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
+dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
+aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
+IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
+KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
+MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
+b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
+KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
+A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
+aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
+7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
+BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
+ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
+JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
+PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
+0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
+0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
+6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
+v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
+K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
+bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
+MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
+MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
+gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
+b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
+bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
+cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
+ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
+ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
+hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
+AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
+MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
+RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
+UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
+cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
+Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
+AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
+AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
+1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
+3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
+Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
+HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
+pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
+sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
+qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
+mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
+opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
+YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00
+MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV
+wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe
+rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341
+68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh
+4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp
+UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o
+abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc
+3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G
+KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt
+hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO
+Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt
+zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD
+ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC
+MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2
+cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN
+qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5
+YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv
+b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2
+8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k
+NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj
+ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
+q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
+nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
+GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
+Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
+WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
+rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
++ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
+ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
+Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
+PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
+/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
+oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
+yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
+EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
+A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
+MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
+ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
+BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
+g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
+fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
+WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
+B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
+hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
+TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
+mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
+ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
+4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00
+MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf
+qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW
+n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym
+c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+
+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1
+o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j
+IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq
+IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz
+8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh
+vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l
+7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG
+cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD
+ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66
+AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC
+roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga
+W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n
+lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE
++V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV
+csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd
+dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg
+KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
+HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
+WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM
+V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB
+4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr
+H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd
+8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv
+vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT
+mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe
+btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc
+T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt
+WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ
+c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A
+4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD
+VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG
+CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
+aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0
+aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
+dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw
+czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G
+A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg
+Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0
+7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem
+d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd
++LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B
+4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN
+t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x
+DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57
+k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
+zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
+Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
+mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
+4SVhM7JZG+Ju1zdXtg2pEto=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00
+MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR
+/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu
+FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR
+U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c
+ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR
+FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k
+A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw
+eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl
+sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp
+VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q
+A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+
+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD
+ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px
+KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI
+FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv
+oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg
+u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP
+0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf
+3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl
+8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+
+DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
+PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
+ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
+MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
+IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
+dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
+li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
+rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
+WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
+F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
+xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
+Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
+dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
+ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
+IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
+c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
+ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
+Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
+KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
+KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
+y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
+dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
+VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
+MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
+fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
+7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
+cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
+mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
+xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
+SnQ2+Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJF
+UzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJ
+R1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcN
+MDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3WjBoMQswCQYDVQQGEwJFUzEfMB0G
+A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScw
+JQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+
+WmmmO3I2F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKj
+SgbwJ/BXufjpTjJ3Cj9BZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGl
+u6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQD0EbtFpKd71ng+CT516nDOeB0/RSrFOy
+A8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXteJajCq+TA81yc477OMUxk
+Hl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMBAAGjggM7
+MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBr
+aS5ndmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIIC
+IwYKKwYBBAG/VQIBADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8A
+cgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIA
+YQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIAYQBsAGkAdABhAHQAIABWAGEA
+bABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQByAGEAYwBpAPMA
+bgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA
+aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMA
+aQBvAG4AYQBtAGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQA
+ZQAgAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEA
+YwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBuAHQAcgBhACAAZQBuACAAbABhACAA
+ZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAAOgAvAC8AdwB3AHcA
+LgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0dHA6
+Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+y
+eAT8MIGVBgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQsw
+CQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0G
+A1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVu
+Y2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRhTvW1yEICKrNcda3Fbcrn
+lD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdzCkj+IHLt
+b8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg
+9J63NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XF
+ducTZnV+ZfsBn5OHiJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmC
+IoaZM3Fa6hlXPZHNqcCjbgcTpsnt+GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6
+MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
+dHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAX
+BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAy
+MDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt49VcdKA3Xtp
+eafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7Jylg
+/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGl
+wSMiuLgbWhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnh
+AMFRD0xS+ARaqn1y07iHKrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2
+PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpu
+AWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4EFgQUB8NR
+MKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYc
+HnmYv/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/
+Zb5gEydxiKRz44Rj0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+
+f00/FGj1EVDVwfSQpQgdMWD/YIwjVAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVO
+rSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEkllgVsRch
+6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kApKnXwiJPZ9d3
+7CAFYd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx
+MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg
+Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ
+iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa
+/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ
+jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI
+HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7
+sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w
+gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw
+KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG
+AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L
+URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO
+H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
+I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
+iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
+f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
+MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
+A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0
+MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp
+Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD
+QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz
+i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8
+h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV
+MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9
+UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni
+8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC
+h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
+AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm
+KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ
+X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr
+QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5
+pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
+QSdJQO7e5iNEOdyhIta6A/I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz
+MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv
+cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz
+Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO
+0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao
+wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj
+7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS
+8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT
+BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg
+JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC
+NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
+6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/
+3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
+D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
+CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
+3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
+MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
+U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
+MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
+IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
+bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
+RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
+zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
+bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
+MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
+VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
+OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
+tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
+q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
+EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
+VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
+MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
+U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX
+DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy
+dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj
+YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV
+OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr
+zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM
+VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ
+hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO
+ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw
+awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs
+OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF
+coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc
+okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8
+t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
+1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
+SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
+MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
+dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
+WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
+VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
+9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
+DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
+Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
+QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
+xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
+A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
+kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
+Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
+Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
+JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
+RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAx
+MDQwNjEwNDkxM1oXDTIxMDQwNjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMSBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H887dF+2rDNbS82rDTG
+29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9EJUk
+oVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk
+3w0LBUXl0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBL
+qdReLjVQCfOAl/QMF6452F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIIN
+nvmLVz5MxxftLItyM19yejhW1ebZrgUaHXVFsculJRwSVzb9IjcCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZTiFIwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE928Jj2VuX
+ZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0H
+DjxVyhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VO
+TzF2nBBhjrZTOqMRvq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2Uv
+kVrCqIexVmiUefkl98HVrhq4uz2PqYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4w
+zMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9ZIRlXvVWa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
+MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o
+Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt
+5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s
+3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej
+vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu
+8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil
+zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/
+3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD
+FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
+Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
+ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y
+MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg
+TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS
+b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS
+M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC
+UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d
+Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p
+rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l
+pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb
+j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC
+KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS
+/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X
+cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH
+1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP
+px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7
+MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI
+eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u
+2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS
+v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC
+wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy
+CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e
+vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6
+Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa
+Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL
+eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
+FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
+7uzXLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEy
+MTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVk
+ZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFtvszn
+ExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw71
+9tV2U02PjLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MO
+hXeiD+EwR+4A5zN9RGcaC1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+U
+tFE5A3+y3qcym7RHjm+0Sq7lr7HcsBthvJly3uSJt3omXdozSVtSnA71iq3DuD3o
+BmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn622r+I/q85Ej0ZytqERAh
+SQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRVHSAAMDww
+OgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMv
+cm9vdC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA
+7Jbg0zTBLL9s+DANBgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k
+/rvuFbQvBgwp8qiSpGEN/KtcCFtREytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzm
+eafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbwMVcoEoJz6TMvplW0C5GUR5z6
+u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3ynGQI0DvDKcWy
+7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR
+iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX
+DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291
+qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp
+uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU
+Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE
+pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp
+5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M
+UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN
+GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy
+5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv
+6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK
+eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6
+B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/
+BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov
+L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG
+SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS
+CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen
+5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897
+IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK
+gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL
++63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL
+vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm
+bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk
+N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
+Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
+ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX
+DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP
+cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW
+IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX
+xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy
+KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR
+9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az
+5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8
+6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7
+Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP
+bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt
+BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt
+XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd
+INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD
+U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp
+LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8
+Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp
+gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh
+/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw
+0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A
+fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
+4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR
+1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/
+QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
+94B7IWcnMFk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
+MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
+U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
+NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
+ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
+ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
+DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
+8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
++lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
+X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
+K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
+1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
+A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
+zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
+YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
+bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
+L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
+eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
+xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
+VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
+WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
+HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs
+ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw
+MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6
+b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj
+aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp
+Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg
+nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1
+HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N
+Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN
+dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0
+HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G
+CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU
+sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
+4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg
+8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K
+pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
+mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
+HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs
+ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5
+MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy
+ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy
+dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p
+OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2
+8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K
+Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe
+hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk
+6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q
+AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI
+bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB
+ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z
+qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd
+iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
+0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
+sSi6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
+F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
+ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
+ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
+aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
+YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
+c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
+d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
+CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
+wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
+Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
+0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
+pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
+CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
+P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
+1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
+KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
+JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
+8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
+fyWl8kgAwKQB2j8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
+FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
+ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
+LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
+BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
+Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
+dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
+cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
+YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
+dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
+bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
+YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
+TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
+9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
+jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
+FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
+ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
+ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
+EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
+L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
+yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
+O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
+um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
+NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
+OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
+A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
+JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
+vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
+D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
+Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
+RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
+HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
+nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
+0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
+UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
+Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
+TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
+BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
+2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
+UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
+6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
+9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
+HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
+wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
+XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
+IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
+hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
+so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEezCCA2OgAwIBAgIQNxkY5lNUfBq1uMtZWts1tzANBgkqhkiG9w0BAQUFADCB
+rjELMAkGA1UEBhMCREUxIDAeBgNVBAgTF0JhZGVuLVd1ZXJ0dGVtYmVyZyAoQlcp
+MRIwEAYDVQQHEwlTdHV0dGdhcnQxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fz
+c2VuIFZlcmxhZyBHbWJIMT4wPAYDVQQDEzVTLVRSVVNUIEF1dGhlbnRpY2F0aW9u
+IGFuZCBFbmNyeXB0aW9uIFJvb3QgQ0EgMjAwNTpQTjAeFw0wNTA2MjIwMDAwMDBa
+Fw0zMDA2MjEyMzU5NTlaMIGuMQswCQYDVQQGEwJERTEgMB4GA1UECBMXQmFkZW4t
+V3VlcnR0ZW1iZXJnIChCVykxEjAQBgNVBAcTCVN0dXR0Z2FydDEpMCcGA1UEChMg
+RGV1dHNjaGVyIFNwYXJrYXNzZW4gVmVybGFnIEdtYkgxPjA8BgNVBAMTNVMtVFJV
+U1QgQXV0aGVudGljYXRpb24gYW5kIEVuY3J5cHRpb24gUm9vdCBDQSAyMDA1OlBO
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bVKwdMz6tNGs9HiTNL1
+toPQb9UY6ZOvJ44TzbUlNlA0EmQpoVXhOmCTnijJ4/Ob4QSwI7+Vio5bG0F/WsPo
+TUzVJBY+h0jUJ67m91MduwwA7z5hca2/OnpYH5Q9XIHV1W/fuJvS9eXLg3KSwlOy
+ggLrra1fFi2SU3bxibYs9cEv4KdKb6AwajLrmnQDaHgTncovmwsdvs91DSaXm8f1
+XgqfeN+zvOyauu9VjxuapgdjKRdZYgkqeQd3peDRF2npW932kKvimAoA0SVtnteF
+hy+S8dF2g08LOlk3KC8zpxdQ1iALCvQm+Z845y2kuJuJja2tyWp9iRe79n+Ag3rm
+7QIDAQABo4GSMIGPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEG
+MCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTVFJvbmxpbmUxLTIwNDgtNTAdBgNV
+HQ4EFgQUD8oeXHngovMpttKFswtKtWXsa1IwHwYDVR0jBBgwFoAUD8oeXHngovMp
+ttKFswtKtWXsa1IwDQYJKoZIhvcNAQEFBQADggEBAK8B8O0ZPCjoTVy7pWMciDMD
+pwCHpB8gq9Yc4wYfl35UvbfRssnV2oDsF9eK9XvCAPbpEW+EoFolMeKJ+aQAPzFo
+LtU96G7m1R08P7K9n3frndOMusDXtk3sU5wPBG7qNWdX4wple5A64U8+wwCSersF
+iXOMy6ZNwPv2AtawB6MDwidAnwzkhYItr5pCHdDHjfhA7p0GVxzZotiAFP7hYy0y
+h9WUUpY6RsZxlj33mA6ykaqP2vROJAA5VeitF7nTNCtKqUDMFypVZUF0Qn71wK/I
+k63yGFs9iQzbRzkk+OBM8h+wPQrKBU6JIRrjKpms/H+h8Q8bHz2eBIPdltkdOpQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB
+hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl
+cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj
+ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy
+MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT
+IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS
+VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p
+dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo
+4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv
+otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv
+WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS
+U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T
+OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20
+S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
+AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG
+9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z
+MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q
+JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R
+UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq
+9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO
+KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
+MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
+Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
+AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
+Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
+m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
+FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
+TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
+EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
+kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
+HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
+vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
+19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
+L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
+bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
+JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
+FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
+BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
+K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
+ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
+Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
+sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
+3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
+ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
+mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
+b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
+rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
+hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
+zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
+MBr1mmz0DlP5OlvRHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
+MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
+Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
+AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
+Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
+jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
+0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
+2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
+ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
+y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
+tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
+6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
+uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
+acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
+k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
+VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
+FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
+BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
+b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
+fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
+/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
+REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
+srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
+aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
+woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
+Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
+t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
+8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
+9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
+wSsSnqaeG8XmDtkx2Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
+ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
+dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
+IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
+VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
+dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
+MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
+UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
+1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
+oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
+HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
+5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
+idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
+OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
+NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
+46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
+UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
+7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
+MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
+bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
+XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
+PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
+Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
+WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
+Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
+7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
+nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
+vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
+WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
+fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
+I+2ksx0WckNLIOFZfsLorSa/ovc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
+biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
+d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8
+76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+
+bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c
+6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE
+emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd
+MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt
+MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y
+MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y
+FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi
+aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM
+gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB
+qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7
+lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
+8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6
+45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
+UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
+O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
+bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
+GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
+77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
+hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
+92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
+Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
+ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
+Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
+IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw
+WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD
+ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y
+IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn
+IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+
+6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob
+jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw
+izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl
++zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY
+zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP
+pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF
+KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW
+ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB
+AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
+ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW
+IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA
+A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0
+uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+
+FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7
+jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/
+u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D
+YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1
+puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
+icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
+DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
+kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
+Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
+IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow
+RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY
+U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv
+Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br
+YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF
+nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH
+6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt
+eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/
+c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ
+MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH
+HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf
+jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6
+5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB
+rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
+F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c
+wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0
+cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB
+AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp
+WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9
+xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ
+2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ
+IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8
+aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X
+em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
+dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
+OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
+tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
+MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
+PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR
+IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q
+gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy
+yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts
+F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2
+jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx
+ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC
+VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK
+YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH
+EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN
+Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud
+DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE
+MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK
+UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ
+TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf
+qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK
+ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE
+JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7
+hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1
+EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm
+nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
+udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
+ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
+LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
+pYYsfPQS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL
+MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV
+BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0
+Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1
+OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i
+SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc
+VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW
+Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q
+Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2
+1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq
+ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1
+Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud
+EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX
+XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy
+dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6
+Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz
+JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290
+Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u
+TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN
+irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8
+TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6
+g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB
+95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj
+S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
+NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
+b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD
+VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2
+MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F
+VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1
+7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X
+Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+
+/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs
+81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm
+dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe
+Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu
+sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4
+pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs
+slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ
+arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD
+VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG
+9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl
+dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx
+0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj
+TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed
+Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7
+Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI
+OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7
+vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW
+t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
+HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
+SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
+qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
+Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
+MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
+BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw
+NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j
+LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG
+A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
+IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs
+W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta
+3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk
+6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6
+Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J
+NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP
+r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU
+DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz
+YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
+xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
+/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
+LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
+jVaMaA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
+IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi
+BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw
+MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh
+d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig
+YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v
+dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/
+BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6
+papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K
+DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
+KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
+XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
+rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
+Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
+MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
+BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa
+Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl
+LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u
+MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl
+ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm
+gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8
+YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf
+b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9
+9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S
+zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk
+OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA
+2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW
+oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
+t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
+KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
+m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
+MdRAGmI0Nj81Aa6sY6A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
+MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
+ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx
+MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc
+MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+
+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH
+iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj
+vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA
+0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB
+OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E
+FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01
+GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW
+zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4
+1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE
+f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
+jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
+ZetX2fNXlrtIzYE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
+KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
+BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl
+YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1
+OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy
+aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50
+ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd
+AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC
+FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi
+1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq
+jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ
+wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/
+WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy
+NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC
+uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw
+IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6
+g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
+9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
+BSeOE6Fuwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
+KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
+BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl
+YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1
+OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy
+aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50
+ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN
+8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/
+RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4
+hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5
+ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM
+EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1
+A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy
+WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ
+1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30
+6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT
+91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml
+e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
+TpPDpFQUWw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
+MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
+bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
+VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
+YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
+dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
+ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
+Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
+GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
+aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
+QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
+xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
+aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
+IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
+gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
+O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
+fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
+lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
+hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
+AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
+NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
+wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
+7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
+gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
+oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
+yZyQ2uypQjyttgI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
+UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
+S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
+SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
+OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
+b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
+VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
+sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
+ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
+KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
++7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
+HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
+IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
+733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
+Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
+AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
+aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
+mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
+XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
+qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
+BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
+aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg
+QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg
+SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0
+MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD
+VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8
+dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF
+bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom
+/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR
+Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3
+4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z
+5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0
+hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID
+AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX
+SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l
+VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq
+URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf
+peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
+Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
++qtB4Uu2NQvAmxU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQG
+EwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdp
+IMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBB
+LsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBI
+aXptZXQgU2HEn2xhecSxY8Sxc8SxIEg2MB4XDTEzMTIxODA5MDQxMFoXDTIzMTIx
+NjA5MDQxMFowgbExCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExTTBLBgNV
+BAoMRFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2
+ZW5sacSfaSBIaXptZXRsZXJpIEEuxZ4uMUIwQAYDVQQDDDlUw5xSS1RSVVNUIEVs
+ZWt0cm9uaWsgU2VydGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLEgSDYwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdsGjW6L0UlqMACprx9MfMkU1x
+eHe59yEmFXNRFpQJRwXiM/VomjX/3EsvMsew7eKC5W/a2uqsxgbPJQ1BgfbBOCK9
++bGlprMBvD9QFyv26WZV1DOzXPhDIHiTVRZwGTLmiddk671IUP320EEDwnS3/faA
+z1vFq6TWlRKb55cTMgPp1KtDWxbtMyJkKbbSk60vbNg9tvYdDjTu0n2pVQ8g9P0p
+u5FbHH3GQjhtQiht1AH7zYiXSX6484P4tZgvsycLSF5W506jM7NE1qXyGJTtHB6p
+lVxiSvgNZ1GpryHV+DKdeboaX+UEVU0TRv/yz3THGmNtwx8XEsMeED5gCLMxAgMB
+AAGjQjBAMB0GA1UdDgQWBBTdVRcT9qzoSCHK77Wv0QAy7Z6MtTAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAb1gNl0Oq
+FlQ+v6nfkkU/hQu7VtMMUszIv3ZnXuaqs6fvuay0EBQNdH49ba3RfdCaqaXKGDsC
+QC4qnFAUi/5XfldcEQlLNkVS9z2sFP1E34uXI9TDwe7UU5X+LEr+DXCqu4svLcsy
+o4LyVN/Y8t3XSHLuSqMplsNEzm61kod2pLv0kmzOLBQJZo6NrRa1xxsJYTvjIKID
+gI6tflEATseWhvtDmHd9KMeP2Cpu54Rvl0EpABZeTeIT6lnAY2c6RPuY/ATTMHKm
+9ocJV612ph1jmv3XZch4gyt1O6VbuA1df74jrlZVlFjvH4GMKrLN5ptjnhi85WsG
+tAuYSyher4hYyw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
+EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
+VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5
+NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF
+10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz
+0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh
+MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH
+zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc
+46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2
+yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi
+laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP
+oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA
+BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE
+qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm
+4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL
+1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn
+LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF
+H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo
+RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+
+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh
+15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW
+6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW
+nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j
+wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
+aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
+KwbQBM0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
+MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
+V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz
+WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO
+LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE
+AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH
+K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX
+RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z
+rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx
+3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq
+hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC
+MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls
+XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D
+lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
+aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
+YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx
+MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg
+VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo
+I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng
+o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G
+A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
+zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
+RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
+MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
+BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
+aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
+3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
+tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
+Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
+VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
+79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
+c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
+Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
+c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
+UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
+Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
+BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
+Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
+VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
+ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
+8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
+iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
+Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
+XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
+qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
+VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
+L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
+jjxDah2nGN59PRbxYvnKkKj9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
+rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt
+Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa
+Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV
+BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
+dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE
+AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B
+YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9
+hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l
+L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm
+SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM
+1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws
+6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50
+aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u
+7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0
+xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ
+rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
+eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
+USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
+lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
+SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
+A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
+MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
+d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
+cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
+0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
+M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
+MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
+oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
+DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
+oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
+VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
+bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
+BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
+//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
+CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
+CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
+3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
+KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
+zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
+TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
+CSqGSIb3DQEBBQUAA4GBAFgVKTk8d6PaXCUDfGD67gmZPCcQcMgMCeazh88K4hiW
+NWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n0a3hUKw8fGJLj7qE1xIV
+Gx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZRjXZ+Hxb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
+VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
+Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0J
+h9ZrbWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul
+uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68
+DzFc6PLZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4
+nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO
+8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV
+ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb
+PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2
+6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr
+n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a
+qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4
+wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3
+ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
+pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
+E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
+YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
+aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
+Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
+IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
+KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
+HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
+DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
+nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
+rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
+jBJ7xUS0rg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
+aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s
+IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp
+Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV
+BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp
+Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu
+Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g
+Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
+IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU
+J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO
+JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY
+wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o
+koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN
+qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E
+Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe
+xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u
+7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU
+sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
+sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
+cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i
+2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ
+2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
+pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
+13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
+U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
+F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
+oJ2daZH9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
+N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
+KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
+kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
+CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
+Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
+imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
+2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
+DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
+/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
+F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
+TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
+ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln
+biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
+U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp
+U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg
+SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln
+biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm
+GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve
+fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw
+AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ
+aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj
+aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW
+kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
+4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
+FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
+yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
+ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
+ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
+biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
+U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
+nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
+t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
+SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
+BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
+NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
+BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
+aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
+MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
+p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
+5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
+WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
+4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
+hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
+vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
+ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0
+IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y
+IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh
+bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF
+9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH
+H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H
+LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN
+/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT
+rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud
+EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw
+WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs
+exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud
+DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4
+sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+
+seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz
+4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+
+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
+lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
+7M2CYfE45k+XmCpajQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
+MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
+cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
+bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
+CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
+dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
+cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
+2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
+lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
+ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
+299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
+vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
+dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
+AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
+zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
+LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
+7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
+++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
+398znM/jra6O1I7mT1GvFpLgXPYHDw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMx
+IDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxs
+cyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9v
+dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMjEzMTcwNzU0WhcNMjIxMjE0
+MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdl
+bGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQD
+DC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+r
+WxxTkqxtnt3CxC5FlAM1iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjU
+Dk/41itMpBb570OYj7OeUt9tkTmPOL13i0Nj67eT/DBMHAGTthP796EfvyXhdDcs
+HqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8bJVhHlfXBIEyg1J55oNj
+z7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiBK0HmOFaf
+SZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/Slwxl
+AgMBAAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqG
+KGh0dHA6Ly9jcmwucGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0P
+AQH/BAQDAgHGMB0GA1UdDgQWBBQmlRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0j
+BIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGBi6SBiDCBhTELMAkGA1UEBhMC
+VVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNX
+ZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
+Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEB
+ALkVsUSRzCPIK0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd
+/ZDJPHV3V3p9+N701NX3leZ0bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pB
+A4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSljqHyita04pO2t/caaH/+Xc/77szWn
+k4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+esE2fDbbFwRnzVlhE9
+iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJtylv
+2G0xffX8oRAHh84vWdw+WNs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
+BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
+MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
+ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
+D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
+9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
+v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
+UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
+NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
++gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
+qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
+yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
+AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
+J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
+AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
+WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
+yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
+/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
+jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
+ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
+X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
+FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
+u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
+O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
+ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
+2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
+BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
+MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
+b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
+rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
+fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
+f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
+ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
+x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
+aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
+zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
+uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
+mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
+Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
+HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
+EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
+LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
+MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
+JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
+g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
+dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
+R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
+PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
+xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
+J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
+OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
+ee5Ehr7XHuQe+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
+gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
+MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
+UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
+NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
+dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
+dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
+38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
+KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
+DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
+qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
+JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
+PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
+BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
+jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
+eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
+ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
+vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
+qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
+IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
+i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
+O+7ETPTsJ3xCwnR8gooJybQDJbw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIDjCCBfagAwIBAgIJAOiOtsn4KhQoMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHSW5kaWFuYTEVMBMGA1UEBxMMSW5kaWFuYXBvbGlz
+MSgwJgYDVQQKEx9Tb2Z0d2FyZSBpbiB0aGUgUHVibGljIEludGVyZXN0MRMwEQYD
+VQQLEwpob3N0bWFzdGVyMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkx
+JTAjBgkqhkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDgwNTEz
+MDgwNzU2WhcNMTgwNTExMDgwNzU2WjCBvDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdh
+cmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEe
+MBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZo
+b3N0bWFzdGVyQHNwaS1pbmMub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEA3DbmR0LCxFF1KYdAw9iOIQbSGE7r7yC9kDyFEBOMKVuUY/b0LfEGQpG5
+GcRCaQi/izZF6igFM0lIoCdDkzWKQdh4s/Dvs24t3dHLfer0dSbTPpA67tfnLAS1
+fOH1fMVO73e9XKKTM5LOfYFIz2u1IiwIg/3T1c87Lf21SZBb9q1NE8re06adU1Fx
+Y0b4ShZcmO4tbZoWoXaQ4mBDmdaJ1mwuepiyCwMs43pPx93jzONKao15Uvr0wa8u
+jyoIyxspgpJyQ7zOiKmqp4pRQ1WFmjcDeJPI8L20QcgHQprLNZd6ioFl3h1UCAHx
+ZFy3FxpRvB7DWYd2GBaY7r/2Z4GLBjXFS21ZGcfSxki+bhQog0oQnBv1b7ypjvVp
+/rLBVcznFMn5WxRTUQfqzj3kTygfPGEJ1zPSbqdu1McTCW9rXRTunYkbpWry9vjQ
+co7qch8vNGopCsUK7BxAhRL3pqXTT63AhYxMfHMgzFMY8bJYTAH1v+pk1Vw5xc5s
+zFNaVrpBDyXfa1C2x4qgvQLCxTtVpbJkIoRRKFauMe5e+wsWTUYFkYBE7axt8Feo
++uthSKDLG7Mfjs3FIXcDhB78rKNDCGOM7fkn77SwXWfWT+3Qiz5dW8mRvZYChD3F
+TbxCP3T9PF2sXEg2XocxLxhsxGjuoYvJWdAY4wCAs1QnLpnwFVMCAwEAAaOCAg8w
+ggILMB0GA1UdDgQWBBQ0cdE41xU2g0dr1zdkQjuOjVKdqzCB8QYDVR0jBIHpMIHm
+gBQ0cdE41xU2g0dr1zdkQjuOjVKdq6GBwqSBvzCBvDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMf
+U29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1h
+c3RlcjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcN
+AQkBFhZob3N0bWFzdGVyQHNwaS1pbmMub3JnggkA6I62yfgqFCgwDwYDVR0TAQH/
+BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAAcwCQYDVR0SBAIwADAuBglghkgBhvhC
+AQ0EIRYfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDAwBglghkgBhvhC
+AQQEIxYhaHR0cHM6Ly9jYS5zcGktaW5jLm9yZy9jYS1jcmwucGVtMDIGCWCGSAGG
++EIBAwQlFiNodHRwczovL2NhLnNwaS1pbmMub3JnL2NlcnQtY3JsLnBlbTAhBgNV
+HREEGjAYgRZob3N0bWFzdGVyQHNwaS1pbmMub3JnMA4GA1UdDwEB/wQEAwIBBjAN
+BgkqhkiG9w0BAQUFAAOCAgEAtM294LnqsgMrfjLp3nI/yUuCXp3ir1UJogxU6M8Y
+PCggHam7AwIvUjki+RfPrWeQswN/2BXja367m1YBrzXU2rnHZxeb1NUON7MgQS4M
+AcRb+WU+wmHo0vBqlXDDxm/VNaSsWXLhid+hoJ0kvSl56WEq2dMeyUakCHhBknIP
+qxR17QnwovBc78MKYiC3wihmrkwvLo9FYyaW8O4x5otVm6o6+YI5HYg84gd1GuEP
+sTC8cTLSOv76oYnzQyzWcsR5pxVIBcDYLXIC48s9Fmq6ybgREOJJhcyWR2AFJS7v
+dVkz9UcZFu/abF8HyKZQth3LZjQl/GaD68W2MEH4RkRiqMEMVObqTFoo5q7Gt/5/
+O5aoLu7HaD7dAD0prypjq1/uSSotxdz70cbT0ZdWUoa2lOvUYFG3/B6bzAKb1B+P
++UqPti4oOxfMxaYF49LTtcYDyeFIQpvLP+QX4P4NAZUJurgNceQJcHdC2E3hQqlg
+g9cXiUPS1N2nGLar1CQlh7XU4vwuImm9rWgs/3K1mKoGnOcqarihk3bOsPN/nOHg
+T7jYhkalMwIsJWE3KpLIrIF0aGOHM3a9BX9e1dUCbb2v/ypaqknsmHlHU5H2DjRa
+yaXG67Ljxay2oHA1u8hRadDytaIybrw/oDc5fHE2pgXfDBLkFqfF1stjo5VwP+YE
+o2A=
+-----END CERTIFICATE-----
--- /dev/null
+ePKI_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+E-Tugra_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Global_Chambersign_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA_2.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Izenpe.com.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium_ECC.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_RootCA2.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt
\ No newline at end of file
--- /dev/null
+SecureTrust_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_CA_1.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_2.pem
\ No newline at end of file
--- /dev/null
+Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Commercial_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+COMODO_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_EV_2009.pem
\ No newline at end of file
--- /dev/null
+CA_WoSign_ECC_Root.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_RootCA2.pem
\ No newline at end of file
--- /dev/null
+COMODO_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+CA_Disig.pem
\ No newline at end of file
--- /dev/null
+TURKTRUST_Certificate_Services_Provider_Root_2007.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Root_CA.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_EV_2009.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Trustis_FPS_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Autorité_Racine.pem
\ No newline at end of file
--- /dev/null
+NetLock_Notary_=Class_A=_Root.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G3.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GB_CA.pem
\ No newline at end of file
--- /dev/null
+Certigna.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3_G3.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Low-Value_Services_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Atos_TrustedRoot_2011.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3_G3.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Commercial.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Qualified_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GB_CA.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_eBusiness_CA_1.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA_2009.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_3_Root_CA.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+ACEDICOM_Root.pem
\ No newline at end of file
--- /dev/null
+spi-cacert-2008.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Comodo_AAA_Services_root.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Chambers_of_Commerce_Root.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_G2.pem
\ No newline at end of file
--- /dev/null
+COMODO_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_Global_eBusiness_CA.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Commercial_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Certplus_Class_2_Primary_CA.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+USERTrust_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Starfield_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+Certification_Authority_of_WoSign_G2.pem
\ No newline at end of file
--- /dev/null
+SecureTrust_CA.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA.pem
\ No newline at end of file
--- /dev/null
+EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Chambers_of_Commerce_Root.pem
\ No newline at end of file
--- /dev/null
+ApplicationCA_-_Japanese_Government.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
\ No newline at end of file
--- /dev/null
+Root_CA_Generalitat_Valenciana.pem
\ No newline at end of file
--- /dev/null
+USERTrust_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Juur-SK.pem
\ No newline at end of file
--- /dev/null
+Certigna.pem
\ No newline at end of file
--- /dev/null
+ComSign_CA.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Hardware_Root_CA.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICyDCCAbCgAwIBAgIJAIW0wmE2j3JtMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV
+BAMMEW5zMS51aHUtYmFuYW5lLmRlMB4XDTE2MDMwNzE3NTUxMFoXDTI2MDMwNTE3
+NTUxMFowHDEaMBgGA1UEAwwRbnMxLnVodS1iYW5hbmUuZGUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQChFWDO1XMGYW68HQuVf3WYM90CZSWNMKrQOW6V
+H3ujl6k3Y0EyuIpj5KHvUTbSVDPksbPhpUC39AkVJbnz/FUxuDend4XXi1P4VACJ
+UGOLbJJWuF0P34WEWhXHkUEbWjL8WI8vO9ani8DS6mUZYQAK0JAQNYJCDnGK7i6w
+3ACa9V++JXMdsB/xyWsEFwiG05vuTOVfxowGSlCjP16Im6vt/tJWOI4oGmQXRB3X
+J6Mngj+xdWsPIoN4BK2+z00ynmjmFlOYdOEcyVCtx64j2XTaUUjradKb+ulN8u8Z
+wu7mIrfopVsxD9Fg3MV+R7zGX/0RAlrqJ5ov5AtJoWTI6Z7fAgMBAAGjDTALMAkG
+A1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAGXlxsksCQmKVedLM7DNPOdCfVBQ
+D4yItyqi+PubEb4TWJh1pi4MDFPl7V2YfwlXvitUV0Bm1FcgeUZAQRhacUlrY/61
+wuAN2tSGiyic0Lj+kyjtr5bciNFs67mlFf5CnAOeOWfUBcj5LYiq7keBlTaTb66q
+7WAnnGiKy3oqMgkgrznx03AixTxXoUb6esWC3sQ5qzrWKRdod0Nbl+ppEX5wBHHl
+efq8XQAOaLOd2Ry1ZRMhBt2WyWKuqOxAiMTCgJQ3kYCqTHY7Alr8KPWmokXIcnvI
+iMLg/Gg6JvaODj/lXAJfNfBRwf6kjxfFjvMOBfLYGkG/QHfvq3DnOqJ/aCs=
+-----END CERTIFICATE-----
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt
\ No newline at end of file
--- /dev/null
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file = $ENV::HOME/.oid
+oid_section = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions =
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+#unique_subject = no # Set to 'no' to allow creation of
+ # several ctificates with same subject.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crlnumber = $dir/crlnumber # the current crl number
+ # must be commented out to leave a V1 CRL
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/cakey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+x509_extensions = usr_cert # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt = ca_default # Subject Name options
+cert_opt = ca_default # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions = crl_ext
+
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = default # use public key default MD
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Some-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = World Wide Web Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName = Common Name (e.g. server FQDN or YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+# SET-ex3 = SET extension number 3
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = ./demoCA # TSA root directory
+serial = $dir/tsaserial # The current serial number (mandatory)
+crypto_device = builtin # OpenSSL engine to use for signing
+signer_cert = $dir/tsacert.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/cacert.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+clock_precision_digits = 0 # number of digits after dot. (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = no # Must the ESS cert id chain be included?
+ # (optional, default: no)
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQChFWDO1XMGYW68
+HQuVf3WYM90CZSWNMKrQOW6VH3ujl6k3Y0EyuIpj5KHvUTbSVDPksbPhpUC39AkV
+Jbnz/FUxuDend4XXi1P4VACJUGOLbJJWuF0P34WEWhXHkUEbWjL8WI8vO9ani8DS
+6mUZYQAK0JAQNYJCDnGK7i6w3ACa9V++JXMdsB/xyWsEFwiG05vuTOVfxowGSlCj
+P16Im6vt/tJWOI4oGmQXRB3XJ6Mngj+xdWsPIoN4BK2+z00ynmjmFlOYdOEcyVCt
+x64j2XTaUUjradKb+ulN8u8Zwu7mIrfopVsxD9Fg3MV+R7zGX/0RAlrqJ5ov5AtJ
+oWTI6Z7fAgMBAAECggEBAJEtrVR8t/CWO7E7FEem2ptUkuonsxJvPGPyfyHTgCFO
+/Om4gPhvrfqeAvyn25rw3NxO9Gp3/75LKSxwFgo576ah+zbp2C0Nm56CRwF6/Fya
+e8HA4878i19fuaVl2qIGR1F7l4Dgk3Pp1t3A92FKNTmKA204bK+QSPEH/fjUL494
+DFaJG+gfKWH31aF0Rou0/ajfNzsXnvyoaPRK8CHvEXS3BRHLzY2euVawKff/0ZCF
+RVsLJpenlpXzzWK8Ht/7CqccsrUx/yj7HXqXhYHxw/ZuKd8saajveyD2eGP5axfQ
+Uy2vnU8j5bSyCzGCskGk106NLL1SmxQ8fQtvsZ/PKxECgYEA1V0NcmcnhdtW2AbA
+kUSshZ1QKtCQv1FaC7BMRWiJhQffl7XbWvFrgvUC7A2RXfjV6TrUmcB3ZMA1lkBW
+awnWEMqyNvn9Sz2tRKGbLjTmv/WofCS2qcIicJEVU4/hFgVr7cvE81b1q4RAKTY1
+wNzg/HqiG5NUNP81mt8u0TDknuMCgYEAwUXcRsgvrSCBknAbJh1kfvXWKcWgODoP
+TazHyiUX4mLHPzwB+l6d3AWmytwWBDQYjY67gj/K+8c4Lhk6nL5NS5tPwDUBg24M
+UiG8dAi/fHh4XD0ov+ykYjumRas2aQIool5lh1TzyYHod4wd3E5dLunMHBm52R/m
+yTbBZrP4pNUCgYEAvCA88AdmQM9CBl4FwtCTcYhgnC+jwR0A0VeUGIrw3lwv2Luf
+etNtIV3ZQrs/1mTGb8vQkvSyESKs3RtDV0On/MxMUM8heAsc0GvRwO8iGlWHRla0
+vH+REEHMVQ6Cv4DuRhCqSoj9Okr0q6HByZi3w8Z5UukXkVcJM9HfnNGIc1MCgYBO
+wfsbVOQotoBWfhxyEbQsEF2vM/swLmiiDHB1rVvoQrxSxk9ACWJmkF8Bd2H5YIlI
+1gsO7pP2uZ3pGxrJWLsCvk1nU7JELooSxfCXkCEHxce2Pq3mV7Y82XXOGhDYBast
+Ty4sUa/uQ2PJo21fowdR4K/uG4WiNt/Cyu9QvLHr6QKBgDZoacyPsxMuM9xtpzKt
+CqkME9/odVoD+Wh8oLc1Oz1wzgEZLIuAFtNSQCIi+4jPvqKYcbJCvzquJeO3FCiS
+kggO3PYM0oOO+ZS9mU0FQFJK+SXsTsaL1Rw22uPl/cxq0XmAA9dPVok3BJnFYHFs
+whDLBroVqC9zdE4zaSf7hw1f
+-----END PRIVATE KEY-----
--- /dev/null
+Current policy mandates that directories in /usr/local should be owned
+by group staff and mode 2775.
+
+The purpose of this file is to tell the system, when it's removed, that we
+want directories in /usr/local to be 755 and owned by group root.
+
+At this moment, this does not work at all, but the plan is to modify
+packages during the development stage of wheezy+1, so that whenever we
+release wheezy+1 as stable, all packages that need it check that this
+file exists before using those special permissions for /usr/local.
+
+This file is created by base-files on the initial install, and it's
+also created on upgrades from any base-files release before 6.10, which
+means it will be created on upgrades from squeeze to wheezy.
+
+See http://bugs.debian.org/299007 for details.
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+Debian-exim:427680:65536
+postfix:493216:65536
+bind:558752:65536
+ulog:624288:65536
+repo:689824:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+Debian-exim:427680:65536
+postfix:493216:65536
+bind:558752:65536
+ulog:624288:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+Debian-exim:427680:65536
+postfix:493216:65536
+bind:558752:65536
+ulog:624288:65536
+repo:689824:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+Debian-exim:427680:65536
+postfix:493216:65536
+bind:558752:65536
+ulog:624288:65536
--- /dev/null
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults env_reset
+Defaults mail_badpass
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root ALL=(ALL:ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo ALL=(ALL:ALL) ALL
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
--- /dev/null
+#
+# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
+# installation of the package now includes the directive:
+#
+# #includedir /etc/sudoers.d
+#
+# This will cause sudo to read and parse any files in the /etc/sudoers.d
+# directory that do not end in '~' or contain a '.' character.
+#
+# Note that there must be at least one file in the sudoers.d directory (this
+# one will do), and all files in this directory should be mode 0440.
+#
+# Note also, that because sudoers contents can vary widely, no attempt is
+# made to add this directive to existing sudoers files on upgrade. Feel free
+# to add the above directive to the end of your /etc/sudoers file to enable
+# this functionality for existing installations if you wish!
+#
+# Finally, please note that using the visudo command is the recommended way
+# to update sudoers content, since it protects against many failure modes.
+# See the man page for visudo for more information.
+#
--- /dev/null
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See /etc/sysctl.d/ for additional system variables.
+# See sysctl.conf (5) for information.
+#
+
+kernel.domainname = uhu-banane.de
+
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 3 4 1 3
+
+##############################################################3
+# Functions previously found in netbase
+#
+
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+net.ipv4.conf.default.rp_filter=1
+net.ipv4.conf.all.rp_filter=1
+
+# Uncomment the next line to enable TCP/IP SYN cookies
+# See http://lwn.net/Articles/277146/
+# Note: This may impact IPv6 TCP sessions too
+#net.ipv4.tcp_syncookies=1
+
+# Uncomment the next line to enable packet forwarding for IPv4
+#net.ipv4.ip_forward=1
+net.ipv4.ip_forward=0
+
+# Uncomment the next line to enable packet forwarding for IPv6
+# Enabling this option disables Stateless Address Autoconfiguration
+# based on Router Advertisements for this host
+net.ipv6.conf.all.forwarding=1
+
+
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+net.ipv4.conf.all.log_martians = 1
+#
--- /dev/null
+Kernel system variables configuration files
+
+Files found under the /etc/sysctl.d directory that end with .conf are
+parsed within sysctl(8) at boot time. If you want to set kernel variables
+you can either edit /etc/sysctl.conf or make a new file.
+
+The filename isn't important, but don't make it a package name as it may clash
+with something the package builder needs later. It must end with .conf though.
+
+My personal preference would be for local system settings to go into
+/etc/sysctl.d/local.conf but as long as you follow the rules for the names
+of the file, anything will work. See sysctl.conf(8) man page for details
+of the format.
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See bootchart.conf(5) for details
+
+[Bootchart]
+#Samples=500
+#Frequency=25
+#Relative=no
+#Filter=yes
+#Output=<folder name, defaults to /run/log>
+#Init=/path/to/init-binary
+#PlotMemoryUsage=no
+#PlotEntropyGraph=no
+#ScaleX=100
+#ScaleY=20
+#ControlGroup=no
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See journald.conf(5) for details
+
+[Journal]
+#Storage=auto
+#Compress=yes
+#Seal=yes
+#SplitMode=uid
+#SyncIntervalSec=5m
+#RateLimitInterval=30s
+#RateLimitBurst=1000
+#SystemMaxUse=
+#SystemKeepFree=
+#SystemMaxFileSize=
+#RuntimeMaxUse=
+#RuntimeKeepFree=
+#RuntimeMaxFileSize=
+#MaxRetentionSec=
+#MaxFileSec=1month
+#ForwardToSyslog=yes
+#ForwardToKMsg=no
+#ForwardToConsole=no
+#ForwardToWall=yes
+#TTYPath=/dev/console
+#MaxLevelStore=debug
+#MaxLevelSyslog=debug
+#MaxLevelKMsg=notice
+#MaxLevelConsole=info
+#MaxLevelWall=emerg
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See logind.conf(5) for details
+
+[Login]
+#NAutoVTs=6
+#ReserveVT=6
+#KillUserProcesses=no
+#KillOnlyUsers=
+#KillExcludeUsers=root
+#InhibitDelayMaxSec=5
+#HandlePowerKey=poweroff
+#HandleSuspendKey=suspend
+#HandleHibernateKey=hibernate
+#HandleLidSwitch=suspend
+#PowerKeyIgnoreInhibited=no
+#SuspendKeyIgnoreInhibited=no
+#HibernateKeyIgnoreInhibited=no
+#LidSwitchIgnoreInhibited=yes
+#IdleAction=ignore
+#IdleActionSec=30min
+#RuntimeDirectorySize=10%
+#RemoveIPC=yes
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+#DNS=
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See systemd-system.conf(5) for details
+
+[Manager]
+#LogLevel=info
+#LogTarget=journal-or-kmsg
+#LogColor=yes
+#LogLocation=no
+#DumpCore=yes
+#CrashShell=no
+#ShowStatus=yes
+#CrashChVT=1
+#CPUAffinity=1 2
+#JoinControllers=cpu,cpuacct net_cls,net_prio
+#RuntimeWatchdogSec=0
+#ShutdownWatchdogSec=10min
+#CapabilityBoundingSet=
+#SystemCallArchitectures=
+#TimerSlackNSec=
+#DefaultTimerAccuracySec=1min
+#DefaultStandardOutput=journal
+#DefaultStandardError=inherit
+#DefaultTimeoutStartSec=90s
+#DefaultTimeoutStopSec=90s
+#DefaultRestartSec=100ms
+#DefaultStartLimitInterval=10s
+#DefaultStartLimitBurst=5
+#DefaultEnvironment=
+#DefaultCPUAccounting=no
+#DefaultBlockIOAccounting=no
+#DefaultMemoryAccounting=no
+#DefaultLimitCPU=
+#DefaultLimitFSIZE=
+#DefaultLimitDATA=
+#DefaultLimitSTACK=
+#DefaultLimitCORE=
+#DefaultLimitRSS=
+#DefaultLimitNOFILE=
+#DefaultLimitAS=
+#DefaultLimitNPROC=
+#DefaultLimitMEMLOCK=
+#DefaultLimitLOCKS=
+#DefaultLimitSIGPENDING=
+#DefaultLimitMSGQUEUE=
+#DefaultLimitNICE=
+#DefaultLimitRTPRIO=
+#DefaultLimitRTTIME=
--- /dev/null
+/lib/systemd/system/haveged.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/getty@.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-activation-early.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-activation.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/bind9.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/cron.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/netfilter-persistent.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/remote-fs.target
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/rsyslog.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/salt-minion.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ssh.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ulogd2.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/acpid.path
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/acpid.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/dm-event.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ssh.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-lvmetad.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-monitor.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/rsyslog.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ulogd2.service
\ No newline at end of file
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See timesyncd.conf(5) for details
+
+[Time]
+#Servers=0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See systemd-user.conf(5) for details
+
+[Manager]
+#LogLevel=info
+#LogTarget=console
+#LogColor=yes
+#LogLocation=no
+#SystemCallArchitectures=
+#TimerSlackNSec=
+#DefaultTimerAccuracySec=1min
+#DefaultStandardOutput=inherit
+#DefaultStandardError=inherit
+#DefaultTimeoutStartSec=90s
+#DefaultTimeoutStopSec=90s
+#DefaultRestartSec=100ms
+#DefaultStartLimitInterval=10s
+#DefaultStartLimitBurst=5
+#DefaultEnvironment=
+#DefaultLimitCPU=
+#DefaultLimitFSIZE=
+#DefaultLimitDATA=
+#DefaultLimitSTACK=
+#DefaultLimitCORE=
+#DefaultLimitRSS=
+#DefaultLimitNOFILE=
+#DefaultLimitAS=
+#DefaultLimitNPROC=
+#DefaultLimitMEMLOCK=
+#DefaultLimitLOCKS=
+#DefaultLimitSIGPENDING=
+#DefaultLimitMSGQUEUE=
+#DefaultLimitNICE=
+#DefaultLimitRTPRIO=
+#DefaultLimitRTTIME=
--- /dev/null
+This directory is for system-local terminfo descriptions. By default,
+ncurses will search ${HOME}/.terminfo first, then /etc/terminfo (this
+directory), then /lib/terminfo, and last not least /usr/share/terminfo.
--- /dev/null
+Europe/Berlin
--- /dev/null
+#
+# This file is a bourne shell snippet, and is sourced by the
+# ucf script for configuration.
+#
+
+# Debugging information: The default value is 0 (no debugging
+# information is printed). To change the default behavior, uncomment
+# the following line and set the value to 1.
+#
+# DEBUG=0
+
+# Verbosity: The default value is 0 (quiet). To change the default
+# behavior, uncomment the following line and set the value to 1.
+#
+# VERBOSE=0
+
+
+# The src directory. This is the directory where the historical
+# md5sums for a file are looked for. Specifically, the historical
+# md5sums are looked for in the subdirectory ${filename}.md5sum.d/
+#
+# conf_source_dir=/some/path/
+
+# Force the installed file to be retained. The default is have this
+# variable unset, which makes the script ask in case of doubt. To
+# change the default behavior, uncomment the following line and set
+# the value to YES
+#
+# conf_force_conffold=YES
+
+# Force the installed file to be overridden. The default is have this
+# variable unset, which makes the script ask in case of doubt. To
+# change the default behavior, uncomment the following line and set
+# the value to YES
+#
+# conf_force_conffnew=YES
+
+# Please note that only one of conf_force_conffold and
+# conf_force_conffnew should be set.
--- /dev/null
+ACTION=="add", SUBSYSTEM=="cpu", KERNEL!="cpu0", ATTR{online}="1"
--- /dev/null
+ACTION=="add", SUBSYSTEM=="memory", ATTR{state}="online"
--- /dev/null
+# see udev(7) for details
+#
+# udevd is started in the initramfs, so when this file is modified the
+# initramfs should be rebuilt.
+
+#udev_log="info"
--- /dev/null
+[Bind9]
+title=Internet Domain Name Server
+description=The Berkeley Internet Name Domain (BIND) implements an Internet domain name server.
+ports=53
+
--- /dev/null
+[OpenSSH]
+title=Secure shell server, an rshd replacement
+description=OpenSSH is a free implementation of the Secure Shell protocol.
+ports=22/tcp
--- /dev/null
+[Postfix]
+title=Mail server (SMTP)
+description=Postfix is a high-performance mail transport agent
+ports=25/tcp
+
+[Postfix SMTPS]
+title=Mail server (SMTPS)
+description=Postfix is a high-performance mail transport agent
+ports=465/tcp
+
+[Postfix Submission]
+title=Mail server (Submission)
+description=Postfix is a high-performance mail transport agent
+ports=587/tcp
--- /dev/null
+# Example configuration for ulogd
+# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+
+# logfile for status messages
+logfile="syslog"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
+loglevel=3
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_ULOG.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_UNIXSOCK.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2BIN.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2HBIN.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTPKT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_HWHDR.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTFLOW.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_MARK.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_LOGEMU.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SYSLOG.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SQLITE3.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GPRINT.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_NACCT.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PCAP.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PGSQL.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_MYSQL.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_DBI.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFACCT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_JSON.so"
+
+# this is a stack for logging packet send by system via LOGEMU
+stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for ULOG packet-based logging via LOGEMU
+#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via GPRINT
+#stack=log1:NFLOG,gp1:GPRINT
+
+# this is a stack for flow-based logging via LOGEMU
+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+
+# this is a stack for flow-based logging via GPRINT
+#stack=ct1:NFCT,gp1:GPRINT
+
+# this is a stack for flow-based logging via XML
+#stack=ct1:NFCT,xml1:XML
+
+# this is a stack for logging in XML
+#stack=log1:NFLOG,xml1:XML
+
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
+# this is a stack for accounting-based logging to a Graphite server
+#stack=acct1:NFACCT,graphite1:GRAPHITE
+
+# this is a stack for NFLOG packet-based logging to PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
+
+# this is a stack for logging packet to MySQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
+
+# this is a stack for logging packet to PGsql after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
+# this is a stack for logging packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for logging packets to syslog after a collect via NuFW
+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for flow-based logging to MySQL
+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
+
+# this is a stack for flow-based logging to PGSQL
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
+
+# this is a stack for flow-based logging to PGSQL without local hash
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+
+# this is a stack for flow-based logging to SQLITE3
+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
+
+# this is a stack for logging packet to SQLITE3
+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
+
+# this is a stack for flow-based logging in NACCT compatible format
+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+
+# this is a stack for accounting-based logging via GPRINT
+#stack=acct1:NFACCT,gp1:GPRINT
+
+[ct1]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
+#pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
+#accept_proto_filter=tcp,sctp # layer 4 proto of connections
+
+[ct2]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
+hash_enable=0
+
+# Logging of system packet through NFLOG
+[log1]
+# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
+group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# set number of packet to queue inside kernel
+#netlink_qthreshold=1
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
+
+# packet logging through NFLOG for group 1
+[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=1 # Group has to be different from the one use in log1
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
+#bind=1
+
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
+[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=2 # Group has to be different from the one use in log1/log2
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#bind=1
+
+[ulog1]
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+#numeric_label=0 # optional argument
+
+[nuauth1]
+socket_path="/tmp/nuauth_ulogd2.sock"
+
+[emu1]
+file="/var/log/ulog/syslogemu.log"
+sync=1
+
+[op1]
+file="/var/log/ulog/oprint.log"
+sync=1
+
+[gp1]
+file="/var/log/ulog/gprint.log"
+sync=1
+timestamp=1
+
+[xml1]
+directory="/var/log/ulog/"
+sync=1
+
+[json1]
+sync=1
+#file="/var/log/ulog/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
+[pcap1]
+#default file is /var/log/ulogd.pcap
+#file="/var/log/ulog/ulogd.pcap"
+sync=1
+
+[mysql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+# backlog configuration:
+# set backlog_memcap to the size of memory that will be
+# allocated to store events in memory if data is temporary down
+# and insert them when the database came back.
+#backlog_memcap=1000000
+# number of events to insert at once when backlog is not empty
+#backlog_oneshot_requests=10
+
+[mysql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="conntrack"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+#schema="public"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+# connstring can be used to define PostgreSQL connection string which
+# contains all parameters of the connection. If set, this value has
+# precedence on other variables used to build the connection string.
+# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
+# for a complete description of options.
+#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
+#backlog_memcap=1000000
+#backlog_oneshot_requests=10
+# If superior to 1 a thread dedicated to SQL request execution
+# is created. The value stores the number of SQL request to keep
+# in the ring buffer
+#ring_buffer_size=1000
+
+[pgsql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql3]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_OR_REPLACE_CT"
+
+[pgsql4]
+db="nulog"
+host="localhost"
+user="nupik"
+table="nfacct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_NFACCT"
+
+[dbi1]
+db="ulog2"
+dbtype="pgsql"
+host="localhost"
+user="ulog2"
+table="ulog"
+pass="ulog2"
+procedure="INSERT_PACKET_FULL"
+
+[sqlite3_ct]
+table="ulog_ct"
+db="/var/log/ulog/ulogd.sqlite3db"
+buffer=200
+
+[sqlite3_pkt]
+table="ulog_pkt"
+db="/var/log/ulog/ulogd.sqlite3db"
+buffer=200
+
+[sys2]
+facility=LOG_LOCAL2
+
+[nacct1]
+sync = 1
+#file = /var/log/ulog/nacct.log
+
+[mark1]
+mark = 1
+
+[acct1]
+pollinterval = 2
+# If set to 0, we don't reset the counters for each polling (default is 1).
+#zerocounter = 0
+# Set timestamp (default is 0, which means not set). This timestamp can be
+# interpreted by the output plugin.
+#timestamp = 1
+
+[graphite1]
+host="127.0.0.1"
+port="2003"
+# Prefix of data name sent to graphite server
+prefix="netfilter.nfacct"
--- /dev/null
+PRUNE_BIND_MOUNTS="yes"
+# PRUNENAMES=".git .bzr .hg .svn"
+PRUNEPATHS="/tmp /var/spool /media"
+PRUNEFS="NFS nfs nfs4 rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre tmpfs usbfs udf fuse.glusterfs fuse.sshfs curlftpfs"
--- /dev/null
+" All system-wide defaults are set in $VIMRUNTIME/debian.vim and sourced by
+" the call to :runtime you can find below. If you wish to change any of those
+" settings, you should do it in this file (/etc/vim/vimrc), since debian.vim
+" will be overwritten everytime an upgrade of the vim packages is performed.
+" It is recommended to make changes after sourcing debian.vim since it alters
+" the value of the 'compatible' option.
+
+" This line should not be removed as it ensures that various options are
+" properly set to work with the Vim-related packages available in Debian.
+runtime! debian.vim
+
+" Uncomment the next line to make Vim more Vi-compatible
+" NOTE: debian.vim sets 'nocompatible'. Setting 'compatible' changes numerous
+" options, so any other options should be set AFTER setting 'compatible'.
+"set compatible
+
+" Vim5 and later versions support syntax highlighting. Uncommenting the next
+" line enables syntax highlighting by default.
+"syntax on
+
+" If using a dark background within the editing area and syntax highlighting
+" turn on this option as well
+"set background=dark
+
+" Uncomment the following to have Vim jump to the last position when
+" reopening a file
+"if has("autocmd")
+" au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
+"endif
+
+" Uncomment the following to have Vim load indentation rules and plugins
+" according to the detected filetype.
+"if has("autocmd")
+" filetype plugin indent on
+"endif
+
+" The following are commented out as they cause vim to behave a lot
+" differently from regular Vi. They are highly recommended though.
+"set showcmd " Show (partial) command in status line.
+"set showmatch " Show matching brackets.
+"set ignorecase " Do case insensitive matching
+"set smartcase " Do smart case matching
+"set incsearch " Incremental search
+"set autowrite " Automatically save before commands like :next and :make
+"set hidden " Hide buffers when they are abandoned
+"set mouse=a " Enable mouse usage (all modes)
+
+" Source a global configuration file if available
+if filereadable("/etc/vim/vimrc.local")
+ source /etc/vim/vimrc.local
+endif
+
--- /dev/null
+set noai
+set nohlsearch
+set fo="tcq"
+set modeline
+set showmatch
+set ignorecase
+
+autocmd FileType sls set tabstop=2 expandtab shiftwidth=2 softtabstop=2
+autocmd FileType python set tabstop=4 expandtab shiftwidth=4 softtabstop=4
+autocmd FileType sh set tabstop=4 expandtab shiftwidth=4 softtabstop=4
+autocmd FileType perl set tabstop=4 noexpandtab shiftwidth=4
+
+set listchars=tab:»·,trail:·
+" set list
+
+if has("multi_byte")
+ set encoding=utf-8
+ setglobal fileencoding=utf-8
+else
+ echoerr "Sorry, this version of (g)vim was not compiled with +multi_byte"
+endif
+
+if has("autocmd")
+ " Jump to the last position on opening
+ autocmd BufReadPost *
+ \ if ! exists("g:leave_my_cursor_position_alone") |
+ \ if line("'\"") > 0 && line ("'\"") <= line("$") |
+ \ exe "normal g'\"" |
+ \ endif |
+ \ endif
+endif " has("autocmd")
+
+
+filetype plugin off
+
+color delek
+
+syntax on
+
--- /dev/null
+" Vim configuration file, in effect when invoked as "vi". The aim of this
+" configuration file is to provide a Vim environment as compatible with the
+" original vi as possible. Note that ~/.vimrc configuration files as other
+" configuration files in the runtimepath are still sourced.
+" When Vim is invoked differently ("vim", "view", "evim", ...) this file is
+" _not_ sourced; /etc/vim/vimrc and/or /etc/vim/gvimrc are.
+
+" Debian system-wide default configuration Vim
+set runtimepath=~/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,~/.vim/after
+
+set compatible
+
+" vim: set ft=vim:
--- /dev/null
+###
+### Sample Wget initialization file .wgetrc
+###
+
+## You can use this file to change the default behaviour of wget or to
+## avoid having to type many many command-line options. This file does
+## not contain a comprehensive list of commands -- look at the manual
+## to find out what you can put into this file. You can find this here:
+## $ info wget.info 'Startup File'
+## Or online here:
+## https://www.gnu.org/software/wget/manual/wget.html#Startup-File
+##
+## Wget initialization file can reside in /etc/wgetrc
+## (global, for all users) or $HOME/.wgetrc (for a single user).
+##
+## To use the settings in this file, you will have to uncomment them,
+## as well as change them, in most cases, as the values on the
+## commented-out lines are the default values (e.g. "off").
+
+
+##
+## Global settings (useful for setting up in /etc/wgetrc).
+## Think well before you change them, since they may reduce wget's
+## functionality, and make it behave contrary to the documentation:
+##
+
+# You can set retrieve quota for beginners by specifying a value
+# optionally followed by 'K' (kilobytes) or 'M' (megabytes). The
+# default quota is unlimited.
+#quota = inf
+
+# You can lower (or raise) the default number of retries when
+# downloading a file (default is 20).
+#tries = 20
+
+# Lowering the maximum depth of the recursive retrieval is handy to
+# prevent newbies from going too "deep" when they unwittingly start
+# the recursive retrieval. The default is 5.
+#reclevel = 5
+
+# By default Wget uses "passive FTP" transfer where the client
+# initiates the data connection to the server rather than the other
+# way around. That is required on systems behind NAT where the client
+# computer cannot be easily reached from the Internet. However, some
+# firewalls software explicitly supports active FTP and in fact has
+# problems supporting passive transfer. If you are in such
+# environment, use "passive_ftp = off" to revert to active FTP.
+#passive_ftp = off
+passive_ftp = on
+
+# The "wait" command below makes Wget wait between every connection.
+# If, instead, you want Wget to wait only between retries of failed
+# downloads, set waitretry to maximum number of seconds to wait (Wget
+# will use "linear backoff", waiting 1 second after the first failure
+# on a file, 2 seconds after the second failure, etc. up to this max).
+#waitretry = 10
+
+
+##
+## Local settings (for a user to set in his $HOME/.wgetrc). It is
+## *highly* undesirable to put these settings in the global file, since
+## they are potentially dangerous to "normal" users.
+##
+## Even when setting up your own ~/.wgetrc, you should know what you
+## are doing before doing so.
+##
+
+# Set this to on to use timestamping by default:
+#timestamping = off
+
+# It is a good idea to make Wget send your email address in a `From:'
+# header with your request (so that server administrators can contact
+# you in case of errors). Wget does *not* send `From:' by default.
+#header = From: Your Name <username@site.domain>
+
+# You can set up other headers, like Accept-Language. Accept-Language
+# is *not* sent by default.
+#header = Accept-Language: en
+
+# You can set the default proxies for Wget to use for http, https, and ftp.
+# They will override the value in the environment.
+#https_proxy = http://proxy.yoyodyne.com:18023/
+#http_proxy = http://proxy.yoyodyne.com:18023/
+#ftp_proxy = http://proxy.yoyodyne.com:18023/
+
+# If you do not want to use proxy at all, set this to off.
+#use_proxy = on
+
+# You can customize the retrieval outlook. Valid options are default,
+# binary, mega and micro.
+#dot_style = default
+
+# Setting this to off makes Wget not download /robots.txt. Be sure to
+# know *exactly* what /robots.txt is and how it is used before changing
+# the default!
+#robots = on
+
+# It can be useful to make Wget wait between connections. Set this to
+# the number of seconds you want Wget to wait.
+#wait = 0
+
+# You can force creating directory structure, even if a single is being
+# retrieved, by setting this to on.
+#dirstruct = off
+
+# You can turn on recursive retrieving by default (don't do this if
+# you are not sure you know what it means) by setting this to on.
+#recursive = off
+
+# To always back up file X as X.orig before converting its links (due
+# to -k / --convert-links / convert_links = on having been specified),
+# set this variable to on:
+#backup_converted = off
+
+# To have Wget follow FTP links from HTML files by default, set this
+# to on:
+#follow_ftp = off
+
+# To try ipv6 addresses first:
+#prefer-family = IPv6
+
+# Set default IRI support state
+#iri = off
+
+# Force the default system encoding
+#locale = UTF-8
+
+# Force the default remote server encoding
+#remoteencoding = UTF-8
+
+# Turn on to prevent following non-HTTPS links when in recursive mode
+#httpsonly = off
+
+# Tune HTTPS security (auto, SSLv2, SSLv3, TLSv1, PFS)
+#secureprotocol = auto
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE catalog PUBLIC "-//OASIS//DTD XML Catalogs V1.0//EN"
+ "file:///usr/share/xml/schema/xml-core/catalog.dtd">
+<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
+<delegateSystem systemIdStartString="http://globaltranscorp.org/oasis/catalog/xml/tr9401.dtd" catalog="file:///etc/xml/xml-core.xml"/>
+<delegatePublic publicIdStartString="-//OASIS//DTD XML Catalogs V1.0//EN" catalog="file:///etc/xml/xml-core.xml"/>
+<delegateSystem systemIdStartString="http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd" catalog="file:///etc/xml/xml-core.xml"/>
+<delegatePublic publicIdStartString="-//GlobalTransCorp//DTD XML Catalogs V1.0-Based Extension V1.0//EN" catalog="file:///etc/xml/xml-core.xml"/>
+</catalog>
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE catalog PUBLIC "-//OASIS//DTD XML Catalogs V1.0//EN"
+ "file:///usr/share/xml/schema/xml-core/catalog.dtd">
+<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
+<delegateSystem systemIdStartString="http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegatePublic publicIdStartString="-//OASIS//DTD XML Catalogs V1.0//EN" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegateSystem systemIdStartString="http://globaltranscorp.org/oasis/catalog/xml/tr9401.dtd" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegatePublic publicIdStartString="-//GlobalTransCorp//DTD XML Catalogs V1.0-Based Extension V1.0//EN" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+</catalog>
--- /dev/null
+# Set up the prompt
+
+autoload -Uz promptinit
+promptinit
+prompt adam1
+
+setopt histignorealldups sharehistory
+
+# Use emacs keybindings even if our EDITOR is set to vi
+bindkey -e
+
+# Keep 1000 lines of history within the shell and save it to ~/.zsh_history:
+HISTSIZE=1000
+SAVEHIST=1000
+HISTFILE=~/.zsh_history
+
+# Use modern completion system
+autoload -Uz compinit
+compinit
+
+zstyle ':completion:*' auto-description 'specify: %d'
+zstyle ':completion:*' completer _expand _complete _correct _approximate
+zstyle ':completion:*' format 'Completing %d'
+zstyle ':completion:*' group-name ''
+zstyle ':completion:*' menu select=2
+eval "$(dircolors -b)"
+zstyle ':completion:*:default' list-colors ${(s.:.)LS_COLORS}
+zstyle ':completion:*' list-colors ''
+zstyle ':completion:*' list-prompt %SAt %p: Hit TAB for more, or the character to insert%s
+zstyle ':completion:*' matcher-list '' 'm:{a-z}={A-Z}' 'm:{a-zA-Z}={A-Za-z}' 'r:|[._-]=* r:|=* l:|=*'
+zstyle ':completion:*' menu select=long
+zstyle ':completion:*' select-prompt %SScrolling active: current selection at %p%s
+zstyle ':completion:*' use-compctl false
+zstyle ':completion:*' verbose true
+
+zstyle ':completion:*:*:kill:*:processes' list-colors '=(#b) #([0-9]#)*=0=01;31'
+zstyle ':completion:*:kill:*' command 'ps -u $USER -o pid,%cpu,tty,cputime,cmd'
--- /dev/null
+# /etc/zsh/zlogin: system-wide .zlogin file for zsh(1).
+#
+# This file is sourced only for login shells. It
+# should contain commands that should be executed only
+# in login shells. It should be used to set the terminal
+# type and run a series of external commands (fortune,
+# msgs, from, etc.)
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
--- /dev/null
+# /etc/zsh/zlogout: system-wide .zlogout file for zsh(1).
--- /dev/null
+# /etc/zsh/zprofile: system-wide .zprofile file for zsh(1).
+#
+# This file is sourced only for login shells (i.e. shells
+# invoked with "-" as the first character of argv[0], and
+# shells invoked with the -l flag.)
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
--- /dev/null
+# /etc/zsh/zshenv: system-wide .zshenv file for zsh(1).
+#
+# This file is sourced on all invocations of the shell.
+# If the -f flag is present or if the NO_RCS option is
+# set within this file, all other initialization files
+# are skipped.
+#
+# This file should contain commands to set the command
+# search path, plus other important environment variables.
+# This file should not contain commands that produce
+# output or assume the shell is attached to a tty.
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
+
+if [[ -z "$PATH" || "$PATH" == "/bin:/usr/bin" ]]
+then
+ export PATH="/usr/local/bin:/usr/bin:/bin:/usr/games"
+fi
--- /dev/null
+# /etc/zsh/zshrc: system-wide .zshrc file for zsh(1).
+#
+# This file is sourced only for interactive shells. It
+# should contain commands to set up aliases, functions,
+# options, key bindings, etc.
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
+
+READNULLCMD=${PAGER:-/usr/bin/pager}
+
+# An array to note missing features to ease diagnosis in case of problems.
+typeset -ga debian_missing_features
+
+if [[ -z "$DEBIAN_PREVENT_KEYBOARD_CHANGES" ]] &&
+ [[ "$TERM" != 'emacs' ]]
+then
+
+ typeset -A key
+ key=(
+ BackSpace "${terminfo[kbs]}"
+ Home "${terminfo[khome]}"
+ End "${terminfo[kend]}"
+ Insert "${terminfo[kich1]}"
+ Delete "${terminfo[kdch1]}"
+ Up "${terminfo[kcuu1]}"
+ Down "${terminfo[kcud1]}"
+ Left "${terminfo[kcub1]}"
+ Right "${terminfo[kcuf1]}"
+ PageUp "${terminfo[kpp]}"
+ PageDown "${terminfo[knp]}"
+ )
+
+ function bind2maps () {
+ local i sequence widget
+ local -a maps
+
+ while [[ "$1" != "--" ]]; do
+ maps+=( "$1" )
+ shift
+ done
+ shift
+
+ sequence="${key[$1]}"
+ widget="$2"
+
+ [[ -z "$sequence" ]] && return 1
+
+ for i in "${maps[@]}"; do
+ bindkey -M "$i" "$sequence" "$widget"
+ done
+ }
+
+ bind2maps emacs -- BackSpace backward-delete-char
+ bind2maps viins -- BackSpace vi-backward-delete-char
+ bind2maps vicmd -- BackSpace vi-backward-char
+ bind2maps emacs -- Home beginning-of-line
+ bind2maps viins vicmd -- Home vi-beginning-of-line
+ bind2maps emacs -- End end-of-line
+ bind2maps viins vicmd -- End vi-end-of-line
+ bind2maps emacs viins -- Insert overwrite-mode
+ bind2maps vicmd -- Insert vi-insert
+ bind2maps emacs -- Delete delete-char
+ bind2maps viins vicmd -- Delete vi-delete-char
+ bind2maps emacs viins vicmd -- Up up-line-or-history
+ bind2maps emacs viins vicmd -- Down down-line-or-history
+ bind2maps emacs -- Left backward-char
+ bind2maps viins vicmd -- Left vi-backward-char
+ bind2maps emacs -- Right forward-char
+ bind2maps viins vicmd -- Right vi-forward-char
+
+ # Make sure the terminal is in application mode, when zle is
+ # active. Only then are the values from $terminfo valid.
+ if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then
+ function zle-line-init () {
+ emulate -L zsh
+ printf '%s' ${terminfo[smkx]}
+ }
+ function zle-line-finish () {
+ emulate -L zsh
+ printf '%s' ${terminfo[rmkx]}
+ }
+ zle -N zle-line-init
+ zle -N zle-line-finish
+ else
+ for i in {s,r}mkx; do
+ (( ${+terminfo[$i]} )) || debian_missing_features+=($i)
+ done
+ unset i
+ fi
+
+ unfunction bind2maps
+
+fi # [[ -z "$DEBIAN_PREVENT_KEYBOARD_CHANGES" ]] && [[ "$TERM" != 'emacs' ]]
+
+zstyle ':completion:*:sudo:*' command-path /usr/local/sbin \
+ /usr/local/bin \
+ /usr/sbin \
+ /usr/bin \
+ /sbin \
+ /bin \
+ /usr/X11R6/bin
+
+(( ${+aliases[run-help]} )) && unalias run-help
+autoload -Uz run-help
projects / config / ns1 / etc.git / commitdiff