--- /dev/null
+# Generated by etckeeper. Do not edit.
+
+mkdir -p './X11/xkb'
+mkdir -p './apparmor.d/force-complain'
+mkdir -p './apt/preferences.d'
+mkdir -p './binfmt.d'
+mkdir -p './ca-certificates/update.d'
+mkdir -p './clamav/onerrorexecute.d'
+mkdir -p './clamav/onupdateexecute.d'
+mkdir -p './clamav/virusevent.d'
+mkdir -p './console'
+mkdir -p './dbus-1/session.d'
+mkdir -p './dovecot/private'
+mkdir -p './dpkg/dpkg.cfg.d'
+mkdir -p './fail2ban/fail2ban.d'
+mkdir -p './fail2ban/jail.d'
+mkdir -p './initramfs-tools/conf.d'
+mkdir -p './initramfs-tools/hooks'
+mkdir -p './initramfs-tools/scripts/init-bottom'
+mkdir -p './initramfs-tools/scripts/init-premount'
+mkdir -p './initramfs-tools/scripts/init-top'
+mkdir -p './initramfs-tools/scripts/local-bottom'
+mkdir -p './initramfs-tools/scripts/local-premount'
+mkdir -p './initramfs-tools/scripts/local-top'
+mkdir -p './initramfs-tools/scripts/nfs-bottom'
+mkdir -p './initramfs-tools/scripts/nfs-premount'
+mkdir -p './initramfs-tools/scripts/nfs-top'
+mkdir -p './initramfs-tools/scripts/panic'
+mkdir -p './insserv/overrides'
+mkdir -p './logwatch/conf/services'
+mkdir -p './logwatch/scripts/services'
+mkdir -p './network/if-post-down.d'
+mkdir -p './network/if-pre-up.d'
+mkdir -p './network/interfaces.d'
+mkdir -p './opt'
+mkdir -p './perl/CPAN'
+mkdir -p './postfix/sasl'
+mkdir -p './security/limits.d'
+mkdir -p './security/namespace.d'
+mkdir -p './systemd/network'
+mkdir -p './systemd/ntp-units.d'
+mkdir -p './systemd/user'
+mkdir -p './tmpfiles.d'
+mkdir -p './udev/hwdb.d'
+maybe chmod 0755 '.'
+maybe chmod 0700 '.etckeeper'
+maybe chmod 0644 '.gitignore'
+maybe chmod 0755 'X11'
+maybe chmod 0755 'X11/xkb'
+maybe chmod 0755 'acpi'
+maybe chmod 0755 'acpi/events'
+maybe chmod 0644 'acpi/events/powerbtn-acpi-support'
+maybe chmod 0755 'acpi/powerbtn-acpi-support.sh'
+maybe chmod 0644 'adduser.conf'
+maybe chmod 0755 'alternatives'
+maybe chmod 0644 'alternatives/README'
+maybe chmod 0755 'amavis'
+maybe chmod 0644 'amavis/README.l10n'
+maybe chmod 0755 'amavis/conf.d'
+maybe chmod 0644 'amavis/conf.d/01-debian'
+maybe chmod 0644 'amavis/conf.d/05-domain_id'
+maybe chmod 0644 'amavis/conf.d/05-node_id'
+maybe chmod 0644 'amavis/conf.d/15-av_scanners'
+maybe chmod 0644 'amavis/conf.d/15-content_filter_mode'
+maybe chmod 0644 'amavis/conf.d/20-debian_defaults'
+maybe chmod 0644 'amavis/conf.d/25-amavis_helpers'
+maybe chmod 0644 'amavis/conf.d/30-template_localization'
+maybe chmod 0644 'amavis/conf.d/50-user'
+maybe chmod 0644 'amavis/conf.d/50-user.2016.07.20.08.58.54'
+maybe chmod 0755 'amavis/en_US'
+maybe chmod 0644 'amavis/en_US/charset'
+maybe chmod 0644 'amavis/en_US/template-auto-response.txt'
+maybe chmod 0644 'amavis/en_US/template-dsn.txt'
+maybe chmod 0644 'amavis/en_US/template-problem-feedback.txt'
+maybe chmod 0644 'amavis/en_US/template-release-quarantine.txt'
+maybe chmod 0644 'amavis/en_US/template-spam-admin.txt'
+maybe chmod 0644 'amavis/en_US/template-spam-sender.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-admin.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-recipient.txt'
+maybe chmod 0644 'amavis/en_US/template-virus-sender.txt'
+maybe chmod 0755 'apm'
+maybe chmod 0755 'apm/event.d'
+maybe chmod 0755 'apm/event.d/01chrony'
+maybe chmod 0755 'apparmor.d'
+maybe chmod 0755 'apparmor.d/force-complain'
+maybe chmod 0755 'apparmor.d/local'
+maybe chmod 0644 'apparmor.d/local/usr.bin.freshclam'
+maybe chmod 0644 'apparmor.d/local/usr.sbin.clamd'
+maybe chmod 0644 'apparmor.d/usr.bin.freshclam'
+maybe chmod 0644 'apparmor.d/usr.sbin.clamd'
+maybe chmod 0644 'apparmor.d/usr.sbin.mysqld'
+maybe chmod 0755 'apt'
+maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub'
+maybe chmod 0755 'apt/apt.conf.d'
+maybe chmod 0644 'apt/apt.conf.d/00recommends'
+maybe chmod 0644 'apt/apt.conf.d/00trustcdrom'
+maybe chmod 0644 'apt/apt.conf.d/01autoremove'
+maybe chmod 0644 'apt/apt.conf.d/01autoremove-kernels'
+maybe chmod 0644 'apt/apt.conf.d/05etckeeper'
+maybe chmod 0644 'apt/apt.conf.d/70debconf'
+maybe chmod 0755 'apt/preferences.d'
+maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key.pub'
+maybe chmod 0644 'apt/repo.uhu-banane.de.gpg-key2.pub'
+maybe chmod 0644 'apt/sources.list'
+maybe chmod 0755 'apt/sources.list.d'
+maybe chmod 0644 'apt/sources.list.d/fbrehm.list'
+maybe chmod 0644 'apt/sources.list.d/salt.list'
+maybe chmod 0644 'apt/trusted.gpg'
+maybe chmod 0755 'apt/trusted.gpg.d'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-jessie-stable.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg'
+maybe chmod 0644 'apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg'
+maybe chmod 0755 'apticron'
+maybe chmod 0644 'apticron/apticron.conf'
+maybe chgrp 'daemon' 'at.deny'
+maybe chmod 0640 'at.deny'
+maybe chmod 0644 'bash.bashrc'
+maybe chmod 0644 'bash_completion'
+maybe chmod 0755 'bash_completion.d'
+maybe chmod 0644 'bash_completion.d/debconf'
+maybe chmod 0644 'bash_completion.d/etckeeper'
+maybe chmod 0644 'bash_completion.d/fail2ban'
+maybe chmod 0644 'bash_completion.d/git-prompt'
+maybe chmod 0644 'bash_completion.d/grub'
+maybe chmod 0644 'bash_completion.d/initramfs-tools'
+maybe chmod 0644 'bash_completion.d/insserv'
+maybe chmod 0644 'bash_completion.d/isoquery'
+maybe chmod 0644 'bash_completion.d/salt-common'
+maybe chmod 0644 'bash_completion.d/whiptail'
+maybe chmod 0644 'bindresvport.blacklist'
+maybe chmod 0755 'binfmt.d'
+maybe chmod 0755 'ca-certificates'
+maybe chmod 0644 'ca-certificates.conf'
+maybe chmod 0755 'ca-certificates/update.d'
+maybe chmod 0755 'calendar'
+maybe chmod 0644 'calendar/default'
+maybe chmod 0755 'chrony'
+maybe chmod 0644 'chrony/chrony.conf'
+maybe chmod 0640 'chrony/chrony.keys'
+maybe chmod 0755 'clamav'
+maybe chmod 0644 'clamav/clamd.conf'
+maybe chmod 0644 'clamav/clamd.conf.2016.07.20.08.58.54'
+maybe chown 'clamav' 'clamav/freshclam.conf'
+maybe chgrp 'adm' 'clamav/freshclam.conf'
+maybe chmod 0444 'clamav/freshclam.conf'
+maybe chmod 0444 'clamav/freshclam.conf.2016.07.20.08.58.54'
+maybe chmod 0755 'clamav/onerrorexecute.d'
+maybe chmod 0755 'clamav/onupdateexecute.d'
+maybe chmod 0755 'clamav/virusevent.d'
+maybe chmod 0644 'colordiffrc'
+maybe chmod 0755 'console'
+maybe chmod 0755 'console-setup'
+maybe chmod 0644 'console-setup/cached_Lat15-Fixed16.psf.gz'
+maybe chmod 0644 'console-setup/cached_UTF-8_del.kmap.gz'
+maybe chmod 0644 'console-setup/compose.ARMSCII-8.inc'
+maybe chmod 0644 'console-setup/compose.CP1251.inc'
+maybe chmod 0644 'console-setup/compose.CP1255.inc'
+maybe chmod 0644 'console-setup/compose.CP1256.inc'
+maybe chmod 0644 'console-setup/compose.GEORGIAN-ACADEMY.inc'
+maybe chmod 0644 'console-setup/compose.GEORGIAN-PS.inc'
+maybe chmod 0644 'console-setup/compose.IBM1133.inc'
+maybe chmod 0644 'console-setup/compose.ISIRI-3342.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-1.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-10.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-11.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-13.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-14.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-15.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-16.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-2.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-3.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-4.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-5.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-6.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-7.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-8.inc'
+maybe chmod 0644 'console-setup/compose.ISO-8859-9.inc'
+maybe chmod 0644 'console-setup/compose.KOI8-R.inc'
+maybe chmod 0644 'console-setup/compose.KOI8-U.inc'
+maybe chmod 0644 'console-setup/compose.TIS-620.inc'
+maybe chmod 0644 'console-setup/compose.VISCII.inc'
+maybe chmod 0644 'console-setup/remap.inc'
+maybe chmod 0755 'cron.d'
+maybe chmod 0644 'cron.d/.placeholder'
+maybe chmod 0644 'cron.d/amavisd-new'
+maybe chmod 0644 'cron.d/apticron'
+maybe chmod 0644 'cron.d/php5'
+maybe chmod 0755 'cron.daily'
+maybe chmod 0644 'cron.daily/.placeholder'
+maybe chmod 0755 'cron.daily/00logwatch'
+maybe chmod 0755 'cron.daily/apt'
+maybe chmod 0755 'cron.daily/aptitude'
+maybe chmod 0755 'cron.daily/bsdmainutils'
+maybe chmod 0755 'cron.daily/dpkg'
+maybe chmod 0755 'cron.daily/etckeeper'
+maybe chmod 0755 'cron.daily/logrotate'
+maybe chmod 0755 'cron.daily/man-db'
+maybe chmod 0755 'cron.daily/mlocate'
+maybe chmod 0755 'cron.daily/passwd'
+maybe chmod 0755 'cron.daily/spamassassin'
+maybe chmod 0755 'cron.hourly'
+maybe chmod 0644 'cron.hourly/.placeholder'
+maybe chmod 0755 'cron.monthly'
+maybe chmod 0644 'cron.monthly/.placeholder'
+maybe chmod 0755 'cron.weekly'
+maybe chmod 0644 'cron.weekly/.placeholder'
+maybe chmod 0755 'cron.weekly/man-db'
+maybe chmod 0644 'crontab'
+maybe chmod 0755 'cruft'
+maybe chmod 0755 'cruft/filters-unex'
+maybe chmod 0644 'cruft/filters-unex/etckeeper'
+maybe chmod 0755 'dbus-1'
+maybe chmod 0644 'dbus-1/session.conf'
+maybe chmod 0755 'dbus-1/session.d'
+maybe chmod 0644 'dbus-1/system.conf'
+maybe chmod 0755 'dbus-1/system.d'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.hostname1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.locale1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.login1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.machine1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.systemd1.conf'
+maybe chmod 0644 'dbus-1/system.d/org.freedesktop.timedate1.conf'
+maybe chmod 0644 'debconf.conf'
+maybe chmod 0644 'debian_version'
+maybe chmod 0755 'default'
+maybe chmod 0644 'default/acpid'
+maybe chmod 0644 'default/amavis-mc'
+maybe chmod 0644 'default/amavisd-snmp-subagent'
+maybe chmod 0644 'default/bsdmainutils'
+maybe chmod 0644 'default/console-setup'
+maybe chmod 0644 'default/cron'
+maybe chmod 0644 'default/dbus'
+maybe chmod 0644 'default/devpts'
+maybe chmod 0644 'default/dovecot'
+maybe chmod 0644 'default/fail2ban'
+maybe chmod 0644 'default/grub'
+maybe chmod 0644 'default/halt'
+maybe chmod 0644 'default/haveged'
+maybe chmod 0644 'default/hwclock'
+maybe chmod 0644 'default/iptables.bak'
+maybe chmod 0644 'default/keyboard'
+maybe chmod 0644 'default/locale'
+maybe chmod 0644 'default/netfilter-persistent'
+maybe chmod 0644 'default/networking'
+maybe chmod 0644 'default/nginx'
+maybe chmod 0644 'default/nss'
+maybe chmod 0644 'default/rcS'
+maybe chmod 0644 'default/rsync'
+maybe chmod 0644 'default/rsyslog'
+maybe chmod 0644 'default/spamassassin'
+maybe chmod 0644 'default/ssh'
+maybe chmod 0644 'default/tmpfs'
+maybe chmod 0644 'default/useradd'
+maybe chmod 0644 'default/uwsgi'
+maybe chmod 0644 'deluser.conf'
+maybe chmod 0755 'dhcp'
+maybe chmod 0755 'dhcp/dhclient-enter-hooks.d'
+maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/debug'
+maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/nodnsupdate'
+maybe chmod 0755 'dhcp/dhclient-exit-hooks.d'
+maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/debug'
+maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes'
+maybe chmod 0644 'dhcp/dhclient.conf'
+maybe chmod 0755 'dictionaries-common'
+maybe chmod 0644 'discover-modprobe.conf'
+maybe chmod 0755 'discover.conf.d'
+maybe chmod 0644 'discover.conf.d/00discover'
+maybe chmod 0755 'dovecot'
+maybe chmod 0644 'dovecot/README'
+maybe chmod 0755 'dovecot/conf.d'
+maybe chmod 0644 'dovecot/conf.d/10-auth.conf'
+maybe chmod 0644 'dovecot/conf.d/10-director.conf'
+maybe chmod 0644 'dovecot/conf.d/10-logging.conf'
+maybe chmod 0644 'dovecot/conf.d/10-mail.conf'
+maybe chmod 0644 'dovecot/conf.d/10-master.conf'
+maybe chmod 0644 'dovecot/conf.d/10-ssl.conf'
+maybe chmod 0644 'dovecot/conf.d/10-tcpwrapper.conf'
+maybe chmod 0644 'dovecot/conf.d/15-lda.conf'
+maybe chmod 0644 'dovecot/conf.d/15-mailboxes.conf'
+maybe chmod 0644 'dovecot/conf.d/20-imap.conf'
+maybe chmod 0644 'dovecot/conf.d/20-lmtp.conf'
+maybe chmod 0644 'dovecot/conf.d/20-managesieve.conf'
+maybe chmod 0644 'dovecot/conf.d/20-pop3.conf'
+maybe chmod 0644 'dovecot/conf.d/90-acl.conf'
+maybe chmod 0644 'dovecot/conf.d/90-plugin.conf'
+maybe chmod 0644 'dovecot/conf.d/90-quota.conf'
+maybe chmod 0644 'dovecot/conf.d/90-sieve-extprograms.conf'
+maybe chmod 0644 'dovecot/conf.d/90-sieve.conf'
+maybe chmod 0644 'dovecot/conf.d/auth-checkpassword.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-deny.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-dict.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-master.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-passwdfile.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-sql.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-static.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-system.conf.ext'
+maybe chmod 0644 'dovecot/conf.d/auth-vpopmail.conf.ext'
+maybe chgrp 'dovecot' 'dovecot/dovecot-dict-auth.conf.ext'
+maybe chmod 0640 'dovecot/dovecot-dict-auth.conf.ext'
+maybe chgrp 'dovecot' 'dovecot/dovecot-dict-sql.conf.ext'
+maybe chmod 0640 'dovecot/dovecot-dict-sql.conf.ext'
+maybe chown 'dovecot' 'dovecot/dovecot-master-users'
+maybe chgrp 'dovecot' 'dovecot/dovecot-master-users'
+maybe chmod 0500 'dovecot/dovecot-master-users'
+maybe chmod 0550 'dovecot/dovecot-mysql.conf'
+maybe chown 'dovecot' 'dovecot/dovecot-share-folder.conf'
+maybe chgrp 'dovecot' 'dovecot/dovecot-share-folder.conf'
+maybe chmod 0500 'dovecot/dovecot-share-folder.conf'
+maybe chgrp 'dovecot' 'dovecot/dovecot-sql.conf.ext'
+maybe chmod 0640 'dovecot/dovecot-sql.conf.ext'
+maybe chown 'dovecot' 'dovecot/dovecot-used-quota.conf'
+maybe chgrp 'dovecot' 'dovecot/dovecot-used-quota.conf'
+maybe chmod 0500 'dovecot/dovecot-used-quota.conf'
+maybe chmod 0664 'dovecot/dovecot.conf'
+maybe chmod 0644 'dovecot/dovecot.conf.2016.07.20.08.58.54'
+maybe chmod 0700 'dovecot/private'
+maybe chmod 0755 'dpkg'
+maybe chmod 0644 'dpkg/dpkg.cfg'
+maybe chmod 0755 'dpkg/dpkg.cfg.d'
+maybe chmod 0755 'dpkg/origins'
+maybe chmod 0644 'dpkg/origins/debian'
+maybe chmod 0755 'emacs'
+maybe chmod 0755 'emacs/site-start.d'
+maybe chmod 0644 'emacs/site-start.d/00debian-vars.el'
+maybe chmod 0644 'emacs/site-start.d/50dictionaries-common.el'
+maybe chmod 0644 'emacs/site-start.el'
+maybe chmod 0644 'environment'
+maybe chmod 0755 'etckeeper'
+maybe chmod 0755 'etckeeper/commit.d'
+maybe chmod 0755 'etckeeper/commit.d/10vcs-test'
+maybe chmod 0755 'etckeeper/commit.d/30bzr-add'
+maybe chmod 0755 'etckeeper/commit.d/30darcs-add'
+maybe chmod 0755 'etckeeper/commit.d/30git-add'
+maybe chmod 0755 'etckeeper/commit.d/30hg-addremove'
+maybe chmod 0755 'etckeeper/commit.d/50vcs-commit'
+maybe chmod 0755 'etckeeper/commit.d/99push'
+maybe chmod 0644 'etckeeper/commit.d/README'
+maybe chmod 0644 'etckeeper/etckeeper.conf'
+maybe chmod 0755 'etckeeper/init.d'
+maybe chmod 0755 'etckeeper/init.d/10restore-metadata'
+maybe chmod 0755 'etckeeper/init.d/20restore-etckeeper'
+maybe chmod 0755 'etckeeper/init.d/40vcs-init'
+maybe chmod 0755 'etckeeper/init.d/50vcs-ignore'
+maybe chmod 0755 'etckeeper/init.d/50vcs-perm'
+maybe chmod 0755 'etckeeper/init.d/50vcs-pre-commit-hook'
+maybe chmod 0755 'etckeeper/init.d/60darcs-deleted-symlinks'
+maybe chmod 0755 'etckeeper/init.d/70vcs-add'
+maybe chmod 0644 'etckeeper/init.d/README'
+maybe chmod 0755 'etckeeper/list-installed.d'
+maybe chmod 0755 'etckeeper/list-installed.d/50list-installed'
+maybe chmod 0755 'etckeeper/post-install.d'
+maybe chmod 0755 'etckeeper/post-install.d/50vcs-commit'
+maybe chmod 0644 'etckeeper/post-install.d/README'
+maybe chmod 0755 'etckeeper/pre-commit.d'
+maybe chmod 0755 'etckeeper/pre-commit.d/20warn-problem-files'
+maybe chmod 0755 'etckeeper/pre-commit.d/30store-metadata'
+maybe chmod 0644 'etckeeper/pre-commit.d/README'
+maybe chmod 0755 'etckeeper/pre-install.d'
+maybe chmod 0755 'etckeeper/pre-install.d/10packagelist'
+maybe chmod 0755 'etckeeper/pre-install.d/50uncommitted-changes'
+maybe chmod 0644 'etckeeper/pre-install.d/README'
+maybe chmod 0755 'etckeeper/unclean.d'
+maybe chmod 0755 'etckeeper/unclean.d/50test'
+maybe chmod 0644 'etckeeper/unclean.d/README'
+maybe chmod 0755 'etckeeper/uninit.d'
+maybe chmod 0755 'etckeeper/uninit.d/01prompt'
+maybe chmod 0755 'etckeeper/uninit.d/50remove-metadata'
+maybe chmod 0755 'etckeeper/uninit.d/50vcs-uninit'
+maybe chmod 0644 'etckeeper/uninit.d/README'
+maybe chmod 0755 'etckeeper/update-ignore.d'
+maybe chmod 0755 'etckeeper/update-ignore.d/01update-ignore'
+maybe chmod 0644 'etckeeper/update-ignore.d/README'
+maybe chmod 0755 'etckeeper/vcs.d'
+maybe chmod 0755 'etckeeper/vcs.d/50vcs-cmd'
+maybe chmod 0755 'fail2ban'
+maybe chmod 0755 'fail2ban/action.d'
+maybe chmod 0644 'fail2ban/action.d/apf.conf'
+maybe chmod 0644 'fail2ban/action.d/badips.conf'
+maybe chmod 0644 'fail2ban/action.d/blocklist_de.conf'
+maybe chmod 0644 'fail2ban/action.d/bsd-ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/complain.conf'
+maybe chmod 0644 'fail2ban/action.d/dshield.conf'
+maybe chmod 0644 'fail2ban/action.d/dummy.conf'
+maybe chmod 0644 'fail2ban/action.d/firewallcmd-ipset.conf'
+maybe chmod 0644 'fail2ban/action.d/firewallcmd-new.conf'
+maybe chmod 0644 'fail2ban/action.d/hostsdeny.conf'
+maybe chmod 0644 'fail2ban/action.d/ipfilter.conf'
+maybe chmod 0644 'fail2ban/action.d/ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-allports.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-blocktype.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto4.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6-allports.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-multiport-log.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-multiport.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-new.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables-xt_recent-echo.conf'
+maybe chmod 0644 'fail2ban/action.d/iptables.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-buffered.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-whois-lines.conf'
+maybe chmod 0644 'fail2ban/action.d/mail-whois.conf'
+maybe chmod 0644 'fail2ban/action.d/mail.conf'
+maybe chmod 0644 'fail2ban/action.d/mynetwatchman.conf'
+maybe chmod 0644 'fail2ban/action.d/osx-afctl.conf'
+maybe chmod 0644 'fail2ban/action.d/osx-ipfw.conf'
+maybe chmod 0644 'fail2ban/action.d/pf.conf'
+maybe chmod 0644 'fail2ban/action.d/route.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-buffered.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-common.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-whois-lines.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail-whois.conf'
+maybe chmod 0644 'fail2ban/action.d/sendmail.conf'
+maybe chmod 0644 'fail2ban/action.d/shorewall.conf'
+maybe chmod 0644 'fail2ban/action.d/ufw.conf'
+maybe chmod 0644 'fail2ban/fail2ban.conf'
+maybe chmod 0755 'fail2ban/fail2ban.d'
+maybe chmod 0755 'fail2ban/filter.d'
+maybe chmod 0644 'fail2ban/filter.d/3proxy.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-badbots.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-modsecurity.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-nohome.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-noscript.conf'
+maybe chmod 0644 'fail2ban/filter.d/apache-overflows.conf'
+maybe chmod 0644 'fail2ban/filter.d/assp.conf'
+maybe chmod 0644 'fail2ban/filter.d/asterisk.conf'
+maybe chmod 0644 'fail2ban/filter.d/common.conf'
+maybe chmod 0644 'fail2ban/filter.d/courierlogin.conf'
+maybe chmod 0644 'fail2ban/filter.d/couriersmtp.conf'
+maybe chmod 0644 'fail2ban/filter.d/cyrus-imap.conf'
+maybe chmod 0644 'fail2ban/filter.d/dovecot.conf'
+maybe chmod 0644 'fail2ban/filter.d/dovecot.iredmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/dropbear.conf'
+maybe chmod 0644 'fail2ban/filter.d/ejabberd-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim-spam.conf'
+maybe chmod 0644 'fail2ban/filter.d/exim.conf'
+maybe chmod 0644 'fail2ban/filter.d/freeswitch.conf'
+maybe chmod 0644 'fail2ban/filter.d/groupoffice.conf'
+maybe chmod 0644 'fail2ban/filter.d/gssftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/horde.conf'
+maybe chmod 0644 'fail2ban/filter.d/lighttpd-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/mysqld-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/nagios.conf'
+maybe chmod 0644 'fail2ban/filter.d/named-refused.conf'
+maybe chmod 0644 'fail2ban/filter.d/nginx-http-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/nsd.conf'
+maybe chmod 0644 'fail2ban/filter.d/openwebmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/pam-generic.conf'
+maybe chmod 0644 'fail2ban/filter.d/perdition.conf'
+maybe chmod 0644 'fail2ban/filter.d/php-url-fopen.conf'
+maybe chmod 0644 'fail2ban/filter.d/postfix-sasl.conf'
+maybe chmod 0644 'fail2ban/filter.d/postfix.conf'
+maybe chmod 0644 'fail2ban/filter.d/postfix.iredmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/proftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/pure-ftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/qmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/recidive.conf'
+maybe chmod 0644 'fail2ban/filter.d/roundcube-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/roundcube.iredmail.conf'
+maybe chmod 0644 'fail2ban/filter.d/selinux-common.conf'
+maybe chmod 0644 'fail2ban/filter.d/selinux-ssh.conf'
+maybe chmod 0644 'fail2ban/filter.d/sendmail-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/sendmail-reject.conf'
+maybe chmod 0644 'fail2ban/filter.d/sieve.conf'
+maybe chmod 0644 'fail2ban/filter.d/sogo-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/solid-pop3d.conf'
+maybe chmod 0644 'fail2ban/filter.d/squid.conf'
+maybe chmod 0644 'fail2ban/filter.d/sshd-ddos.conf'
+maybe chmod 0644 'fail2ban/filter.d/sshd.conf'
+maybe chmod 0644 'fail2ban/filter.d/suhosin.conf'
+maybe chmod 0644 'fail2ban/filter.d/uwimap-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/vsftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/webmin-auth.conf'
+maybe chmod 0644 'fail2ban/filter.d/wuftpd.conf'
+maybe chmod 0644 'fail2ban/filter.d/xinetd-fail.conf'
+maybe chmod 0644 'fail2ban/jail.conf'
+maybe chmod 0755 'fail2ban/jail.d'
+maybe chmod 0644 'fail2ban/jail.local'
+maybe chmod 0755 'fonts'
+maybe chmod 0755 'fonts/conf.avail'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-sans.conf'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-serif.conf'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-sans-mono.conf'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-sans.conf'
+maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-serif.conf'
+maybe chmod 0644 'fonts/conf.avail/57-dejavu-sans-mono.conf'
+maybe chmod 0644 'fonts/conf.avail/57-dejavu-sans.conf'
+maybe chmod 0644 'fonts/conf.avail/57-dejavu-serif.conf'
+maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-sans-mono.conf'
+maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-sans.conf'
+maybe chmod 0644 'fonts/conf.avail/58-dejavu-lgc-serif.conf'
+maybe chmod 0755 'fonts/conf.d'
+maybe chmod 0644 'fonts/conf.d/README'
+maybe chmod 0644 'fonts/fonts.conf'
+maybe chmod 0644 'fstab'
+maybe chmod 0644 'gai.conf'
+maybe chmod 0755 'groff'
+maybe chmod 0644 'groff/man.local'
+maybe chmod 0644 'groff/mdoc.local'
+maybe chmod 0644 'group'
+maybe chmod 0600 'group-'
+maybe chmod 0755 'grub.d'
+maybe chmod 0755 'grub.d/00_header'
+maybe chmod 0755 'grub.d/05_debian_theme'
+maybe chmod 0755 'grub.d/10_linux'
+maybe chmod 0755 'grub.d/20_linux_xen'
+maybe chmod 0755 'grub.d/30_os-prober'
+maybe chmod 0755 'grub.d/30_uefi-firmware'
+maybe chmod 0755 'grub.d/40_custom'
+maybe chmod 0755 'grub.d/41_custom'
+maybe chmod 0644 'grub.d/README'
+maybe chgrp 'shadow' 'gshadow'
+maybe chmod 0640 'gshadow'
+maybe chmod 0600 'gshadow-'
+maybe chmod 0755 'gss'
+maybe chmod 0755 'gss/mech.d'
+maybe chmod 0644 'gss/mech.d/README'
+maybe chmod 0644 'host.conf'
+maybe chmod 0644 'hostname'
+maybe chmod 0644 'hosts'
+maybe chmod 0644 'hosts.allow'
+maybe chmod 0644 'hosts.deny'
+maybe chmod 0755 'init'
+maybe chmod 0755 'init.d'
+maybe chmod 0644 'init.d/README'
+maybe chmod 0755 'init.d/acpid'
+maybe chmod 0755 'init.d/amavis'
+maybe chmod 0755 'init.d/amavis-mc'
+maybe chmod 0755 'init.d/amavisd-snmp-subagent'
+maybe chmod 0755 'init.d/atd'
+maybe chmod 0755 'init.d/bootlogs'
+maybe chmod 0755 'init.d/bootmisc.sh'
+maybe chmod 0755 'init.d/checkfs.sh'
+maybe chmod 0755 'init.d/checkroot-bootclean.sh'
+maybe chmod 0755 'init.d/checkroot.sh'
+maybe chmod 0755 'init.d/chrony'
+maybe chmod 0755 'init.d/clamav-daemon'
+maybe chmod 0755 'init.d/clamav-freshclam'
+maybe chmod 0755 'init.d/console-setup'
+maybe chmod 0755 'init.d/cron'
+maybe chmod 0755 'init.d/dbus'
+maybe chmod 0755 'init.d/dovecot'
+maybe chmod 0755 'init.d/fail2ban'
+maybe chmod 0755 'init.d/halt'
+maybe chmod 0755 'init.d/haveged'
+maybe chmod 0755 'init.d/hostname.sh'
+maybe chmod 0755 'init.d/hwclock.sh'
+maybe chmod 0755 'init.d/iptables'
+maybe chmod 0755 'init.d/iredapd'
+maybe chmod 0755 'init.d/kbd'
+maybe chmod 0755 'init.d/keyboard-setup'
+maybe chmod 0755 'init.d/keymap.sh'
+maybe chmod 0755 'init.d/killprocs'
+maybe chmod 0755 'init.d/kmod'
+maybe chmod 0755 'init.d/lvm2'
+maybe chmod 0755 'init.d/motd'
+maybe chmod 0755 'init.d/mountall-bootclean.sh'
+maybe chmod 0755 'init.d/mountall.sh'
+maybe chmod 0755 'init.d/mountdevsubfs.sh'
+maybe chmod 0755 'init.d/mountkernfs.sh'
+maybe chmod 0755 'init.d/mountnfs-bootclean.sh'
+maybe chmod 0755 'init.d/mountnfs.sh'
+maybe chmod 0755 'init.d/mysql'
+maybe chmod 0755 'init.d/netfilter-persistent'
+maybe chmod 0755 'init.d/networking'
+maybe chmod 0755 'init.d/nginx'
+maybe chmod 0755 'init.d/php5-fpm'
+maybe chmod 0755 'init.d/postfix'
+maybe chmod 0755 'init.d/procps'
+maybe chmod 0755 'init.d/rc'
+maybe chmod 0755 'init.d/rc.local'
+maybe chmod 0755 'init.d/rcS'
+maybe chmod 0755 'init.d/reboot'
+maybe chmod 0755 'init.d/rmnologin'
+maybe chmod 0755 'init.d/rsync'
+maybe chmod 0755 'init.d/rsyslog'
+maybe chmod 0755 'init.d/salt-minion'
+maybe chmod 0755 'init.d/sendsigs'
+maybe chmod 0755 'init.d/single'
+maybe chmod 0644 'init.d/skeleton'
+maybe chmod 0755 'init.d/spamassassin'
+maybe chmod 0755 'init.d/ssh'
+maybe chmod 0755 'init.d/sudo'
+maybe chmod 0755 'init.d/udev'
+maybe chmod 0755 'init.d/udev-finish'
+maybe chmod 0755 'init.d/ulogd2'
+maybe chmod 0755 'init.d/umountfs'
+maybe chmod 0755 'init.d/umountnfs.sh'
+maybe chmod 0755 'init.d/umountroot'
+maybe chmod 0755 'init.d/urandom'
+maybe chmod 0755 'init.d/uwsgi'
+maybe chmod 0644 'init/network-interface-container.conf'
+maybe chmod 0644 'init/network-interface-security.conf'
+maybe chmod 0644 'init/network-interface.conf'
+maybe chmod 0644 'init/networking.conf'
+maybe chmod 0644 'init/php5-fpm.conf'
+maybe chmod 0644 'init/salt-minion.conf'
+maybe chmod 0644 'init/ssh.conf'
+maybe chmod 0644 'init/startpar-bridge.conf'
+maybe chmod 0644 'init/udev-fallback-graphics.conf'
+maybe chmod 0644 'init/udev-finish.conf'
+maybe chmod 0644 'init/udev.conf'
+maybe chmod 0644 'init/udevmonitor.conf'
+maybe chmod 0644 'init/udevtrigger.conf'
+maybe chmod 0644 'init/ulogd2.conf'
+maybe chmod 0755 'initramfs-tools'
+maybe chmod 0755 'initramfs-tools/conf.d'
+maybe chmod 0755 'initramfs-tools/hooks'
+maybe chmod 0644 'initramfs-tools/initramfs.conf'
+maybe chmod 0644 'initramfs-tools/modules'
+maybe chmod 0755 'initramfs-tools/scripts'
+maybe chmod 0755 'initramfs-tools/scripts/init-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/init-premount'
+maybe chmod 0755 'initramfs-tools/scripts/init-top'
+maybe chmod 0755 'initramfs-tools/scripts/local-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/local-premount'
+maybe chmod 0755 'initramfs-tools/scripts/local-top'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-bottom'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-premount'
+maybe chmod 0755 'initramfs-tools/scripts/nfs-top'
+maybe chmod 0755 'initramfs-tools/scripts/panic'
+maybe chmod 0644 'initramfs-tools/update-initramfs.conf'
+maybe chmod 0644 'inputrc'
+maybe chmod 0755 'insserv'
+maybe chmod 0644 'insserv.conf'
+maybe chmod 0755 'insserv.conf.d'
+maybe chmod 0644 'insserv.conf.d/postfix'
+maybe chmod 0755 'insserv/overrides'
+maybe chmod 0755 'iproute2'
+maybe chmod 0644 'iproute2/ematch_map'
+maybe chmod 0644 'iproute2/group'
+maybe chmod 0644 'iproute2/rt_dsfield'
+maybe chmod 0644 'iproute2/rt_protos'
+maybe chmod 0644 'iproute2/rt_realms'
+maybe chmod 0644 'iproute2/rt_scopes'
+maybe chmod 0644 'iproute2/rt_tables'
+maybe chmod 0755 'iptables'
+maybe chmod 0640 'iptables/rules.v4'
+maybe chmod 0640 'iptables/rules.v6'
+maybe chmod 0644 'iredmail-release'
+maybe chmod 0755 'iscsi'
+maybe chmod 0600 'iscsi/iscsid.conf'
+maybe chmod 0644 'issue'
+maybe chmod 0644 'issue.net'
+maybe chmod 0755 'kbd'
+maybe chmod 0644 'kbd/config'
+maybe chmod 0644 'kbd/remap'
+maybe chmod 0755 'kernel'
+maybe chmod 0644 'kernel-img.conf'
+maybe chmod 0755 'kernel/postinst.d'
+maybe chmod 0755 'kernel/postinst.d/apt-auto-removal'
+maybe chmod 0755 'kernel/postinst.d/initramfs-tools'
+maybe chmod 0755 'kernel/postinst.d/zz-update-grub'
+maybe chmod 0755 'kernel/postrm.d'
+maybe chmod 0755 'kernel/postrm.d/initramfs-tools'
+maybe chmod 0755 'kernel/postrm.d/zz-update-grub'
+maybe chmod 0644 'ld.so.conf'
+maybe chmod 0755 'ld.so.conf.d'
+maybe chmod 0644 'ld.so.conf.d/libc.conf'
+maybe chmod 0644 'ld.so.conf.d/x86_64-linux-gnu.conf'
+maybe chmod 0755 'ldap'
+maybe chmod 0644 'ldap/ldap.conf'
+maybe chmod 0755 'ldap/schema'
+maybe chmod 0644 'ldap/schema/amavis.schema'
+maybe chmod 0644 'lftp.conf'
+maybe chmod 0644 'libaudit.conf'
+maybe chmod 0755 'libnl-3'
+maybe chmod 0644 'libnl-3/classid'
+maybe chmod 0644 'libnl-3/pktloc'
+maybe chmod 0644 'locale.alias'
+maybe chmod 0644 'locale.gen'
+maybe chmod 0644 'locale.gen.bak'
+maybe chmod 0644 'localtime.bak'
+maybe chmod 0755 'logcheck'
+maybe chmod 0755 'logcheck/ignore.d.paranoid'
+maybe chmod 0644 'logcheck/ignore.d.paranoid/clamav-daemon'
+maybe chmod 0644 'logcheck/ignore.d.paranoid/mariadb-server-10_0'
+maybe chmod 0755 'logcheck/ignore.d.server'
+maybe chmod 0644 'logcheck/ignore.d.server/clamav-daemon'
+maybe chmod 0644 'logcheck/ignore.d.server/clamav-freshclam'
+maybe chmod 0644 'logcheck/ignore.d.server/mariadb-server-10_0'
+maybe chmod 0644 'logcheck/ignore.d.server/rsyslog'
+maybe chmod 0755 'logcheck/ignore.d.workstation'
+maybe chmod 0644 'logcheck/ignore.d.workstation/mariadb-server-10_0'
+maybe chmod 0644 'login.defs'
+maybe chmod 0644 'logrotate.conf'
+maybe chmod 0755 'logrotate.d'
+maybe chmod 0644 'logrotate.d/apt'
+maybe chmod 0644 'logrotate.d/aptitude'
+maybe chmod 0644 'logrotate.d/chrony'
+maybe chmod 0644 'logrotate.d/clamav-daemon'
+maybe chmod 0644 'logrotate.d/clamav-freshclam'
+maybe chmod 0644 'logrotate.d/dovecot'
+maybe chmod 0644 'logrotate.d/dpkg'
+maybe chmod 0644 'logrotate.d/fail2ban'
+maybe chmod 0644 'logrotate.d/mail'
+maybe chmod 0644 'logrotate.d/mysql-server'
+maybe chmod 0644 'logrotate.d/nginx'
+maybe chmod 0644 'logrotate.d/php5-fpm'
+maybe chmod 0644 'logrotate.d/rsyslog'
+maybe chmod 0644 'logrotate.d/salt-common'
+maybe chmod 0644 'logrotate.d/ulogd2'
+maybe chmod 0644 'logrotate.d/uwsgi'
+maybe chmod 0755 'logwatch'
+maybe chmod 0755 'logwatch/conf'
+maybe chmod 0755 'logwatch/conf/logfiles'
+maybe chmod 0644 'logwatch/conf/logfiles/cron.conf'
+maybe chmod 0644 'logwatch/conf/logfiles/daemon.conf'
+maybe chmod 0644 'logwatch/conf/logfiles/fail2ban.conf'
+maybe chmod 0644 'logwatch/conf/logfiles/maillog.conf'
+maybe chmod 0644 'logwatch/conf/logfiles/secure.conf'
+maybe chmod 0644 'logwatch/conf/logfiles/syslog.conf'
+maybe chmod 0755 'logwatch/conf/services'
+maybe chmod 0755 'logwatch/scripts'
+maybe chmod 0755 'logwatch/scripts/services'
+maybe chmod 0755 'lvm'
+maybe chmod 0700 'lvm/backup'
+maybe chmod 0600 'lvm/backup/vg00'
+maybe chmod 0644 'lvm/lvm.conf'
+maybe chmod 0444 'machine-id'
+maybe chmod 0644 'magic'
+maybe chmod 0644 'magic.mime'
+maybe chmod 0755 'mail'
+maybe chmod 0644 'mailcap'
+maybe chmod 0644 'mailcap.order'
+maybe chmod 0644 'mailname'
+maybe chmod 0644 'manpath.config'
+maybe chmod 0644 'mime.types'
+maybe chmod 0644 'mke2fs.conf'
+maybe chmod 0755 'modprobe.d'
+maybe chmod 0644 'modprobe.d/fbdev-blacklist.conf'
+maybe chmod 0644 'modules'
+maybe chmod 0755 'modules-load.d'
+maybe chmod 0644 'motd'
+maybe chmod 0755 'mysql'
+maybe chmod 0755 'mysql/conf.d'
+maybe chmod 0644 'mysql/conf.d/.keepme'
+maybe chmod 0644 'mysql/conf.d/mariadb.cnf'
+maybe chmod 0644 'mysql/conf.d/mysqld_safe_syslog.cnf'
+maybe chmod 0644 'mysql/conf.d/tokudb.cnf'
+maybe chmod 0755 'mysql/debian-start'
+maybe chmod 0600 'mysql/debian.cnf'
+maybe chmod 0644 'mysql/my.cnf'
+maybe chmod 0644 'mysql/my.cnf.2016.07.20.08.58.54'
+maybe chmod 0644 'nail.rc'
+maybe chmod 0644 'nanorc'
+maybe chmod 0755 'network'
+maybe chmod 0755 'network/if-down.d'
+maybe chmod 0755 'network/if-down.d/clamav-freshclam-ifupdown'
+maybe chmod 0755 'network/if-down.d/postfix'
+maybe chmod 0755 'network/if-down.d/upstart'
+maybe chmod 0755 'network/if-post-down.d'
+maybe chmod 0755 'network/if-pre-up.d'
+maybe chmod 0755 'network/if-up.d'
+maybe chmod 0755 'network/if-up.d/clamav-freshclam-ifupdown'
+maybe chmod 0755 'network/if-up.d/mountnfs'
+maybe chmod 0755 'network/if-up.d/openssh-server'
+maybe chmod 0755 'network/if-up.d/postfix'
+maybe chmod 0755 'network/if-up.d/upstart'
+maybe chmod 0644 'network/interfaces'
+maybe chmod 0755 'network/interfaces.d'
+maybe chmod 0644 'networks'
+maybe chmod 0755 'newt'
+maybe chmod 0644 'newt/palette.original'
+maybe chmod 0755 'nginx'
+maybe chmod 0755 'nginx/conf.d'
+maybe chmod 0644 'nginx/conf.d/00-default.conf'
+maybe chmod 0644 'nginx/fastcgi.conf'
+maybe chmod 0644 'nginx/fastcgi_params'
+maybe chmod 0644 'nginx/koi-utf'
+maybe chmod 0644 'nginx/koi-win'
+maybe chmod 0644 'nginx/mime.types'
+maybe chmod 0644 'nginx/nginx.conf'
+maybe chmod 0644 'nginx/nginx.conf.2016.07.20.08.58.54'
+maybe chmod 0644 'nginx/proxy_params'
+maybe chmod 0644 'nginx/scgi_params'
+maybe chmod 0755 'nginx/sites-available'
+maybe chmod 0644 'nginx/sites-available/default'
+maybe chmod 0755 'nginx/sites-enabled'
+maybe chmod 0755 'nginx/snippets'
+maybe chmod 0644 'nginx/snippets/fastcgi-php.conf'
+maybe chmod 0644 'nginx/snippets/snakeoil.conf'
+maybe chmod 0755 'nginx/templates'
+maybe chmod 0644 'nginx/templates/hsts.tmpl'
+maybe chmod 0644 'nginx/templates/iredadmin.tmpl'
+maybe chmod 0644 'nginx/templates/misc.tmpl'
+maybe chmod 0644 'nginx/templates/php-catchall.tmpl'
+maybe chmod 0644 'nginx/templates/redirect_to_https.tmpl'
+maybe chmod 0644 'nginx/templates/roundcube.tmpl'
+maybe chmod 0644 'nginx/templates/sogo.tmpl'
+maybe chmod 0644 'nginx/uwsgi_params'
+maybe chmod 0644 'nginx/win-utf'
+maybe chmod 0644 'nsswitch.conf'
+maybe chmod 0755 'opt'
+maybe chmod 0644 'pam.conf'
+maybe chmod 0755 'pam.d'
+maybe chmod 0644 'pam.d/atd'
+maybe chmod 0644 'pam.d/chfn'
+maybe chmod 0644 'pam.d/chpasswd'
+maybe chmod 0644 'pam.d/chsh'
+maybe chmod 0644 'pam.d/common-account'
+maybe chmod 0644 'pam.d/common-auth'
+maybe chmod 0644 'pam.d/common-password'
+maybe chmod 0644 'pam.d/common-session'
+maybe chmod 0644 'pam.d/common-session-noninteractive'
+maybe chmod 0644 'pam.d/cron'
+maybe chmod 0644 'pam.d/dovecot'
+maybe chmod 0644 'pam.d/login'
+maybe chmod 0644 'pam.d/newusers'
+maybe chmod 0644 'pam.d/other'
+maybe chmod 0644 'pam.d/passwd'
+maybe chmod 0644 'pam.d/runuser'
+maybe chmod 0644 'pam.d/runuser-l'
+maybe chmod 0644 'pam.d/sshd'
+maybe chmod 0644 'pam.d/su'
+maybe chmod 0644 'pam.d/sudo'
+maybe chmod 0644 'pam.d/systemd-user'
+maybe chmod 0644 'passwd'
+maybe chmod 0600 'passwd-'
+maybe chmod 0755 'perl'
+maybe chmod 0755 'perl/CPAN'
+maybe chmod 0755 'perl/Net'
+maybe chmod 0644 'perl/Net/libnet.cfg'
+maybe chmod 0755 'php5'
+maybe chmod 0755 'php5/cli'
+maybe chmod 0755 'php5/cli/conf.d'
+maybe chmod 0644 'php5/cli/php.ini'
+maybe chmod 0755 'php5/fpm'
+maybe chmod 0755 'php5/fpm/conf.d'
+maybe chmod 0644 'php5/fpm/php-fpm.conf'
+maybe chmod 0644 'php5/fpm/php.ini'
+maybe chmod 0644 'php5/fpm/php.ini.2016.07.20.08.58.54'
+maybe chmod 0755 'php5/fpm/pool.d'
+maybe chmod 0644 'php5/fpm/pool.d/www.conf'
+maybe chmod 0644 'php5/fpm/pool.d/www.conf.2016.07.20.08.58.54'
+maybe chmod 0755 'php5/mods-available'
+maybe chmod 0644 'php5/mods-available/curl.ini'
+maybe chmod 0644 'php5/mods-available/gd.ini'
+maybe chmod 0644 'php5/mods-available/intl.ini'
+maybe chmod 0644 'php5/mods-available/json.ini'
+maybe chmod 0644 'php5/mods-available/mcrypt.ini'
+maybe chmod 0644 'php5/mods-available/mysql.ini'
+maybe chmod 0644 'php5/mods-available/mysqli.ini'
+maybe chmod 0644 'php5/mods-available/opcache.ini'
+maybe chmod 0644 'php5/mods-available/pdo.ini'
+maybe chmod 0644 'php5/mods-available/pdo_mysql.ini'
+maybe chmod 0755 'postfix'
+maybe chmod 0644 'postfix/aliases'
+maybe chmod 0644 'postfix/aliases.db'
+maybe chgrp 'postfix' 'postfix/body_checks.pcre'
+maybe chmod 0640 'postfix/body_checks.pcre'
+maybe chmod 0755 'postfix/disclaimer'
+maybe chmod 0644 'postfix/disclaimer/default.txt'
+maybe chmod 0644 'postfix/dynamicmaps.cf'
+maybe chgrp 'postfix' 'postfix/header_checks'
+maybe chmod 0640 'postfix/header_checks'
+maybe chgrp 'postfix' 'postfix/helo_access.pcre'
+maybe chmod 0640 'postfix/helo_access.pcre'
+maybe chmod 0640 'postfix/helo_access.pcre.2016.07.20.08.58.54'
+maybe chmod 0644 'postfix/main.cf'
+maybe chmod 0644 'postfix/main.cf.2016.07.20.08.58.54'
+maybe chmod 0644 'postfix/main.cf.2016.07.20.09.03.50'
+maybe chmod 0644 'postfix/master.cf'
+maybe chmod 0644 'postfix/master.cf.2016.07.20.08.58.54'
+maybe chmod 0644 'postfix/master.cf.2016.07.20.09.03.50'
+maybe chmod 0755 'postfix/mysql'
+maybe chgrp 'postfix' 'postfix/mysql/catchall_maps.cf'
+maybe chmod 0640 'postfix/mysql/catchall_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/domain_alias_catchall_maps.cf'
+maybe chmod 0640 'postfix/mysql/domain_alias_catchall_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/domain_alias_maps.cf'
+maybe chmod 0640 'postfix/mysql/domain_alias_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/recipient_bcc_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/recipient_bcc_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/recipient_bcc_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/recipient_bcc_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/relay_domains.cf'
+maybe chmod 0640 'postfix/mysql/relay_domains.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_bcc_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/sender_bcc_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_bcc_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/sender_bcc_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_dependent_relayhost_maps.cf'
+maybe chmod 0640 'postfix/mysql/sender_dependent_relayhost_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/sender_login_maps.cf'
+maybe chmod 0640 'postfix/mysql/sender_login_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/transport_maps_domain.cf'
+maybe chmod 0640 'postfix/mysql/transport_maps_domain.cf'
+maybe chgrp 'postfix' 'postfix/mysql/transport_maps_user.cf'
+maybe chmod 0640 'postfix/mysql/transport_maps_user.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_alias_maps.cf'
+maybe chmod 0640 'postfix/mysql/virtual_alias_maps.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_mailbox_domains.cf'
+maybe chmod 0640 'postfix/mysql/virtual_mailbox_domains.cf'
+maybe chgrp 'postfix' 'postfix/mysql/virtual_mailbox_maps.cf'
+maybe chmod 0640 'postfix/mysql/virtual_mailbox_maps.cf'
+maybe chmod 0755 'postfix/post-install'
+maybe chmod 0644 'postfix/postfix-files'
+maybe chmod 0755 'postfix/postfix-script'
+maybe chmod 0644 'postfix/postscreen_access.cidr'
+maybe chmod 0644 'postfix/postscreen_dnsbl_reply'
+maybe chmod 0755 'postfix/sasl'
+maybe chgrp 'postfix' 'postfix/sender_access.pcre'
+maybe chmod 0640 'postfix/sender_access.pcre'
+maybe chmod 0755 'ppp'
+maybe chmod 0755 'ppp/ip-down.d'
+maybe chmod 0755 'ppp/ip-down.d/chrony'
+maybe chmod 0755 'ppp/ip-down.d/clamav-freshclam-ifupdown'
+maybe chmod 0755 'ppp/ip-down.d/postfix'
+maybe chmod 0755 'ppp/ip-up.d'
+maybe chmod 0755 'ppp/ip-up.d/chrony'
+maybe chmod 0755 'ppp/ip-up.d/clamav-freshclam-ifupdown'
+maybe chmod 0755 'ppp/ip-up.d/postfix'
+maybe chmod 0644 'profile'
+maybe chmod 0755 'profile.d'
+maybe chmod 0644 'profile.d/bash_completion.sh'
+maybe chmod 0644 'profile.d/fbrehm.sh'
+maybe chmod 0644 'protocols'
+maybe chmod 0755 'python'
+maybe chmod 0644 'python/debian_config'
+maybe chmod 0755 'python2.7'
+maybe chmod 0644 'python2.7/sitecustomize.py'
+maybe chmod 0755 'python3'
+maybe chmod 0755 'python3.4'
+maybe chmod 0644 'python3.4/sitecustomize.py'
+maybe chmod 0644 'python3/debian_config'
+maybe chmod 0755 'rc.local'
+maybe chmod 0755 'rc0.d'
+maybe chmod 0644 'rc0.d/README'
+maybe chmod 0755 'rc1.d'
+maybe chmod 0644 'rc1.d/README'
+maybe chmod 0755 'rc2.d'
+maybe chmod 0644 'rc2.d/README'
+maybe chmod 0755 'rc3.d'
+maybe chmod 0644 'rc3.d/README'
+maybe chmod 0755 'rc4.d'
+maybe chmod 0644 'rc4.d/README'
+maybe chmod 0755 'rc5.d'
+maybe chmod 0644 'rc5.d/README'
+maybe chmod 0755 'rc6.d'
+maybe chmod 0644 'rc6.d/README'
+maybe chmod 0755 'rcS.d'
+maybe chmod 0644 'rcS.d/README'
+maybe chmod 0644 'rearj.cfg'
+maybe chmod 0644 'resolv.conf'
+maybe chmod 0755 'resolvconf'
+maybe chmod 0755 'resolvconf/update-libc.d'
+maybe chmod 0755 'resolvconf/update-libc.d/postfix'
+maybe chmod 0755 'rmt'
+maybe chmod 0644 'rpc'
+maybe chmod 0644 'rsyslog.conf'
+maybe chmod 0755 'rsyslog.d'
+maybe chmod 0644 'rsyslog.d/60-default.conf'
+maybe chmod 0644 'rsyslog.d/60-mail.conf'
+maybe chmod 0644 'rsyslog.d/70-pb.conf'
+maybe chmod 0644 'rsyslog.d/postfix.conf'
+maybe chmod 0755 'salt'
+maybe chmod 0644 'salt/minion'
+maybe chmod 0755 'salt/minion.d'
+maybe chmod 0644 'salt/minion.d/_schedule.conf'
+maybe chmod 0644 'salt/minion_id'
+maybe chmod 0755 'salt/pki'
+maybe chmod 0700 'salt/pki/minion'
+maybe chmod 0400 'salt/pki/minion/minion.pem'
+maybe chmod 0644 'salt/pki/minion/minion.pub'
+maybe chmod 0644 'salt/pki/minion/minion_master.pub'
+maybe chmod 0644 'salt/proxy'
+maybe chmod 0644 'securetty'
+maybe chmod 0755 'security'
+maybe chmod 0644 'security/access.conf'
+maybe chmod 0644 'security/group.conf'
+maybe chmod 0644 'security/limits.conf'
+maybe chmod 0755 'security/limits.d'
+maybe chmod 0644 'security/namespace.conf'
+maybe chmod 0755 'security/namespace.d'
+maybe chmod 0755 'security/namespace.init'
+maybe chmod 0600 'security/opasswd'
+maybe chmod 0644 'security/pam_env.conf'
+maybe chmod 0644 'security/sepermit.conf'
+maybe chmod 0644 'security/time.conf'
+maybe chmod 0755 'selinux'
+maybe chmod 0644 'selinux/semanage.conf'
+maybe chmod 0644 'services'
+maybe chmod 0755 'sgml'
+maybe chmod 0644 'sgml/xml-core.cat'
+maybe chgrp 'shadow' 'shadow'
+maybe chmod 0640 'shadow'
+maybe chmod 0600 'shadow-'
+maybe chmod 0644 'shells'
+maybe chmod 0755 'skel'
+maybe chmod 0644 'skel/.bash_logout'
+maybe chmod 0644 'skel/.bashrc'
+maybe chmod 0644 'skel/.profile'
+maybe chmod 0644 'smi.conf'
+maybe chmod 0755 'spamassassin'
+maybe chmod 0644 'spamassassin/65_debian.cf'
+maybe chmod 0644 'spamassassin/init.pre'
+maybe chmod 0644 'spamassassin/local.cf'
+maybe chmod 0644 'spamassassin/local.cf.2016.07.20.08.58.54'
+maybe chmod 0755 'spamassassin/sa-update-hooks.d'
+maybe chmod 0755 'spamassassin/sa-update-hooks.d/amavisd-new'
+maybe chmod 0644 'spamassassin/v310.pre'
+maybe chmod 0644 'spamassassin/v312.pre'
+maybe chmod 0644 'spamassassin/v320.pre'
+maybe chmod 0644 'spamassassin/v330.pre'
+maybe chmod 0644 'spamassassin/v340.pre'
+maybe chmod 0755 'ssh'
+maybe chmod 0644 'ssh/moduli'
+maybe chmod 0644 'ssh/ssh_config'
+maybe chmod 0600 'ssh/ssh_host_dsa_key'
+maybe chmod 0644 'ssh/ssh_host_dsa_key.pub'
+maybe chmod 0600 'ssh/ssh_host_ecdsa_key'
+maybe chmod 0644 'ssh/ssh_host_ecdsa_key.pub'
+maybe chmod 0600 'ssh/ssh_host_ed25519_key'
+maybe chmod 0644 'ssh/ssh_host_ed25519_key.pub'
+maybe chmod 0600 'ssh/ssh_host_rsa_key'
+maybe chmod 0644 'ssh/ssh_host_rsa_key.pub'
+maybe chmod 0644 'ssh/sshd_config'
+maybe chmod 0755 'ssl'
+maybe chmod 0755 'ssl/certs'
+maybe chmod 0644 'ssl/certs/ca-certificates.crt'
+maybe chmod 0644 'ssl/certs/iRedMail.crt'
+maybe chmod 0644 'ssl/certs/ssl-cert-snakeoil.pem'
+maybe chmod 0644 'ssl/dh2048_param.pem'
+maybe chmod 0644 'ssl/dh512_param.pem'
+maybe chmod 0644 'ssl/openssl.cnf'
+maybe chgrp 'ssl-cert' 'ssl/private'
+maybe chmod 0710 'ssl/private'
+maybe chmod 0644 'ssl/private/iRedMail.key'
+maybe chgrp 'ssl-cert' 'ssl/private/ssl-cert-snakeoil.key'
+maybe chmod 0640 'ssl/private/ssl-cert-snakeoil.key'
+maybe chmod 0644 'staff-group-for-usr-local'
+maybe chmod 0644 'subgid'
+maybe chmod 0600 'subgid-'
+maybe chmod 0644 'subuid'
+maybe chmod 0600 'subuid-'
+maybe chmod 0440 'sudoers'
+maybe chmod 0755 'sudoers.d'
+maybe chmod 0440 'sudoers.d/README'
+maybe chmod 0644 'sysctl.conf'
+maybe chmod 0755 'sysctl.d'
+maybe chmod 0644 'sysctl.d/README.sysctl'
+maybe chmod 0755 'systemd'
+maybe chmod 0644 'systemd/bootchart.conf'
+maybe chmod 0644 'systemd/journald.conf'
+maybe chmod 0644 'systemd/logind.conf'
+maybe chmod 0755 'systemd/network'
+maybe chmod 0755 'systemd/ntp-units.d'
+maybe chmod 0644 'systemd/resolved.conf'
+maybe chmod 0755 'systemd/system'
+maybe chmod 0644 'systemd/system.conf'
+maybe chmod 0755 'systemd/system/clamav-daemon.socket.d'
+maybe chmod 0644 'systemd/system/clamav-daemon.socket.d/extend.conf'
+maybe chmod 0755 'systemd/system/default.target.wants'
+maybe chmod 0755 'systemd/system/getty.target.wants'
+maybe chmod 0755 'systemd/system/halt.target.wants'
+maybe chmod 0755 'systemd/system/local-fs.target.wants'
+maybe chmod 0755 'systemd/system/multi-user.target.wants'
+maybe chmod 0755 'systemd/system/paths.target.wants'
+maybe chmod 0755 'systemd/system/poweroff.target.wants'
+maybe chmod 0755 'systemd/system/reboot.target.wants'
+maybe chmod 0755 'systemd/system/sockets.target.wants'
+maybe chmod 0755 'systemd/system/sysinit.target.wants'
+maybe chmod 0644 'systemd/timesyncd.conf'
+maybe chmod 0755 'systemd/user'
+maybe chmod 0644 'systemd/user.conf'
+maybe chmod 0755 'terminfo'
+maybe chmod 0644 'terminfo/README'
+maybe chmod 0644 'timezone'
+maybe chmod 0755 'tmpfiles.d'
+maybe chmod 0644 'ucf.conf'
+maybe chmod 0755 'udev'
+maybe chmod 0755 'udev/hwdb.d'
+maybe chmod 0755 'udev/rules.d'
+maybe chmod 0644 'udev/rules.d/80-cpu-hotplug.rules'
+maybe chmod 0644 'udev/rules.d/90-memory-hotplug.rules'
+maybe chmod 0644 'udev/udev.conf'
+maybe chmod 0755 'ufw'
+maybe chmod 0755 'ufw/applications.d'
+maybe chmod 0644 'ufw/applications.d/nginx'
+maybe chmod 0644 'ufw/applications.d/openssh-server'
+maybe chmod 0644 'ufw/applications.d/postfix'
+maybe chmod 0600 'ulogd.conf'
+maybe chmod 0644 'updatedb.conf'
+maybe chmod 0755 'uwsgi'
+maybe chmod 0755 'uwsgi/apps-available'
+maybe chmod 0644 'uwsgi/apps-available/README'
+maybe chmod 0644 'uwsgi/apps-available/iredadmin.ini'
+maybe chmod 0755 'uwsgi/apps-enabled'
+maybe chmod 0644 'uwsgi/apps-enabled/README'
+maybe chmod 0755 'vim'
+maybe chmod 0644 'vim/vimrc'
+maybe chmod 0644 'vim/vimrc.local'
+maybe chmod 0644 'vim/vimrc.tiny'
+maybe chmod 0644 'wgetrc'
+maybe chmod 0755 'wireshark'
+maybe chmod 0644 'wireshark/init.lua'
+maybe chmod 0755 'xdg'
+maybe chmod 0755 'xdg/systemd'
+maybe chmod 0755 'xml'
+maybe chmod 0644 'xml/catalog'
+maybe chmod 0644 'xml/xml-core.xml'
+maybe chmod 0755 'zsh'
+maybe chmod 0644 'zsh/newuser.zshrc.recommended'
+maybe chmod 0644 'zsh/zlogin'
+maybe chmod 0644 'zsh/zlogout'
+maybe chmod 0644 'zsh/zprofile'
+maybe chmod 0644 'zsh/zshenv'
+maybe chmod 0644 'zsh/zshrc'
--- /dev/null
+# begin section managed by etckeeper (do not edit this section by hand)
+
+# new and old versions of conffiles, stored by dpkg
+*.dpkg-*
+# new and old versions of conffiles, stored by ucf
+*.ucf-*
+
+# old versions of files
+*.old
+
+# mount(8) records system state here, no need to store these
+blkid.tab
+blkid.tab.old
+
+# some other files in /etc that typically do not need to be tracked
+nologin
+ld.so.cache
+prelink.cache
+mtab
+mtab.fuselock
+.pwd.lock
+*.LOCK
+network/run
+adjtime
+lvm/cache
+lvm/archive
+X11/xdm/authdir/authfiles/*
+ntp.conf.dhcp
+.initctl
+webmin/fsdump/*.status
+webmin/webmin/oscache
+apparmor.d/cache/*
+service/*/supervise/*
+service/*/log/supervise/*
+sv/*/supervise/*
+sv/*/log/supervise/*
+*.elc
+*.pyc
+*.pyo
+init.d/.depend.*
+openvpn/openvpn-status.log
+cups/subscriptions.conf
+cups/subscriptions.conf.O
+fake-hwclock.data
+check_mk/logwatch.state
+
+# editor temp files
+*~
+.*.sw?
+.sw?
+\#*\#
+DEADJOE
+
+# end section managed by etckeeper
--- /dev/null
+event=button[ /]power
+action=/etc/acpi/powerbtn-acpi-support.sh
--- /dev/null
+#!/bin/sh
+
+# This script initiates a shutdown when the power putton has been
+# pressed. Loosely based on the sample that ships with the acpid package.
+# If the acpid sample is present as a real config file (as it was in earlier
+# versions of acpid), we skip this script. (Purging and reinstalling acpid
+# resolves this situation, or simply deleting /etc/acpi/events/powerbtn.)
+
+if [ -f /etc/acpi/events/powerbtn -o -f /etc/acpi/events/powerbtn.dpkg-bak ] ; then
+ logger Acpi-support not handling power button, acpid handler exists at /etc/acpi/events/powerbtn or /etc/acpi/events/powerbtn.dpkg-bak.
+ exit 0
+fi
+
+[ -e /usr/share/acpi-support/policy-funcs ] || exit 0
+
+. /usr/share/acpi-support/policy-funcs
+
+if { CheckPolicy || HasLogindAndSystemd1Manager; }; then
+ exit 0
+fi
+
+if [ -x /etc/acpi/powerbtn.sh ] ; then
+ # Compatibility with old config script from acpid package
+ /etc/acpi/powerbtn.sh
+elif [ -x /etc/acpi/powerbtn.sh.dpkg-bak ] ; then
+ # Compatibility with old config script from acpid package
+ # which is still around because it was changed by the admin
+ /etc/acpi/powerbtn.sh.dpkg-bak
+else
+ # Normal handling.
+ /sbin/shutdown -h -P now "Power button pressed"
+fi
+
--- /dev/null
+# /etc/adduser.conf: `adduser' configuration.
+# See adduser(8) and adduser.conf(5) for full documentation.
+
+# The DSHELL variable specifies the default login shell on your
+# system.
+DSHELL=/bin/bash
+
+# The DHOME variable specifies the directory containing users' home
+# directories.
+DHOME=/home
+
+# If GROUPHOMES is "yes", then the home directories will be created as
+# /home/groupname/user.
+GROUPHOMES=no
+
+# If LETTERHOMES is "yes", then the created home directories will have
+# an extra directory - the first letter of the user name. For example:
+# /home/u/user.
+LETTERHOMES=no
+
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+
+# FIRST_SYSTEM_[GU]ID to LAST_SYSTEM_[GU]ID inclusive is the range for UIDs
+# for dynamically allocated administrative and system accounts/groups.
+# Please note that system software, such as the users allocated by the base-passwd
+# package, may assume that UIDs less than 100 are unallocated.
+FIRST_SYSTEM_UID=100
+LAST_SYSTEM_UID=999
+
+FIRST_SYSTEM_GID=100
+LAST_SYSTEM_GID=999
+
+# FIRST_[GU]ID to LAST_[GU]ID inclusive is the range of UIDs of dynamically
+# allocated user accounts/groups.
+FIRST_UID=1000
+LAST_UID=29999
+
+FIRST_GID=1000
+LAST_GID=29999
+
+# The USERGROUPS variable can be either "yes" or "no". If "yes" each
+# created user will be given their own group to use as a default. If
+# "no", each created user will be placed in the group whose gid is
+# USERS_GID (see below).
+USERGROUPS=yes
+
+# If USERGROUPS is "no", then USERS_GID should be the GID of the group
+# `users' (or the equivalent group) on your system.
+USERS_GID=100
+
+# If DIR_MODE is set, directories will be created with the specified
+# mode. Otherwise the default mode 0755 will be used.
+DIR_MODE=0755
+
+# If SETGID_HOME is "yes" home directories for users with their own
+# group the setgid bit will be set. This was the default for
+# versions << 3.13 of adduser. Because it has some bad side effects we
+# no longer do this per default. If you want it nevertheless you can
+# still set it here.
+SETGID_HOME=no
+
+# If QUOTAUSER is set, a default quota will be set from that user with
+# `edquota -p QUOTAUSER newuser'
+QUOTAUSER=""
+
+# If SKEL_IGNORE_REGEX is set, adduser will ignore files matching this
+# regular expression when creating a new home directory
+SKEL_IGNORE_REGEX="dpkg-(old|new|dist|save)"
+
+# Set this if you want the --add_extra_groups option to adduser to add
+# new users to other groups.
+# This is the list of groups that new non-system users will be added to
+# Default:
+#EXTRA_GROUPS="dialout cdrom floppy audio video plugdev users"
+
+# If ADD_EXTRA_GROUPS is set to something non-zero, the EXTRA_GROUPS
+# option above will be default behavior for adding new, non-system users
+#ADD_EXTRA_GROUPS=1
+
+
+# check user and group names also against this regular expression.
+#NAME_REGEX="^[a-z][-a-z0-9_]*\$"
--- /dev/null
+postfix/aliases
\ No newline at end of file
--- /dev/null
+/usr/bin/heirloom-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/heirloom-mailx.1.gz
\ No newline at end of file
--- /dev/null
+Please read the update-alternatives(8) man page for information on this
+directory and its contents.
--- /dev/null
+/usr/bin/aptitude-curses
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/cs/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/de/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/es/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fi/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/gl/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man8/aptitude-curses.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/mawk
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mawk.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man7/bash-builtins.7.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/figlet-figlet
\ No newline at end of file
--- /dev/null
+/usr/share/man/man6/figlet-figlet.6.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-from
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-from.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/netkit-ftp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/netkit-ftp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/lft.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/lft.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/mlocate
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mlocate.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzcat
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzcat.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzcmp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzcmp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzdiff
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzdiff.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzegrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzegrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzfgrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzfgrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzgrep
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzgrep.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzless
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzless.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xz.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/xzmore
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/xzmore.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/heirloom-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/heirloom-mailx.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/heirloom-mailx
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/heirloom-mailx.1.gz
\ No newline at end of file
--- /dev/null
+/bin/mt-gnu
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mt-gnu.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/mawk
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/mawk.1.gz
\ No newline at end of file
--- /dev/null
+/bin/nc.traditional
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nc.traditional.1.gz
\ No newline at end of file
--- /dev/null
+/bin/nc.traditional
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nc.traditional.1.gz
\ No newline at end of file
--- /dev/null
+/bin/less
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/less.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/phar5
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/phar5.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/php5
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/php5.1.gz
\ No newline at end of file
--- /dev/null
+/bin/nano
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/nano.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/scp
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/scp.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/file-rename
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/file-rename.1p.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/slogin
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/slogin.1.gz
\ No newline at end of file
--- /dev/null
+/usr/sbin/rmt-tar
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/rmt-tar.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/ssh
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/ssh.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/zsh.1.gz
\ No newline at end of file
--- /dev/null
+/usr/sbin/tcptraceroute.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man8/tcptraceroute.db.8.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceproto.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceproto.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceroute.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute.db
\ No newline at end of file
--- /dev/null
+/usr/bin/traceroute6.db
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/traceroute6.db.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/unxz
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/unxz.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/unrar-free
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/unrar-free.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/updatedb.mlocate
\ No newline at end of file
--- /dev/null
+/usr/bin/uwsgi-core
\ No newline at end of file
--- /dev/null
+/usr/lib/uwsgi/plugins/python27_plugin.so
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/uwsgi-core.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/uwsgi-core
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/uwsgi_python27.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/fr/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/it/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ja/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/pl/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/share/man/ru/man1/vim.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/vim.basic
\ No newline at end of file
--- /dev/null
+/usr/bin/w.procps
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/w.procps.1.gz
\ No newline at end of file
--- /dev/null
+/usr/bin/bsd-write
\ No newline at end of file
--- /dev/null
+/usr/share/man/man1/bsd-write.1.gz
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+/bin/zsh5
\ No newline at end of file
--- /dev/null
+$Id: README.l10n 742 2005-12-26 17:15:22Z hmh $
+
+First of all, read /usr/share/doc/amavisd-new/README.customize.gz
+
+Amavisd-new is UTF8-aware, and it will do character-set conversion when dealing
+with DSN templates. The full unicode codespace is available, if used with the
+proper encodings... and you have to use the proper encodings if you don't want
+your DSNs to be flagged as more charset-challenged SPAM by other systems.
+
+ALWAYS respect the charset when adding l10n files.
+
+Amavisd-new does charset conversion twice: one when reading the text files with
+localized templates (to internal perl UTF8), and another when writing the email
+notification (from internal perl UTF8 to $hdr_encoding and $bdy_encoding).
+
+Headers will be RFC2047-encoded if they have any codepoints not allowed by
+RFC2822 after the charset conversions. The body text charset encoding is
+inserted in the proper MIME header.
+
+More details are available in /usr/share/doc/amavisd-new/RELEASE_NOTES.gz
+
--- /dev/null
+use strict;
+
+# ADMINISTRATORS:
+# Debian suggests that any changes you need to do that should never
+# be "updated" by the Debian package should be made in another file,
+# overriding the settings in this file.
+#
+# The package will *not* overwrite your settings, but by keeping
+# them separate, you will make the task of merging changes on these
+# configuration files much simpler...
+
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
+# a list of all variables with their defaults;
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
+# a traditional-style commented file
+# [note: the above files were not converted to Debian settings!]
+#
+# for more details see documentation in /usr/share/doc/amavisd-new
+# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
+
+
+# SETTINGS RARELY MODIFIED BY THE LOCAL ADMIN
+
+$ENV{PATH} = $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
+$file = 'file';
+$gzip = 'gzip';
+$bzip2 = 'bzip2';
+$lzop = 'lzop';
+$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
+$cabextract = 'cabextract';
+$uncompress = ['uncompress', 'gzip -d', 'zcat'];
+#$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat']; #disabled (non-free, no security support)
+$unfreeze = undef;
+$arc = ['nomarch', 'arc'];
+$unarj = ['arj', 'unarj'];
+#$unrar = ['rar', 'unrar']; #disabled (non-free, no security support)
+$unrar = ['unrar-free'];
+$zoo = 'zoo';
+$lha = 'lha';
+$lha = undef;
+$pax = 'pax';
+$cpio = 'cpio';
+$ar = 'ar';
+$ripole = 'ripole';
+$dspam = 'dspam';
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# $mydomain is used just for convenience in the config files and it is not
+# used internally by amavisd-new except in the default X_HEADER_LINE (which
+# Debian overrides by default anyway).
+
+chomp($mydomain = `head -n 1 /etc/mailname`);
+
+# amavisd-new needs to know which email domains are to be considered local
+# to the administrative domain. Only emails to "local" domains are subject
+# to certain functionality, such as the addition of spam tags.
+#
+# Default local domains to $mydomain and all subdomains. Remember to
+# override or redefine this if $mydomain is changed later in the config
+# sequence.
+
+@local_domains_acl = ( ".$mydomain" );
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# $myhostname is used by amavisd-new for node identification, and it is
+# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
+
+chomp($myhostname = `hostname --fqdn`);
+
+# To manually set $myhostname, edit the following line with the correct Fully
+# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
+#
+#$myhostname = "mail.example.com";
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+##
+## AV Scanners (Debian version)
+##
+
+@av_scanners = (
+
+# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/)
+# ['Sophie',
+# \&ask_daemon, ["{}/\n", '/var/run/sophie'],
+# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m,
+# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ],
+
+# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
+# ['Sophos SAVI', \&sophos_savi ],
+
+### http://www.clamav.net/
+ ['ClamAV-clamd',
+ \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
+ qr/\bOK$/m, qr/\bFOUND$/m,
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+# NOTE: run clamd under the same user as amavisd, or run it under its own
+# uid such as clamav, add user clamav to the amavis group, and then add
+# AllowSupplementaryGroups to clamd.conf;
+# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
+# this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
+
+# ### http://www.openantivirus.org/
+# ['OpenAntiVirus ScannerDaemon (OAV)',
+# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
+# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ],
+
+# ### http://www.vanja.com/tools/trophie/
+# ['Trophie',
+# \&ask_daemon, ["{}/\n", '/var/run/trophie'],
+# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m,
+# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ],
+
+# ### http://www.grisoft.com/
+# ['AVG Anti-Virus',
+# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'],
+# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ],
+
+# ### http://www.f-prot.com/
+# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6
+# \&ask_daemon,
+# ["SCAN FILE {}/*\n", '127.0.0.1:10200'],
+# qr/^(0|8|64) /m,
+# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m,
+# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ],
+
+# ### http://www.f-prot.com/
+# ['F-Prot f-protd', # old version
+# \&ask_daemon,
+# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n",
+# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202',
+# '127.0.0.1:10203', '127.0.0.1:10204'] ],
+# qr/(?i)<summary[^>]*>clean<\/summary>/m,
+# qr/(?i)<summary[^>]*>infected<\/summary>/m,
+# qr/(?i)<name>(.+)<\/name>/m ],
+
+# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/
+# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later
+# [pack('N',1). # DRWEBD_SCAN_CMD
+# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES
+# pack('N', # path length
+# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")).
+# '{}/*'. # path
+# pack('N',0). # content size
+# pack('N',0),
+# '/var/drweb/run/drwebd.sock',
+# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot
+# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default
+# # '127.0.0.1:3000', # or over an inet socket
+# ],
+# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED
+# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF
+# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm,
+# ],
+# # NOTE: If using amavis-milter, change length to:
+# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx").
+
+ ### http://www.kaspersky.com/ (kav4mailservers)
+ ['KasperskyLab AVP - aveclient',
+ ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
+ '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'],
+ '-p /var/run/aveserver -s {}/*',
+ [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m,
+ qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m,
+ ],
+ # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious,
+ # currupted or protected archives are to be handled
+
+ ### http://www.kaspersky.com/
+ ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
+ '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
+ qr/infected: (.+)/m,
+ sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
+ sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
+ ],
+
+ ### The kavdaemon and AVPDaemonClient have been removed from Kasperky
+ ### products and replaced by aveserver and aveclient
+ ['KasperskyLab AVPDaemonClient',
+ [ '/opt/AVP/kavdaemon', 'kavdaemon',
+ '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
+ '/opt/AVP/AvpTeamDream', 'AvpTeamDream',
+ '/opt/AVP/avpdc', 'avpdc' ],
+ "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ],
+ # change the startup-script in /etc/init.d/kavd to:
+ # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis"
+ # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" )
+ # adjusting /var/amavis above to match your $TEMPBASE.
+ # The '-f=/var/amavis' is needed if not running it as root, so it
+ # can find, read, and write its pid file, etc., see 'man kavdaemon'.
+ # defUnix.prf: there must be an entry "*/var/amavis" (or whatever
+ # directory $TEMPBASE specifies) in the 'Names=' section.
+ # cd /opt/AVP/DaemonClients; configure; cd Sample; make
+ # cp AvpDaemonClient /opt/AVP/
+ # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}"
+
+ ### http://www.centralcommand.com/
+ ['CentralCommand Vexira (new) vascan',
+ ['vascan','/usr/lib/Vexira/vascan'],
+ "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
+ "--log=/var/log/vascan.log {}",
+ [0,3], [1,2,5],
+ qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ],
+ # Adjust the path of the binary and the virus database as needed.
+ # 'vascan' does not allow to have the temp directory to be the same as
+ # the quarantine directory, and the quarantine option can not be disabled.
+ # If $QUARANTINEDIR is not used, then another directory must be specified
+ # to appease 'vascan'. Move status 3 to the second list if password
+ # protected files are to be considered infected.
+
+ ### http://www.avira.com/
+ ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus
+ ['Avira AntiVir', ['antivir','vexira'],
+ '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m,
+ qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
+ (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ],
+ # NOTE: if you only have a demo version, remove -z and add 214, as in:
+ # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
+
+ ### http://www.commandsoftware.com/
+ ['Command AntiVirus for Linux', 'csav',
+ '-all -archive -packed {}', [50], [51,52,53],
+ qr/Infection: (.+)/m ],
+
+ ### http://www.symantec.com/
+ ['Symantec CarrierScan via Symantec CommandLineScanner',
+ 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
+ qr/^Files Infected:\s+0$/m, qr/^Infected\b/m,
+ qr/^(?:Info|Virus Name):\s+(.+)/m ],
+
+ ### http://www.symantec.com/
+ ['Symantec AntiVirus Scan Engine',
+ 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
+ [0], qr/^Infected\b/m,
+ qr/^(?:Info|Virus Name):\s+(.+)/m ],
+ # NOTE: check options and patterns to see which entry better applies
+
+# ### http://www.f-secure.com/products/anti-virus/ version 4.65
+# ['F-Secure Antivirus for Linux servers',
+# ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
+# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '.
+# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8],
+# qr/(?:infection|Infected|Suspected): (.+)/m ],
+
+ ### http://www.f-secure.com/products/anti-virus/ version 5.52
+ ['F-Secure Antivirus for Linux servers',
+ ['/opt/f-secure/fsav/bin/fsav', 'fsav'],
+ '--virus-action1=report --archive=yes --auto=yes '.
+ '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8],
+ qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
+ # NOTE: internal archive handling may be switched off by '--archive=no'
+ # to prevent fsav from exiting with status 9 on broken archives
+
+# ### http://www.avast.com/
+# ['avast! Antivirus daemon',
+# \&ask_daemon, # greets with 220, terminate with QUIT
+# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'],
+# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ],
+
+# ### http://www.avast.com/
+# ['avast! Antivirus - Client/Server Version', 'avastlite',
+# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1],
+# qr/\t\[L\]\t([^[ \t\015\012]+)/m ],
+
+ ['CAI InoculateIT', 'inocucmd', # retired product
+ '-sec -nex {}', [0], [100],
+ qr/was infected by virus (.+)/m ],
+ # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
+
+ ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT)
+ ['CAI eTrust Antivirus', 'etrust-wrapper',
+ '-arc -nex -spm h {}', [0], [101],
+ qr/is infected by virus: (.+)/m ],
+ # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
+ # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
+
+ ### http://mks.com.pl/english.html
+ ['MkS_Vir for Linux (beta)', ['mks32','mks'],
+ '-s {}/*', [0], [1,2],
+ qr/--[ \t]*(.+)/m ],
+
+ ### http://mks.com.pl/english.html
+ ['MkS_Vir daemon', 'mksscan',
+ '-s -q {}', [0], [1..7],
+ qr/^... (\S+)/m ],
+
+# ### http://www.nod32.com/, version v2.52 (old)
+# ['ESET NOD32 for Linux Mail servers',
+# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'],
+# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '.
+# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '.
+# '--action-on-notscanned=accept {}',
+# [0,3], [1,2], qr/virus="([^"]+)"/m ],
+
+# ### http://www.eset.com/, version v2.7 (old)
+# ['ESET NOD32 Linux Mail Server - command line interface',
+# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'],
+# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ],
+
+# ### http://www.eset.com/, version 2.71.12
+# ['ESET Software ESETS Command Line Interface',
+# ['/usr/bin/esets_cli', 'esets_cli'],
+# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ],
+
+ ### http://www.eset.com/, version 3.0
+ ['ESET Software ESETS Command Line Interface',
+ ['/usr/bin/esets_cli', 'esets_cli'],
+ '--subdir {}', [0], [2,3],
+ qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ],
+
+ ## http://www.nod32.com/, NOD32LFS version 2.5 and above
+ ['ESET NOD32 for Linux File servers',
+ ['/opt/eset/nod32/sbin/nod32','nod32'],
+ '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '.
+ '-w -a --action=1 -b {}',
+ [0], [1,10], qr/^object=.*, virus="(.*?)",/m ],
+
+# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31
+# ['ESET Software NOD32 Client/Server (NOD32SS)',
+# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT
+# ["SCAN {}/*\r\n", '127.0.0.1:8448' ],
+# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ],
+
+ ### http://www.norman.com/products_nvc.shtml
+ ['Norman Virus Control v5 / Linux', 'nvcc',
+ '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
+ qr/(?i).* virus in .* -> \'(.+)\'/m ],
+
+ ### http://www.pandasoftware.com/
+ ['Panda CommandLineSecure 9 for Linux',
+ ['/opt/pavcl/usr/bin/pavcl','pavcl'],
+ '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}',
+ qr/Number of files infected[ .]*: 0+(?!\d)/m,
+ qr/Number of files infected[ .]*: 0*[1-9]/m,
+ qr/Found virus :\s*(\S+)/m ],
+ # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr'
+ # before starting amavisd - the bases are then loaded only once at startup.
+ # To reload bases in a signature update script:
+ # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr
+ # Please review other options of pavcl, for example:
+ # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies
+
+# ### http://www.pandasoftware.com/
+# ['Panda Antivirus for Linux', ['pavcl'],
+# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}',
+# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0],
+# qr/Found virus :\s*(\S+)/m ],
+
+# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued.
+# Check your RAV license terms before fiddling with the following two lines!
+# ['GeCAD RAV AntiVirus 8', 'ravav',
+# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ],
+# # NOTE: the command line switches changed with scan engine 8.5 !
+# # (btw, assigning stdin to /dev/null causes RAV to fail)
+
+ ### http://www.nai.com/
+ ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
+ '--secure -rv --mime --summary --noboot - {}', [0], [13],
+ qr/(?x) Found (?:
+ \ the\ (.+)\ (?:virus|trojan) |
+ \ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
+ :\ (.+)\ NOT\ a\ virus)/m,
+ # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
+ # sub {delete $ENV{LD_PRELOAD}},
+ ],
+ # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before
+ # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6
+ # and then clear it when finished to avoid confusing anything else.
+ # NOTE2: to treat encrypted files as viruses replace the [13] with:
+ # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
+
+ ### http://www.virusbuster.hu/en/
+ ['VirusBuster', ['vbuster', 'vbengcl'],
+ "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
+ qr/: '(.*)' - Virus/m ],
+ # VirusBuster Ltd. does not support the daemon version for the workstation
+ # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of
+ # binaries, some parameters AND return codes have changed (from 3 to 1).
+ # See also the new Vexira entry 'vascan' which is possibly related.
+
+# ### http://www.virusbuster.hu/en/
+# ['VirusBuster (Client + Daemon)', 'vbengd',
+# '-f -log scandir {}', [0], [3],
+# qr/Virus found = (.*);/m ],
+# # HINT: for an infected file it always returns 3,
+# # although the man-page tells a different story
+
+ ### http://www.cyber.com/
+ ['CyberSoft VFind', 'vfind',
+ '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m,
+ # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
+ ],
+
+ ### http://www.avast.com/
+ ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'],
+ '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ],
+
+ ### http://www.ikarus-software.com/
+ ['Ikarus AntiVirus for Linux', 'ikarus',
+ '{}', [0], [40], qr/Signature (.+) found/m ],
+
+ ### http://www.bitdefender.com/
+ ['BitDefender', 'bdscan', # new version
+ '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m,
+ qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
+ qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
+
+ ### http://www.bitdefender.com/
+ ['BitDefender', 'bdc', # old version
+ '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m,
+ qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m,
+ qr/(?:suspected|infected): (.*)(?:\033|$)/m ],
+ # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may
+ # not apply to your version of bdc, check documentation and see 'bdc --help'
+
+ ### ArcaVir for Linux and Unix http://www.arcabit.pl/
+ ['ArcaVir for Linux', ['arcacmd','arcacmd.static'],
+ '-v 1 -summary 0 -s {}', [0], [1,2],
+ qr/(?:VIR|WIR):[ \t]*(.+)/m ],
+
+# ['File::Scan', sub {Amavis::AV::ask_av(sub{
+# use File::Scan; my($fn)=@_;
+# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0);
+# my($vname) = $f->scan($fn);
+# $f->error ? (2,"Error: ".$f->error)
+# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @_) },
+# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ],
+
+# ### fully-fledged checker for JPEG marker segments of invalid length
+# ['check-jpeg',
+# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) },
+# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ],
+# # NOTE: place file JpegTester.pm somewhere where Perl can find it,
+# # for example in /usr/local/lib/perl5/site_perl
+
+# ### example: simpleminded checker for JPEG marker segments with
+# ### invalid length (only checks first 32k, which is not thorough enough)
+# ['check-jpeg-simple',
+# sub { Amavis::AV::ask_av(sub {
+# my($f)=@_; local(*FF,$_,$1,$2); my(@r)=(0,'not jpeg');
+# open(FF,$f) or die "jpeg: open err $f: $!";
+# binmode(FF) or die "jpeg: binmode err $f: $!";
+# defined read(FF,$_,32000) or die "jpeg: read err $f: $!";
+# close(FF) or die "jpeg: close err $f: $!";
+# if (/^\xff\xd8\xff/) {
+# @r=(0,'jpeg ok');
+# while (!/\G(?:\xff\xd9|\z)/gc) { # EOI or eof
+# if (/\G\xff+(?=\xff|\z)/gc) {} # fill-bytes before marker
+# elsif (/\G\xff([\x01\xd0-\xd8])/gc) {} # TEM, RSTi, SOI
+# elsif (/\G\xff([^\x00\xff])(..)/gcs) { # marker segment start
+# my($n)=unpack("n",$2)-2;
+# $n=32766 if $n>32766; # Perl regexp limit
+# if ($n<0) {@r=(1,"bad jpeg: len=$n, pos=".pos); last}
+# elsif (/\G.{$n}/gcs) {} # ok
+# elsif (/\G.{0,$n}\z/gcs) {last} # truncated
+# else {@r=(1,"bad jpeg: unexpected, pos=".pos); last}
+# }
+# elsif (/\G[^\xff]+/gc) {} # ECS
+# elsif (/\G(?:\xff\x00)+/gc) {} # ECS
+# else {@r=(2,"bad jpeg: unexpected char, pos=".pos); last}
+# }
+# }; @r}, @_) },
+# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ],
+
+# ### an example/testing/template virus scanner (external), wastes 3 seconds
+# ['wasteful sleeper example',
+# '/bin/sleep', '3', # calls external program
+# undef, undef, qr/no such/m ],
+
+# ### an example/testing/template virus scanner (internal), does nothing
+# ['null',
+# sub {}, ["{}"], # supplies its own subroutine, no external program
+# undef, undef, qr/no such/m ],
+
+);
+
+
+# If no virus scanners from the @av_scanners list produce 'clean' nor
+# 'infected' status (i.e. they all fail to run or the list is empty),
+# then _all_ scanners from the @av_scanners_backup list are tried
+# (again, subject to $first_infected_stops_scan). When there are both
+# daemonized and equivalent or similar command-line scanners available,
+# it is customary to place slower command-line scanners in the
+# @av_scanners_backup list. The default choice is somewhat arbitrary,
+# move entries from one list to another as desired, keeping main scanners
+# in the primary list to avoid warnings.
+
+@av_scanners_backup = (
+
+ ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
+ ['ClamAV-clamscan', 'clamscan',
+ "--stdout --no-summary -r --tempdir=$TEMPBASE {}",
+ [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
+
+ ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6
+ ['F-PROT Antivirus for UNIX', ['fpscan'],
+ '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10
+ [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3],
+ qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ],
+
+ ### http://www.f-prot.com/ - backs up F-Prot Daemon (old)
+ ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
+ '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8],
+ qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ],
+
+ ### http://www.trendmicro.com/ - backs up Trophie
+ ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
+ '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ],
+
+ ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD
+ ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier
+ ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
+ '-path={} -al -go -ot -cn -upn -ok-',
+ [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ],
+
+ ### http://www.kaspersky.com/
+ ['Kaspersky Antivirus v5.5',
+ ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner',
+ '/opt/kav/5.5/kav4unix/bin/kavscanner',
+ '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'],
+ '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25],
+ qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m,
+# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
+# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
+ ],
+
+# Commented out because the name 'sweep' clashes with Debian and FreeBSD
+# package/port of an audio editor. Make sure the correct 'sweep' is found
+# in the path when enabling.
+#
+# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl
+# ['Sophos Anti Virus (sweep)', 'sweep',
+# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '.
+# '--no-reset-atime {}',
+# [0,2], qr/Virus .*? found/m,
+# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m,
+# ],
+# # other options to consider: -idedir=/usr/local/sav
+
+# Always succeeds and considers mail clean.
+# Potentially useful when all other scanners fail and it is desirable
+# to let mail continue to flow with no virus checking (when uncommented).
+# ['always-clean', sub {0}],
+
+);
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+
+#
+# Default antivirus checking mode
+# Please note, that anti-virus checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+#@bypass_virus_checks_maps = (
+# \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+
+#
+# Default SPAM checking mode
+# Please note, that anti-spam checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+#@bypass_spam_checks_maps = (
+# \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# ADMINISTRATORS:
+# Debian suggests that any changes you need to do that should never
+# be "updated" by the Debian package should be made in another file,
+# overriding the settings in this file.
+#
+# The package will *not* overwrite your settings, but by keeping
+# them separate, you will make the task of merging changes on these
+# configuration files much simpler...
+
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
+# a list of all variables with their defaults;
+# see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
+# a traditional-style commented file
+# [note: the above files were not converted to Debian settings!]
+#
+# for more details see documentation in /usr/share/doc/amavisd-new
+# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
+
+$QUARANTINEDIR = "$MYHOME/virusmails";
+$quarantine_subdir_levels = 1; # enable quarantine dir hashing
+
+$log_recip_templ = undef; # disable by-recipient level-0 log entries
+$DO_SYSLOG = 1; # log via syslogd (preferred)
+$syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
+$syslog_facility = 'mail';
+$syslog_priority = 'debug'; # switch to info to drop debug output, etc
+
+$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
+$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
+
+$inet_socket_port = 10024; # default listening socket
+
+$sa_spam_subject_tag = '***SPAM*** ';
+$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
+$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
+$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
+
+$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
+$sa_local_tests_only = 0; # only tests which do not require internet access?
+
+# Quota limits to avoid bombs (like 42.zip)
+
+$MAXLEVELS = 14;
+$MAXFILES = 1500;
+$MIN_EXPANSION_QUOTA = 100*1024; # bytes
+$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes
+
+# You should:
+# Use D_DISCARD to discard data (viruses)
+# Use D_BOUNCE to generate local bounces by amavisd-new
+# Use D_REJECT to generate local or remote bounces by the calling MTA
+# Use D_PASS to deliver the message
+#
+# Whatever you do, *NEVER* use D_REJECT if you have other MTAs *forwarding*
+# mail to your account. Use D_BOUNCE instead, otherwise you are delegating
+# the bounce work to your friendly forwarders, which might not like it at all.
+#
+# On dual-MTA setups, one can often D_REJECT, as this just makes your own
+# MTA generate the bounce message. Test it first.
+#
+# Bouncing viruses is stupid, always discard them after you are sure the AV
+# is working correctly. Bouncing real SPAM is also useless, if you cannot
+# D_REJECT it (and don't D_REJECT mail coming from your forwarders!).
+
+$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
+$final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA
+$final_spam_destiny = D_BOUNCE;
+$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
+
+$enable_dkim_verification = 0; #disabled to prevent warning
+
+$virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default
+
+# Set to empty ("") to add no header
+$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
+
+# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS
+
+#
+# DO NOT SEND VIRUS NOTIFICATIONS TO OUTSIDE OF YOUR DOMAIN. EVER.
+#
+# These days, almost all viruses fake the envelope sender and mail headers.
+# Therefore, "virus notifications" became nothing but undesired, aggravating
+# SPAM. This holds true even inside one's domain. We disable them all by
+# default, except for the EICAR test pattern.
+#
+
+@viruses_that_fake_sender_maps = (new_RE(
+ [qr'\bEICAR\b'i => 0], # av test pattern name
+ [qr/.*/ => 1], # true for everything else
+));
+
+@keep_decoded_original_maps = (new_RE(
+# qr'^MAIL$', # retain full original message for virus checking (can be slow)
+ qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
+ qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
+# qr'^Zip archive data', # don't trust Archive::Zip
+));
+
+
+# for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample
+
+$banned_filename_re = new_RE(
+# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
+
+ # block certain double extensions anywhere in the base name
+ qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
+
+ qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?$'i, # Windows Class ID CLSID, strict
+
+ qr'^application/x-msdownload$'i, # block these MIME types
+ qr'^application/x-msdos-program$'i,
+ qr'^application/hta$'i,
+
+# qr'^application/x-msmetafile$'i, # Windows Metafile MIME type
+# qr'^\.wmf$', # Windows Metafile file(1) type
+
+# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types
+
+# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
+# [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
+# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
+# [ qr'^application/x-zip-compressed$'i => 0], # allow any within such archives
+
+ qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
+# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
+# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
+# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
+# wmf|wsc|wsf|wsh)$'ix, # banned ext - long
+
+# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.
+
+ qr'^\.(exe-ms)$', # banned file(1) types
+# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types
+);
+# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
+# and http://www.cknow.com/vtutor/vtextensions.htm
+
+
+# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
+
+@score_sender_maps = ({ # a by-recipient hash lookup table,
+ # results from all matching recipient tables are summed
+
+# ## per-recipient personal tables (NOTE: positive: black, negative: white)
+# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}],
+# 'user3@example.com' => [{'.ebay.com' => -3.0}],
+# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0,
+# '.cleargreen.com' => -5.0}],
+
+ ## site-wide opinions about senders (the '.' matches any recipient)
+ '.' => [ # the _first_ matching sender determines the score boost
+
+ new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
+ [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
+ [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
+ [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
+ [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
+ [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
+ [qr'^(your_friend|greatoffers)@'i => 5.0],
+ [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
+ ),
+
+# read_hash("/var/amavis/sender_scores_sitewide"),
+
+# This are some examples for whitelists, since envelope senders can be forged
+# they are not enabled by default.
+ { # a hash-type lookup table (associative array)
+ #'nobody@cert.org' => -3.0,
+ #'cert-advisory@us-cert.gov' => -3.0,
+ #'owner-alert@iss.net' => -3.0,
+ #'slashdot@slashdot.org' => -3.0,
+ #'securityfocus.com' => -3.0,
+ #'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
+ #'security-alerts@linuxsecurity.com' => -3.0,
+ #'mailman-announce-admin@python.org' => -3.0,
+ #'amavis-user-admin@lists.sourceforge.net'=> -3.0,
+ #'amavis-user-bounces@lists.sourceforge.net' => -3.0,
+ #'spamassassin.apache.org' => -3.0,
+ #'notification-return@lists.sophos.com' => -3.0,
+ #'owner-postfix-users@postfix.org' => -3.0,
+ #'owner-postfix-announce@postfix.org' => -3.0,
+ #'owner-sendmail-announce@lists.sendmail.org' => -3.0,
+ #'sendmail-announce-request@lists.sendmail.org' => -3.0,
+ #'donotreply@sendmail.org' => -3.0,
+ #'ca+envelope@sendmail.org' => -3.0,
+ #'noreply@freshmeat.net' => -3.0,
+ #'owner-technews@postel.acm.org' => -3.0,
+ #'ietf-123-owner@loki.ietf.org' => -3.0,
+ #'cvs-commits-list-admin@gnome.org' => -3.0,
+ #'rt-users-admin@lists.fsck.com' => -3.0,
+ #'clp-request@comp.nus.edu.sg' => -3.0,
+ #'surveys-errors@lists.nua.ie' => -3.0,
+ #'emailnews@genomeweb.com' => -5.0,
+ #'yahoo-dev-null@yahoo-inc.com' => -3.0,
+ #'returns.groups.yahoo.com' => -3.0,
+ #'clusternews@linuxnetworx.com' => -3.0,
+ #lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0,
+ #lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
+
+ # soft-blacklisting (positive score)
+ #'sender@example.net' => 3.0,
+ #'.example.net' => 1.0,
+
+ },
+ ], # end of site-wide tables
+});
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+##
+## Functionality required for amavis helpers like
+## amavis-release.
+##
+
+# Enable required AM.PDP protocol socket.
+#
+# this is incompatible with the old helpers, but one can
+# have multiple inet (not unix) sockets to overcome this
+# issue. Refer to the amavisd-new documentation for more
+# information
+
+$unix_socketname = "/var/lib/amavis/amavisd.sock";
+
+$interface_policy{'SOCK'} = 'AM.PDP-SOCK';
+$policy_bank{'AM.PDP-SOCK'} = {
+ protocol => 'AM.PDP',
+ auth_required_release => 0, # don't require secret-id for release
+};
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+# l10n (localization) of the AMaViSd-new DSN templates
+# Override or change as necessary
+
+# Select notifications text encoding when Unicode-aware Perl is converting
+# text from internal character representation to external encoding (charset
+# in MIME terminology). Used as argument to Perl Encode::encode subroutine.
+#
+# to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
+#$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
+#
+# to be used in notification body text: its encoding and Content-type.charset
+#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
+
+# Default template texts for notifications may be overruled by directly
+# assigning new text to template variables, or by reading template text
+# from files. A second argument may be specified in a call to read_text(),
+# specifying character encoding layer to be used when reading from the
+# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
+# Text will be converted to internal character representation by Perl 5.8.0
+# or later; second argument is ignored otherwise. See PerlIO::encoding,
+# Encode::PerlIO and perluniintro man pages.
+#
+# $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
+# $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
+# $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
+# $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
+# $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
+# $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
+
+# If notification template files are collectively available in some directory,
+# you can use read_l10n_templates which calls read_text for each known
+# template. Name the files as above, and include a file named "charset" with
+# the charset used in the files. This is how Debian ships l10n templates.
+#
+# syntax: read_l10n_templates(<directory>); OR
+# read_l10n_templates(<subdirectory>, <master directory>);
+#
+read_l10n_templates('en_US', '/etc/amavis');
+
+1; # ensure a defined return
--- /dev/null
+use strict;
+
+#
+# Place your configuration directives here. They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+
+#------------ Do not modify anything below this line -------------
+#{1}
+
+
+chomp($mydomain = "sarah.uhu-banane.de");
+@local_domains_maps = 1;
+@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
+ 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
+
+# listen on multiple TCP ports. 9998 is used for releasing quarantined mails.
+$inet_socket_port = [10024, 10026, 9998];
+
+# Enable virus check.
+@bypass_virus_checks_maps = (
+ \%bypass_virus_checks,
+ \@bypass_virus_checks_acl,
+ $bypass_virus_checks_re,
+ );
+
+# Enable spam check.
+@bypass_spam_checks_maps = (
+ \%bypass_spam_checks,
+ \@bypass_spam_checks_acl,
+ $bypass_spam_checks_re,
+ );
+
+$mailfrom_notify_admin = "root\@$mydomain";
+$mailfrom_notify_recip = "root\@$mydomain";
+$mailfrom_notify_spamadmin = "root\@$mydomain";
+
+# Mail notify.
+$mailfrom_notify_admin = "root\@$mydomain"; # notifications sender
+$mailfrom_notify_recip = "root\@$mydomain"; # notifications sender
+$mailfrom_notify_spamadmin = "root\@$mydomain"; # notifications sender
+$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
+
+# Disable defang banned mail.
+$defang_banned = 0; # MIME-wrap passed mail containing banned name
+
+$policy_bank{'MYNETS'} = { # mail originating from @mynetworks
+ originating => 1, # is true in MYNETS by default, but let's make it explicit
+ os_fingerprint_method => undef, # don't query p0f for internal clients
+ allow_disclaimers => 1, # enables disclaimer insertion if available
+ enable_dkim_signing => 1,
+};
+
+# it is up to MTA to re-route mail from authenticated roaming users or
+# from internal hosts to a dedicated TCP port (such as 10026) for filtering
+$interface_policy{'10026'} = 'ORIGINATING';
+
+$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users
+ originating => 1, # declare that mail was submitted by our smtp client
+ allow_disclaimers => 1, # enables disclaimer insertion if available
+ enable_dkim_signing => 1,
+
+ # notify administrator of locally originating malware
+ virus_admin_maps => ["root\@$mydomain"],
+ spam_admin_maps => [],
+ bad_header_admin_maps => [],
+ banned_admin_maps => ["root\@$mydomain"],
+ warnbadhsender => 1,
+ warnbannedsender => 1,
+
+ # force MTA conversion to 7-bit (e.g. before DKIM signing)
+ #smtpd_discard_ehlo_keywords => ['8BITMIME'],
+
+ # don't remove NOTIFY=SUCCESS option
+ terminate_dsn_on_notify_success => 0,
+
+ # don't perform spam/virus/header check.
+ #bypass_spam_checks_maps => [1], # spam
+ #bypass_header_checks_maps => [1], # bad header
+ #bypass_virus_checks_maps => [1], # virus
+ #bypass_banned_checks_maps => [1], # banned file names and types
+};
+
+
+# Custom short log template (at log_level 0), add SpamAssassin testing result (Tests: [xxx])
+#
+# Note: You can find the original log template at the bottom of
+# /usr/sbin/amavisd-new.
+$log_templ = '
+[?%#D|#|Passed #
+[? [:ccat|major] |#
+OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
+UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
+ {[:actions_performed]}#
+,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%D|[:mail_addr_decode_octets|%D]|,]#
+[? %q ||, quarantine: %q]#
+[? %Q ||, Queue-ID: %Q]#
+[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
+[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
+[? %i ||, mail_id: %i]#
+, Hits: [:SCORE]#
+, size: %z#
+[? [:partition_tag] ||, pt: [:partition_tag]]#
+[~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\
+[remote_mta_smtp_response|[~%x|["queued as ([0-9A-Za-z]+)$"]|["%1"]|["%0"]]|/]#
+#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
+#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
+[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
+[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
+, %y ms#
+[? %#T ||, Tests: \[[%T|,]\]]#
+]
+[?%#O|#|Blocked #
+[? [:ccat|major|blocking] |#
+OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
+UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
+ {[:actions_performed]}#
+,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%O|[:mail_addr_decode_octets|%O]|,]#
+[? %q ||, quarantine: %q]#
+[? %Q ||, Queue-ID: %Q]#
+[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
+[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
+[? %i ||, mail_id: %i]#
+, Hits: [:SCORE]#
+, size: %z#
+[? [:partition_tag] ||, pt: [:partition_tag]]#
+#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
+#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
+[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
+[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
+, %y ms#
+[? %#T ||, Tests: \[[%T|,]\]]#
+]';
+
+# Set hostname.
+$myhostname = "sarah.uhu-banane.de";
+$localhost_name = $myhostname;
+
+# Set listen IP/PORT.
+$notify_method = 'smtp:[127.0.0.1]:10025';
+$forward_method = 'smtp:[127.0.0.1]:10025';
+
+@av_scanners = (
+ #### http://www.clamav.net/
+ ['ClamAV-clamd',
+ \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
+ qr/\bOK$/, qr/\bFOUND$/,
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
+);
+
+@av_scanners_backup = (
+ ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
+ ['ClamAV-clamscan', 'clamscan',
+ "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
+);
+
+#
+# Port used to release quarantined mails.
+#
+$interface_policy{'9998'} = 'AM.PDP-INET';
+$policy_bank{'AM.PDP-INET'} = {
+ protocol => 'AM.PDP', # select Amavis policy delegation protocol
+ inet_acl => [qw( 127.0.0.1 [::1] )], # restrict access to these IP addresses
+ auth_required_release => 1, # 0 - don't require secret_id for amavisd-release
+ #log_level => 4,
+ #always_bcc_by_ccat => {CC_CLEAN, 'admin@example.com'},
+};
+
+# Set default action.
+# Available actions: D_PASS, D_BOUNCE, D_REJECT, D_DISCARD.
+$final_virus_destiny = D_DISCARD;
+$final_banned_destiny = D_BOUNCE;
+$final_spam_destiny = D_PASS;
+$final_bad_header_destiny = D_PASS;
+
+#########################
+# Quarantine mails.
+#
+
+# Where to store quarantined mail message:
+# - 'local:spam-%i-%m', quarantine mail on local file system.
+# - 'sql:', quarantine mail in SQL server specified in @storage_sql_dsn.
+# - undef, do not quarantine mail.
+
+# Bad header.
+$bad_header_quarantine_method = undef;
+#$bad_header_quarantine_method = 'sql:';
+#$bad_header_quarantine_to = 'bad-header-quarantine';
+
+# SPAM.
+$spam_quarantine_method = undef;
+#$spam_quarantine_method = 'sql:';
+#$spam_quarantine_to = 'spam-quarantine';
+
+# Virus
+$virus_quarantine_to = 'virus-quarantine';
+$virus_quarantine_method = 'sql:';
+
+# Banned
+$banned_files_quarantine_method = undef;
+#$banned_files_quarantine_method = 'sql:';
+#$banned_quarantine_to = 'banned-quarantine';
+
+#########################
+# Quarantine CLEAN mails.
+# Don't forget to enable clean quarantine in policy bank 'MYUSERS'.
+#
+#$clean_quarantine_method = 'sql:';
+#$clean_quarantine_to = 'clean-quarantine';
+
+$sql_allow_8bit_address = 1;
+$timestamp_fmt_mysql = 1;
+
+# a string to prepend to Subject (for local recipients only) if mail could
+# not be decoded or checked entirely, e.g. due to password-protected archives
+#$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it
+$undecipherable_subject_tag = undef;
+# Hope to fix 'nested MAIL command' issue on high load server.
+$smtp_connection_cache_enable = 0;
+
+# The default set of header fields to be signed can be controlled
+# by setting %signed_header_fields elements to true (to sign) or
+# to false (not to sign). Keys must be in lowercase, e.g.:
+# 0 -> off
+# 1 -> on
+$signed_header_fields{'received'} = 0;
+$signed_header_fields{'to'} = 1;
+
+# Add dkim_key here.
+dkim_key("uhu-banane.net", "dkim", "/var/lib/dkim/uhu-banane.net.pem");
+
+# Note that signing mail for subdomains with a key of a parent
+# domain is treated by recipients as a third-party key, which
+# may 'hold less merit' in their eyes. If one has a choice,
+# it is better to publish a key for each domain (e.g. host1.a.cn)
+# if mail is really coming from it. Sharing a pem file
+# for multiple domains may be acceptable, so you don't need
+# to generate a different key for each subdomain, but you
+# do need to publish it in each subdomain. It is probably
+# easier to avoid sending addresses like host1.a.cn and
+# always use a parent domain (a.cn) in 'From:', thus
+# avoiding the issue altogether.
+#dkim_key("host1.uhu-banane.net", "dkim", "/var/lib/dkim/uhu-banane.net.pem");
+#dkim_key("host3.uhu-banane.net", "dkim", "/var/lib/dkim/uhu-banane.net.pem");
+
+# Add new dkim_key for other domain.
+#dkim_key('Your_New_Domain_Name', 'dkim', 'Your_New_Pem_File');
+
+@dkim_signature_options_bysender_maps = ( {
+ # ------------------------------------
+ # For domain: uhu-banane.net.
+ # ------------------------------------
+ # 'd' defaults to a domain of an author/sender address,
+ # 's' defaults to whatever selector is offered by a matching key
+
+ #'postmaster@uhu-banane.net' => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 7*24*3600 },
+ #"spam-reporter@uhu-banane.net" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 7*24*3600 },
+
+ # explicit 'd' forces a third-party signature on foreign (hosted) domains
+ "brehm-berlin.de" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "brehm-online.com" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "brehm-online.eu" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "frankepedia.eu" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "hennig-berlin.org" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "uhu-banane.com" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "uhu-banane.de" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "uhu-banane.eu" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "uhu-banane.net" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ "uhu-banane.org" => { d => "uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ #"host1.uhu-banane.net" => { d => "host1.uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ #"host2.uhu-banane.net" => { d => "host2.uhu-banane.net", a => 'rsa-sha256', ttl => 10*24*3600 },
+ # ---- End domain: uhu-banane.net ----
+
+ # catchall defaults
+ '.' => { a => 'rsa-sha256', c => 'relaxed/simple', ttl => 30*24*3600 },
+} );
+# ------------ Disclaimer Setting ---------------
+# Uncomment this line to enable singing disclaimer in outgoing mails.
+#$defang_maps_by_ccat{+CC_CATCHALL} = [ 'disclaimer' ];
+
+# Program used to signing disclaimer in outgoing mails.
+$altermime = '/usr/bin/altermime';
+
+# Disclaimer in plain text formart.
+@altermime_args_disclaimer = qw(--disclaimer=/etc/postfix/disclaimer/_OPTION_.txt --disclaimer-html=/etc/postfix/disclaimer/_OPTION_.txt --force-for-bad-html);
+
+@disclaimer_options_bysender_maps = ({
+ # Per-domain disclaimer setting: /etc/postfix/disclaimer/host1.iredmail.org.txt
+ #'host1.iredmail.org' => 'host1.iredmail.org',
+
+ # Sub-domain disclaimer setting: /etc/postfix/disclaimer/iredmail.org.txt
+ #'.iredmail.org' => 'iredmail.org',
+
+ # Per-user disclaimer setting: /etc/postfix/disclaimer/boss.iredmail.org.txt
+ #'boss@iredmail.org' => 'boss.iredmail.org',
+
+ # Catch-all disclaimer setting: /etc/postfix/disclaimer/default.txt
+ '.' => 'default',
+},);
+# ------------ End Disclaimer Setting ---------------
+# Reporting and quarantining.
+@storage_sql_dsn = (
+ ['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'Ip2zqeQIVkdg6K2W224Fkhal1zYeQE'],
+);
+
+# Lookup for per-recipient, per-domain and global policy.
+@lookup_sql_dsn = @storage_sql_dsn;
+# Don't send email with subject "UNCHECKED contents in mail FROM xxx".
+delete $admin_maps_by_ccat{&CC_UNCHECKED};
+
+# Do not notify administrator about SPAM/VIRUS from remote servers.
+$virus_admin = undef;
+$spam_admin = undef;
+$banned_admin = undef;
+$bad_header_admin = undef;
+
+# Num of pre-forked children.
+# WARNING: it must match (equal to or larger than) the number set in
+# /etc/postfix/master.cf "maxproc" column for the 'smtp-amavis' service.
+$max_servers = 2;
+
+# Enable DKIM signing/verification
+$enable_dkim_verification = 1;
+#$enable_dkim_signing = 1; # we have dkim signing enabled in policy banks.
+
+# Amavisd log level. Verbosity: 0, 1, 2, 3, 4, 5, -d.
+$log_level = 0;
+# SpamAssassin debugging (require $log_level). Default if off (0).
+$sa_debug = 0;
+
+# Listen on specified addresses.
+$inet_socket_bind = ['127.0.0.1'];
+
+# Selectively disable some of the header checks
+#
+# Duplicate or multiple occurrence of a header field
+$allowed_header_tests{'multiple'} = 0;
+
+# Missing some headers. e.g. 'Date:'
+$allowed_header_tests{'missing'} = 0;
+
+1; # insure a defined return
--- /dev/null
+use strict;
+
+#
+# Place your configuration directives here. They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+
+#------------ Do not modify anything below this line -------------
+1; # ensure a defined return
--- /dev/null
+# This is charset for en_US messages.
+# If you are creating new messages, use 'iconv -l' to get possible encodings.
+ascii # or iso-8859-1
+ignored lines after first one
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of an auto response (e.g.
+# vacation, out-of-office), see RFC 3834.
+#
+From: %f
+Date: %d
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Reply-To: postmaster@%h
+Message-ID: <ARE%i@%h>
+Auto-Submitted: auto-replied
+[:wrap|76||\t|Subject: Auto: autoresponse to: %s]
+[? %m |#|In-Reply-To: %m]
+Precedence: junk
+
+This is an auto-response to a message \
+[? %a |\nreceived on %d,|received from\nIP address \[%a\] on %d,]
+envelope sender: %s
+(author) From: [:rfc2822_from]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[?[:dkim|author]|#|
+A first-party DKIM or DomainKeys signature is valid, d=[:dkim|author].]
--- /dev/null
+#
+# =============================================================================
+# This is a template for (neutral: non-virus, non-spam, non-banned)
+# DELIVERY STATUS NOTIFICATIONS to sender.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: [?%#D|Undeliverable mail|Delivery status notification]\
+[? [:ccat|major] |||, MTA-BLOCKED\
+|, OVERSIZED message\
+|, invalid header section[=explain_badh|1]\
+[?[:ccat|minor]||: bad MIME|: unencoded 8-bit character\
+|: improper use of control char|: all-whitespace header line\
+|: header line longer than 998 characters|: header field syntax error\
+|: missing required header field|: duplicate header field|]\
+|, UNSOLICITED BULK EMAIL apparently from you\
+|, UNSOLICITED BULK EMAIL apparently from you\
+|, contents UNCHECKED\
+|, BANNED contents type (%F)\
+|, VIRUS in message apparently from you (%V)\
+]
+Message-ID: <DSN%i@%h>
+
+[? %#D |#|Your message WAS SUCCESSFULLY RELAYED to:[\n %D]
+[~[:dsn_notify]|["\\bSUCCESS\\b"]|\
+and you explicitly requested a delivery status notification on success.\n]\
+]
+[? %#N |#|The message WAS NOT relayed to:[\n %N]
+]
+[:wrap|78|||This [?%#D|nondelivery|delivery] report was \
+generated by the program amavisd-new at host %h. \
+Our internal reference code for your message is %n/%i]
+
+# ccat_min 0: other, 1: bad MIME, 2: 8-bit char, 3: NUL/CR,
+# 4: empty, 5: long, 6: syntax, 7: missing, 8: multiple
+[? [:explain_badh] ||[? [:ccat|minor]
+|INVALID HEADER
+|INVALID HEADER: BAD MIME HEADER SECTION OR BAD MIME STRUCTURE
+|INVALID HEADER: INVALID 8-BIT CHARACTERS IN HEADER SECTION
+|INVALID HEADER: INVALID CONTROL CHARACTERS IN HEADER SECTION
+|INVALID HEADER: FOLDED HEADER FIELD LINE MADE UP ENTIRELY OF WHITESPACE
+|INVALID HEADER: HEADER LINE LONGER THAN RFC 5322 LIMIT OF 998 CHARACTERS
+|INVALID HEADER: HEADER FIELD SYNTAX ERROR
+|INVALID HEADER: MISSING REQUIRED HEADER FIELD
+|INVALID HEADER: DUPLICATE HEADER FIELD
+|INVALID HEADER
+]
+[[:wrap|78| | |%X]\n]
+]\
+#
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %#X|#|[? [:useragent] |#|[:wrap|78|| |[:useragent]]]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+
+# ccat_min 0: other, 1: bad MIME, 2: 8-bit char, 3: NUL/CR,
+# 4: empty, 5: long, 6: syntax, 7: missing, 8: multiple
+[? [:explain_badh] ||[? [:ccat|minor]
+|# 0: other
+|# 1: bad MIME
+|# 2: 8-bit char
+WHAT IS AN INVALID CHARACTER IN A MAIL HEADER SECTION?
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ It does not allow the use of characters with codes above 127 to be
+ used directly (non-encoded) in a mail header section.
+
+ If such characters (e.g. with diacritics) from ISO Latin or other
+ alphabets need to be included in a header section, these characters
+ need to be properly encoded according to RFC 2047. Such encoding
+ is often done transparently by mail reader (MUA), but if automatic
+ encoding is not available (e.g. by some older MUA) it is a user's
+ responsibility to avoid using such characters in a header section,
+ or to encode them manually. Typically the offending header fields
+ in this category are 'Subject', 'Organization', and comment fields
+ or display names in e-mail addresses of 'From', 'To' or 'Cc'.
+
+ Sometimes such invalid header fields are inserted automatically
+ by some MUA, MTA, content filter, or other mail handling service.
+ If this is the case, such service needs to be fixed or properly
+ configured. Typically the offending header fields in this category
+ are 'Date', 'Received', 'X-Mailer', 'X-Priority', 'X-Scanned', etc.
+
+ If you don't know how to fix or avoid the problem, please report it
+ to _your_ postmaster or system manager.
+#
+[~[:useragent]|^X-Mailer:\\s*Microsoft Outlook Express 6\\.00|["
+ If using Microsoft Outlook Express as your MUA, make sure its
+ settings under:
+ Tools -> Options -> Send -> Mail Sending Format -> Plain & HTML
+ are: "MIME format" MUST BE selected,
+ and "Allow 8-bit characters in headers" MUST NOT be enabled!
+"]]#
+|# 3: NUL/CR
+IMPROPER USE OF CONTROL CHARACTER IN A MESSAGE HEADER SECTION
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ It does not allow the use of control characters NUL and bare CR
+ to be used directly in a mail header section.
+|# 4: empty
+IMPROPERLY FOLDED HEADER FIELD LINE MADE UP ENTIRELY OF WHITESPACE
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ In section '3.2.2. Folding white space and comments' it explicitly
+ prohibits folding of header fields in such a way that any line of a
+ folded header field is made up entirely of white-space characters
+ (control characters SP and HTAB) and nothing else.
+|# 5: long
+HEADER LINE LONGER THAN RFC 5322 LIMIT OF 998 CHARACTERS
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '2.1.1. Line Length Limits' prohibits each line of a header
+ section to be more than 998 characters in length (excluding the CRLF).
+|# 6: syntax
+|# 7: missing
+MISSING REQUIRED HEADER FIELD
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '3.6. Field Definitions' specifies that certain header fields
+ are required (origination date field and the "From:" originator field).
+|# 8: multiple
+DUPLICATE HEADER FIELD
+
+ The RFC 5322 document specifies rules for forming internet messages.
+ Section '3.6. Field Definitions' specifies that certain header fields
+ must not occur more than once in a message header section.
+|# other
+]]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of a problem/feedback report,
+# with either the original message included in-line, or attached,
+# or the message is structured as a FEEDBACK REPORT NOTIFICATIONS format.
+# See RFC 5965 - "An Extensible Format for Email Feedback Reports".
+#
+From: %f
+Date: %d
+Subject: Fw: %j
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <ARF%i@%h>
+#Auto-Submitted: auto-generated
+
+This is an e-mail [:feedback_type] report for a message \
+[? %a |\nreceived on %d,|received from\nIP address [:client_addr_port] on %d,]
+
+[:wrap|78|| |Return-Path: %s]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|[:wrap|78|| |Sender: [:header_field|Sender]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+[?[:dkim|author]|#|
+A first-party DKIM or DomainKeys signature is valid, d=[:dkim|author].]
+
+Reporting-MTA: %h
+Our internal reference code for the message is %n/%i
+
+[~[:report_format]|["^(arf|attach|dsn)$"]|["\
+A complete original message is attached.
+[~[:report_format]|["^arf$"]|\
+For more information on the ARF format please see RFC 5965.
+]"]|["\
+A complete original message in its pristine form follows:
+"]]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for the plain text part of a RELEASE FROM A QUARANTINE,
+# applicable if a chosen release format is 'attach' (not 'resend').
+#
+From: %f
+Date: %d
+Subject: \[released message\] %j
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <QRA%i@%h>
+
+Please find attached a message which was held in a quarantine,
+and has now been released.
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+# [? %m |#|[:wrap|78|| |Message-ID: %m]]
+# [? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+# [? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+
+Our internal reference code for the message is %n/%i
+#
+[~[:report_format]|["^attach$"]|["[? [:attachment_password] |#|
+
+Contents of the attached mail message may pose a threat to your computer or
+could be a social engineering deception, so it should be handled cautiously.
+To prevent undesired automatic opening, the attached original mail message
+has been wrapped in a password-protected ZIP archive.
+
+Here is the password that allows opening of the attached archive:
+
+ [:attachment_password]
+
+Note that the attachment is not strongly encrypted and the password
+is not a strong secret (being displayed in this non-encrypted text),
+so this attachment is not suitable for guarding a secret contents.
+The sole purpose of this password protection it to prevent undesired
+accidental or automatic opening of a message, either by some filtering
+software, a virus scanner, or by a mail reader.
+]"]|]#
--- /dev/null
+#
+# =============================================================================
+# This is a template for spam ADMINISTRATOR NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: Spam FROM [?%l||LOCAL ][?%a||[:client_addr_port] ]%s
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <SA%i@%h>
+
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Internal reference code for the message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+[? %#D |#|The message WILL BE relayed to:[\n%D]
+]
+[? %#N |#|The message WAS NOT relayed to:[\n%N]
+]
+Spam scanner report:
+[%A
+]\
--- /dev/null
+#
+# =============================================================================
+# This is a template for spam SENDER NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: Considered UNSOLICITED BULK EMAIL, apparently from you
+[? %m |#|In-Reply-To: %m]
+Message-ID: <SS%i@%h>
+
+A message from %s[
+to: %R]
+
+was considered unsolicited bulk e-mail (UBE).
+
+Our internal reference code for your message is %n/%i
+
+The message carried your return address, so it was either a genuine mail
+from you, or a sender address was faked and your e-mail address abused
+by third party, in which case we apologize for undesired notification.
+
+We do try to minimize backscatter for more prominent cases of UBE and
+for infected mail, but for less obvious cases some balance between
+losing genuine mail and sending undesired backscatter is sought,
+and there can be some collateral damage on either side.
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+# [? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+[? %#X |#|\n[[:wrap|78|| |%X]\n]]
+
+[? %#D |Delivery of the email was stopped!
+]#
+#
+# Spam scanner report:
+# [%A
+# ]\
--- /dev/null
+#
+# =============================================================================
+# This is a template for non-spam (e.g. VIRUS,...) ADMINISTRATOR NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: [? [:ccat|major] |Clean mail|Clean mail|MTA-blocked mail|\
+OVERSIZED mail|INVALID HEADER in mail|Spammy|Spam|UNCHECKED contents in mail|\
+BANNED contents (%F) in mail|VIRUS (%V) in mail]\
+ FROM [?%l||LOCAL ][?%a||[:client_addr_port] ]%s
+To: [? %#T |undisclosed-recipients:;|[%T|, ]]
+[? %#C |#|Cc: [%C|, ]]
+Message-ID: <VA%i@%h>
+
+[? %#V |No viruses were found.
+|A virus was found: %V
+|Two viruses were found:\n %V
+|%#V viruses were found:\n %V
+]
+[? %#F |#|[:wrap|78|| |Banned [?%#F|names|name|names]: %F]]
+[? %#X |#|Bad header:[\n[:wrap|78| | |%X]]]
+[? %#W |#\
+|Scanner detecting a virus: %W
+|Scanners detecting a virus: %W
+]
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Internal reference code for the message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+[? %#S |Notification to sender will not be mailed.
+
+]#
+[? %#D |#|The message WILL BE relayed to:[\n%D]
+]
+[? %#N |#|The message WAS NOT relayed to:[\n%N]
+]
+[? %#V |#|[? %#v |#|Virus scanner output:[\n %v]
+]]
--- /dev/null
+#
+# =============================================================================
+# This is a template for VIRUS/BANNED/BAD-HEADER RECIPIENTS NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# Long header fields will be automatically wrapped by the program.
+#
+From: %f
+Date: %d
+Subject: [? [:ccat|major] |Clean mail|Clean mail|MTA-blocked mail|\
+OVERSIZED mail|INVALID HEADER in mail|Spammy|Spam|UNCHECKED contents in mail|\
+BANNED contents (%F) in mail|VIRUS (%V) in mail] TO YOU from %s
+[? [:header_field|To] |To: undisclosed-recipients:;|To: [:header_field|To]]
+[? [:header_field|Cc] |#|Cc: [:header_field|Cc]]
+Message-ID: <VR%i@%h>
+
+[? %#V |[? %#F ||BANNED CONTENTS ALERT]|VIRUS ALERT]
+
+Our content checker found
+[? %#V |#|[:wrap|78| | |[?%#V|viruses|virus|viruses]: %V]]
+[? %#F |#|[:wrap|78| | |banned [?%#F|names|name|names]: %F]]
+[? %#X |#|[[:wrap|78| | |%X]\n]]
+
+in an email to you [? %#V |from:|from probably faked sender:]
+ %o
+[? %#V |#|claiming to be: %s]
+
+Content type: [:ccat|name|main]#
+[? [:ccat|is_blocked_by_nonmain] ||, blocked for [:ccat|name]]
+Our internal reference code for your message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? [:useragent] |#|[:wrap|78|| |[:useragent]]]
+[? %j |#|[:wrap|78|| |Subject: %j]]
+[? %q |Not quarantined.|The message has been quarantined as: %q]
+
+Please contact your system administrator for details.
--- /dev/null
+#
+# =============================================================================
+# This is a template for VIRUS/BANNED SENDER NOTIFICATIONS.
+# For syntax and customization instructions see README.customize.
+# The From, To and Date header fields will be provided automatically.
+# Long header fields will be automatically wrapped by the program.
+#
+Subject: [? [:ccat|major]
+|Clean message from you\
+|Clean message from you\
+|Clean message from you (MTA blocked)\
+|OVERSIZED message from you\
+|BAD-HEADER in message from you\
+|Spam claiming to be from you\
+|Spam claiming to be from you\
+|A message with UNCHECKED contents from you\
+|BANNED contents from you (%F)\
+|VIRUS in message apparently from you (%V)\
+]
+[? %m |#|In-Reply-To: %m]
+Message-ID: <VS%i@%h>
+
+[? [:ccat|major] |Clean|Clean|MTA-BLOCKED|OVERSIZED|INVALID HEADER|\
+Spammy|Spam|UNCHECKED contents|BANNED CONTENTS ALERT|VIRUS ALERT]
+
+Our content checker found
+[? %#V |#|[:wrap|78| | |[? %#V |viruses|virus|viruses]: %V]]
+[? %#F |#|[:wrap|78| | |banned [? %#F |names|name|names]: %F]]
+[? %#X |#|[[:wrap|78| | |%X]\n]]
+
+in email presumably from you %s
+to the following [? %#R |recipients|recipient|recipients]:[
+-> %R]
+
+Our internal reference code for your message is %n/%i
+
+[? %a |#|[:wrap|78|| |First upstream SMTP client IP address: \[%a\] %g]]
+[? %e |#|[:wrap|78|| |According to a 'Received:' trace,\
+ the message apparently originated at: \[%e\], %t]]
+
+[:wrap|78|| |Return-Path: %s[?[:dkim|envsender]|| (OK)]]
+[:wrap|78|| |From: [:header_field|From|100][?[:dkim|author]|| (dkim:AUTHOR)]]
+[? [:header_field|Sender]|#|\
+[:wrap|78|| |Sender: [:header_field|Sender|100]\
+[?[:dkim|sender]|| (dkim:SENDER)]]]
+[? %m |#|[:wrap|78|| |Message-ID: %m]]
+[? %r |#|[:wrap|78|| |Resent-Message-ID: %r]]
+[? %j |#|[:wrap|78|| |Subject: [:header_field|Subject|100]]]
+
+[? %#D |Delivery of the email was stopped!
+
+]#
+[? %#V ||Please check your system for viruses,
+or ask your system administrator to do so.
+
+]#
+[? %#V |[? %#F ||#
+The message [?%#D|has been blocked|triggered this warning] because it contains a component
+(as a MIME part or nested within) with declared name
+or MIME type or contents type violating our access policy.
+
+To transfer contents that may be considered risky or unwanted
+by site policies, or simply too large for mailing, please consider
+publishing your content on the web, and only sending an URL of the
+document to the recipient.
+
+Depending on the recipient and sender site policies, with a little
+effort it might still be possible to send any contents (including
+viruses) using one of the following methods:
+
+- encrypted using pgp, gpg or other encryption methods;
+
+- wrapped in a password-protected or scrambled container or archive
+ (e.g.: zip -e, arj -g, arc g, rar -p, or other methods)
+
+Note that if the contents is not intended to be secret, the
+encryption key or password may be included in the same message
+for recipient's convenience.
+
+We are sorry for inconvenience if the contents was not malicious.
+
+The purpose of these restrictions is to cut the most common propagation
+methods used by viruses and other malware. These often exploit automatic
+mechanisms and security holes in more popular mail readers (Microsoft
+mail readers and browsers are a common target). By requiring an explicit
+and decisive action from the recipient to decode mail, the danger of
+automatic malware propagation is largely reduced.
+#
+# Details of our mail restrictions policy are available at ...
+
+]]#
--- /dev/null
+#!/bin/sh
+
+# Placed in /etc/apm/event.d by the chrony package at the instruction of
+# the apmd maintainer. If you don't have apm and don't intend to install
+# apmd you may remove it. It needs to run after 00hwclock but before any
+# other scripts.
+
+
+[ -x /usr/sbin/chronyd ] || exit 0
+
+if [ "$1" = suspend ]; then
+ invoke-rc.d chrony stop
+elif [ "$1" = standby ]; then
+ invoke-rc.d chrony stop
+elif [ "$1" = resume ]; then
+ invoke-rc.d chrony start
+fi
--- /dev/null
+# Site-specific additions and overrides for usr.bin.freshclam.
+# For more details, please see /etc/apparmor.d/local/README.
--- /dev/null
+# Site-specific additions and overrides for usr.sbin.clamd.
+# For more details, please see /etc/apparmor.d/local/README.
--- /dev/null
+# vim:syntax=apparmor
+# Author: Jamie Strandboge <jamie@ubuntu.com>
+# Last Modified: Sun Aug 3 09:39:03 2008
+
+#include <tunables/global>
+
+/usr/bin/freshclam {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+ #include <abstractions/user-tmp>
+
+ capability setgid,
+ capability setuid,
+
+ @{PROC}/filesystems r,
+ owner @{PROC}/[0-9]*/status r,
+
+ /etc/clamav/clamd.conf r,
+ /etc/clamav/freshclam.conf r,
+ /etc/clamav/onerrorexecute.d/* mr,
+ /etc/clamav/onupdateexecute.d/* mr,
+ /etc/clamav/virusevent.d/* mr,
+
+ owner @{HOME}/.clamtk/db/ rw,
+ owner @{HOME}/.clamtk/db/** rwk,
+
+ owner @{HOME}/.klamav/database/ rw,
+ owner @{HOME}/.klamav/database/** rwk,
+
+ /usr/bin/freshclam mr,
+
+ /var/lib/clamav/ r,
+ /var/lib/clamav/** krw,
+
+ /var/log/clamav/* kw,
+ /{,var/}run/clamav/freshclam.pid w,
+ /{,var/}run/clamav/clamd.ctl rw,
+
+ deny /{,var/}run/samba/{gencache,unexpected}.tdb mrwkl,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.bin.freshclam>
+}
--- /dev/null
+# vim:syntax=apparmor
+# Author: Jamie Strandboge <jamie@ubuntu.com>
+# Last Modified: Sun Aug 3 09:39:03 2008
+
+#include <tunables/global>
+
+/usr/sbin/clamd {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+
+ # LP: #433764:
+ capability dac_override,
+
+ # needed, when using systemd
+ capability setgid,
+ capability setuid,
+
+ @{PROC}/filesystems r,
+ @{PROC}/[0-9]*/status r,
+
+ /etc/clamav/clamd.conf r,
+
+ /usr/sbin/clamd mr,
+
+ /tmp/ rw,
+ /tmp/** krw,
+
+ /var/lib/clamav/ r,
+ /var/lib/clamav/** krw,
+ /var/log/clamav/* krw,
+
+ /{,var/}run/clamav/clamd.ctl w,
+ /{,var/}run/clamav/clamd.pid w,
+
+ /var/spool/clamsmtp/* r,
+
+ /var/spool/qpsmtpd/* r,
+
+ /var/spool/p3scan/children/** r,
+
+ /var/spool/havp/** r,
+
+ # For amavisd-new integration
+ /var/lib/amavis/tmp/** r,
+
+ # For mimedefang integration
+ /var/spool/MIMEDefang/mdefang-*/Work/ r,
+ /var/spool/MIMEDefang/mdefang-*/Work/** r,
+
+ # For use with exim
+ /var/spool/exim4/** r,
+
+ # Allow home dir to be scanned
+ @{HOME}/ r,
+ @{HOME}/** r,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.sbin.clamd>
+}
--- /dev/null
+# This file is intensionally empty to disable apparmor by default for newer
+# versions of MariaDB, while providing seamless upgrade from older versions
+# and from mysql, where apparmor is used.
+#
+# By default, we do not want to have any apparmor profile for the MariaDB
+# server. It does not provide much useful functionality/security, and causes
+# several problems for users who often are not even aware that apparmor
+# exists and runs on their system.
+#
+# Users can modify and maintain their own profile, and in this case it will
+# be used.
+#
+# When upgrading from previous version, users who modified the profile
+# will be promptet to keep or discard it, while for default installs
+# we will automatically disable the profile.
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+mQENBFOpvpgBCADkP656H41i8fpplEEB8IeLhugyC2rTEwwSclb8tQNYtUiGdna9
+m38kb0OS2DDrEdtdQb2hWCnswxaAkUunb2qq18vd3dBvlnI+C4/xu5ksZZkRj+fW
+tArNR18V+2jkwcG26m8AxIrT+m4M6/bgnSfHTBtT5adNfVcTHqiT1JtCbQcXmwVw
+WbqS6v/LhcsBE//SHne4uBCK/GHxZHhQ5jz5h+3vWeV4gvxS3Xu6v1IlIpLDwUts
+kT1DumfynYnnZmWTGc6SYyIFXTPJLtnoWDb9OBdWgZxXfHEcBsKGha+bXO+m2tHA
+gNneN9i5f8oNxo5njrL8jkCckOpNpng18BKXABEBAAG0MlNhbHRTdGFjayBQYWNr
+YWdpbmcgVGVhbSA8cGFja2FnaW5nQHNhbHRzdGFjay5jb20+iQE4BBMBAgAiBQJT
+qb6YAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAOCKFJ3le/vhkqB/0Q
+WzELZf4d87WApzolLG+zpsJKtt/ueXL1W1KA7JILhXB1uyvVORt8uA9FjmE083o1
+yE66wCya7V8hjNn2lkLXboOUd1UTErlRg1GYbIt++VPscTxHxwpjDGxDB1/fiX2o
+nK5SEpuj4IeIPJVE/uLNAwZyfX8DArLVJ5h8lknwiHlQLGlnOu9ulEAejwAKt9CU
+4oYTszYM4xrbtjB/fR+mPnYh2fBoQO4d/NQiejIEyd9IEEMd/03AJQBuMux62tjA
+/NwvQ9eqNgLw9NisFNHRWtP4jhAOsshv1WW+zPzu3ozoO+lLHixUIz7fqRk38q8Q
+9oNR31KvrkSNrFbA3D89uQENBFOpvpgBCADJ79iH10AfAfpTBEQwa6vzUI3Eltqb
+9aZ0xbZV8V/8pnuU7rqM7Z+nJgldibFk4gFG2bHCG1C5aEH/FmcOMvTKDhJSFQUx
+uhgxttMArXm2c22OSy1hpsnVG68G32Nag/QFEJ++3hNnbyGZpHnPiYgej3FrerQJ
+zv456wIsxRDMvJ1NZQB3twoCqwapC6FJE2hukSdWB5yCYpWlZJXBKzlYz/gwD/Fr
+GL578WrLhKw3UvnJmlpqQaDKwmV2s7MsoZogC6wkHE92kGPG2GmoRD3ALjmCvN1E
+PsIsQGnwpcXsRpYVCoW7e2nW4wUf7IkFZ94yOCmUq6WreWI4NggRcFC5ABEBAAGJ
+AR8EGAECAAkFAlOpvpgCGwwACgkQDgihSd5Xv74/NggA08kEdBkiWWwJZUZEy7cK
+WWcgjnRuOHd4rPeT+vQbOWGu6x4bxuVf9aTiYkf7ZjVF2lPn97EXOEGFWPZeZbH4
+vdRFH9jMtP+rrLt6+3c9j0M8SIJYwBL1+CNpEC/BuHj/Ra/cmnG5ZNhYebm76h5f
+T9iPW9fFww36FzFka4VPlvA4oB7ebBtquFg3sdQNU/MmTVV4jPFWXxh4oRDDR+8N
+1bcPnbB11b5ary99F/mqr7RgQ+YFF0uKRE3SKa7a+6cIuHEZ7Za+zhPaQlzAOZlx
+fuBmScum8uQTrEF5+Um5zkwC7EXTdH1co/+/V/fpOtxIg4XO4kcugZefVm5ERfVS
+MA==
+=dtMN
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+APT::Install-Recommends "false";
+Aptitude::Recommends-Important "false";
--- /dev/null
+APT::Authentication::TrustCDROM "true";
--- /dev/null
+APT
+{
+ NeverAutoRemove
+ {
+ "^firmware-linux.*";
+ "^linux-firmware$";
+ };
+
+ VersionedKernelPackages
+ {
+ # linux kernels
+ "linux-image";
+ "linux-headers";
+ "linux-image-extra";
+ "linux-signed-image";
+ # kfreebsd kernels
+ "kfreebsd-image";
+ "kfreebsd-headers";
+ # hurd kernels
+ "gnumach-image";
+ # (out-of-tree) modules
+ ".*-modules";
+ ".*-kernel";
+ "linux-backports-modules-.*";
+ # tools
+ "linux-tools";
+ };
+
+ Never-MarkAuto-Sections
+ {
+ "metapackages";
+ "restricted/metapackages";
+ "universe/metapackages";
+ "multiverse/metapackages";
+ "oldlibs";
+ "restricted/oldlibs";
+ "universe/oldlibs";
+ "multiverse/oldlibs";
+ };
+};
--- /dev/null
+// DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
+APT::NeverAutoRemove
+{
+ "^linux-image-3\.16\.0-1-grml-amd64$";
+ "^linux-image-3\.16\.0-4-amd64$";
+ "^linux-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-headers-3\.16\.0-1-grml-amd64$";
+ "^linux-headers-3\.16\.0-4-amd64$";
+ "^linux-headers-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-image-extra-3\.16\.0-1-grml-amd64$";
+ "^linux-image-extra-3\.16\.0-4-amd64$";
+ "^linux-image-extra-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-signed-image-3\.16\.0-1-grml-amd64$";
+ "^linux-signed-image-3\.16\.0-4-amd64$";
+ "^linux-signed-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-image-3\.16\.0-1-grml-amd64$";
+ "^kfreebsd-image-3\.16\.0-4-amd64$";
+ "^kfreebsd-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^kfreebsd-headers-3\.16\.0-1-grml-amd64$";
+ "^kfreebsd-headers-3\.16\.0-4-amd64$";
+ "^kfreebsd-headers-4\.6\.0-0\.bpo\.1-amd64$";
+ "^gnumach-image-3\.16\.0-1-grml-amd64$";
+ "^gnumach-image-3\.16\.0-4-amd64$";
+ "^gnumach-image-4\.6\.0-0\.bpo\.1-amd64$";
+ "^.*-modules-3\.16\.0-1-grml-amd64$";
+ "^.*-modules-3\.16\.0-4-amd64$";
+ "^.*-modules-4\.6\.0-0\.bpo\.1-amd64$";
+ "^.*-kernel-3\.16\.0-1-grml-amd64$";
+ "^.*-kernel-3\.16\.0-4-amd64$";
+ "^.*-kernel-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-backports-modules-.*-3\.16\.0-1-grml-amd64$";
+ "^linux-backports-modules-.*-3\.16\.0-4-amd64$";
+ "^linux-backports-modules-.*-4\.6\.0-0\.bpo\.1-amd64$";
+ "^linux-tools-3\.16\.0-1-grml-amd64$";
+ "^linux-tools-3\.16\.0-4-amd64$";
+ "^linux-tools-4\.6\.0-0\.bpo\.1-amd64$";
+};
--- /dev/null
+DPkg::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; };
+DPkg::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; };
+
+RPM::Pre-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi"; };
+RPM::Post-Invoke { "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi"; };
--- /dev/null
+// Pre-configure all packages with debconf before they are installed.
+// If you don't like it, comment it out.
+DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";};
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBFavlWMBEAC+YKENyf64sRtMCDUmbe14mY+35YHaXDLZfM73DXf/ueQawY2U
+hUEcG9adiGP/n7f5E2UMckWc21TqwM5ALXhUcdnFbkpayyPTMLrp3/2SsBVVTOO5
+j+RVrAEuVl7dBwcrcN51n3Q5E1rsBnVX+5kZ+B1wCSpk7kY8j2T7Ou+79HjBwEfQ
+X04nFIvpPZnM1Hq4ZYpomynADarWLu16WS86LkumC9Fs35bDmtQGEifDuEG8yr9k
+E0ocmNZMLfOS6OaHQMN6RYBsnF8nSrGznXvp0KQYs86YPdbjoZKpRUq3zqSsaJqv
+HgJzonZuadHI6A5Yj5CBsTwneMR3X5RPXtGmiHO/PG+G0c9ZtC5T0pTMvEx5q/o1
+HW8HilGboFxIz01Lf783F82GLA2rwGdeig4hrtgkdBddZCm5GOev7PvhTgnQ5Koc
+llUhxiyh0YlrkM1Mv7Q76lWRX3z0UtzrMDdMNt52DnO8vkm0RMYvRWeebTA74N7j
+n0/Oh8LjVh8lTdTdxruviV6+8hxDHcUy3T2Nc2knasxRdxcJ5hlwuKJ9YCeb5Pya
+LFW6e+KrdxlYnsnYBnpmbi2fFZtLEXv1q7L9wfC37BT6AQNFgjgd8lgVsnQJOTsm
+oexUinvzpuc5m/N9z9Pt6Wr4KYZ/Kh4l39Lzjlssn+I+VlXrp3ql/DRK6QARAQAB
+tDxSZXBvc2l0b3J5IEFkbWluIGZvciBGcmFuayBCcmVobSA8cGFja2FnZXNAYnJl
+aG0tb25saW5lLmNvbT6JAj4EEwECACgFAlavlWMCGwMFCRLMAwAGCwkIBwMCBhUI
+AgkKCwQWAgMBAh4BAheAAAoJELqtpQR6P8vU0GIQAKp/pJ4ArqnHoaP2OGG14B8P
+ivh7YaeZRx5HmZyJdsXLbdMJ8FM/dLvx0wqNM7HtzN11zEqroLeULPJcURiwavF0
+RndFkS9+0QIxCCYZrgpSyR+2UJgGeSzbOipND71elZQ3U6QlDJT/90XsZQwfJNUh
+Ibd3SeT1iW6ARvvZucFmcqgla67IG88Hq80RyZGoepqb73jGDsgw9/3c+Qtv7VBt
+lOZ+pgQksZHMhTWOpQ/JqOocDk6vfqzHOs+0QwbdaBxdBmRtLkBf0/uvkFvqC/R8
+JANdWvoCJqFnnI8QskbtvcnPiSLjqLtxcL+VGn5PjLD6cU8L+WyXfHMiBRZMetuw
+PFlo+Apz9o6Nh7Pg6N875zVSoJFko/w5hTqUBVIFGKCypLJEhOXfFMbTTx/b1/Gi
+yP6vp3V+n3QoxMt99THXSGOrzMu3TfDyNZGDgcq8N6T0MvOM0H0iMIZga6gbqgIm
+qPz2pSpAvZxe5/T48JpYOKiLqTd+Abx6I2scx5VqKrS9tINJWXEwAL0/oR8hcEzO
+QFgFwjwaj7RD3WSLWKy+dwhGVguLKGdPqkOuHj0yl/S6Wcfc3tNZZIm2kauvLI1l
+qp7qk+qMqeJVD0zqL1SyGSNT9YCndCewuso5VMKHyvTVL62X/xGhwAFgsK7qLFj/
+7sftZtXBk8CMv6UvxF0ouQINBFavlWMBEAC4P5+Miz+VbsFss0RHKiSs/+PgusQg
+85lk4J7zQj2S2MseJ35sJSqNX0MUSQ6BCoem+nQSwa1P4enCVonBRyWGRSbUurG/
+ip+WfrsFzHMZmr0JXw8gh/a3Zt9qwz5irERX0p6EDvwPwY411aCm4o+vdj0dPV/T
+CUX6s2dbrl2E2SAsjTzNi7bvKrPPUlufPHVp9o/LZolW40BL4C3r+1PwQFJN/0Np
+DMoKKIVdpmQcz/Ndz7+vFg4YlaeGfIOBt3kzcjt+AiSv+8L0XmtkM/W498VwkSzv
+rqUafJYPK+JtnWxgA7VyGj2fG9BncLONSAs+L1bSKKVQAt8G0H92MWIIUGDNry0b
+fM33xspNmB/7a3Bb9Cfq9eH3FWcMnBjZTGuPbKUEgVRUjyXCqIaDVvrGZBp8MLzZ
+Rg8qybxXMe9liwGdbytf34LMczO1rJN/zDkGf4mIx9LbaNFgcYCRXcb2SIpoW9F6
+hjKPf0+pRQmrelh8KMIevR1MJka3mV0tTN26gG+NBVkR8JjR766VOr5N/ebOAkcP
+GB/oBvmR4TEcqVZnYcDxmhr3Wvv4JjzbwNf0B+TYemq/9w1/IxCsNmx6WoJrdldO
+vk/iZrcF0qCTPeY0i8p+TorZfXkE6lzBqOg6YlTERPdbF1erXPkloRe7fp2iiHTF
+HVTe+0SOhSYUDwARAQABiQIlBBgBAgAPBQJWr5VjAhsMBQkSzAMAAAoJELqtpQR6
+P8vUwLsP+wcduVskRjvL5GzFoYv1fvq/V63x66s3ujWYkxYL0l5VVkcoavNl9BN8
+Ob8G1tfbSazODO8BQchqDxoD0RjZuR3E1AM8Qxx9UEP6jqhGYVAuutesRHeotkua
+QZOcpnVZ5E9SrBTt9xNu6IN8aOMN5TSwqvJsnCLQYUJtluM9luawO7d7ByGWWCpT
+oVjZ2hs4tqZXYz44pCj+TKfRZ1trYdEiQmv3hTY/LhZN3OszZZ/U7ED7UGPxdZ/D
+yCfNRIwhsTeGhB/JnxgamMShcV6p6VJWO3d2ST5wmTV+hgc12EDonAcOaL1W4gM+
+agmxoSg4utzNRK5yxBdIG/cwSeaGhvVK/PVAnfyeckm4esdgvFX0+lYbq58g/c0n
+VmVsy8sTCK7bWzw83CqQ8a4AydjGKQ5Y8aV87IyDsKnxM57l5+/bjL/eCOAolzFO
+hdoNuTkC94vB6WmIqN1FlvL9aSYpUtu+UxiF301t7WmBkuMatCvlqk4gikkY55dh
+oNAuJQCnlv5eqTJzHm41Xc0mPxVuy9shCXY3okuCPoub1pZOGtpDYaoEha34sHLl
+Iqnb4/+OaY2g4pJzevoQzRDPlPI0knUk0LRtjTyt1JpMgfr2+3EF/oFEyd4nPpgx
+EbsYN/rGbaX6tQzDFkFrUA61rjn9C2vr+LYoGcHmWX1oeyVV2OS5
+=1kpZ
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQINBFdj9dcBEADfCy/wCwo2Nbu3wT6Rg3GInCx8E8QSUtNg2sPUisKD3M9dxp0z
+2ygy9ssL4p1u7h4QK0koQW7ciuauTx31Y7Zvs7hybiOTsh9lI+5DZaz4R5whCmJb
+3FICK7jN9UmRSrh2ztJsgkbDU67SRGwtel8OuPow1O/2nOT2EGPzeaToSoctZeBN
+et/zksOs1wyghbXMEgplQBspaKfr9UAYwKwYcQer7Kw9TaD2QHt370WFV14uMD7S
+GGbD+JUNo8u4vhpjjOfEwB3IAbCAKM62WFbx0mxV+h0EcOwJ0F5vr7Q4xJgOSQXh
+V1ATi91qSRkcu1qZjrT5sdkPqBkUcnBvXlzIMbDmgB7e94OJwA9RW9n44clJe6ok
+PIdKmKfurmrssB6o0JKI3f3DXwOF4T3K7KGTKAzUexQHFe8yAQb/2h/woqzMFWVK
+qXR85S5VGfyofGLtjD8/kKPoOf1nAG7TRaJI3T7neOHncIl7gc9D8GQP+b0gpbtG
+NmFilyQAs7ygBZHF0YoUmOgInDOgizBoNCBJm5jSfdjpvzzo9IuoaN6sHMjxmwoH
+UV0M+t3L6/zNuh+r6By0ao/iyghsyh8Fcum8uHUuziLhUgJfJUidn1RFbTt0rbhk
+vzd/EuUYwwq5a01Z4qJXMHWry7JuUfgQN9B3OybZGfHmriwjcRJa5uZbxQARAQAB
+tDxSZXBvc2l0b3J5IEFkbWluIGZvciBGcmFuayBCcmVobSA8cGFja2FnZXNAYnJl
+aG0tb25saW5lLmNvbT6JAjcEEwEIACECGwMCHgECF4AFAldj/m0FCwkIBwMFFQoJ
+CAsFFgIDAQAACgkQh6jb1reW4Sq40RAA1bzL6v0PqApIlY8DTkSADKBq+7oV2mBV
+e1ZO4sj6KBolWkVlGhgUvqOUjEyNmN4NsGH2lY2n5dfwC3EIW5rz8BCC8nxWflp1
+8+YUvkKiF3SMxRVqCVvDnxDLCG4JfwCX+GTBj7FiFMHJHQIJZH9gCdYt60fxY1TL
+sDOgf8WVKZ/YF7L5IRDvPD4FpA5qV7fo/w8yWWY4ctm3iZyCYuOLo9nXY+PcJuc4
+FN+sb66blHE0Q53GgHtIZPu73mfmdrqhtGUhwgPAM+6mEyAiRwxRssrgfmyjd/ZG
+j7Uo22mUcBYs97K7/7qujNpMmxsVRm0yC3ImnciS0NHfqEU5dm6nbILqA897uyac
+Ps5CC/bzV0kFirp6oaOXFXXERC46WdU0w7+rjimpsIML+IwLy4TmWsfCR3V3Pfys
+7JrSLN2QNh3aKMloWTK0TzYcl5OzRzqzCUfUy2+GPl6j232i0jFwrbPrOpNY81Pj
+V1Cmcgtijk4u5N8tii5l4eGrb1U2Pw6dORg6su27brb9N0ouDNiRtLpagwYLnNpf
+CDTjVN3o0bGf+PnZDOf1Y4Bt22KYujTcDHzN8sozRQM05MaJj5QVbz+lrEtsRfoQ
+zZDGokvL3PxDqDkBX/1i6cx3dGFhZx0EvDgcU5+x4f33VV2dvpOoyQRbvAC2qxue
+rBwR5qJzGwy5Ag0EV2P11wEQAKkgfEIJwhnlWxWCX8/TMIH0MbdMN5j9CKk88E9/
+XCL4x9AsgkX7gqy2FlDMecq/QdgjnE5RsQNOPHLloPZoIyIKdGrHxff14iUyQT4Z
+oJAeHgVyiZRsjlJy0dicPaOD20WV5bkf2Qa8XmQ3qj791Yi5l8MuadopyaLXzOD1
+GpL5PI4bmJuWQ91ew4gQqygjc4gMzgWgQUDdpTGsPLDm1g0fEzGeQ4RwBBFb6374
+d/oghdaMM4+1KeoN+5TyCurOwZW/+mH2ex89xdx0+dRl0gShnOC9AhI6zGz9yijX
+ZFA48I53JV3pYaUEtFyGD/UDwoXnWW6ZdVIW38xrNrVxO6ZuJ3haV7jzQKm2JSkP
+u1uCvjr6avyx8EQ6O9xX+APx7XjEFVvdEkqwv2LA3swdDDKiLUTYZeMiHpzI4aD3
+s1XcWgGT5hSdvavH3390kQwRPmK8bdGT9ZFsiRrH+vp7ndUi1S49UDWKQkNHIPeW
+f61hX16EJhYxeK7Fchzqo0/mBBWpIv0WRP7iwt1C3b8Vq4FFuPG4vkmAMzEfuK23
+5IcRVHhFz6qEMxcV5PXRkUAKJGmgfBqJzBVrc3KdrVcxvdBVSDX8bzfL45nuaipp
+xbBQTruHbmSJCkLGWWLFfvm7kRT+WGVoOYxca0a9MkrzVZBTYl8FJOFIFysQDTyW
++iF7ABEBAAGJAh8EGAEIAAkFAldj9dcCGwwACgkQh6jb1reW4Sq3/g//UZ7qjNkz
+EAWsMTqzD2BsAW2rSlWJfJ5+aqTb4ilPX2lOL1q7h1JQKZ0ZJweelyIuIItVlWwm
+Cuu5fwDsmgkWflZtKkNdQ7pYiibUEMKxymILhTHn5UusfsASs8YiO/9eJtVmbuzg
+nUoSvjdhoUGDYmztmvJtQkfCJnf2fBNnnTTbHOB75M5WHPBcdKEhOHv91q3z+0nC
+OOLyIkLZ4Xwdy7zzGZSg1NOmhN59DTEqnIxA7TVAHZwh1OiY76TRfIcc9Y8LZf/t
+73z39I+lnysppfuS8CuYHGg4/AXqfVTqq5HOsVBpszIpkicd5i9dkBSwCFK/rz4s
+y4l66ft/QLg8J20EMuoIalJExFhR9svOf5jO4sjWjtjjz3QLafjAafGZjftKj6Ys
+COzn2ccQFyxT6LOCj1sYb2ZzGfPMIVf1N2iXJ4COV4ugVKE0364mEx/xwae189wd
+9ThPXCqg3K4IErNFi2hHsP08a0M9ICF+iWydQqode8q8ogFthqFY/NEzM29AUYyK
+m9AbzCBIh9DCDljnevBQ31BLt+Q0Dr0ZvG21W9yPVQrkYBR2iJ/vol3d+E8FEpiN
+3X+GofRaN3Ix1+qwIhxyT8DWtbGBVQwUQId2QuUFNZKAooWpfaoWASJNkzutJM9n
+og4IHx4/ewCHpZw0I5gSrvEl8ClADzV82g8=
+=XuBr
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+# deb http://ftp-stud.hs-esslingen.de/debian jessie main
+
+# main jessie repositories
+deb http://ftp-stud.hs-esslingen.de/debian jessie main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian jessie main contrib non-free
+
+# jessie security updates
+deb http://security.debian.org/ jessie/updates main contrib non-free
+deb-src http://security.debian.org/ jessie/updates main contrib non-free
+
+# jessie-updates, previously known as 'volatile'
+deb http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian jessie-updates main contrib non-free
+
+# jessie-backports, previously on backports.debian.org
+deb http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free
+deb-src http://ftp-stud.hs-esslingen.de/debian/ jessie-backports main contrib non-free
+
+# vim: noet ts=8
--- /dev/null
+# Packages Frank Brehm
+# ---------------------
+
+#deb http://www.brehm-online.com/debian/jessie ./
+deb http://uhu8.uhu-banane.de/Debian/jessie ./
+deb-src http://uhu8.uhu-banane.de/Sources ./
--- /dev/null
+deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main
--- /dev/null
+# apticron.conf
+#
+# set EMAIL to a space separated list of addresses which will be notified of
+# impending updates
+#
+EMAIL="root"
+
+#
+# Set DIFF_ONLY to "1" to only output the difference of the current run
+# compared to the last run (ie. only new upgrades since the last run). If there
+# are no differences, no output/email will be generated. By default, apticron
+# will output everything that needs to be upgraded.
+#
+# DIFF_ONLY="1"
+
+#
+# Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges
+# with the --profile option. You should add a corresponding profile to
+# /etc/apt/listchanges.conf
+#
+# LISTCHANGES_PROFILE="apticron"
+
+#
+# From hostname manpage: "Displays all FQDNs of the machine. This option
+# enumerates all configured network addresses on all configured network inter‐
+# faces, and translates them to DNS domain names. Addresses that cannot be
+# translated (i.e. because they do not have an appro‐ priate reverse DNS
+# entry) are skipped. Note that different addresses may resolve to the same
+# name, therefore the output may contain duplicate entries. Do not make any
+# assumptions about the order of the output."
+#
+# ALL_FQDNS="1"
+
+#
+# Set SYSTEM if you would like apticron to use something other than the output
+# of "hostname -f" for the system name in the mails it generates. This option
+# overrides the ALL_FQDNS above.
+#
+# SYSTEM="foobar.example.com"
+
+#
+# Set IPADDRESSNUM if you would like to configure the maximal number of IP
+# addresses apticron displays. The default is to display 1 address of each
+# family type (inet, inet6), if available.
+#
+# IPADDRESSNUM="1"
+
+#
+# Set IPADDRESSES to a whitespace separated list of reachable addresses for
+# this system. By default, apticron will try to work these out using the
+# "ip" command
+#
+# IPADDRESSES="192.0.2.1 2001:db8:1:2:3::1"
+
+#
+# Set NOTIFY_HOLDS="0" if you don't want to be notified about new versions of
+# packages on hold in your system. The default behavior is downloading and
+# listing them as any other package.
+#
+# NOTIFY_HOLDS="0"
+
+#
+# Set NOTIFY_NEW="0" if you don't want to be notified about packages which
+# are not installed in your system. Yes, it's possible! There are some issues
+# related to systems which have mixed stable/unstable sources. In these cases
+# apt-get will consider for example that packages with "Priority:
+# required"/"Essential: yes" in unstable but not in stable should be installed,
+# so they will be listed in dist-upgrade output. Please take a look at
+# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531002#44
+#
+# NOTIFY_NEW="0"
+
+#
+# Set NOTIFY_NO_UPDATES="0" if you don't want to be notified when there is no
+# new versions. Set to 1 could assure you that apticron works well.
+#
+# NOTIFY_NO_UPDATES="0"
+
+#
+# Set CUSTOM_SUBJECT if you want to replace the default subject used in
+# the notification e-mails. This may help filtering/sorting client-side e-mail.
+# If you want to use internal vars please use single quotes here. Ex:
+# $CUSTOM_SUBJECT='[apticron] $SYSTEM: $NUM_PACKAGES package update(s)'
+#
+# CUSTOM_SUBJECT=""
+
+# Set CUSTOM_NO_UPDATES_SUBJECT if you want to replace the default subject used
+# in the no update notification e-mails. This may help filtering/sorting
+# client-side e-mail.
+# If you want to use internal vars please use single quotes here. Ex:
+# $CUSTOM_NO_UPDATES_SUBJECT='[apticron] $SYSTEM: no updates'
+#
+# CUSTOM_NO_UPDATES_SUBJECT=""
+
+#
+# Set CUSTOM_FROM if you want to replace the default sender by changing the
+# 'From:' field used in the notification e-mails. Your default sender will
+# be something like root@sarah.uhu-banane.de.
+#
+# CUSTOM_FROM=""
--- /dev/null
+alias
+backup
+bin
+daemon
+ftp
+games
+gnats
+guest
+irc
+lp
+mail
+man
+nobody
+operator
+proxy
+qmaild
+qmaill
+qmailp
+qmailq
+qmailr
+qmails
+sync
+sys
+www-data
--- /dev/null
+# System-wide .bashrc file for interactive bash(1) shells.
+
+# To enable the settings / commands in this file for login shells as well,
+# this file has to be sourced in /etc/profile.
+
+# If not running interactively, don't do anything
+[ -z "$PS1" ] && return
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+ debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, overwrite the one in /etc/profile)
+PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+
+# Commented out, don't overwrite xterm -T "title" -n "icontitle" by default.
+# If this is an xterm set the title to user@host:dir
+#case "$TERM" in
+#xterm*|rxvt*)
+# PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
+# ;;
+#*)
+# ;;
+#esac
+
+# enable bash completion in interactive shells
+#if ! shopt -oq posix; then
+# if [ -f /usr/share/bash-completion/bash_completion ]; then
+# . /usr/share/bash-completion/bash_completion
+# elif [ -f /etc/bash_completion ]; then
+# . /etc/bash_completion
+# fi
+#fi
+
+# if the command-not-found package is installed, use it
+if [ -x /usr/lib/command-not-found -o -x /usr/share/command-not-found/command-not-found ]; then
+ function command_not_found_handle {
+ # check because c-n-f could've been removed in the meantime
+ if [ -x /usr/lib/command-not-found ]; then
+ /usr/lib/command-not-found -- "$1"
+ return $?
+ elif [ -x /usr/share/command-not-found/command-not-found ]; then
+ /usr/share/command-not-found/command-not-found -- "$1"
+ return $?
+ else
+ printf "%s: command not found\n" "$1" >&2
+ return 127
+ fi
+ }
+fi
--- /dev/null
+. /usr/share/bash-completion/bash_completion
--- /dev/null
+have debconf-show &&
+_debconf_show()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+ COMPREPLY=($( compgen -W '--listowners --listdbs --db=' -- $cur ) \
+ $( apt-cache pkgnames -- $cur ) )
+}
+complete -F _debconf_show debconf-show
+
--- /dev/null
+_etckeeper() {
+ local cur;
+ COMPREPLY=();
+ cur=${COMP_WORDS[COMP_CWORD]};
+ COMPREPLY=( $( compgen -W '$(cd /etc/etckeeper/; for i in *.d/; do echo ${i%.d/}; done)' -- $cur ) );
+}
+
+complete -F _etckeeper etckeeper
--- /dev/null
+# fail2ban bash-completion -*- shell-script -*-
+#
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+__fail2ban_jails () {
+ "$1" status 2>/dev/null | awk -F"\t+" '/Jail list/{print $2}' | sed 's/, / /g'
+}
+
+_fail2ban () {
+ local cur prev words cword
+ _init_completion || return
+
+ case $prev in
+ -V|--version|-h|--help)
+ return 0 # No further completion valid
+ ;;
+ -c)
+ _filedir -d # Directories
+ return 0
+ ;;
+ -s|-p)
+ _filedir # Files
+ return 0
+ ;;
+ *)
+ if [[ "$cur" == "-"* ]];then
+ COMPREPLY=( $( compgen -W \
+ "$( _parse_help "$1" --help 2>/dev/null) -V" \
+ -- "$cur") )
+ return 0
+ fi
+ ;;
+ esac
+
+ if [[ "$1" == *"fail2ban-regex" ]];then
+ _filedir
+ return 0
+ elif [[ "$1" == *"fail2ban-client" ]];then
+ local cmd jail
+ case $prev in
+ "$1")
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ [a-z]+/{print $1}')" \
+ -- "$cur") )
+ return 0
+ ;;
+ start|reload|stop|status)
+ COMPREPLY=( $(compgen -W "$(__fail2ban_jails "$1")" -- "$cur" ) )
+ return 0
+ ;;
+ set|get)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ '$prev' [^<]/{print $2}')" \
+ -- "$cur") )
+ COMPREPLY+=( $(compgen -W "$(__fail2ban_jails "$1")" -- "$cur" ) )
+ return 0
+ ;;
+ *)
+ if [[ "${words[$cword-2]}" == "add" ]];then
+ COMPREPLY=( $( compgen -W "auto polling gamin pyinotify" -- "$cur" ) )
+ return 0
+ elif [[ "${words[$cword-2]}" == "set" || "${words[$cword-2]}" == "get" ]];then
+ cmd="${words[cword-2]}"
+ # Handle in section below
+ elif [[ "${words[$cword-3]}" == "set" || "${words[$cword-3]}" == "get" ]];then
+ cmd="${words[$cword-3]}"
+ jail="${words[$cword-2]}"
+ # Handle in section below
+ fi
+ ;;
+ esac
+
+ if [[ -z "$jail" && -n "$cmd" ]];then
+ case $prev in
+ loglevel)
+ if [[ "$cmd" == "set" ]];then
+ COMPREPLY=( $( compgen -W "0 1 2 3 4" -- "$cur" ) )
+ fi
+ return 0
+ ;;
+ logtarget)
+ if [[ "$cmd" == "set" ]];then
+ COMPREPLY=( $( compgen -W "STDOUT STDERR SYSLOG" -- "$cur" ) )
+ _filedir # And files
+ fi
+ return 0
+ ;;
+ *) # Jail name
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" --help 2>/dev/null | awk '/^ '${cmd}' <JAIL>/{print $3}')" \
+ -- "$cur") )
+ return 0
+ ;;
+ esac
+ elif [[ -n "$jail" && "$cmd" == "set" ]];then
+ case $prev in
+ addlogpath)
+ _filedir
+ return 0
+ ;;
+ dellogpath|delignoreip)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F- '{print $2}')" \
+ -- "$cur" ) )
+ if [[ -z "$COMPREPLY" && "$prev" == "dellogpath" ]];then
+ _filedir
+ fi
+ return 0
+ ;;
+ delfailregex|delignoregex)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F"[][]" '{print $2}')" \
+ -- "$cur" ) )
+ return 0
+ ;;
+ unbanip)
+ COMPREPLY=( $( compgen -W \
+ "$( "$1" status "$jail" 2>/dev/null | awk -F"\t+" '/IP list:/{print $2}')" \
+ -- "$cur" ) )
+ return 0
+ ;;
+ idle)
+ COMPREPLY=( $( compgen -W "on off" -- "$cur" ) )
+ return 0
+ ;;
+ usedns)
+ COMPREPLY=( $( compgen -W "yes no warn" -- "$cur" ) )
+ return 0
+ ;;
+ esac
+ fi
+
+ fi # fail2ban-client
+} &&
+complete -F _fail2ban fail2ban-client fail2ban-server fail2ban-regex
--- /dev/null
+# In git versions < 1.7.12, this shell library was part of the
+# git completion script.
+#
+# Some users rely on the __git_ps1 function becoming available
+# when bash-completion is loaded. Continue to load this library
+# at bash-completion startup for now, to ease the transition to a
+# world order where the prompt function is requested separately.
+#
+if [[ -e /usr/lib/git-core/git-sh-prompt ]]; then
+ . /usr/lib/git-core/git-sh-prompt
+fi
--- /dev/null
+#
+# Bash completion for grub
+#
+# Copyright (C) 2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+# bash completion for grub
+
+__grub_dir() {
+ local i c=1 boot_dir
+
+ for (( c=1; c <= ${#COMP_WORDS[@]}; c++ )); do
+ i="${COMP_WORDS[c]}"
+ case "$i" in
+ --boot-directory)
+ c=$((++c))
+ i="${COMP_WORDS[c]}"
+ boot_dir="${i##*=}";
+ break
+ ;;
+ esac
+ done
+ boot_dir=${boot_dir-/boot}
+ echo "${boot_dir%/}/grub"
+}
+
+
+# This function generates completion reply with compgen
+# - arg: accepts 1, 2, 3, or 4 arguments
+# $1 wordlist separate by space, tab or newline
+# $2 (optional) prefix to add
+# $3 (optional) current word to complete
+# $4 (optional) suffix to add
+__grubcomp () {
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ if [ $# -gt 2 ]; then
+ cur="$3"
+ fi
+ case "$cur" in
+ --*=)
+ COMPREPLY=()
+ ;;
+ *)
+ local IFS=' '$'\t'$'\n'
+ COMPREPLY=($(compgen -P "${2-}" -W "${1-}" -S "${4-}" -- "$cur"))
+ ;;
+ esac
+}
+
+# Function that return long options from the help of the command
+# - arg: $1 (optional) command to get the long options from
+__grub_get_options_from_help () {
+ local prog
+
+ if [ $# -ge 1 ]; then
+ prog="$1"
+ else
+ prog="${COMP_WORDS[0]}"
+ fi
+
+ local i IFS=" "$'\t'$'\n'
+ for i in $(LC_ALL=C $prog --help)
+ do
+ case $i in
+ --*) echo "${i%=*}";;
+ esac
+ done
+}
+
+# Function that return long options from the usage of the command
+# - arg: $1 (optional) command to get the long options from
+__grub_get_options_from_usage () {
+ local prog
+
+ if [ $# -ge 1 ]; then
+ prog="$1"
+ else
+ prog="${COMP_WORDS[0]}"
+ fi
+
+ local i IFS=" "$'\t'$'\n'
+ for i in $(LC_ALL=C $prog --usage)
+ do
+ case $i in
+ \[--*\]) i=${i#[} # Remove leading [
+ echo ${i%%?(=*)]} # Remove optional value and trailing ]
+ ;;
+ esac
+ done
+}
+
+__grub_get_last_option () {
+ local i
+ for (( i=$COMP_CWORD-1; i > 0; i-- )); do
+ if [[ "${COMP_WORDS[i]}" == -* ]]; then
+ echo "${COMP_WORDS[i]}"
+ break;
+ fi
+ done
+}
+
+__grub_list_menuentries () {
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ local config_file=$(__grub_dir)/grub.cfg
+
+ if [ -f "$config_file" ];then
+ local IFS=$'\n'
+ COMPREPLY=( $(compgen \
+ -W "$( awk -F "[\"']" '/menuentry/ { print $2 }' $config_file )" \
+ -- "$cur" )) #'# Help emacs syntax highlighting
+ fi
+}
+
+__grub_list_modules () {
+ local grub_dir=$(__grub_dir)
+ local IFS=$'\n'
+ COMPREPLY=( $( compgen -f -X '!*/*.mod' -- "${grub_dir}/$cur" | {
+ while read -r tmp; do
+ [ -n $tmp ] && {
+ tmp=${tmp##*/}
+ printf '%s\n' ${tmp%.mod}
+ }
+ done
+ }
+ ))
+}
+
+#
+# grub-set-default & grub-reboot
+#
+_grub_set_entry () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ --boot-directory)
+ _filedir -d
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a menuentry
+ __grub_list_menuentries
+ fi
+}
+
+__grub_set_default_program="grub-set-default"
+have ${__grub_set_default_program} && \
+ complete -F _grub_set_entry -o filenames ${__grub_set_default_program}
+unset __grub_set_default_program
+
+__grub_reboot_program="grub-reboot"
+have ${__grub_reboot_program} && \
+ complete -F _grub_set_entry -o filenames ${__grub_reboot_program}
+unset __grub_reboot_program
+
+
+#
+# grub-editenv
+#
+_grub_editenv () {
+ local cur prev
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ case "$prev" in
+ create|list|set|unset)
+ COMPREPLY=( "" )
+ return
+ ;;
+ esac
+
+ __grubcomp "$(__grub_get_options_from_help)
+ create list set unset"
+}
+
+__grub_editenv_program="grub-editenv"
+have ${__grub_editenv_program} && \
+ complete -F _grub_editenv -o filenames ${__grub_editenv_program}
+unset __grub_editenv_program
+
+
+#
+# grub-mkconfig
+#
+_grub_mkconfig () {
+ local cur prev
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ _filedir
+ fi
+}
+__grub_mkconfig_program="grub-mkconfig"
+have ${__grub_mkconfig_program} && \
+ complete -F _grub_mkconfig -o filenames ${__grub_mkconfig_program}
+unset __grub_mkconfig_program
+
+
+#
+# grub-setup
+#
+_grub_setup () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -d|--directory)
+ _filedir -d
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+
+__grub_bios_setup_program="grub-bios-setup"
+have ${__grub_bios_setup_program} && \
+ complete -F _grub_setup -o filenames ${__grub_bios_setup_program}
+unset __grub_bios_setup_program
+
+__grub_sparc64_setup_program="grub-sparc64-setup"
+have ${__grub_sparc64_setup_program} && \
+ complete -F _grub_setup -o filenames ${__grub_sparc64_setup_program}
+unset __grub_sparc64_setup_program
+
+
+#
+# grub-install
+#
+_grub_install () {
+ local cur prev last split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ last=$(__grub_get_last_option)
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ --boot-directory)
+ _filedir -d
+ return
+ ;;
+ --disk-module)
+ __grubcomp "biosdisk ata"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ case "$last" in
+ --modules)
+ __grub_list_modules
+ return
+ ;;
+ esac
+
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_install_program="grub-install"
+have ${__grub_install_program} && \
+ complete -F _grub_install -o filenames ${__grub_install_program}
+unset __grub_install_program
+
+
+#
+# grub-mkfont
+#
+_grub_mkfont () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkfont_program="grub-mkfont"
+have ${__grub_mkfont_program} && \
+ complete -F _grub_mkfont -o filenames ${__grub_mkfont_program}
+unset __grub_mkfont_program
+
+
+#
+# grub-mkrescue
+#
+_grub_mkrescue () {
+ local cur prev last
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+ last=$(__grub_get_last_option)
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ case "$last" in
+ --modules)
+ __grub_list_modules
+ return
+ ;;
+ esac
+
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkrescue_program="grub-mkrescue"
+have ${__grub_mkrescue_program} && \
+ complete -F _grub_mkrescue -o filenames ${__grub_mkrescue_program}
+unset __grub_mkrescue_program
+
+
+#
+# grub-mkimage
+#
+_grub_mkimage () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -d|--directory|-p|--prefix)
+ _filedir -d
+ return
+ ;;
+ -O|--format)
+ # Get available format from help
+ local prog=${COMP_WORDS[0]}
+ __grubcomp "$(LC_ALL=C $prog --help | \
+ awk -F ":" '/available formats/ { print $2 }' | \
+ sed 's/, / /g')"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkimage_program="grub-mkimage"
+have ${__grub_mkimage_program} && \
+ complete -F _grub_mkimage -o filenames ${__grub_mkimage_program}
+unset __grub_mkimage_program
+
+
+#
+# grub-mkpasswd-pbkdf2
+#
+_grub_mkpasswd_pbkdf2 () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_mkpasswd_pbkdf2_program="grub-mkpasswd-pbkdf2"
+have ${__grub_mkpasswd_pbkdf2_program} && \
+ complete -F _grub_mkpasswd_pbkdf2 -o filenames ${__grub_mkpasswd_pbkdf2_program}
+unset __grub_mkpasswd_pbkdf2_program
+
+
+#
+# grub-probe
+#
+_grub_probe () {
+ local cur prev split=false
+
+ COMPREPLY=()
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ _split_longopt && split=true
+
+ case "$prev" in
+ -t|--target)
+ # Get target type from help
+ local prog=${COMP_WORDS[0]}
+ __grubcomp "$(LC_ALL=C $prog --help | \
+ awk -F "[()]" '/--target=/ { print $2 }' | \
+ sed 's/|/ /g')"
+ return
+ ;;
+ esac
+
+ $split && return 0
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_probe_program="grub-probe"
+have ${__grub_probe_program} && \
+ complete -F _grub_probe -o filenames ${__grub_probe_program}
+unset __grub_probe_program
+
+
+#
+# grub-script-check
+#
+_grub_script_check () {
+ local cur
+
+ COMPREPLY=()
+ cur=`_get_cword`
+
+ if [[ "$cur" == -* ]]; then
+ __grubcomp "$(__grub_get_options_from_help)"
+ else
+ # Default complete with a filename
+ _filedir
+ fi
+}
+__grub_script_check_program="grub-script-check"
+have ${__grub_script_check_program} && \
+ complete -F _grub_script_check -o filenames ${__grub_script_check_program}
+
+
+# Local variables:
+# mode: shell-script
+# sh-basic-offset: 4
+# sh-indent-comment: t
+# indent-tabs-mode: nil
+# End:
+# ex: ts=4 sw=4 et filetype=sh
--- /dev/null
+# update-initramfs(8) completion
+
+_update_initramfs()
+{
+ local cur prev valid_options
+
+ # TODO: this can be "_get_comp_words_by_ref cur prev" once
+ # bash-completion >= 1.2 is available, see #537139
+ cur=$(_get_cword)
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ # The only option that takes an argument is -k
+ if [[ "$prev" == '-k' ]]; then
+ # Complete with kernel versions
+ _kernel_versions
+ COMPREPLY=( $( compgen -W '${COMPREPLY[@]} all' -- "$cur" ) )
+ return;
+ fi
+
+ # Complete with available options (obtained from -h)
+ valid_options=$( update-initramfs -h 2>&1 | \
+ sed -e '/^ -/!d;s/^ \(-\w\+\).*/\1/' )
+ COMPREPLY=( $( compgen -W "$valid_options" -- $cur ) )
+}
+
+complete -F _update_initramfs update-initramfs
--- /dev/null
+# insserv(8) completion
+#
+# Copyright (c) 2009 Kel Modderman <kel@otaku42.de>
+#
+
+have insserv &&
+_insserv()
+{
+ local cur prev sysvdir services options
+
+ cur=`_get_cword`
+ prev=${COMP_WORDS[COMP_CWORD-1]}
+
+ [ -d /etc/rc.d/init.d ] && sysvdir=/etc/rc.d/init.d \
+ || sysvdir=/etc/init.d
+
+ services=( $(echo $sysvdir/!(README*|*.dpkg*|*.rpm@(orig|new|save))) )
+ services=( ${services[@]#$sysvdir/} )
+ options=( -c --config -d -f -n -o --override -p --path -r -v )
+
+ case "$prev" in
+ -c|--config)
+ _filedir
+ ;;
+ -o|--override|-p|--path)
+ _filedir -d
+ ;;
+ *)
+ COMPREPLY=( $( compgen -W '${options[@]} ${services[@]}' -- \
+ $cur ) )
+ ;;
+ esac
+
+ return 0
+} &&
+complete -F _insserv insserv
--- /dev/null
+# /etc/bash_completion.d/isoquery
+# Programmable Bash command completion for the ‘isoquery’ command.
+
+shopt -s progcomp
+
+_isoquery_completion () {
+ local cur prev opts
+
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+
+ opts="-h --help -v --version"
+ opts="${opts} -i --iso -x --xmlfile -l --locale -0 --null"
+ opts="${opts} -n --name -o --official_name -c --common_name"
+
+ case "${prev}" in
+ -i|--iso)
+ local standards=(639 639-3 639-5 3166 3166-2 4217 15924)
+ COMPREPLY=( $(compgen -W "${standards[*]}" -- ${cur}) )
+ ;;
+
+ -x|--xmlfile)
+ COMPREPLY=( $(compgen -A file -- ${cur}) )
+ ;;
+
+ -l|--locale)
+ local locale_names=$(locale --all-locales)
+ COMPREPLY=( $(compgen -W "${locale_names}" -- ${cur}) )
+ ;;
+
+ *)
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ ;;
+ esac
+}
+
+complete -F _isoquery_completion isoquery
+
+
+# Local variables:
+# coding: utf-8
+# mode: shell-script
+# End:
+# vim: fileencoding=utf-8 filetype=bash :
--- /dev/null
+# written by David Pravec
+# - feel free to /msg alekibango on IRC if you want to talk about this file
+
+# TODO: check if --config|-c was used and use configured config file for queries
+# TODO: solve somehow completion for salt -G pythonversion:[tab]
+# (not sure what to do with lists)
+# TODO: --range[tab] -- how?
+# TODO: -E --exsel[tab] -- how?
+# TODO: --compound[tab] -- how?
+# TODO: use history to extract some words, esp. if ${cur} is empty
+# TODO: TEST EVERYTING a lot
+# TODO: cache results of some functions? where? how long?
+# TODO: is it ok to use '--timeout 2' ?
+
+
+_salt_get_grains(){
+ if [ "$1" = 'local' ] ; then
+ salt-call --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d ",']" |sed 's:\([a-z0-9]\) :\1\: :g'
+ else
+ salt '*' --timeout 2 --out=txt -- grains.ls | sed 's/^.*\[//' | tr -d ",']" |sed 's:\([a-z0-9]\) :\1\: :g'
+ fi
+}
+
+_salt_get_grain_values(){
+ if [ "$1" = 'local' ] ; then
+ salt-call --out=txt -- grains.item $1 |sed 's/^\S*:\s//' |grep -v '^\s*$'
+ else
+ salt '*' --timeout 2 --out=txt -- grains.item $1 |sed 's/^\S*:\s//' |grep -v '^\s*$'
+ fi
+}
+
+
+_salt(){
+ local cur prev opts _salt_grains _salt_coms pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+
+ opts="-h --help -d --doc --documentation --version --versions-report -c \
+ --config-dir= -v --verbose -t --timeout= -s --static -b --batch= \
+ --batch-size= -E --pcre -L --list -G --grain --grain-pcre -N \
+ --nodegroup -R --range -C --compound -X --exsel -I --pillar \
+ --return= -a --auth= --eauth= --extended-auth= -T --make-token -S \
+ --ipcidr --out=pprint --out=yaml --out=overstatestage --out=json \
+ --out=raw --out=highstate --out=key --out=txt --no-color --out-indent= "
+
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ # 2 special cases for filling up grain values
+ case "${pprev}" in
+ -G|--grain|--grain-pcre)
+ if [ "${cur}" = ":" ]; then
+ COMPREPLY=($(compgen -W "`_salt_get_grain_values ${prev}`" ))
+ return 0
+ fi
+ ;;
+ esac
+ case "${ppprev}" in
+ -G|--grain|--grain-pcre)
+ if [ "${prev}" = ":" ]; then
+ COMPREPLY=( $(compgen -W "`_salt_get_grain_values ${pprev}`" -- ${cur}) )
+ return 0
+ fi
+ ;;
+ esac
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case "${prev}" in
+
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ salt)
+ COMPREPLY=($(compgen -W "\'*\' ${opts} `salt-key --no-color -l acc`" -- ${cur}))
+ return 0
+ ;;
+ -E|--pcre)
+ COMPREPLY=($(compgen -W "`salt-key --no-color -l acc`" -- ${cur}))
+ return 0
+ ;;
+ -G|--grain|--grain-pcre)
+ COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur}))
+ return 0
+ ;;
+ -C|--compound)
+ COMPREPLY=() # TODO: finish this one? how?
+ return 0
+ ;;
+ -t|--timeout)
+ COMPREPLY=($( compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 60 90 120 180" -- ${cur}))
+ return 0
+ ;;
+ -b|--batch|--batch-size)
+ COMPREPLY=($(compgen -W "1 2 3 4 5 6 7 8 9 10 15 20 30 40 50 60 70 80 90 100 120 150 200"))
+ return 0
+ ;;
+ -X|--exsel) # TODO: finish this one? how?
+ return 0
+ ;;
+ -N|--nodegroup)
+ MASTER_CONFIG='/etc/salt/master'
+ COMPREPLY=($(compgen -W "`awk -F ':' 'BEGIN {print_line = 0}; /^nodegroups/ {print_line = 1;getline } print_line && /^ */ {print $1} /^[^ ]/ {print_line = 0}' <${MASTER_CONFIG}`" -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ _salt_coms="$(salt '*' --timeout 2 --out=txt -- sys.list_functions | sed 's/^.*\[//' | tr -d ",']" )"
+ all="${opts} ${_salt_coms}"
+ COMPREPLY=( $(compgen -W "${all}" -- ${cur}) )
+
+ return 0
+}
+
+complete -F _salt salt
+
+
+_saltkey(){
+ local cur prev opts prev pprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-c --config-dir= -h --help --version --versions-report -q --quiet \
+ -y --yes --gen-keys= --gen-keys-dir= --keysize= --key-logfile= \
+ -l --list= -L --list-all -a --accept= -A --accept-all \
+ -r --reject= -R --reject-all -p --print= -P --print-all \
+ -d --delete= -D --delete-all -f --finger= -F --finger-all \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case "${prev}" in
+ -a|--accept)
+ COMPREPLY=($(compgen -W "$(salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -r|--reject)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -d|--delete)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ --keysize)
+ COMPREPLY=($(compgen -W "2048 3072 4096 5120 6144" -- ${cur}))
+ return 0
+ ;;
+ --gen-keys)
+ return 0
+ ;;
+ --gen-keys-dir)
+ COMPREPLY=($(compgen -d -- ${cur}))
+ return 0
+ ;;
+ -p|--print)
+ COMPREPLY=($(compgen -W "$(salt-key -l acc --no-color; salt-key -l un --no-color; salt-key -l rej --no-color)" -- ${cur}))
+ return 0
+ ;;
+ -l|--list)
+ COMPREPLY=($(compgen -W "pre un acc accepted unaccepted rej rejected all" -- ${cur}))
+ return 0
+ ;;
+ --accept-all)
+ return 0
+ ;;
+ esac
+ COMPREPLY=($(compgen -W "${opts} " -- ${cur}))
+ return 0
+}
+
+complete -F _saltkey salt-key
+
+_saltcall(){
+ local cur prev opts _salt_coms pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-h --help -d --doc --documentation --version --versions-report \
+ -m --module-dirs= -g --grains --return= --local -c --config-dir= -l --log-level= \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [ ${COMP_CWORD} -gt 2 ]; then
+ pprev="${COMP_WORDS[COMP_CWORD-2]}"
+ fi
+ if [ ${COMP_CWORD} -gt 3 ]; then
+ ppprev="${COMP_WORDS[COMP_CWORD-3]}"
+ fi
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ ${prev} == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ ${pprev} == --* ]]; then
+ prev="${pprev}"
+ fi
+
+ case ${prev} in
+ -m|--module-dirs)
+ COMPREPLY=( $(compgen -d ${cur} ))
+ return 0
+ ;;
+ -l|--log-level)
+ COMPREPLY=( $(compgen -W "info none garbage trace warning error debug" -- ${cur}))
+ return 0
+ ;;
+ -g|grains)
+ return 0
+ ;;
+ salt-call)
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ _salt_coms="$(salt-call --out=txt -- sys.list_functions|sed 's/^.*\[//' | tr -d ",']" )"
+ COMPREPLY=( $(compgen -W "${opts} ${_salt_coms}" -- ${cur} ))
+ return 0
+}
+
+complete -F _saltcall salt-call
+
+
+_saltcp(){
+ local cur prev opts target prefpart postpart helper filt pprev ppprev
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ opts="-t --timeout= -s --static -b --batch= --batch-size= \
+ -h --help --version --versions-report -c --config-dir= \
+ -E --pcre -L --list -G --grain --grain-pcre -N --nodegroup \
+ -R --range -C --compound -X --exsel -I --pillar \
+ --out=pprint --out=yaml --out=overstatestage --out=json --out=raw \
+ --out=highstate --out=key --out=txt --no-color --out-indent= "
+ if [[ "${cur}" == -* ]] ; then
+ COMPREPLY=($(compgen -W "${opts}" -- ${cur}))
+ return 0
+ fi
+
+ if [ "${cur}" = "=" ] && [[ "${prev}" == --* ]]; then
+ cur=""
+ fi
+ if [ "${prev}" = "=" ] && [[ "${pprev}" == --* ]]; then
+ prev=${pprev}
+ fi
+
+ case ${prev} in
+ salt-cp)
+ COMPREPLY=($(compgen -W "${opts} `salt-key -l acc --no-color`" -- ${cur}))
+ return 0
+ ;;
+ -t|--timeout)
+ # those numbers are just a hint
+ COMPREPLY=($(compgen -W "2 3 4 8 10 15 20 25 30 40 60 90 120 180 240 300" -- ${cur} ))
+ return 0
+ ;;
+ -E|--pcre)
+ COMPREPLY=($(compgen -W "`salt-key -l acc --no-color`" -- ${cur}))
+ return 0
+ ;;
+ -L|--list)
+ # IMPROVEMENTS ARE WELCOME
+ prefpart="${cur%,*},"
+ postpart=${cur##*,}
+ filt="^\($(echo ${cur}| sed 's:,:\\|:g')\)$"
+ helper=($(salt-key -l acc --no-color | grep -v "${filt}" | sed "s/^/${prefpart}/"))
+ COMPREPLY=($(compgen -W "${helper[*]}" -- ${cur}))
+
+ return 0
+ ;;
+ -G|--grain|--grain-pcre)
+ COMPREPLY=($(compgen -W "$(_salt_get_grains)" -- ${cur}))
+ return 0
+ ;;
+ # FIXME
+ -R|--range)
+ # FIXME ??
+ return 0
+ ;;
+ -C|--compound)
+ # FIXME ??
+ return 0
+ ;;
+ -c|--config)
+ COMPREPLY=($(compgen -f -- ${cur}))
+ return 0
+ ;;
+ esac
+
+ # default is using opts:
+ COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
+}
+
+complete -F _saltcp salt-cp
--- /dev/null
+complete -W "--msgbox --yesno --infobox --inputbox --passwordbox --textbox --menu --checklist \
+ --radiochecklist --gauge --clear --defaultno --default-item \
+ --fb --nocancel --yes-button --no-button --ok-button \
+ --cancel-button -noitem --separate-output --output-fd \
+ --title --backtitle -scrolltext --toplefti \
+ --help" -f whiptail
--- /dev/null
+#
+# This file contains a list of port numbers between 600 and 1024,
+# which should not be used by bindresvport. bindresvport is mostly
+# called by RPC services. This mostly solves the problem, that a
+# RPC service uses a well known port of another service.
+#
+631 # cups
+636 # ldaps
+655 # tinc
+774 # rpasswd
+783 # spamd
+873 # rsync
+921 # lwresd
+993 # imaps
+995 # pops
--- /dev/null
+# This file lists certificates that you wish to use or to ignore to be
+# installed in /etc/ssl/certs.
+# update-ca-certificates(8) will update /etc/ssl/certs by reading this file.
+#
+# This is autogenerated by dpkg-reconfigure ca-certificates.
+# Certificates should be installed under /usr/share/ca-certificates
+# and files with extension '.crt' is recognized as available certs.
+#
+# line begins with # is comment.
+# line begins with ! is certificate filename to be deselected.
+#
+mozilla/ACCVRAIZ1.crt
+mozilla/ACEDICOM_Root.crt
+mozilla/AC_Raíz_Certicámara_S.A..crt
+mozilla/Actalis_Authentication_Root_CA.crt
+mozilla/AddTrust_External_Root.crt
+mozilla/AddTrust_Low-Value_Services_Root.crt
+mozilla/AddTrust_Public_Services_Root.crt
+mozilla/AddTrust_Qualified_Certificates_Root.crt
+mozilla/AffirmTrust_Commercial.crt
+mozilla/AffirmTrust_Networking.crt
+mozilla/AffirmTrust_Premium.crt
+mozilla/AffirmTrust_Premium_ECC.crt
+mozilla/ApplicationCA_-_Japanese_Government.crt
+mozilla/Atos_TrustedRoot_2011.crt
+mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
+mozilla/Baltimore_CyberTrust_Root.crt
+mozilla/Buypass_Class_2_CA_1.crt
+mozilla/Buypass_Class_2_Root_CA.crt
+mozilla/Buypass_Class_3_Root_CA.crt
+mozilla/CA_Disig.crt
+mozilla/CA_Disig_Root_R1.crt
+mozilla/CA_Disig_Root_R2.crt
+mozilla/Camerfirma_Chambers_of_Commerce_Root.crt
+mozilla/Camerfirma_Global_Chambersign_Root.crt
+mozilla/CA_WoSign_ECC_Root.crt
+mozilla/Certification_Authority_of_WoSign_G2.crt
+mozilla/Certigna.crt
+mozilla/Certinomis_-_Autorité_Racine.crt
+mozilla/Certinomis_-_Root_CA.crt
+mozilla/Certplus_Class_2_Primary_CA.crt
+mozilla/certSIGN_ROOT_CA.crt
+mozilla/Certum_Root_CA.crt
+mozilla/Certum_Trusted_Network_CA.crt
+mozilla/CFCA_EV_ROOT.crt
+mozilla/Chambers_of_Commerce_Root_-_2008.crt
+mozilla/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
+mozilla/CNNIC_ROOT.crt
+mozilla/Comodo_AAA_Services_root.crt
+mozilla/COMODO_Certification_Authority.crt
+mozilla/COMODO_ECC_Certification_Authority.crt
+mozilla/COMODO_RSA_Certification_Authority.crt
+mozilla/Comodo_Secure_Services_root.crt
+mozilla/Comodo_Trusted_Services_root.crt
+mozilla/ComSign_CA.crt
+mozilla/Cybertrust_Global_Root.crt
+mozilla/Deutsche_Telekom_Root_CA_2.crt
+mozilla/DigiCert_Assured_ID_Root_CA.crt
+mozilla/DigiCert_Assured_ID_Root_G2.crt
+mozilla/DigiCert_Assured_ID_Root_G3.crt
+mozilla/DigiCert_Global_Root_CA.crt
+mozilla/DigiCert_Global_Root_G2.crt
+mozilla/DigiCert_Global_Root_G3.crt
+mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
+mozilla/DigiCert_Trusted_Root_G4.crt
+mozilla/DST_ACES_CA_X6.crt
+mozilla/DST_Root_CA_X3.crt
+mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
+mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
+mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
+mozilla/EC-ACC.crt
+mozilla/EE_Certification_Centre_Root_CA.crt
+mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
+mozilla/Entrust_Root_Certification_Authority.crt
+mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
+mozilla/Entrust_Root_Certification_Authority_-_G2.crt
+mozilla/ePKI_Root_Certification_Authority.crt
+mozilla/Equifax_Secure_CA.crt
+mozilla/Equifax_Secure_eBusiness_CA_1.crt
+mozilla/Equifax_Secure_Global_eBusiness_CA.crt
+mozilla/E-Tugra_Certification_Authority.crt
+mozilla/GeoTrust_Global_CA_2.crt
+mozilla/GeoTrust_Global_CA.crt
+mozilla/GeoTrust_Primary_Certification_Authority.crt
+mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
+mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt
+mozilla/GeoTrust_Universal_CA_2.crt
+mozilla/GeoTrust_Universal_CA.crt
+mozilla/Global_Chambersign_Root_-_2008.crt
+mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
+mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
+mozilla/GlobalSign_Root_CA.crt
+mozilla/GlobalSign_Root_CA_-_R2.crt
+mozilla/GlobalSign_Root_CA_-_R3.crt
+mozilla/Go_Daddy_Class_2_CA.crt
+mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
+mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
+mozilla/Hongkong_Post_Root_CA_1.crt
+mozilla/IdenTrust_Commercial_Root_CA_1.crt
+mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
+mozilla/IGC_A.crt
+mozilla/Izenpe.com.crt
+mozilla/Juur-SK.crt
+mozilla/Microsec_e-Szigno_Root_CA_2009.crt
+mozilla/Microsec_e-Szigno_Root_CA.crt
+mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
+mozilla/NetLock_Business_=Class_B=_Root.crt
+mozilla/NetLock_Express_=Class_C=_Root.crt
+mozilla/NetLock_Notary_=Class_A=_Root.crt
+mozilla/NetLock_Qualified_=Class_QA=_Root.crt
+mozilla/Network_Solutions_Certificate_Authority.crt
+mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt
+mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
+mozilla/PSCProcert.crt
+mozilla/QuoVadis_Root_CA_1_G3.crt
+mozilla/QuoVadis_Root_CA_2.crt
+mozilla/QuoVadis_Root_CA_2_G3.crt
+mozilla/QuoVadis_Root_CA_3.crt
+mozilla/QuoVadis_Root_CA_3_G3.crt
+mozilla/QuoVadis_Root_CA.crt
+mozilla/Root_CA_Generalitat_Valenciana.crt
+mozilla/RSA_Security_2048_v3.crt
+mozilla/Secure_Global_CA.crt
+mozilla/SecureSign_RootCA11.crt
+mozilla/SecureTrust_CA.crt
+mozilla/Security_Communication_EV_RootCA1.crt
+mozilla/Security_Communication_RootCA2.crt
+mozilla/Security_Communication_Root_CA.crt
+mozilla/Sonera_Class_1_Root_CA.crt
+mozilla/Sonera_Class_2_Root_CA.crt
+mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
+mozilla/Staat_der_Nederlanden_Root_CA.crt
+mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
+mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
+mozilla/Starfield_Class_2_CA.crt
+mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
+mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
+mozilla/StartCom_Certification_Authority_2.crt
+mozilla/StartCom_Certification_Authority.crt
+mozilla/StartCom_Certification_Authority_G2.crt
+mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
+mozilla/S-TRUST_Universal_Root_CA.crt
+mozilla/Swisscom_Root_CA_1.crt
+mozilla/Swisscom_Root_CA_2.crt
+mozilla/Swisscom_Root_EV_CA_2.crt
+mozilla/SwissSign_Gold_CA_-_G2.crt
+mozilla/SwissSign_Platinum_CA_-_G2.crt
+mozilla/SwissSign_Silver_CA_-_G2.crt
+mozilla/Taiwan_GRCA.crt
+mozilla/TC_TrustCenter_Class_3_CA_II.crt
+mozilla/TeliaSonera_Root_CA_v1.crt
+mozilla/thawte_Primary_Root_CA.crt
+mozilla/thawte_Primary_Root_CA_-_G2.crt
+mozilla/thawte_Primary_Root_CA_-_G3.crt
+mozilla/Trustis_FPS_Root_CA.crt
+mozilla/T-TeleSec_GlobalRoot_Class_2.crt
+mozilla/T-TeleSec_GlobalRoot_Class_3.crt
+mozilla/TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
+mozilla/TURKTRUST_Certificate_Services_Provider_Root_2007.crt
+mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt
+mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt
+mozilla/TWCA_Global_Root_CA.crt
+mozilla/TWCA_Root_Certification_Authority.crt
+mozilla/USERTrust_ECC_Certification_Authority.crt
+mozilla/USERTrust_RSA_Certification_Authority.crt
+mozilla/UTN_USERFirst_Email_Root_CA.crt
+mozilla/UTN_USERFirst_Hardware_Root_CA.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt
+mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt
+mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
+mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt
+mozilla/VeriSign_Universal_Root_Certification_Authority.crt
+mozilla/Visa_eCommerce_Root.crt
+mozilla/WellsSecure_Public_Root_Certificate_Authority.crt
+mozilla/WoSign_China.crt
+mozilla/WoSign.crt
+mozilla/XRamp_Global_CA_Root.crt
+spi-inc.org/spi-cacert-2008.crt
--- /dev/null
+/* This is the system-wide default calendar file, used if calendar(1)
+ * is invoked by a user without a ~/calendar or ~/.calendar/calendar file.
+ * It may be edited or even deleted to reflect local policy.
+ *
+ * In the standard setup, we simply include the default calendar
+ * definitions from /usr/share/calendar/calendar.all. If you want
+ * only some of those definitions, copy calendar.all to /etc/calendar
+ * and edit it there. That way, your changes will be kept next time
+ * you upgrade.
+ *
+ * The search path for include files is:
+ * /etc/calendar
+ * /usr/share/calendar
+ */
+#include "calendar.all"
--- /dev/null
+# This the default chrony.conf file for the Debian chrony package. After
+# editing this file use the command 'invoke-rc.d chrony restart' to make
+# your changes take effect. John Hasler <jhasler@debian.org> 1998-2008
+
+# See www.pool.ntp.org for an explanation of these servers. Please
+# consider joining the project if possible. If you can't or don't want to
+# use these servers I suggest that you try your ISP's nameservers. We mark
+# the servers 'offline' so that chronyd won't try to connect when the link
+# is down. Scripts in /etc/ppp/ip-up.d and /etc/ppp/ip-down.d use chronyc
+# commands to switch it on when a dialup link comes up and off when it goes
+# down. Code in /etc/init.d/chrony attempts to determine whether or not
+# the link is up at boot time and set the online status accordingly. If
+# you have an always-on connection such as cable omit the 'offline'
+# directive and chronyd will default to online.
+#
+# Note that if Chrony tries to go "online" and dns lookup of the servers
+# fails they will be discarded. Thus under some circumstances it is
+# better to use IP numbers than host names.
+
+server 0.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 1.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 2.debian.pool.ntp.org auto_offline iburst minpoll 8
+server 3.debian.pool.ntp.org auto_offline iburst minpoll 8
+
+# Look here for the admin password needed for chronyc. The initial
+# password is generated by a random process at install time. You may
+# change it if you wish.
+
+keyfile /etc/chrony/chrony.keys
+
+# Set runtime command key. Note that if you change the key (not the
+# password) to anything other than 1 you will need to edit
+# /etc/ppp/ip-up.d/chrony, /etc/ppp/ip-down.d/chrony, /etc/init.d/chrony
+# and /etc/cron.weekly/chrony as these scripts use it to get the password.
+
+commandkey 1
+
+# I moved the driftfile to /var/lib/chrony to comply with the Debian
+# filesystem standard.
+
+driftfile /var/lib/chrony/chrony.drift
+
+# Comment this line out to turn off logging.
+
+log tracking measurements statistics
+logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+
+maxupdateskew 100.0
+
+# Dump measurements when daemon exits.
+
+dumponexit
+
+# Specify directory for dumping measurements.
+
+dumpdir /var/lib/chrony
+
+# Let computer be a server when it is unsynchronised.
+
+local stratum 10
+
+# GRIDSCALE - Disable server functionality and only bind on localhost
+bindcmdaddress 127.0.0.1
+bindcmdaddress ::1
+port 0
+
+# GRIDSCALE - Allow stepping the clock. Normally, it’s recommended to allow the step only in
+# the first few updates, but in some cases (a virtual machine which can be suspended and resumed
+# with incorrect time) it may be necessary to allow the step at any clock update.
+makestep 1 -1
+
+# Allow computers on the unrouted nets to use the server.
+
+allow 10/8
+allow 192.168/16
+allow 172.16/12
+
+# This directive forces `chronyd' to send a message to syslog if it
+# makes a system clock adjustment larger than a threshold value in seconds.
+
+logchange 0.5
+
+# This directive defines an email address to which mail should be sent
+# if chronyd applies a correction exceeding a particular threshold to the
+# system clock.
+
+# mailonchange root@localhost 0.5
+
+# This directive tells chrony to regulate the real-time clock and tells it
+# Where to store related data. It may not work on some newer motherboards
+# that use the HPET real-time clock. It requires enhanced real-time
+# support in the kernel. I've commented it out because with certain
+# combinations of motherboard and kernel it is reported to cause lockups.
+
+# rtcfile /var/lib/chrony/chrony.rtc
+
+# If the last line of this file reads 'rtconutc' chrony will assume that
+# the CMOS clock is on UTC (GMT). If it reads '# rtconutc' or is absent
+# chrony will assume local time. The line (if any) was written by the
+# chrony postinst based on what it found in /etc/default/rcS. You may
+# change it if necessary.
+rtconutc
--- /dev/null
+1 V3WQr7Er
--- /dev/null
+#Automatically Generated by clamav-daemon postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
+#Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogRotate true
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose false
+DatabaseDirectory /var/lib/clamav
+OfficialDatabaseOnly false
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+MaxEmbeddedPE 10M
+ScanOLE2 true
+ScanPDF true
+ScanHTML true
+MaxHTMLNormalize 10M
+MaxHTMLNoTags 2M
+MaxScriptNormalize 5M
+MaxZipTypeRcg 1M
+ScanSWF true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+CrossFilesystems true
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+PartitionIntersection false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+ScanOnAccess false
+AllowAllMatchScan true
+ForceToDisk false
+DisableCertCheck false
+DisableCache false
+MaxScanSize 100M
+MaxFileSize 25M
+MaxRecursion 16
+MaxFiles 10000
+MaxPartitions 50
+MaxIconsPE 100
+PCREMatchLimit 10000
+PCRERecMatchLimit 5000
+PCREMaxFileSize 25M
+ScanXMLDOCS true
+ScanHWP3 true
+MaxRecHWP3 16
+StatsEnabled false
+StatsPEDisabled true
+StatsHostID auto
+StatsTimeout 10
+StreamMaxLength 25M
+#LogFile /var/log/clamav/clamav.log
+LogTime true
+#LogFileUnlock false
+#LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
--- /dev/null
+#Automatically Generated by clamav-daemon postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
+#Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogRotate true
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose false
+DatabaseDirectory /var/lib/clamav
+OfficialDatabaseOnly false
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+MaxEmbeddedPE 10M
+ScanOLE2 true
+ScanPDF true
+ScanHTML true
+MaxHTMLNormalize 10M
+MaxHTMLNoTags 2M
+MaxScriptNormalize 5M
+MaxZipTypeRcg 1M
+ScanSWF true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+CrossFilesystems true
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+PartitionIntersection false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+ScanOnAccess false
+AllowAllMatchScan true
+ForceToDisk false
+DisableCertCheck false
+DisableCache false
+MaxScanSize 100M
+MaxFileSize 25M
+MaxRecursion 16
+MaxFiles 10000
+MaxPartitions 50
+MaxIconsPE 100
+PCREMatchLimit 10000
+PCRERecMatchLimit 5000
+PCREMaxFileSize 25M
+ScanXMLDOCS true
+ScanHWP3 true
+MaxRecHWP3 16
+StatsEnabled false
+StatsPEDisabled true
+StatsHostID auto
+StatsTimeout 10
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
--- /dev/null
+# Automatically created by the clamav-freshclam postinst
+# Comments will get lost when you reconfigure the clamav-freshclam package
+
+DatabaseOwner clamav
+UpdateLogFile /var/log/clamav/freshclam.log
+LogVerbose false
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogFileMaxSize 0
+LogRotate true
+LogTime true
+Foreground false
+Debug false
+MaxAttempts 5
+DatabaseDirectory /var/lib/clamav
+DNSDatabaseInfo current.cvd.clamav.net
+ConnectTimeout 30
+ReceiveTimeout 30
+TestDatabases yes
+ScriptedUpdates yes
+CompressLocalDatabase no
+SafeBrowsing false
+Bytecode true
+NotifyClamd /etc/clamav/clamd.conf
+# Check for new database 24 times a day
+Checks 24
+DatabaseMirror db.local.clamav.net
+DatabaseMirror database.clamav.net
--- /dev/null
+# Automatically created by the clamav-freshclam postinst
+# Comments will get lost when you reconfigure the clamav-freshclam package
+
+DatabaseOwner clamav
+UpdateLogFile /var/log/clamav/freshclam.log
+LogVerbose false
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogFileMaxSize 0
+LogRotate true
+LogTime true
+Foreground false
+Debug false
+MaxAttempts 5
+DatabaseDirectory /var/lib/clamav
+DNSDatabaseInfo current.cvd.clamav.net
+ConnectTimeout 30
+ReceiveTimeout 30
+TestDatabases yes
+ScriptedUpdates yes
+CompressLocalDatabase no
+SafeBrowsing false
+Bytecode true
+NotifyClamd /etc/clamav/clamd.conf
+# Check for new database 24 times a day
+Checks 24
+DatabaseMirror db.local.clamav.net
+DatabaseMirror database.clamav.net
--- /dev/null
+# Example colordiffrc file for dark backgrounds
+#
+# Set banner=no to suppress authorship info at top of
+# colordiff output
+banner=no
+# By default, when colordiff output is being redirected
+# to a file, it detects this and does not colour-highlight
+# To make the patch file *include* colours, change the option
+# below to 'yes'
+color_patches=no
+# Sometimes it can be useful to specify which diff command to
+# use: that can be specified here
+diff_cmd=diff
+#
+# available colours are: white, yellow, green, blue,
+# cyan, red, magenta, black,
+# darkwhite, darkyellow, darkgreen,
+# darkblue, darkcyan, darkred,
+# darkmagenta, darkblack
+#
+# Can also specify 'none', 'normal' or 'off' which are all
+# aliases for the same thing, namely "don't colour highlight
+# this, use the default output colour"
+#
+plain=off
+newtext=blue
+oldtext=red
+diffstuff=magenta
+cvsstuff=green
--- /dev/null
+# Compose sequences for ARMSCII-8
--- /dev/null
+# Compose sequences for CP1251
--- /dev/null
+# Compose sequences for CP1255
--- /dev/null
+# Compose sequences for CP1256
--- /dev/null
+# Compose sequences for GEORGIAN-ACADEMY
--- /dev/null
+# Compose sequences for GEORGIAN-PS
--- /dev/null
+# Compose sequences for IBM1133
--- /dev/null
+# Compose sequences for ISIRI-3342
--- /dev/null
+# Compose sequences for ISO-8859-1
+compose '!' '!' to '¡'
+compose '!' '^' to '¦'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' ',' to '¸'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose '1' '2' to '½'
+compose '1' '4' to '¼'
+compose '1' 's' to '¹'
+compose '2' 's' to '²'
+compose '3' '4' to '¾'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'A' 'O' to 'Å'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Ç'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'ç'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '!' to '¦'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 'o' 'x' to '¤'
+compose 's' '0' to '§'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'b' to '¦'
+compose 'x' '0' to '¤'
+compose '|' 'c' to '¢'
+compose '|' '|' to '¦'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-10
--- /dev/null
+# Compose sequences for ISO-8859-11
--- /dev/null
+# Compose sequences for ISO-8859-13
+compose '!' '^' to '¦'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '<' to '´'
+compose '"' '>' to '¡'
+compose '"' 'A' to 'Ä'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose ',' '>' to '¥'
+compose ',' 'A' to 'À'
+compose ',' 'E' to 'Æ'
+compose ',' 'G' to 'Ì'
+compose ',' 'I' to 'Á'
+compose ',' 'K' to 'Í'
+compose ',' 'L' to 'Ï'
+compose ',' 'N' to 'Ò'
+compose ',' 'R' to 'ª'
+compose ',' 'U' to 'Ø'
+compose ',' 'a' to 'à'
+compose ',' 'e' to 'æ'
+compose ',' 'g' to 'ì'
+compose ',' 'i' to 'á'
+compose ',' 'k' to 'í'
+compose ',' 'l' to 'ï'
+compose ',' 'n' to 'ò'
+compose ',' 'r' to 'º'
+compose ',' 'u' to 'ø'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Â'
+compose '-' 'E' to 'Ç'
+compose '-' 'I' to 'Î'
+compose '-' 'L' to 'Ù'
+compose '-' 'O' to 'Ô'
+compose '-' 'U' to 'Û'
+compose '-' 'a' to 'â'
+compose '-' 'e' to 'ç'
+compose '-' 'i' to 'î'
+compose '-' 'l' to 'ù'
+compose '-' 'o' to 'ô'
+compose '-' 'u' to 'û'
+compose '.' '.' to '·'
+compose '.' 'A' to 'Å'
+compose '.' 'E' to 'Ë'
+compose '.' 'Z' to 'Ý'
+compose '.' '^' to '·'
+compose '.' 'a' to 'å'
+compose '.' 'e' to 'ë'
+compose '.' 'z' to 'ý'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'L' to 'Ù'
+compose '/' 'O' to '¨'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'l' to 'ù'
+compose '/' 'o' to '¸'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose '1' '2' to '½'
+compose '1' '4' to '¼'
+compose '2' 's' to '²'
+compose '3' '4' to '¾'
+compose ':' '-' to '÷'
+compose ';' 'A' to 'À'
+compose ';' 'E' to 'Æ'
+compose ';' 'I' to 'Á'
+compose ';' 'U' to 'Ø'
+compose ';' 'a' to 'à'
+compose ';' 'e' to 'æ'
+compose ';' 'i' to 'á'
+compose ';' 'u' to 'ø'
+compose '<' '"' to '´'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'C' to 'È'
+compose '<' 'S' to 'Ð'
+compose '<' 'Z' to 'Þ'
+compose '<' '\'' to '`'
+compose '<' 'c' to 'è'
+compose '<' 's' to 'ð'
+compose '<' 'z' to 'þ'
+compose '=' 'l' to '£'
+compose '>' '"' to '¡'
+compose '>' ',' to '¥'
+compose '>' '>' to '»'
+compose '>' '\'' to 'ÿ'
+compose '?' '?' to '¿'
+compose 'A' 'E' to '¯'
+compose 'A' 'O' to 'Å'
+compose '\'' '<' to '`'
+compose '\'' '>' to 'ÿ'
+compose '\'' 'C' to 'Ã'
+compose '\'' 'E' to 'É'
+compose '\'' 'N' to 'Ñ'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'S' to 'Ú'
+compose '\'' 'Z' to 'Ê'
+compose '\'' '\'' to 'ÿ'
+compose '\'' 'c' to 'ã'
+compose '\'' 'e' to 'é'
+compose '\'' 'n' to 'ñ'
+compose '\'' 'o' to 'ó'
+compose '\'' 's' to 'ú'
+compose '\'' 'z' to 'ê'
+compose '^' '!' to '¦'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '_' 'A' to 'Â'
+compose '_' 'E' to 'Ç'
+compose '_' 'I' to 'Î'
+compose '_' 'O' to 'Ô'
+compose '_' 'U' to 'Û'
+compose '_' 'a' to 'â'
+compose '_' 'e' to 'ç'
+compose '_' 'i' to 'î'
+compose '_' 'o' to 'ô'
+compose '_' 'u' to 'û'
+compose 'a' 'e' to '¿'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' 'o' to '©'
+compose 'm' 'u' to 'µ'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose '|' 'c' to '¢'
+compose '|' '|' to '¦'
+compose '~' 'O' to 'Õ'
+compose '~' 'o' to 'õ'
+compose '°' 'A' to 'Å'
+compose '°' 'E' to 'Ë'
+compose '°' 'Z' to 'Ý'
+compose '°' 'a' to 'å'
+compose '°' 'e' to 'ë'
+compose '°' 'z' to 'ý'
--- /dev/null
+# Compose sequences for ISO-8859-14
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'W' to '½'
+compose '"' 'Y' to '¯'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'w' to '¾'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' 'A' to 'Ã'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' 'a' to 'ã'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '.' 'B' to '¡'
+compose '.' 'D' to '¦'
+compose '.' 'F' to '°'
+compose '.' 'G' to '²'
+compose '.' 'M' to '´'
+compose '.' 'P' to '·'
+compose '.' 'S' to '»'
+compose '.' 'T' to '×'
+compose '.' 'b' to '¢'
+compose '.' 'c' to '¥'
+compose '.' 'd' to '«'
+compose '.' 'f' to '±'
+compose '.' 'g' to '³'
+compose '.' 'm' to 'µ'
+compose '.' 'p' to '¹'
+compose '.' 's' to '¿'
+compose '.' 't' to '÷'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'o' to 'ø'
+compose '0' 'c' to '©'
+compose '0' 'r' to '®'
+compose '0' 's' to '§'
+compose '<' '/' to '\\'
+compose '=' 'l' to '£'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose 'A' 'E' to 'Æ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'W' to 'ª'
+compose '\'' 'Y' to 'Ý'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'w' to 'º'
+compose '\'' 'y' to 'ý'
+compose '^' '/' to '|'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' 'W' to 'Ð'
+compose '^' 'Y' to 'Þ'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '^' 'w' to 'ð'
+compose '^' 'y' to 'þ'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'W' to '¨'
+compose '`' 'Y' to '¬'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose '`' 'w' to '¸'
+compose '`' 'y' to '¼'
+compose 'a' 'e' to 'æ'
+compose 'a' 't' to '@'
+compose 'c' 'o' to '©'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 'r' '0' to '®'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
--- /dev/null
+# Compose sequences for ISO-8859-15
+compose '!' '!' to '¡'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '"'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'c' to 'ç'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '1' 's' to '¹'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'S' to '¦'
+compose '<' 'Z' to '´'
+compose '<' 's' to '¨'
+compose '<' 'z' to '¸'
+compose '=' 'c' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'A' 'O' to 'Å'
+compose 'O' 'E' to '¼'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Ç'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '\''
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'ç'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'a' 'o' to 'å'
+compose 'a' 't' to '@'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'e' '=' to '¤'
+compose 'o' 'c' to '©'
+compose 'o' 'e' to '½'
+compose 'o' 'r' to '®'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'l' to '|'
+compose '|' 'c' to '¢'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-16
--- /dev/null
+# Compose sequences for ISO-8859-2
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'U' to 'Ù'
+compose '*' 'u' to 'ù'
+compose '+' '+' to '#'
+compose ',' ',' to '¸'
+compose ',' 'A' to '¡'
+compose ',' 'C' to 'Ç'
+compose ',' 'E' to 'Ê'
+compose ',' 'S' to 'ª'
+compose ',' 'T' to 'Þ'
+compose ',' 'a' to '±'
+compose ',' 'c' to 'ç'
+compose ',' 'e' to 'ê'
+compose ',' 's' to 'º'
+compose ',' 't' to 'þ'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'D' to 'Ð'
+compose '-' 'd' to 'ð'
+compose '.' '.' to 'ÿ'
+compose '.' 'C' to 'Å'
+compose '.' 'E' to 'Ì'
+compose '.' 'I' to '©'
+compose '.' 'U' to 'Ù'
+compose '.' 'Z' to '¯'
+compose '.' 'c' to 'å'
+compose '.' 'e' to 'ì'
+compose '.' 'i' to '¹'
+compose '.' 'u' to 'ù'
+compose '.' 'z' to '¿'
+compose '.' ' ' to 'ÿ'
+compose '.' 'ÿ' to 'ÿ'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '0' 's' to '§'
+compose '0' 'x' to '¤'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '·'
+compose '<' 'C' to 'È'
+compose '<' 'D' to 'Ï'
+compose '<' 'E' to 'Ì'
+compose '<' 'L' to '¥'
+compose '<' 'N' to 'Ò'
+compose '<' 'R' to 'Ø'
+compose '<' 'S' to '©'
+compose '<' 'T' to '«'
+compose '<' 'Z' to '®'
+compose '<' 'c' to 'è'
+compose '<' 'd' to 'ï'
+compose '<' 'e' to 'ì'
+compose '<' 'l' to 'µ'
+compose '<' 'n' to 'ò'
+compose '<' 'r' to 'ø'
+compose '<' 's' to '¹'
+compose '<' 't' to '»'
+compose '<' 'z' to '¾'
+compose '>' 'A' to 'Â'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'a' to 'â'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose 'A' 'U' to 'Ã'
+compose 'L' '-' to '£'
+compose 'O' 'E' to '¼'
+compose 'Z' '.' to '¯'
+compose '\'' 'A' to 'Á'
+compose '\'' 'C' to 'Æ'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'L' to 'Å'
+compose '\'' 'N' to 'Ñ'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'R' to 'À'
+compose '\'' 'S' to '¦'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' 'Z' to '¬'
+compose '\'' '\'' to '½'
+compose '\'' 'a' to 'á'
+compose '\'' 'c' to 'æ'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'l' to 'å'
+compose '\'' 'n' to 'ñ'
+compose '\'' 'o' to 'ó'
+compose '\'' 'r' to 'à'
+compose '\'' 's' to '¶'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '\'' 'z' to '¼'
+compose '^' '/' to '|'
+compose '^' 'A' to 'Â'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'a' to 'â'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '_' ' ' to '¯'
+compose 'a' 'U' to 'ã'
+compose 'l' '-' to '³'
+compose 'o' 'e' to '½'
+compose 'o' 'x' to '¤'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose 'v' 'l' to '|'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose 'z' '.' to '¿'
+compose '¢' 'A' to 'Ã'
+compose '¢' 'a' to 'ã'
+compose '°' 'A' to 'Å'
+compose '°' 'U' to 'Ù'
+compose '°' 'a' to 'å'
+compose '°' 'u' to 'ù'
+compose '°' ' ' to '°'
+compose '°' '°' to '°'
+compose '²' 'A' to '¡'
+compose '²' 'E' to 'Ê'
+compose '²' 'a' to '±'
+compose '²' 'e' to 'ê'
+compose '·' 'C' to 'È'
+compose '·' 'D' to 'Ï'
+compose '·' 'E' to 'Ì'
+compose '·' 'L' to '¥'
+compose '·' 'N' to 'Ò'
+compose '·' 'R' to 'Ø'
+compose '·' 'S' to '©'
+compose '·' 'T' to '«'
+compose '·' 'Z' to '®'
+compose '·' 'c' to 'è'
+compose '·' 'd' to 'ï'
+compose '·' 'e' to 'ì'
+compose '·' 'l' to 'µ'
+compose '·' 'n' to 'ò'
+compose '·' 'r' to 'ø'
+compose '·' 's' to '¹'
+compose '·' 't' to '»'
+compose '·' 'z' to '¾'
+compose '¸' 'C' to 'Ç'
+compose '¸' 'S' to 'ª'
+compose '¸' 'T' to 'Þ'
+compose '¸' 'c' to 'ç'
+compose '¸' 's' to 'º'
+compose '¸' 't' to 'þ'
--- /dev/null
+# Compose sequences for ISO-8859-3
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'G' to '«'
+compose '(' 'U' to 'Ý'
+compose '(' 'g' to '»'
+compose '(' 'r' to '®'
+compose '(' 'u' to 'ý'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '+' '+' to '#'
+compose ',' ',' to '¸'
+compose ',' 'C' to 'Ç'
+compose ',' 'S' to 'ª'
+compose ',' 'c' to 'ç'
+compose ',' 's' to 'º'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'H' to '¡'
+compose '-' 'O' to 'Õ'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'h' to '±'
+compose '-' 'l' to '£'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' 'C' to 'Å'
+compose '.' 'G' to 'Õ'
+compose '.' 'I' to '©'
+compose '.' 'Z' to '¯'
+compose '.' '^' to '·'
+compose '.' 'c' to 'å'
+compose '.' 'g' to 'õ'
+compose '.' 'i' to '¹'
+compose '.' 'z' to '¿'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '/' 'u' to 'µ'
+compose '0' 's' to '§'
+compose '2' 's' to '²'
+compose '3' 's' to '³'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '=' 'c' to '¤'
+compose '=' 'e' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' 'A' to 'Â'
+compose '>' 'C' to 'Æ'
+compose '>' 'E' to 'Ê'
+compose '>' 'G' to 'Ø'
+compose '>' 'H' to '¦'
+compose '>' 'I' to 'Î'
+compose '>' 'J' to '¬'
+compose '>' 'O' to 'Ô'
+compose '>' 'S' to 'Þ'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'c' to 'æ'
+compose '>' 'e' to 'ê'
+compose '>' 'g' to 'ø'
+compose '>' 'h' to '¶'
+compose '>' 'i' to 'î'
+compose '>' 'j' to '¼'
+compose '>' 'o' to 'ô'
+compose '>' 's' to 'þ'
+compose '>' 'u' to 'û'
+compose 'G' 'U' to '«'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'C' to 'Æ'
+compose '^' 'E' to 'Ê'
+compose '^' 'G' to 'Ø'
+compose '^' 'H' to '¦'
+compose '^' 'I' to 'Î'
+compose '^' 'J' to '¬'
+compose '^' 'O' to 'Ô'
+compose '^' 'S' to 'Þ'
+compose '^' 'U' to 'Û'
+compose '^' 'a' to 'â'
+compose '^' 'c' to 'æ'
+compose '^' 'e' to 'ê'
+compose '^' 'g' to 'ø'
+compose '^' 'h' to '¶'
+compose '^' 'i' to 'î'
+compose '^' 'j' to '¼'
+compose '^' 'o' to 'ô'
+compose '^' 's' to 'þ'
+compose '^' 'u' to 'û'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'g' 'U' to '»'
+compose 'o' 'r' to '®'
+compose 's' '0' to '§'
+compose 's' 'o' to '§'
+compose 'u' 'u' to 'ý'
+compose 'v' 'l' to '|'
+compose '~' 'A' to 'Ã'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'o' to 'õ'
+compose '¢' 'G' to '«'
+compose '¢' 'U' to 'Ý'
+compose '¢' 'g' to '»'
+compose '¢' 'u' to 'ý'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'Y' to '¾'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
+compose '¸' 'S' to 'ª'
+compose '¸' 's' to 'º'
--- /dev/null
+# Compose sequences for ISO-8859-4
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose ',' ',' to '¸'
+compose ',' 'A' to '¡'
+compose ',' 'E' to 'Ê'
+compose ',' 'G' to '«'
+compose ',' 'I' to 'Ç'
+compose ',' 'K' to 'Ó'
+compose ',' 'L' to '¦'
+compose ',' 'N' to 'Ñ'
+compose ',' 'R' to '£'
+compose ',' 'U' to 'Ù'
+compose ',' 'a' to '±'
+compose ',' 'e' to 'ê'
+compose ',' 'g' to '»'
+compose ',' 'i' to 'ç'
+compose ',' 'k' to 'ó'
+compose ',' 'l' to '¶'
+compose ',' 'n' to 'ñ'
+compose ',' 'r' to '³'
+compose ',' 'u' to 'ù'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'À'
+compose '-' 'D' to 'Ð'
+compose '-' 'E' to 'ª'
+compose '-' 'I' to 'Ï'
+compose '-' 'O' to 'Ò'
+compose '-' 'U' to 'Þ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'à'
+compose '-' 'd' to 'ð'
+compose '-' 'e' to 'º'
+compose '-' 'i' to 'ï'
+compose '-' 'o' to 'ò'
+compose '-' 'u' to 'þ'
+compose '.' '.' to 'ÿ'
+compose '.' 'E' to 'Ì'
+compose '.' 'e' to 'ì'
+compose '.' 'ÿ' to 'ÿ'
+compose '/' 'O' to 'Ø'
+compose '/' 'T' to '¬'
+compose '/' 'o' to 'ø'
+compose '/' 't' to '¼'
+compose '0' 's' to '§'
+compose ':' '-' to '÷'
+compose '<' '<' to '·'
+compose '<' 'C' to 'È'
+compose '<' 'S' to '©'
+compose '<' 'Z' to '®'
+compose '<' 'c' to 'è'
+compose '<' 's' to '¹'
+compose '<' 'z' to '¾'
+compose '>' 'A' to 'Â'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose 'A' 'E' to 'Æ'
+compose 'N' 'G' to '½'
+compose 'T' '-' to '¬'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'U' to 'Ú'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'u' to 'ú'
+compose '^' '-' to '¯'
+compose '^' 'A' to 'Â'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' 'A' to 'À'
+compose '_' 'E' to 'ª'
+compose '_' 'I' to 'Ï'
+compose '_' 'O' to 'Ò'
+compose '_' 'U' to 'Þ'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'à'
+compose '_' 'e' to 'º'
+compose '_' 'i' to 'ï'
+compose '_' 'o' to 'ò'
+compose '_' 'u' to 'þ'
+compose '_' '¯' to '¯'
+compose 'a' 'e' to 'æ'
+compose 'n' 'g' to '¿'
+compose 'o' 'x' to '¤'
+compose 's' 'o' to '§'
+compose 't' '-' to '¼'
+compose 'x' '0' to '¤'
+compose 'x' 'o' to '¤'
+compose '~' 'A' to 'Ã'
+compose '~' 'I' to '¥'
+compose '~' 'O' to 'Õ'
+compose '~' 'U' to 'Ý'
+compose '~' 'a' to 'ã'
+compose '~' 'i' to 'µ'
+compose '~' 'o' to 'õ'
+compose '~' 'u' to 'ý'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
--- /dev/null
+# Compose sequences for ISO-8859-5
--- /dev/null
+# Compose sequences for ISO-8859-6
--- /dev/null
+# Compose sequences for ISO-8859-7
+compose '!' '^' to '¦'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'É' to 'Ú'
+compose '"' 'Õ' to 'Û'
+compose '"' 'é' to 'ú'
+compose '"' 'õ' to 'û'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'c' to '©'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' '-' to '¬'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' 'l' to '£'
+compose '.' '.' to '·'
+compose '.' '^' to '·'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' '^' to '|'
+compose '0' 's' to '§'
+compose '1' '2' to '½'
+compose '2' 's' to '²'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' '\'' to '¡'
+compose '=' 'l' to '£'
+compose '>' '>' to '»'
+compose '>' '\'' to '¢'
+compose '\'' '<' to '¡'
+compose '\'' '>' to '¢'
+compose '\'' '\'' to '´'
+compose '\'' 'Á' to '¶'
+compose '\'' 'Å' to '¸'
+compose '\'' 'Ç' to '¹'
+compose '\'' 'É' to 'º'
+compose '\'' 'Ï' to '¼'
+compose '\'' 'Õ' to '¾'
+compose '\'' 'Ù' to '¿'
+compose '\'' 'á' to 'Ü'
+compose '\'' 'å' to 'Ý'
+compose '\'' 'ç' to 'Þ'
+compose '\'' 'é' to 'ß'
+compose '\'' 'ï' to 'ü'
+compose '\'' 'õ' to 'ý'
+compose '\'' 'ù' to 'þ'
+compose '^' '!' to '¦'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose 'a' 't' to '@'
+compose 'b' 'v' to '¦'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'o' 'c' to '©'
+compose 'o' 's' to '§'
+compose 's' '0' to '§'
+compose 's' '3' to '³'
+compose 's' 'o' to '§'
+compose 'v' 'b' to '¦'
+compose 'v' 'l' to '|'
+compose '|' '|' to '¦'
+compose '~' '~' to '¯'
+compose 'Á' '\'' to '¶'
+compose 'Å' '\'' to '¸'
+compose 'Ç' '\'' to '¹'
+compose 'É' '"' to 'Ú'
+compose 'É' '\'' to 'º'
+compose 'Ï' '\'' to '¼'
+compose 'Õ' '"' to 'Û'
+compose 'Õ' '\'' to '¾'
+compose 'Ù' '\'' to '¿'
+compose 'á' '\'' to 'Ü'
+compose 'å' '\'' to 'Ý'
+compose 'ç' '\'' to 'Þ'
+compose 'é' '"' to 'ú'
+compose 'é' '\'' to 'ß'
+compose 'ï' '\'' to 'ü'
+compose 'õ' '"' to 'û'
+compose 'õ' '\'' to 'ý'
+compose 'ù' '\'' to 'þ'
--- /dev/null
+# Compose sequences for ISO-8859-8
--- /dev/null
+# Compose sequences for ISO-8859-9
+compose '!' '!' to '¡'
+compose '!' 'p' to '¶'
+compose '!' 's' to '§'
+compose '"' '"' to '¨'
+compose '"' 'A' to 'Ä'
+compose '"' 'E' to 'Ë'
+compose '"' 'I' to 'Ï'
+compose '"' 'O' to 'Ö'
+compose '"' 'U' to 'Ü'
+compose '"' 'Y' to '¾'
+compose '"' 'a' to 'ä'
+compose '"' 'e' to 'ë'
+compose '"' 'i' to 'ï'
+compose '"' 'o' to 'ö'
+compose '"' 'u' to 'ü'
+compose '"' 'y' to 'ÿ'
+compose '(' '(' to '['
+compose '(' '-' to '{'
+compose '(' 'G' to 'Ð'
+compose '(' 'c' to '©'
+compose '(' 'g' to 'ð'
+compose '(' 'r' to '®'
+compose ')' ')' to ']'
+compose ')' '-' to '}'
+compose '*' '0' to '°'
+compose '*' 'A' to 'Å'
+compose '*' 'a' to 'å'
+compose '+' '+' to '#'
+compose '+' '-' to '±'
+compose ',' ',' to '¸'
+compose ',' '-' to '¬'
+compose ',' 'C' to 'Ç'
+compose ',' 'S' to 'Þ'
+compose ',' 'c' to 'ç'
+compose ',' 's' to 'þ'
+compose '-' '(' to '{'
+compose '-' ')' to '}'
+compose '-' '+' to '±'
+compose '-' ',' to '¬'
+compose '-' '-' to ''
+compose '-' ':' to '÷'
+compose '-' 'A' to 'Ã'
+compose '-' 'D' to 'Ð'
+compose '-' 'N' to 'Ñ'
+compose '-' 'O' to 'Õ'
+compose '-' '^' to '¯'
+compose '-' 'a' to 'ã'
+compose '-' 'd' to 'ð'
+compose '-' 'l' to '£'
+compose '-' 'n' to 'ñ'
+compose '-' 'o' to 'õ'
+compose '-' 'y' to '¥'
+compose '.' '.' to '·'
+compose '.' 'I' to 'Ý'
+compose '.' '^' to '·'
+compose '.' 'i' to 'ý'
+compose '/' '/' to '\\'
+compose '/' '<' to '\\'
+compose '/' 'O' to 'Ø'
+compose '/' '^' to '|'
+compose '/' 'c' to '¢'
+compose '/' 'o' to 'ø'
+compose '/' 'u' to 'µ'
+compose '0' 'c' to '©'
+compose '0' 's' to '§'
+compose '3' 's' to '³'
+compose ':' '-' to '÷'
+compose '<' '/' to '\\'
+compose '<' '<' to '«'
+compose '<' 'Z' to '´'
+compose '<' 'z' to '¸'
+compose '=' 'c' to '¤'
+compose '=' 'e' to '¤'
+compose '=' 'l' to '£'
+compose '=' 'y' to '¥'
+compose '>' '>' to '»'
+compose '>' 'A' to 'Â'
+compose '>' 'E' to 'Ê'
+compose '>' 'I' to 'Î'
+compose '>' 'O' to 'Ô'
+compose '>' 'U' to 'Û'
+compose '>' 'a' to 'â'
+compose '>' 'e' to 'ê'
+compose '>' 'i' to 'î'
+compose '>' 'o' to 'ô'
+compose '>' 'u' to 'û'
+compose '?' '?' to '¿'
+compose 'A' 'E' to 'Æ'
+compose 'G' 'U' to 'Ð'
+compose 'T' 'H' to 'Þ'
+compose '\'' 'A' to 'Á'
+compose '\'' 'E' to 'É'
+compose '\'' 'I' to 'Í'
+compose '\'' 'O' to 'Ó'
+compose '\'' 'U' to 'Ú'
+compose '\'' 'Y' to 'Ý'
+compose '\'' '\'' to '´'
+compose '\'' 'a' to 'á'
+compose '\'' 'e' to 'é'
+compose '\'' 'i' to 'í'
+compose '\'' 'o' to 'ó'
+compose '\'' 'u' to 'ú'
+compose '\'' 'y' to 'ý'
+compose '^' '-' to '¯'
+compose '^' '.' to '·'
+compose '^' '/' to '|'
+compose '^' '0' to '°'
+compose '^' '1' to '¹'
+compose '^' '2' to '²'
+compose '^' '3' to '³'
+compose '^' 'A' to 'Â'
+compose '^' 'E' to 'Ê'
+compose '^' 'I' to 'Î'
+compose '^' 'O' to 'Ô'
+compose '^' 'U' to 'Û'
+compose '^' '_' to '¯'
+compose '^' 'a' to 'â'
+compose '^' 'e' to 'ê'
+compose '^' 'i' to 'î'
+compose '^' 'o' to 'ô'
+compose '^' 'u' to 'û'
+compose '_' '^' to '¯'
+compose '_' '_' to '¯'
+compose '_' 'a' to 'ª'
+compose '_' 'o' to 'º'
+compose '`' 'A' to 'À'
+compose '`' 'E' to 'È'
+compose '`' 'I' to 'Ì'
+compose '`' 'O' to 'Ò'
+compose '`' 'U' to 'Ù'
+compose '`' 'a' to 'à'
+compose '`' 'e' to 'è'
+compose '`' 'i' to 'ì'
+compose '`' 'o' to 'ò'
+compose '`' 'u' to 'ù'
+compose 'a' 'e' to 'æ'
+compose 'c' '0' to '©'
+compose 'c' 'o' to '©'
+compose 'g' 'U' to 'ð'
+compose 'l' 'v' to '|'
+compose 'o' 'c' to '©'
+compose 'o' 'e' to '¼'
+compose 'r' 'o' to '®'
+compose 's' '1' to '¹'
+compose 's' '2' to '²'
+compose 's' 'o' to '§'
+compose 't' 'h' to 'þ'
+compose 'v' 'Z' to '´'
+compose 'v' 'l' to '|'
+compose 'v' 'z' to '¸'
+compose '|' 'c' to '¢'
+compose '~' 'A' to 'Ã'
+compose '~' 'N' to 'Ñ'
+compose '~' 'O' to 'Õ'
+compose '~' 'a' to 'ã'
+compose '~' 'n' to 'ñ'
+compose '~' 'o' to 'õ'
+compose '¨' 'A' to 'Ä'
+compose '¨' 'E' to 'Ë'
+compose '¨' 'I' to 'Ï'
+compose '¨' 'O' to 'Ö'
+compose '¨' 'U' to 'Ü'
+compose '¨' 'Y' to '¾'
+compose '¨' 'a' to 'ä'
+compose '¨' 'e' to 'ë'
+compose '¨' 'i' to 'ï'
+compose '¨' 'o' to 'ö'
+compose '¨' 'u' to 'ü'
+compose '¨' 'y' to 'ÿ'
+compose '°' 'A' to 'Å'
+compose '°' 'a' to 'å'
+compose '¸' 'S' to 'Þ'
+compose '¸' 's' to 'þ'
--- /dev/null
+# Compose sequences for KOI8-R
--- /dev/null
+# Compose sequences for KOI8-U
--- /dev/null
+# Compose sequences for TIS-620
--- /dev/null
+# Compose sequences for VISCII
--- /dev/null
+# The content of this file will be appended to the keyboard layout.
+# The following is an example how to make Alt+j switch to to the next
+# console and Alt+k switch to the previous console.
+
+# Uncomment the following lines for Linux. Notice that everything is
+# replicated for all possible values of the modifiers shiftl, shiftr
+# and ctrll (shiftl and shiftr are used for groups 1..4 of XKB and
+# ctrll is used to fix the broken CapsLock when Linux console is in
+# Unicode mode).
+
+# alt keycode 36 = Incr_Console
+# shiftl alt keycode 36 = Incr_Console
+# shiftr alt keycode 36 = Incr_Console
+# shiftr shiftl alt keycode 36 = Incr_Console
+# ctrll alt keycode 36 = Incr_Console
+# ctrll shiftl alt keycode 36 = Incr_Console
+# ctrll shiftr alt keycode 36 = Incr_Console
+# ctrll shiftr shiftl alt keycode 36 = Incr_Console
+#
+# alt keycode 37 = Decr_Console
+# shiftl alt keycode 37 = Decr_Console
+# shiftr alt keycode 37 = Decr_Console
+# shiftr shiftl alt keycode 37 = Decr_Console
+# ctrll alt keycode 37 = Decr_Console
+# ctrll shiftl alt keycode 37 = Decr_Console
+# ctrll shiftr alt keycode 37 = Decr_Console
+# ctrll shiftr shiftl alt keycode 37 = Decr_Console
+
+# For the same result on FreeBSD uncomment the following lines:
+
+# 036 'j' 'J' nl nl nscr nscr nl nl C
+# 037 'k' 'K' vt vt pscr pscr nl nl C
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+#
+# SpamAssassin maintenance for amavisd-new
+#
+# m h dom mon dow user command
+18 */3 * * * amavis test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-sync
+24 1 * * * amavis test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-clean
--- /dev/null
+# cron entry for apticron
+
+16 * * * * root if test -x /usr/sbin/apticron; then /usr/sbin/apticron --cron; else true; fi
--- /dev/null
+# /etc/cron.d/php5: crontab fragment for php5
+# This purges session files in session.save_path older than X,
+# where X is defined in seconds as the largest value of
+# session.gc_maxlifetime from all your SAPI php.ini files
+# or 24 minutes if not defined. The script triggers only
+# when session.save_handler=files.
+#
+# WARNING: The scripts tries hard to honour all relevant
+# session PHP options, but if you do something unusual
+# you have to disable this script and take care of your
+# sessions yourself.
+
+# Look for and purge old sessions every 30 minutes
+09,39 * * * * root [ -x /usr/lib/php5/sessionclean ] && /usr/lib/php5/sessionclean
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+#!/bin/bash
+
+#Check if removed-but-not-purged
+test -x /usr/share/logwatch/scripts/logwatch.pl || exit 0
+
+#execute
+/usr/sbin/logwatch --output mail
+
+#Note: It's possible to force the recipient in above command
+#Just pass --mailto address@a.com instead of --output mail
--- /dev/null
+#!/bin/sh
+#set -e
+#
+# This file understands the following apt configuration variables:
+# Values here are the default.
+# Create /etc/apt/apt.conf.d/02periodic file to set your preference.
+#
+# Dir "/";
+# - RootDir for all configuration files
+#
+# Dir::Cache "var/cache/apt/";
+# - Set apt package cache directory
+#
+# Dir::Cache::Archives "archives/";
+# - Set package archive directory
+#
+# APT::Periodic::Enable "1";
+# - Enable the update/upgrade script (0=disable)
+#
+# APT::Periodic::BackupArchiveInterval "0";
+# - Backup after n-days if archive contents changed.(0=disable)
+#
+# APT::Periodic::BackupLevel "3";
+# - Backup level.(0=disable), 1 is invalid.
+#
+# Dir::Cache::Backup "backup/";
+# - Set periodic package backup directory
+#
+# APT::Archives::MaxAge "0"; (old, deprecated)
+# APT::Periodic::MaxAge "0"; (new)
+# - Set maximum allowed age of a cache package file. If a cache
+# package file is older it is deleted (0=disable)
+#
+# APT::Archives::MinAge "2"; (old, deprecated)
+# APT::Periodic::MinAge "2"; (new)
+# - Set minimum age of a package file. If a file is younger it
+# will not be deleted (0=disable). Useful to prevent races
+# and to keep backups of the packages for emergency.
+#
+# APT::Archives::MaxSize "0"; (old, deprecated)
+# APT::Periodic::MaxSize "0"; (new)
+# - Set maximum size of the cache in MB (0=disable). If the cache
+# is bigger, cached package files are deleted until the size
+# requirement is met (the oldest packages will be deleted
+# first).
+#
+# APT::Periodic::Update-Package-Lists "0";
+# - Do "apt-get update" automatically every n-days (0=disable)
+#
+# APT::Periodic::Download-Upgradeable-Packages "0";
+# - Do "apt-get upgrade --download-only" every n-days (0=disable)
+#
+# APT::Periodic::Download-Upgradeable-Packages-Debdelta "1";
+# - Use debdelta-upgrade to download updates if available (0=disable)
+#
+# APT::Periodic::Unattended-Upgrade "0";
+# - Run the "unattended-upgrade" security upgrade script
+# every n-days (0=disabled)
+# Requires the package "unattended-upgrades" and will write
+# a log in /var/log/unattended-upgrades
+#
+# APT::Periodic::AutocleanInterval "0";
+# - Do "apt-get autoclean" every n-days (0=disable)
+#
+# APT::Periodic::Verbose "0";
+# - Send report mail to root
+# 0: no report (or null string)
+# 1: progress report (actually any string)
+# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d)
+# 3: + trace on
+
+check_stamp()
+{
+ stamp="$1"
+ interval="$2"
+
+ if [ $interval -eq 0 ]; then
+ debug_echo "check_stamp: interval=0"
+ # treat as no time has passed
+ return 1
+ fi
+
+ if [ ! -f $stamp ]; then
+ debug_echo "check_stamp: missing time stamp file: $stamp."
+ # treat as enough time has passed
+ return 0
+ fi
+
+ # compare midnight today to midnight the day the stamp was updated
+ stamp_file="$stamp"
+ stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null)
+ if [ "$?" != "0" ]; then
+ # Due to some timezones returning 'invalid date' for midnight on
+ # certain dates (e.g. America/Sao_Paulo), if date returns with error
+ # remove the stamp file and return 0. See coreutils bug:
+ # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html
+ rm -f "$stamp_file"
+ return 0
+ fi
+
+ now=$(date --date=$(date --iso-8601) +%s 2>/dev/null)
+ if [ "$?" != "0" ]; then
+ # As above, due to some timezones returning 'invalid date' for midnight
+ # on certain dates (e.g. America/Sao_Paulo), if date returns with error
+ # return 0.
+ return 0
+ fi
+
+ delta=$(($now-$stamp))
+
+ # interval is in days, convert to sec.
+ interval=$(($interval*60*60*24))
+ debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)"
+
+ # remove timestamps a day (or more) in the future and force re-check
+ if [ $stamp -gt $(($now+86400)) ]; then
+ echo "WARNING: file $stamp_file has a timestamp in the future: $stamp"
+ rm -f "$stamp_file"
+ return 0
+ fi
+
+ if [ $delta -ge $interval ]; then
+ return 0
+ fi
+
+ return 1
+}
+
+update_stamp()
+{
+ stamp="$1"
+ touch $stamp
+}
+
+# we check here if autoclean was enough sizewise
+check_size_constraints()
+{
+ MaxAge=0
+ eval $(apt-config shell MaxAge APT::Archives::MaxAge)
+ eval $(apt-config shell MaxAge APT::Periodic::MaxAge)
+
+ MinAge=2
+ eval $(apt-config shell MinAge APT::Archives::MinAge)
+ eval $(apt-config shell MinAge APT::Periodic::MinAge)
+
+ MaxSize=0
+ eval $(apt-config shell MaxSize APT::Archives::MaxSize)
+ eval $(apt-config shell MaxSize APT::Periodic::MaxSize)
+
+ Cache="/var/cache/apt/archives/"
+ eval $(apt-config shell Cache Dir::Cache::archives/d)
+
+ # sanity check
+ if [ -z "$Cache" ]; then
+ echo "empty Dir::Cache::archives, exiting"
+ exit
+ fi
+
+ # check age
+ if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then
+ debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge"
+ find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f
+ elif [ ! $MaxAge -eq 0 ]; then
+ debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only"
+ find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f
+ else
+ debug_echo "skip aging since MaxAge is 0"
+ fi
+
+ # check size
+ if [ ! $MaxSize -eq 0 ]; then
+ # maxSize is in MB
+ MaxSize=$(($MaxSize*1024))
+
+ #get current time
+ now=$(date --date=$(date --iso-8601) +%s)
+ MinAge=$(($MinAge*24*60*60))
+
+ # reverse-sort by mtime
+ for file in $(ls -rt $Cache/*.deb 2>/dev/null); do
+ du=$(du -s $Cache)
+ size=${du%%/*}
+ # check if the cache is small enough
+ if [ $size -lt $MaxSize ]; then
+ debug_echo "end remove by archive size: size=$size < $MaxSize"
+ break
+ fi
+
+ # check for MinAge of the file
+ if [ $MinAge -ne 0 ]; then
+ # check both ctime and mtime
+ mtime=$(stat -c %Y $file)
+ ctime=$(stat -c %Z $file)
+ if [ $mtime -gt $ctime ]; then
+ delta=$(($now-$mtime))
+ else
+ delta=$(($now-$ctime))
+ fi
+ if [ $delta -le $MinAge ]; then
+ debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge"
+ break
+ else
+ # delete oldest file
+ debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize"
+ rm -f $file
+ fi
+ fi
+ done
+ fi
+}
+
+# deal with the Apt::Periodic::BackupArchiveInterval
+do_cache_backup()
+{
+ BackupArchiveInterval="$1"
+ if [ $BackupArchiveInterval -eq 0 ]; then
+ return
+ fi
+
+ # Set default values and normalize
+ CacheDir="/var/cache/apt"
+ eval $(apt-config shell CacheDir Dir::Cache/d)
+ CacheDir=${CacheDir%/}
+ if [ -z "$CacheDir" ]; then
+ debug_echo "practically empty Dir::Cache, exiting"
+ return 0
+ fi
+
+ Cache="${CacheDir}/archives/"
+ eval $(apt-config shell Cache Dir::Cache::Archives/d)
+ if [ -z "$Cache" ]; then
+ debug_echo "practically empty Dir::Cache::archives, exiting"
+ return 0
+ fi
+
+ BackupLevel=3
+ eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel)
+ if [ $BackupLevel -le 1 ]; then
+ BackupLevel=2 ;
+ fi
+
+ Back="${CacheDir}/backup/"
+ eval $(apt-config shell Back Dir::Cache::Backup/d)
+ if [ -z "$Back" ]; then
+ echo "practically empty Dir::Cache::Backup, exiting" 1>&2
+ return
+ fi
+
+ CacheArchive="$(basename "${Cache}")"
+ test -n "${CacheArchive}" || CacheArchive="archives"
+ BackX="${Back}${CacheArchive}/"
+ for x in $(seq 0 1 $((${BackupLevel}-1))); do
+ eval "Back${x}=${Back}${x}/"
+ done
+
+ # backup after n-days if archive contents changed.
+ # (This uses hardlink to save disk space)
+ BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp
+ if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then
+ if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then
+ mkdir -p $Back
+ rm -rf $Back$((${BackupLevel}-1))
+ for y in $(seq $((${BackupLevel}-1)) -1 1); do
+ eval BackY=${Back}$y
+ eval BackZ=${Back}$(($y-1))
+ if [ -e $BackZ ]; then
+ mv -f $BackZ $BackY ;
+ fi
+ done
+ cp -la $Cache $Back ; mv -f $BackX $Back0
+ update_stamp $BACKUP_ARCHIVE_STAMP
+ debug_echo "backup with hardlinks. (success)"
+ else
+ debug_echo "skip backup since same content."
+ fi
+ else
+ debug_echo "skip backup since too new."
+ fi
+}
+
+# sleep for a random interval of time (default 30min)
+# (some code taken from cron-apt, thanks)
+random_sleep()
+{
+ RandomSleep=1800
+ eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep)
+ if [ $RandomSleep -eq 0 ]; then
+ return
+ fi
+ if [ -z "$RANDOM" ] ; then
+ # A fix for shells that do not have this bash feature.
+ RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 ))
+ fi
+ TIME=$(($RANDOM % $RandomSleep))
+ debug_echo "sleeping for $TIME seconds"
+ sleep $TIME
+}
+
+
+debug_echo()
+{
+ # Display message if $VERBOSE >= 1
+ if [ "$VERBOSE" -ge 1 ]; then
+ echo $1 1>&2
+ fi
+}
+
+check_power(){
+ # laptop check, on_ac_power returns:
+ # 0 (true) System is on main power
+ # 1 (false) System is not on main power
+ # 255 (false) Power status could not be determined
+ # Desktop systems always return 255 it seems
+ if which on_ac_power >/dev/null; then
+ on_ac_power
+ POWER=$?
+ if [ $POWER -eq 1 ]; then
+ debug_echo "exit: system NOT on main power"
+ return 1
+ elif [ $POWER -ne 0 ]; then
+ debug_echo "power status ($POWER) undetermined, continuing"
+ fi
+ debug_echo "system is on main power."
+ fi
+ return 0
+}
+
+# ------------------------ main ----------------------------
+
+if test -r /var/lib/apt/extended_states; then
+ # Backup the 7 last versions of APT's extended_states file
+ # shameless copy from dpkg cron
+ if cd /var/backups ; then
+ if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then
+ cp -p /var/lib/apt/extended_states apt.extended_states
+ savelog -c 7 apt.extended_states >/dev/null
+ fi
+ fi
+fi
+
+# check apt-config existence
+if ! which apt-config >/dev/null ; then
+ exit 0
+fi
+
+# check if the user really wants to do something
+AutoAptEnable=1 # default is yes
+eval $(apt-config shell AutoAptEnable APT::Periodic::Enable)
+
+if [ $AutoAptEnable -eq 0 ]; then
+ exit 0
+fi
+
+# Set VERBOSE mode from apt-config (or inherit from environment)
+VERBOSE=0
+eval $(apt-config shell VERBOSE APT::Periodic::Verbose)
+debug_echo "verbose level $VERBOSE"
+if [ "$VERBOSE" -le 2 ]; then
+ # quiet for 0,1,2
+ XSTDOUT=">/dev/null"
+ XSTDERR="2>/dev/null"
+ XAPTOPT="-qq"
+ XUUPOPT=""
+else
+ XSTDOUT=""
+ XSTDERR=""
+ XAPTOPT=""
+ XUUPOPT="-d"
+fi
+if [ "$VERBOSE" -ge 3 ]; then
+ # trace output
+ set -x
+fi
+
+check_power || exit 0
+
+# check if we can lock the cache and if the cache is clean
+if which apt-get >/dev/null && ! eval apt-get check $XAPTOPT $XSTDERR ; then
+ debug_echo "error encountered in cron job with \"apt-get check\"."
+ exit 0
+fi
+
+# Global current time in seconds since 1970-01-01 00:00:00 UTC
+now=$(date +%s)
+
+# Support old Archive for compatibility.
+# Document only Periodic for all controlling parameters of this script.
+
+UpdateInterval=0
+eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists)
+
+DownloadUpgradeableInterval=0
+eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages)
+
+UnattendedUpgradeInterval=0
+eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade)
+
+AutocleanInterval=0
+eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval)
+
+BackupArchiveInterval=0
+eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval)
+
+Debdelta=1
+eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta)
+
+# check if we actually have to do anything that requires locking the cache
+if [ $UpdateInterval -eq 0 ] &&
+ [ $DownloadUpgradeableInterval -eq 0 ] &&
+ [ $UnattendedUpgradeInterval -eq 0 ] &&
+ [ $BackupArchiveInterval -eq 0 ] &&
+ [ $AutocleanInterval -eq 0 ]; then
+
+ # check cache size
+ check_size_constraints
+
+ exit 0
+fi
+
+# deal with BackupArchiveInterval
+do_cache_backup $BackupArchiveInterval
+
+# sleep random amount of time to avoid hitting the
+# mirrors at the same time
+random_sleep
+check_power || exit 0
+
+# include default system language so that "apt-get update" will
+# fetch the right translated package descriptions
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG LANGUAGE LC_MESSAGES LC_ALL
+fi
+
+# update package lists
+UPDATED=0
+UPDATE_STAMP=/var/lib/apt/periodic/update-stamp
+if check_stamp $UPDATE_STAMP $UpdateInterval; then
+ if eval apt-get $XAPTOPT -y update $XSTDERR; then
+ debug_echo "download updated metadata (success)."
+ if which dbus-send >/dev/null && pidof dbus-daemon >/dev/null; then
+ if dbus-send --system / app.apt.dbus.updated boolean:true ; then
+ debug_echo "send dbus signal (success)"
+ else
+ debug_echo "send dbus signal (error)"
+ fi
+ else
+ debug_echo "dbus signal not send (command not available)"
+ fi
+ update_stamp $UPDATE_STAMP
+ UPDATED=1
+ else
+ debug_echo "download updated metadata (error)"
+ fi
+else
+ debug_echo "download updated metadata (not run)."
+fi
+
+# download all upgradeable packages (if it is requested)
+DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp
+if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then
+ if [ $Debdelta -eq 1 ]; then
+ debdelta-upgrade >/dev/null 2>&1 || true
+ fi
+ if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then
+ update_stamp $DOWNLOAD_UPGRADEABLE_STAMP
+ debug_echo "download upgradable (success)"
+ else
+ debug_echo "download upgradable (error)"
+ fi
+else
+ debug_echo "download upgradable (not run)"
+fi
+
+# auto upgrade all upgradeable packages
+UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp
+if which unattended-upgrade >/dev/null && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then
+ if unattended-upgrade $XUUPOPT; then
+ update_stamp $UPGRADE_STAMP
+ debug_echo "unattended-upgrade (success)"
+ else
+ debug_echo "unattended-upgrade (error)"
+ fi
+else
+ debug_echo "unattended-upgrade (not run)"
+fi
+
+# autoclean package archive
+AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp
+if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then
+ if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then
+ debug_echo "autoclean (success)."
+ update_stamp $AUTOCLEAN_STAMP
+ else
+ debug_echo "autoclean (error)"
+ fi
+else
+ debug_echo "autoclean (not run)"
+fi
+
+# check cache size
+check_size_constraints
+
+#
+# vim: set sts=4 ai :
+#
+
--- /dev/null
+#!/bin/sh
+
+bak=/var/backups
+
+# Shamelessly ripped from /etc/cron.daily/standard
+if test -f /var/lib/aptitude/pkgstates && cd $bak ; then
+ if ! cmp -s aptitude.pkgstates.0 /var/lib/aptitude/pkgstates ; then
+ cp -p /var/lib/aptitude/pkgstates aptitude.pkgstates
+ savelog -c 7 aptitude.pkgstates > /dev/null
+ fi
+fi
--- /dev/null
+#!/bin/sh
+# /etc/cron.daily/calendar: BSD mainutils calendar daily maintenance script
+# Written by Austin Donnelly <and1000@debian.org>
+
+. /etc/default/bsdmainutils
+
+[ x$RUN_DAILY = xtrue ] || exit 0
+
+[ -x /usr/sbin/sendmail ] || exit 0
+
+if [ ! -x /usr/bin/cpp ]; then
+ echo "The cpp package is needed to run calendar."
+ exit 1
+fi
+
+/usr/bin/calendar -a
--- /dev/null
+#!/bin/sh
+
+dbdir=/var/lib/dpkg
+
+# Backup the 7 last versions of dpkg databases containing user data.
+if cd /var/backups ; then
+ # We backup all relevant database files if any has changed, so that
+ # the rotation number always contains an internally consistent set.
+ dbchanged=no
+ dbfiles="arch status diversions statoverride"
+ for db in $dbfiles ; do
+ if ! cmp -s dpkg.${db}.0 $dbdir/$db ; then
+ dbchanged=yes
+ break;
+ fi
+ done
+ if [ "$dbchanged" = "yes" ] ; then
+ for db in $dbfiles ; do
+ [ -e $dbdir/$db ] || continue
+ cp -p $dbdir/$db dpkg.$db
+ savelog -c 7 dpkg.$db >/dev/null
+ done
+ fi
+
+ # The alternatives database is independent from the dpkg database.
+ dbalt=alternatives
+
+ # Switch the alternatives database backups from xz to gzip, as the latter
+ # is Essential and we can rely on it being always present, using xz here
+ # is not worth the trouble, disk space savings, or possible additional
+ # dependencies.
+ for dbseq in `seq 1 6` ; do
+ dbfile=${dbalt}.tar.${dbseq}
+ [ -e "${dbfile}.xz" ] || continue
+ unxz ${dbfile}.xz
+ gzip -9 $dbfile
+ done
+
+ # XXX: Ideally we'd use --warning=none instead of discarding stderr, but
+ # as of GNU tar 1.27.1, it does not seem to work reliably (see #749307).
+ if ! test -e ${dbalt}.tar.0 ||
+ ! tar -df ${dbalt}.tar.0 -C $dbdir $dbalt >/dev/null 2>&1 ;
+ then
+ tar -cf ${dbalt}.tar -C $dbdir $dbalt >/dev/null 2>&1
+ savelog -c 7 ${dbalt}.tar >/dev/null
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
+ . /etc/etckeeper/etckeeper.conf
+ if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then
+ # avoid autocommit if an install run is in progress
+ lockfile=/var/cache/etckeeper/packagelist.pre-install
+ if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then
+ rm -f "$lockfile" # stale
+ fi
+ if [ ! -e "$lockfile" ]; then
+ AVOID_SPECIAL_FILE_WARNING=1
+ export AVOID_SPECIAL_FILE_WARNING
+ if etckeeper unclean; then
+ etckeeper commit "daily autocommit" >/dev/null
+ fi
+ fi
+ fi
+fi
--- /dev/null
+#!/bin/bash
+
+test -x /usr/sbin/logrotate || exit 0
+LOG=/var/log/logrotate.log
+echo >> ${LOG}
+echo "################################################" >> ${LOG}
+echo "[$(date --rfc-3339=seconds )]: Start Logrotating" >> ${LOG}
+/usr/sbin/logrotate /etc/logrotate.conf >> ${LOG} 2>&1
+echo "[$(date --rfc-3339=seconds )]: End Logrotating" >> ${LOG}
--- /dev/null
+#!/bin/sh
+#
+# man-db cron daily
+
+set -e
+
+iosched_idle=
+# Don't try to change I/O priority in a vserver or OpenVZ.
+if ! egrep -q '(envID|VxID):.*[1-9]' /proc/self/status && \
+ ([ ! -d /proc/vz ] || [ -d /proc/bc ]); then
+ iosched_idle='--iosched idle'
+fi
+
+if ! [ -d /var/cache/man ]; then
+ # Recover from deletion, per FHS.
+ mkdir -p /var/cache/man
+ chown man:root /var/cache/man || true
+ chmod 2755 /var/cache/man
+fi
+
+# expunge old catman pages which have not been read in a week
+if [ ! -d /run/systemd/system ] && [ -d /var/cache/man ]; then
+ cd /
+ if ! dpkg-statoverride --list /var/cache/man >/dev/null 2>&1; then
+ find /var/cache/man -ignore_readdir_race ! -user man -print0 | \
+ xargs -r0 chown -f man || true
+ fi
+ start-stop-daemon --start --pidfile /dev/null --startas /bin/sh \
+ --oknodo --chuid man $iosched_idle -- -c \
+ "find /var/cache/man -type f -name '*.gz' -atime +6 -print0 | \
+ xargs -r0 rm -f"
+fi
+
+# regenerate man database
+if [ -x /usr/bin/mandb ]; then
+ # --pidfile /dev/null so it always starts; mandb isn't really a daemon,
+ # but we want to start it like one.
+ start-stop-daemon --start --pidfile /dev/null \
+ --startas /usr/bin/mandb --oknodo --chuid man \
+ $iosched_idle \
+ -- --no-purge --quiet
+fi
+
+exit 0
--- /dev/null
+#! /bin/bash
+
+set -e
+
+[ -x /usr/bin/updatedb.mlocate ] || exit 0
+
+if which on_ac_power >/dev/null 2>&1; then
+ ON_BATTERY=0
+ on_ac_power >/dev/null 2>&1 || ON_BATTERY=$?
+ if [ "$ON_BATTERY" -eq 1 ]; then
+ exit 0
+ fi
+fi
+
+# See ionice(1)
+if [ -x /usr/bin/ionice ] &&
+ /usr/bin/ionice -c3 true 2>/dev/null; then
+ IONICE="/usr/bin/ionice -c3"
+fi
+
+flock --nonblock /run/mlocate.daily.lock $IONICE /usr/bin/updatedb.mlocate
--- /dev/null
+#!/bin/sh
+
+cd /var/backups || exit 0
+
+for FILE in passwd group shadow gshadow; do
+ test -f /etc/$FILE || continue
+ cmp -s $FILE.bak /etc/$FILE && continue
+ cp -p /etc/$FILE $FILE.bak && chmod 600 $FILE.bak
+done
--- /dev/null
+#!/bin/sh
+
+# Duncan Findlay
+# duncf@debian.org
+
+# Daily cronjob for SpamAssassin updates. This isn't pretty but it
+# should do the job.
+
+CRON=0
+
+test -f /etc/default/spamassassin && . /etc/default/spamassassin
+
+test -x /usr/bin/sa-update || exit 0
+test -x /etc/init.d/spamassassin || exit 0
+
+if [ "$CRON" = "0" ] ; then
+ exit 0
+fi
+
+# If there's a problem with the ruleset or configs, print the output
+# of spamassassin --lint (which will typically get emailed to root)
+# and abort.
+die_with_lint() {
+ env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \
+ --chuid debian-spamd:debian-spamd --start \
+ --exec /usr/bin/spamassassin -- -D --lint 2>&1
+ exit 1
+}
+
+do_compile() {
+# Compile rules if the required tools are available. Prior to version
+# 3.3.2-8, there was an additional check to verify that an sa-compile
+# run had previously been executed by hand. With sa-learn now
+# distributed in a separate, optional, package, this check is no
+# longer necessary.
+ if [ -x /usr/bin/re2c -a -x /usr/bin/sa-compile ]; then
+ env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \
+ --chuid debian-spamd:debian-spamd --start \
+ --exec /usr/bin/sa-compile -- --quiet
+
+ # Fixup perms -- group and other should be able to
+ # read and execute, but never write. Works around
+ # sa-compile's failure to obey umask.
+ chmod -R go-w,go+rX /var/lib/spamassassin/compiled
+ fi
+}
+
+# Tell a running spamd to reload its configs and rules.
+reload() {
+ # Reload
+ if which invoke-rc.d >/dev/null 2>&1; then
+ invoke-rc.d spamassassin reload > /dev/null
+ else
+ /etc/init.d/spamassassin reload > /dev/null
+ fi
+ if [ -d /etc/spamassassin/sa-update-hooks.d ]; then
+ run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d
+ fi
+}
+
+# Sleep for up to 3600 seconds if not running interactively
+if [ ! -t 0 ]; then
+ RANGE=3600
+ number=`od -vAn -N2 -tu4 < /dev/urandom`
+ number=`expr $number "%" $RANGE`
+ sleep $number
+fi
+
+# Update
+umask 022
+env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \
+ --chuid debian-spamd:debian-spamd --start \
+ --exec /usr/bin/sa-update -- \
+ --gpghomedir /var/lib/spamassassin/sa-update-keys 2>&1
+
+case $? in
+ 0)
+ # got updates!
+ env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \
+ --chuid debian-spamd:debian-spamd --start \
+ --exec /usr/bin/spamassassin -- --lint 2>&1 || die_with_lint
+ do_compile
+ reload
+ ;;
+ 1)
+ # no updates
+ exit 0
+ ;;
+ 2)
+ # lint failed!
+ die_with_lint
+ ;;
+ *)
+ echo "sa-update failed for unknown reasons" 1>&2
+ ;;
+esac
+
+# Local variables:
+# mode: shell-script
+# tab-width: 4
+# indent-tabs-mode: nil
+# end:
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+# DO NOT EDIT OR REMOVE
+# This file is a simple placeholder to keep dpkg from removing this directory
--- /dev/null
+#!/bin/sh
+#
+# man-db cron weekly
+
+set -e
+
+iosched_idle=
+# Don't try to change I/O priority in a vserver or OpenVZ.
+if ! egrep -q '(envID|VxID):.*[1-9]' /proc/self/status && \
+ ([ ! -d /proc/vz ] || [ -d /proc/bc ]); then
+ iosched_idle='--iosched idle'
+fi
+
+if ! [ -d /var/cache/man ]; then
+ # Recover from deletion, per FHS.
+ mkdir -p /var/cache/man
+ chown man:root /var/cache/man || true
+ chmod 2755 /var/cache/man
+fi
+
+# regenerate man database
+if [ -x /usr/bin/mandb ]; then
+ # --pidfile /dev/null so it always starts; mandb isn't really a daemon,
+ # but we want to start it like one.
+ start-stop-daemon --start --pidfile /dev/null \
+ --startas /usr/bin/mandb --oknodo --chuid man \
+ $iosched_idle \
+ -- --quiet
+fi
+
+exit 0
--- /dev/null
+# /etc/crontab: system-wide crontab
+# Unlike any other crontab you don't have to run the `crontab'
+# command to install the new version when you edit this file
+# and files in /etc/cron.d. These files also have username fields,
+# that none of the other crontabs do.
+
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# m h dom mon dow user command
+17 * * * * root cd / && run-parts --report /etc/cron.hourly
+25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
+47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
+52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
+#
--- /dev/null
+/etc/.etckeeper
+/etc/.gitignore
+/etc/.git
+/etc/.git/**
+/etc/.hgignore
+/etc/.hg
+/etc/.hg/**
+/etc/.bzrignore
+/etc/.bzr
+/etc/.bzr/**
+/etc/.darcsignore
+/etc/_darcs
+/etc/_darcs/**
--- /dev/null
+<!-- This configuration file controls the per-user-login-session message bus.
+ Add a session-local.conf and edit that rather than changing this
+ file directly. -->
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <!-- Our well-known bus type, don't change this -->
+ <type>session</type>
+
+ <!-- If we fork, keep the user's original umask to avoid affecting
+ the behavior of child processes. -->
+ <keep_umask/>
+
+ <listen>unix:tmpdir=/tmp</listen>
+
+ <!-- On Unix systems, the most secure authentication mechanism is
+ EXTERNAL, which uses credential-passing over Unix sockets.
+
+ This authentication mechanism is not available on Windows,
+ is not suitable for use with the tcp: or nonce-tcp: transports,
+ and will not work on obscure flavours of Unix that do not have
+ a supported credentials-passing mechanism. On those platforms/transports,
+ comment out the <auth> element to allow fallback to DBUS_COOKIE_SHA1. -->
+ <auth>EXTERNAL</auth>
+
+ <standard_session_servicedirs />
+
+ <policy context="default">
+ <!-- Allow everything to be sent -->
+ <allow send_destination="*" eavesdrop="true"/>
+ <!-- Allow everything to be received -->
+ <allow eavesdrop="true"/>
+ <!-- Allow anyone to own anything -->
+ <allow own="*"/>
+ </policy>
+
+ <!-- Config files are placed here that among other things,
+ further restrict the above policy for specific services. -->
+ <includedir>session.d</includedir>
+
+ <!-- This is included last so local configuration can override what's
+ in this standard file -->
+ <include ignore_missing="yes">session-local.conf</include>
+
+ <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
+ <!-- For the session bus, override the default relatively-low limits
+ with essentially infinite limits, since the bus is just running
+ as the user anyway, using up bus resources is not something we need
+ to worry about. In some cases, we do set the limits lower than
+ "all available memory" if exceeding the limit is almost certainly a bug,
+ having the bus enforce a limit is nicer than a huge memory leak. But the
+ intent is that these limits should never be hit. -->
+
+ <!-- the memory limits are 1G instead of say 4G because they can't exceed 32-bit signed int max -->
+ <limit name="max_incoming_bytes">1000000000</limit>
+ <limit name="max_incoming_unix_fds">250000000</limit>
+ <limit name="max_outgoing_bytes">1000000000</limit>
+ <limit name="max_outgoing_unix_fds">250000000</limit>
+ <limit name="max_message_size">1000000000</limit>
+ <!-- We do not override max_message_unix_fds here since the in-kernel
+ limit is also relatively low -->
+ <limit name="service_start_timeout">120000</limit>
+ <limit name="auth_timeout">240000</limit>
+ <limit name="pending_fd_timeout">150000</limit>
+ <limit name="max_completed_connections">100000</limit>
+ <limit name="max_incomplete_connections">10000</limit>
+ <limit name="max_connections_per_user">100000</limit>
+ <limit name="max_pending_service_starts">10000</limit>
+ <limit name="max_names_per_connection">50000</limit>
+ <limit name="max_match_rules_per_connection">50000</limit>
+ <limit name="max_replies_per_connection">50000</limit>
+
+</busconfig>
--- /dev/null
+<!-- This configuration file controls the systemwide message bus.
+ Add a system-local.conf and edit that rather than changing this
+ file directly. -->
+
+<!-- Note that there are any number of ways you can hose yourself
+ security-wise by screwing up this file; in particular, you
+ probably don't want to listen on any more addresses, add any more
+ auth mechanisms, run as a different user, etc. -->
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <!-- Our well-known bus type, do not change this -->
+ <type>system</type>
+
+ <!-- Run as special user -->
+ <user>messagebus</user>
+
+ <!-- Fork into daemon mode -->
+ <fork/>
+
+ <!-- We use system service launching using a helper -->
+ <standard_system_servicedirs/>
+
+ <!-- This is a setuid helper that is used to launch system services -->
+ <servicehelper>/usr/lib/dbus-1.0/dbus-daemon-launch-helper</servicehelper>
+
+ <!-- Write a pid file -->
+ <pidfile>/var/run/dbus/pid</pidfile>
+
+ <!-- Enable logging to syslog -->
+ <syslog/>
+
+ <!-- Only allow socket-credentials-based authentication -->
+ <auth>EXTERNAL</auth>
+
+ <!-- Only listen on a local socket. (abstract=/path/to/socket
+ means use abstract namespace, don't really create filesystem
+ file; only Linux supports this. Use path=/whatever on other
+ systems.) -->
+ <listen>unix:path=/var/run/dbus/system_bus_socket</listen>
+
+ <policy context="default">
+ <!-- All users can connect to system bus -->
+ <allow user="*"/>
+
+ <!-- Holes must be punched in service configuration files for
+ name ownership and sending method calls -->
+ <deny own="*"/>
+ <deny send_type="method_call"/>
+
+ <!-- Signals and reply messages (method returns, errors) are allowed
+ by default -->
+ <allow send_type="signal"/>
+ <allow send_requested_reply="true" send_type="method_return"/>
+ <allow send_requested_reply="true" send_type="error"/>
+
+ <!-- All messages may be received by default -->
+ <allow receive_type="method_call"/>
+ <allow receive_type="method_return"/>
+ <allow receive_type="error"/>
+ <allow receive_type="signal"/>
+
+ <!-- Allow anyone to talk to the message bus -->
+ <allow send_destination="org.freedesktop.DBus"/>
+ <!-- But disallow some specific bus services -->
+ <deny send_destination="org.freedesktop.DBus"
+ send_interface="org.freedesktop.DBus"
+ send_member="UpdateActivationEnvironment"/>
+ <deny send_destination="org.freedesktop.DBus"
+ send_interface="org.freedesktop.systemd1.Activator"/>
+ </policy>
+
+ <!-- Only systemd, which runs as root, may report activation failures. -->
+ <policy user="root">
+ <allow send_destination="org.freedesktop.DBus"
+ send_interface="org.freedesktop.systemd1.Activator"/>
+ </policy>
+
+ <!-- Config files are placed here that among other things, punch
+ holes in the above policy for specific services. -->
+ <includedir>system.d</includedir>
+
+ <!-- This is included last so local configuration can override what's
+ in this standard file -->
+ <include ignore_missing="yes">system-local.conf</include>
+
+ <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.hostname1"/>
+ <allow send_destination="org.freedesktop.hostname1"/>
+ <allow receive_sender="org.freedesktop.hostname1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.hostname1"/>
+ <allow receive_sender="org.freedesktop.hostname1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.locale1"/>
+ <allow send_destination="org.freedesktop.locale1"/>
+ <allow receive_sender="org.freedesktop.locale1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.locale1"/>
+ <allow receive_sender="org.freedesktop.locale1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.login1"/>
+ <allow send_destination="org.freedesktop.login1"/>
+ <allow receive_sender="org.freedesktop.login1"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.login1"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSessionByPID"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetUser"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetUserByPID"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="GetSeat"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListSessions"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListUsers"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListSeats"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ListInhibitors"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Inhibit"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="SetUserLinger"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ActivateSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="ActivateSessionOnSeat"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="PowerOff"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Reboot"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Suspend"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Hibernate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="HybridSleep"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanPowerOff"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanReboot"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanSuspend"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanHibernate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="CanHybridSleep"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="AttachDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="FlushDevices"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="ActivateSession"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchTo"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchToPrevious"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Seat"
+ send_member="SwitchToNext"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="Activate"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="SetIdleHint"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseControl"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="TakeDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="ReleaseDevice"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Session"
+ send_member="PauseDeviceComplete"/>
+
+ <allow receive_sender="org.freedesktop.login1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.machine1"/>
+ <allow send_destination="org.freedesktop.machine1"/>
+ <allow receive_sender="org.freedesktop.machine1"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.machine1"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="ListMachines"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachineAddresses"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachine"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Manager"
+ send_member="GetMachineByPID"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Machine"
+ send_member="GetAddresses"/>
+
+ <allow send_destination="org.freedesktop.machine1"
+ send_interface="org.freedesktop.machine1.Machine"
+ send_member="GetMachineOSRelease"/>
+
+ <allow receive_sender="org.freedesktop.machine1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.systemd1"/>
+
+ <!-- Root clients can do everything -->
+ <allow send_destination="org.freedesktop.systemd1"/>
+ <allow receive_sender="org.freedesktop.systemd1"/>
+
+ <!-- systemd may receive activator requests -->
+ <allow receive_interface="org.freedesktop.systemd1.Activator"
+ receive_member="ActivationRequest"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination="org.freedesktop.systemd1"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Peer"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="Get"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.DBus.Properties"
+ send_member="GetAll"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnit"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnitByPID"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="LoadUnit"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetJob"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnits"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnitsFiltered"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListUnitFiles"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetUnitFileState"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="ListJobs"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Subscribe"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Unsubscribe"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="Dump"/>
+
+ <allow send_destination="org.freedesktop.systemd1"
+ send_interface="org.freedesktop.systemd1.Manager"
+ send_member="GetDefaultTarget"/>
+
+ <allow receive_sender="org.freedesktop.systemd1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+<?xml version="1.0"?> <!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<busconfig>
+
+ <policy user="root">
+ <allow own="org.freedesktop.timedate1"/>
+ <allow send_destination="org.freedesktop.timedate1"/>
+ <allow receive_sender="org.freedesktop.timedate1"/>
+ </policy>
+
+ <policy context="default">
+ <allow send_destination="org.freedesktop.timedate1"/>
+ <allow receive_sender="org.freedesktop.timedate1"/>
+ </policy>
+
+</busconfig>
--- /dev/null
+# This is the main config file for debconf. It tells debconf where to
+# store data. The format of this file is a set of stanzas. Each stanza
+# except the first sets up a database for debconf to use. For details, see
+# debconf.conf(5) (in the debconf-doc package).
+#
+# So first things first. This first stanza gives the names of two databases.
+
+# Debconf will use this database to store the data you enter into it,
+# and some other dynamic data.
+Config: configdb
+# Debconf will use this database to store static template data.
+Templates: templatedb
+
+# World-readable, and accepts everything but passwords.
+Name: config
+Driver: File
+Mode: 644
+Reject-Type: password
+Filename: /var/cache/debconf/config.dat
+
+# Not world readable (the default), and accepts only passwords.
+Name: passwords
+Driver: File
+Mode: 600
+Backup: false
+Required: false
+Accept-Type: password
+Filename: /var/cache/debconf/passwords.dat
+
+# Set up the configdb database. By default, it consists of a stack of two
+# databases, one to hold passwords and one for everything else.
+Name: configdb
+Driver: Stack
+Stack: config, passwords
+
+# Set up the templatedb database, which is a single flat text file
+# by default.
+Name: templatedb
+Driver: File
+Mode: 644
+Filename: /var/cache/debconf/templates.dat
+
+# Well that was pretty straightforward, and it will be enough for most
+# people's needs, but debconf's database drivers can be used to do much
+# more interesting things. For example, suppose you want to use config
+# data from another host, which is mounted over nfs or perhaps the database
+# is accessed via LDAP. You don't want to write to the remote debconf database,
+# just read from it, so you still need a local database for local changes.
+#
+# A remote NFS mounted database, read-only. It is optional; if debconf
+# fails to use it it will not abort.
+#Name: remotedb
+#Driver: DirTree
+#Directory: /mnt/otherhost/var/cache/debconf/config
+#Readonly: true
+#Required: false
+#
+# A remote LDAP database. It is also read-only. The password is really
+# only necessary if the database is not accessible anonymously.
+# Option KeyByKey instructs the backend to retrieve keys from the LDAP
+# server individually (when they are requested), instead of loading all
+# keys at startup. The default is 0, and should only be enabled if you
+# want to track accesses to individual keys on the LDAP server side.
+#Name: remotedb
+#Driver: LDAP
+#Server: remotehost
+#BaseDN: cn=debconf,dc=domain,dc=com
+#BindDN: uid=admin,dc=domain,dc=com
+#BindPasswd: secret
+#KeyByKey: 0
+#
+# A stack consisting of two databases. Values will be read from
+# the first database in the stack to contain a value. In this example,
+# writes always go to the first database.
+#Name: fulldb
+#Driver: Stack
+#Stack: configdb, remotedb
+#
+# In this example, we'd use Config: fulldb at the top of the file
+# to make it use the combination of the databases.
+#
+# Even more complex and interesting setups are possible, see the
+# debconf.conf(5) page for details.
--- /dev/null
+# Options to pass to acpid
+#
+# OPTIONS are appended to the acpid command-line
+#OPTIONS=""
+
+# Linux kernel modules to load before starting acpid
+#
+# MODULES is a space separated list of modules to load, or "all" to load all
+# acpi drivers, or commented out to load no module
+#MODULES="battery ac processor button fan thermal video"
+#MODULES="all"
--- /dev/null
+# To enable the amavis-mc service set ENABLED to yes Please remember: to get
+# those services working you have to enable zmq support in amavis.
+# ($enable_zmq = 1)
+# See README.Debian for details
+
+ENABLED="no"
+
--- /dev/null
+# To enable the amavis-snmp-subagent set ENABLED to yes
+
+ENABLED="no"
+
+# there are two implementations of the subagent daemon:
+# 1) the default bdb version
+# 2) a zero mq based version
+# if you want to use this agent you need at least
+# libnet-snmp-perl installed.
+# the zeromq version also needs libzeromq-perl.
+# You also have to enable zeromq
+# in amavis: $enable_zmq = 1;
+#
+# See RELEASE_NOTES for details.
+
+AGENT_BACKEND="bdb" # use zeromq for the zeromq version
--- /dev/null
+# Uncomment the following line if you'd like all of your users'
+# ~/calendar files to be checked daily. Calendar will send them mail
+# to remind them of upcoming events. See calendar(1) for more details.
+#RUN_DAILY=true
--- /dev/null
+# CONFIGURATION FILE FOR SETUPCON
+
+# Consult the console-setup(5) manual page.
+
+ACTIVE_CONSOLES="/dev/tty[1-6]"
+
+CHARMAP="UTF-8"
+
+CODESET="Lat15"
+FONTFACE="Fixed"
+FONTSIZE="8x16"
+
+VIDEOMODE=
+
+# The following is an example how to use a braille font
+# FONT='lat9w-08.psf.gz brl-8x8.psf'
--- /dev/null
+# Cron configuration options
+
+# Whether to read the system's default environment files (if present)
+# If set to "yes", cron will set a proper mail charset from the
+# locale information. If set to something other than 'yes', the default
+# charset 'C' (canonical name: ANSI_X3.4-1968) will be used.
+#
+# This has no effect on tasks running under cron; their environment can
+# only be changed via PAM or from within the crontab; see crontab(5).
+READ_ENV="yes"
+
+# Extra options for cron, see cron(8)
+#
+# For example, to enable LSB name support in /etc/cron.d/, use
+# EXTRA_OPTS='-l'
+#
+# Or, to log standard messages, plus jobs with exit status != 0:
+# EXTRA_OPTS='-L 5'
+#
+# For quick reference, the currently available log levels are:
+# 0 no logging (errors are logged regardless)
+# 1 log start of jobs
+# 2 log end of jobs
+# 4 log jobs with exit status != 0
+# 8 log the process identifier of child process (in all logs)
+#
+#EXTRA_OPTS=""
+
--- /dev/null
+# This is a configuration file for /etc/init.d/dbus; it allows you to
+# perform common modifications to the behavior of the dbus daemon
+# startup without editing the init script (and thus getting prompted
+# by dpkg on upgrades). We all love dpkg prompts.
+
+# Parameters to pass to dbus.
+PARAMS=""
--- /dev/null
+# GID of the `tty' group
+TTYGRP=5
+
+# Set to 600 to have `mesg n' be the default
+TTYMODE=620
--- /dev/null
+# /etc/default/dovecot
+
+# Set to '0' to explicitly disable starting Dovecot
+#ENABLED=0
+
+# Set to '1' to allow Dovecot daemons to produce core dumps
+#ALLOW_COREDUMPS=1
--- /dev/null
+# This file is part of Fail2Ban.
+#
+# Fail2Ban is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Fail2Ban is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Fail2Ban; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Author: Cyril Jaquier
+#
+# $Revision$
+
+# Command line options for Fail2Ban. Refer to "fail2ban-client -h" for
+# valid options.
+FAIL2BAN_OPTS=""
+
+# Run fail2ban as a different user. If not set, fail2ban
+# will run as root.
+#
+# The user is not created automatically.
+# The user can be created e.g. with
+# useradd --system --no-create-home --home-dir / --groups adm fail2ban
+# Log files are readable by group adm by default. Adding the fail2ban
+# user to this group allows it to read the logfiles.
+#
+# Another manual step that needs to be taken is to allow write access
+# for fail2ban user to fail2ban log files. The /etc/init.d/fail2ban
+# script will change the ownership when starting fail2ban. Logrotate
+# needs to be configured separately, see /etc/logrotate.d/fail2ban.
+#
+# FAIL2BAN_USER="fail2ban"
--- /dev/null
+# If you change this file, run 'update-grub' afterwards to update
+# /boot/grub/grub.cfg.
+# For full documentation of the options in this file, see:
+# info -f grub -n 'Simple configuration'
+
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=2
+GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
+GRUB_CMDLINE_LINUX_DEFAULT="quiet"
+GRUB_CMDLINE_LINUX=""
+
+# Uncomment to enable BadRAM filtering, modify to suit your needs
+# This works with Linux (no patch required) and with any kernel that obtains
+# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
+#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
+
+# Uncomment to disable graphical terminal (grub-pc only)
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE
+# you can see them in real GRUB with the command `vbeinfo'
+#GRUB_GFXMODE=640x480
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY="true"
+
+# Uncomment to get a beep at grub start
+#GRUB_INIT_TUNE="480 440 1"
--- /dev/null
+# Default behaviour of shutdown -h / halt. Set to "halt" or "poweroff".
+HALT=poweroff
--- /dev/null
+# Configuration file for haveged
+
+# Options to pass to haveged:
+# -w sets low entropy watermark (in bits)
+DAEMON_ARGS="-w 1024"
--- /dev/null
+# Defaults for the hwclock init script. See hwclock(5) and hwclock(8).
+
+# This is used to specify that the hardware clock incapable of storing
+# years outside the range of 1994-1999. Set to yes if the hardware is
+# broken or no if working correctly.
+#BADYEAR=no
+
+# Set this to yes if it is possible to access the hardware clock,
+# or no if it is not.
+#HWCLOCKACCESS=yes
+
+# Set this to any options you might need to give to hwclock, such
+# as machine hardware clock type for Alphas.
+#HWCLOCKPARS=
+
+# Set this to the hardware clock device you want to use, it should
+# probably match the CONFIG_RTC_HCTOSYS_DEVICE kernel config option.
+#HCTOSYS_DEVICE=rtc0
+
--- /dev/null
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail. If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+#
+# Sample iptables rules. It should be localted at:
+# /etc/sysconfig/iptables
+#
+# Shipped within iRedMail project:
+# * http://www.iRedMail.org/
+#
+
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [0:0]
+
+# Keep state.
+-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+# Loop device.
+-A INPUT -i lo -j ACCEPT
+
+# Allow PING from remote hosts.
+-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
+
+# ssh
+-A INPUT -p tcp --dport 22 -j ACCEPT
+
+# http, https
+-A INPUT -p tcp --dport 80 -j ACCEPT
+-A INPUT -p tcp --dport 443 -j ACCEPT
+
+# smtp, submission
+-A INPUT -p tcp --dport 25 -j ACCEPT
+-A INPUT -p tcp --dport 587 -j ACCEPT
+
+# pop3, pop3s
+-A INPUT -p tcp --dport 110 -j ACCEPT
+-A INPUT -p tcp --dport 995 -j ACCEPT
+
+# imap, imaps
+-A INPUT -p tcp --dport 143 -j ACCEPT
+-A INPUT -p tcp --dport 993 -j ACCEPT
+
+# ldap/ldaps
+#-A INPUT -p tcp --dport 389 -j ACCEPT
+#-A INPUT -p tcp --dport 636 -j ACCEPT
+
+# MySQL service.
+# Note: Please make sure MySQL service is not binding to localhost with
+# 'bind-address=127.0.0.1'.
+#-A INPUT -p tcp --dport 3306 -j ACCEPT
+
+# PostgreSQL service.
+#-A INPUT -p tcp --dport 5432 -j ACCEPT
+
+# ftp.
+#-A INPUT -p tcp --dport 20 -j ACCEPT
+#-A INPUT -p tcp --dport 21 -j ACCEPT
+
+# ejabberd
+#-A INPUT -p tcp --dport 5222 -j ACCEPT
+#-A INPUT -p tcp --dport 5223 -j ACCEPT
+#-A INPUT -p tcp --dport 5280 -j ACCEPT
+
+COMMIT
--- /dev/null
+# KEYBOARD CONFIGURATION FILE
+
+# Consult the keyboard(5) manual page.
+
+XKBMODEL="pc105"
+XKBLAYOUT="us"
+XKBVARIANT=""
+XKBOPTIONS=""
+
+BACKSPACE="guess"
--- /dev/null
+# File generated by update-locale
+LANG=de_DE.UTF-8
--- /dev/null
+# Configuration for netfilter-persistent
+# Plugins may extend this file or have their own
+
+FLUSH_ON_STOP=0
--- /dev/null
+# Configuration for networking init script being run during
+# the boot sequence
+
+# Set to 'no' to skip interfaces configuration on boot
+#CONFIGURE_INTERFACES=yes
+
+# Don't configure these interfaces. Shell wildcards supported/
+#EXCLUDE_INTERFACES=
+
+# Set to 'yes' to enable additional verbosity
+#VERBOSE=no
--- /dev/null
+# Note: You may want to look at the following page before setting the ULIMIT.
+# http://wiki.nginx.org/CoreModule#worker_rlimit_nofile
+# Set the ulimit variable if you need defaults to change.
+# Example: ULIMIT="-n 4096"
+#ULIMIT="-n 4096"
+
+# Define the stop schedule for nginx
+# see the start-stop-daemon --retry documentation for more information
+#
+#STOP_SCHEDULE="QUIT/5/TERM/5/KILL/5"
--- /dev/null
+# /etc/default/nss
+# This file can theoretically contain a bunch of customization variables
+# for Name Service Switch in the GNU C library. For now there are only
+# four variables:
+#
+# NETID_AUTHORITATIVE
+# If set to TRUE, the initgroups() function will accept the information
+# from the netid.byname NIS map as authoritative. This can speed up the
+# function significantly if the group.byname map is large. The content
+# of the netid.byname map is used AS IS. The system administrator has
+# to make sure it is correctly generated.
+#NETID_AUTHORITATIVE=TRUE
+#
+# SERVICES_AUTHORITATIVE
+# If set to TRUE, the getservbyname{,_r}() function will assume
+# services.byservicename NIS map exists and is authoritative, particularly
+# that it contains both keys with /proto and without /proto for both
+# primary service names and service aliases. The system administrator
+# has to make sure it is correctly generated.
+#SERVICES_AUTHORITATIVE=TRUE
+#
+# SETENT_BATCH_READ
+# If set to TRUE, various setXXent() functions will read the entire
+# database at once and then hand out the requests one by one from
+# memory with every getXXent() call. Otherwise each getXXent() call
+# might result into a network communication with the server to get
+# the next entry.
+#SETENT_BATCH_READ=TRUE
+#
+# ADJUNCT_AS_SHADOW
+# If set to TRUE, the passwd routines in the NIS NSS module will not
+# use the passwd.adjunct.byname tables to fill in the password data
+# in the passwd structure. This is a security problem if the NIS
+# server cannot be trusted to send the passwd.adjuct table only to
+# privileged clients. Instead the passwd.adjunct.byname table is
+# used to synthesize the shadow.byname table if it does not exist.
+ADJUNCT_AS_SHADOW=TRUE
--- /dev/null
+#
+# /etc/default/rcS
+#
+# Default settings for the scripts in /etc/rcS.d/
+#
+# For information about these variables see the rcS(5) manual page.
+#
+# This file belongs to the "initscripts" package.
+
+# delete files in /tmp during boot older than x days.
+# '0' means always, -1 or 'infinite' disables the feature
+#TMPTIME=0
+
+# spawn sulogin during boot, continue normal boot if not used in 30 seconds
+#SULOGIN=no
+
+# do not allow users to log in until the boot has completed
+#DELAYLOGIN=no
+
+# be more verbose during the boot process
+#VERBOSE=no
+
+# automatically repair filesystems with inconsistencies during boot
+#FSCKFIX=no
--- /dev/null
+# defaults file for rsync daemon mode
+
+# start rsync in daemon mode from init.d script?
+# only allowed values are "true", "false", and "inetd"
+# Use "inetd" if you want to start the rsyncd from inetd,
+# all this does is prevent the init.d script from printing a message
+# about not starting rsyncd (you still need to modify inetd's config yourself).
+RSYNC_ENABLE=false
+
+# which file should be used as the configuration file for rsync.
+# This file is used instead of the default /etc/rsyncd.conf
+# Warning: This option has no effect if the daemon is accessed
+# using a remote shell. When using a different file for
+# rsync you might want to symlink /etc/rsyncd.conf to
+# that file.
+# RSYNC_CONFIG_FILE=
+
+# what extra options to give rsync --daemon?
+# that excludes the --daemon; that's always done in the init.d script
+# Possibilities are:
+# --address=123.45.67.89 (bind to a specific IP address)
+# --port=8730 (bind to specified port; default 873)
+RSYNC_OPTS=''
+
+# run rsyncd at a nice level?
+# the rsync daemon can impact performance due to much I/O and CPU usage,
+# so you may want to run it at a nicer priority than the default priority.
+# Allowed values are 0 - 19 inclusive; 10 is a reasonable value.
+RSYNC_NICE=''
+
+# run rsyncd with ionice?
+# "ionice" does for IO load what "nice" does for CPU load.
+# As rsync is often used for backups which aren't all that time-critical,
+# reducing the rsync IO priority will benefit the rest of the system.
+# See the manpage for ionice for allowed options.
+# -c3 is recommended, this will run rsync IO at "idle" priority. Uncomment
+# the next line to activate this.
+# RSYNC_IONICE='-c3'
+
+# Don't forget to create an appropriate config file,
+# else the daemon will not start.
--- /dev/null
+# Options for rsyslogd
+# -x disables DNS lookups for remote messages
+# See rsyslogd(8) for more details
+RSYSLOGD_OPTIONS=""
--- /dev/null
+# /etc/default/spamassassin
+# Duncan Findlay
+
+# WARNING: please read README.spamd before using.
+# There may be security risks.
+
+# If you're using systemd (default for jessie), the ENABLED setting is
+# not used. Instead, enable spamd by issuing:
+# systemctl enable spamassassin.service
+# Change to "1" to enable spamd on systems using sysvinit:
+ENABLED=0
+
+# Options
+# See man spamd for possible options. The -d option is automatically added.
+
+# SpamAssassin uses a preforking model, so be careful! You need to
+# make sure --max-children is not set to anything higher than 5,
+# unless you know what you're doing.
+
+OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
+
+# Pid file
+# Where should spamd write its PID to file? If you use the -u or
+# --username option above, this needs to be writable by that user.
+# Otherwise, the init script will not be able to shut spamd down.
+PIDFILE="/var/run/spamd.pid"
+
+# Set nice level of spamd
+#NICE="--nicelevel 15"
+
+# Cronjob
+# Set to anything but 0 to enable the cron job to automatically update
+# spamassassin's rules on a nightly basis
+CRON=1
--- /dev/null
+# Default settings for openssh-server. This file is sourced by /bin/sh from
+# /etc/init.d/ssh.
+
+# Options to pass to sshd
+SSHD_OPTS=
--- /dev/null
+# Configuration for tmpfs filesystems mounted in early boot, before
+# filesystems from /etc/fstab are mounted. For information about
+# these variables see the tmpfs(5) manual page.
+
+# /run is always mounted as a tmpfs on systems which support tmpfs
+# mounts.
+
+# mount /run/lock as a tmpfs (separately from /run). Defaults to yes;
+# set to no to disable (/run/lock will then be part of the /run tmpfs,
+# if available).
+#RAMLOCK=yes
+
+# mount /run/shm as a tmpfs (separately from /run). Defaults to yes;
+# set to no to disable (/run/shm will then be part of the /run tmpfs,
+# if available).
+#RAMSHM=yes
+
+# mount /tmp as a tmpfs. Defaults to no; set to yes to enable (/tmp
+# will be part of the root filesystem if disabled). /tmp may also be
+# configured to be a separate mount in /etc/fstab.
+#RAMTMP=no
+
+# Size limits. Please see tmpfs(5) for details on how to configure
+# tmpfs size limits.
+#TMPFS_SIZE=20%VM
+#RUN_SIZE=10%
+#LOCK_SIZE=5242880 # 5MiB
+#SHM_SIZE=
+#TMP_SIZE=
+
+# Mount tmpfs on /tmp if there is less than the limit size (in kiB) on
+# the root filesystem (overriding RAMTMP).
+#TMP_OVERFLOW_LIMIT=1024
--- /dev/null
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
--- /dev/null
+# Defaults for uWSGI initscript
+# sourced by /etc/init.d/uwsgi
+
+# Run automatically at system startup?
+RUN_AT_STARTUP=yes
+
+# At startup VERBOSE value is setted in 'no'. So when user invokes
+# uWSGI init.d script, no output is showed.
+# It could be unexpected behaviour, because it is common practice for
+# init.d script to ignore VERBOSE value.
+# Here VERBOSE is overriden to conform such the practice.
+VERBOSE=yes
+
+# Should init.d script print configuration file names while marking progress of
+# it's execution?
+#
+# If 'no', then init.d script prints one-character symbols instead file names.
+#
+# Printing confnames is quite informative, but could mess terminal output or
+# be somewhat dangerous (as filename could contain arbitary characters).
+# ASCII control characters in file names are replaced with '?' in init.d script
+# output, nevertheless you were warned.
+PRINT_CONFNAMES_IN_INITD_SCRIPT_OUTPUT=no
+
+# init.d script starts instance of uWSGI daemon for each found user-created
+# configuration file.
+#
+# Options from inherited configuration file are passed to each instance by
+# default. They could be overrided (or extended) by user configuration file.
+INHERITED_CONFIG=/usr/share/uwsgi/conf/default.ini
--- /dev/null
+# /etc/deluser.conf: `deluser' configuration.
+
+# Remove home directory and mail spool when user is removed
+REMOVE_HOME = 0
+
+# Remove all files on the system owned by the user to be removed
+REMOVE_ALL_FILES = 0
+
+# Backup files before removing them. This options has only an effect if
+# REMOVE_HOME or REMOVE_ALL_FILES is set.
+BACKUP = 0
+
+# target directory for the backup file
+BACKUP_TO = "."
+
+# delete a group even there are still users in this group
+ONLY_IF_EMPTY = 0
+
+# exclude these filesystem types when searching for files of a user to backup
+EXCLUDE_FSTYPES = "(proc|sysfs|usbfs|devpts|tmpfs|afs)"
--- /dev/null
+#
+# The purpose of this script is just to show the variables that are
+# available to all the scripts in this directory. All these scripts
+# are called from /etc/dhcp3/dhclient-script, which exports all the
+# variables shown before. If you want to debug a problem with your DHCP
+# setup you can enable this script and take a look at
+# /tmp/dhclient-script.debug.
+
+# To enable this script set the following variable to "yes"
+RUN="no"
+
+if [ "$RUN" = "yes" ]; then
+ echo $(date): entering ${0%/*}, dumping variables. \
+ >> /tmp/dhclient-script.debug
+
+ # loop over the 4 possible prefixes: (empty), cur_, new_, old_
+ for prefix in '' 'cur_' 'new_' 'old_'; do
+ # loop over the DHCP variables passed to dhclient-script
+ for basevar in reason interface medium alias_ip_address \
+ ip_address host_name network_number subnet_mask \
+ broadcast_address routers static_routes \
+ rfc3442_classless_static_routes \
+ domain_name domain_search domain_name_servers \
+ netbios_name_servers netbios_scope \
+ ntp_servers \
+ ip6_address ip6_prefix ip6_prefixlen \
+ dhcp6_domain_search dhcp6_name_servers ; do
+ var="${prefix}${basevar}"
+ eval "content=\$var"
+
+ # show only variables with values set
+ if [ -n "${content}" ]; then
+ echo "$var='${content}'" >> /tmp/dhclient-script.debug
+ fi
+ done
+ done
+
+ echo '--------------------------' >> /tmp/dhclient-script.debug
+fi
--- /dev/null
+#!/bin/sh
+
+# Don't overwrite /etc/resolv.conf
+make_resolv_conf() {
+ :
+}
--- /dev/null
+#
+# The purpose of this script is just to show the variables that are
+# available to all the scripts in this directory. All these scripts
+# are called from /etc/dhcp3/dhclient-script, which exports all the
+# variables shown before. If you want to debug a problem with your DHCP
+# setup you can enable this script and take a look at
+# /tmp/dhclient-script.debug.
+
+# To enable this script set the following variable to "yes"
+RUN="no"
+
+if [ "$RUN" = "yes" ]; then
+ echo $(date): entering ${0%/*}, dumping variables. \
+ >> /tmp/dhclient-script.debug
+
+ # loop over the 4 possible prefixes: (empty), cur_, new_, old_
+ for prefix in '' 'cur_' 'new_' 'old_'; do
+ # loop over the DHCP variables passed to dhclient-script
+ for basevar in reason interface medium alias_ip_address \
+ ip_address host_name network_number subnet_mask \
+ broadcast_address routers static_routes \
+ rfc3442_classless_static_routes \
+ domain_name domain_search domain_name_servers \
+ netbios_name_servers netbios_scope \
+ ntp_servers \
+ ip6_address ip6_prefix ip6_prefixlen \
+ dhcp6_domain_search dhcp6_name_servers ; do
+ var="${prefix}${basevar}"
+ eval "content=\$var"
+
+ # show only variables with values set
+ if [ -n "${content}" ]; then
+ echo "$var='${content}'" >> /tmp/dhclient-script.debug
+ fi
+ done
+ done
+
+ echo '--------------------------' >> /tmp/dhclient-script.debug
+fi
--- /dev/null
+# set classless routes based on the format specified in RFC3442
+# e.g.:
+# new_rfc3442_classless_static_routes='24 192 168 10 192 168 1 1 8 10 10 17 66 41'
+# specifies the routes:
+# 192.168.10.0/24 via 192.168.1.1
+# 10.0.0.0/8 via 10.10.17.66.41
+
+RUN="yes"
+
+
+if [ "$RUN" = "yes" ]; then
+ if [ -n "$new_rfc3442_classless_static_routes" ]; then
+ if [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then
+
+ set -- $new_rfc3442_classless_static_routes
+
+ while [ $# -gt 0 ]; do
+ net_length=$1
+ via_arg=''
+
+ case $net_length in
+ 32|31|30|29|28|27|26|25)
+ net_address="${2}.${3}.${4}.${5}"
+ gateway="${6}.${7}.${8}.${9}"
+ shift 9
+ ;;
+ 24|23|22|21|20|19|18|17)
+ net_address="${2}.${3}.${4}.0"
+ gateway="${5}.${6}.${7}.${8}"
+ shift 8
+ ;;
+ 16|15|14|13|12|11|10|9)
+ net_address="${2}.${3}.0.0"
+ gateway="${4}.${5}.${6}.${7}"
+ shift 7
+ ;;
+ 8|7|6|5|4|3|2|1)
+ net_address="${2}.0.0.0"
+ gateway="${3}.${4}.${5}.${6}"
+ shift 6
+ ;;
+ 0) # default route
+ net_address="0.0.0.0"
+ gateway="${2}.${3}.${4}.${5}"
+ shift 5
+ ;;
+ *) # error
+ return 1
+ ;;
+ esac
+
+ # take care of link-local routes
+ if [ "${gateway}" != '0.0.0.0' ]; then
+ via_arg="via ${gateway}"
+ fi
+
+ # set route (ip detects host routes automatically)
+ ip -4 route add "${net_address}/${net_length}" \
+ ${via_arg} dev "${interface}" >/dev/null 2>&1
+ done
+ fi
+ fi
+fi
--- /dev/null
+# Configuration file for /sbin/dhclient, which is included in Debian's
+# dhcp3-client package.
+#
+# This is a sample configuration file for dhclient. See dhclient.conf's
+# man page for more information about the syntax of this file
+# and a more comprehensive list of the parameters understood by
+# dhclient.
+#
+# Normally, if the DHCP server provides reasonable information and does
+# not leave anything out (like the domain name, for example), then
+# few changes must be made to this file, if any.
+#
+
+option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
+
+#send host-name "andare.fugue.com";
+send host-name = gethostname();
+#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
+#send dhcp-lease-time 3600;
+#supersede domain-name "fugue.com home.vix.com";
+#prepend domain-name-servers 127.0.0.1;
+request subnet-mask, broadcast-address, time-offset, routers,
+ domain-name, domain-name-servers, domain-search, host-name,
+ dhcp6.name-servers, dhcp6.domain-search,
+ netbios-name-servers, netbios-scope, interface-mtu,
+ rfc3442-classless-static-routes, ntp-servers;
+#require subnet-mask, domain-name-servers;
+#timeout 60;
+#retry 60;
+#reboot 10;
+#select-timeout 5;
+#initial-interval 2;
+#script "/etc/dhcp3/dhclient-script";
+#media "-link0 -link1 -link2", "link0 link1";
+#reject 192.33.137.209;
+
+#alias {
+# interface "eth0";
+# fixed-address 192.5.5.213;
+# option subnet-mask 255.255.255.255;
+#}
+
+#lease {
+# interface "eth0";
+# fixed-address 192.33.137.200;
+# medium "link0 link1";
+# option host-name "andare.swiftmedia.com";
+# option subnet-mask 255.255.255.0;
+# option broadcast-address 192.33.137.255;
+# option routers 192.33.137.250;
+# option domain-name-servers 127.0.0.1;
+# renew 2 2000/1/12 00:00:01;
+# rebind 2 2000/1/12 00:00:01;
+# expire 2 2000/1/12 00:00:01;
+#}
--- /dev/null
+/usr/lib/ispell/american.aff
\ No newline at end of file
--- /dev/null
+/usr/lib/ispell/american.hash
\ No newline at end of file
--- /dev/null
+/var/cache/dictionaries-common/ispell-default
\ No newline at end of file
--- /dev/null
+/usr/share/dict/american-english
\ No newline at end of file
--- /dev/null
+
+# $Progeny$
+
+# Load modules for the following device types. Specify "all"
+# to detect all device types.
+types="all"
+
+# Don't ever load the foo, bar, or baz modules.
+#skip="foo bar baz"
+
+# Lines below this point have been automatically added by
+# discover-modprobe(8) to disable the loading of modules that have
+# previously crashed the machine:
--- /dev/null
+<?xml version="1.0"?>
+
+<!-- $Progeny$ -->
+
+<!DOCTYPE conffile SYSTEM "conffile.dtd">
+
+<conffile>
+ <busscan scan="default">
+ <bus name="ata"/>
+ <bus name="pci"/>
+ <bus name="pcmcia"/>
+ <bus name="scsi"/>
+ <bus name="usb"/>
+ </busscan>
+</conffile>
--- /dev/null
+Configuration files go to this directory. See example configuration files in
+/usr/share/doc/dovecot-core/example-config/
--- /dev/null
+##
+## Authentication processes
+##
+
+# Disable LOGIN command and all other plaintext authentications unless
+# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed.
+# See also ssl=required setting.
+#disable_plaintext_auth = yes
+
+# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
+# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
+#auth_cache_size = 0
+# Time to live for cached data. After TTL expires the cached record is no
+# longer used, *except* if the main database lookup returns internal failure.
+# We also try to handle password changes automatically: If user's previous
+# authentication was successful, but this one wasn't, the cache isn't used.
+# For now this works only with plaintext authentication.
+#auth_cache_ttl = 1 hour
+# TTL for negative hits (user not found, password mismatch).
+# 0 disables caching them completely.
+#auth_cache_negative_ttl = 1 hour
+
+# Space separated list of realms for SASL authentication mechanisms that need
+# them. You can leave it empty if you don't want to support multiple realms.
+# Many clients simply use the first one listed here, so keep the default realm
+# first.
+#auth_realms =
+
+# Default realm/domain to use if none was specified. This is used for both
+# SASL realms and appending @domain to username in plaintext logins.
+#auth_default_realm =
+
+# List of allowed characters in username. If the user-given username contains
+# a character not listed in here, the login automatically fails. This is just
+# an extra check to make sure user can't exploit any potential quote escaping
+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
+# set this value to empty.
+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
+
+# Username character translations before it's looked up from databases. The
+# value contains series of from -> to characters. For example "#@/@" means
+# that '#' and '/' characters are translated to '@'.
+#auth_username_translation =
+
+# Username formatting before it's looked up from databases. You can use
+# the standard variables here, eg. %Lu would lowercase the username, %n would
+# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
+# "-AT-". This translation is done after auth_username_translation changes.
+#auth_username_format = %Lu
+
+# If you want to allow master users to log in by specifying the master
+# username within the normal username string (ie. not using SASL mechanism's
+# support for it), you can specify the separator character here. The format
+# is then <username><separator><master username>. UW-IMAP uses "*" as the
+# separator, so that could be a good choice.
+#auth_master_user_separator =
+
+# Username to use for users logging in with ANONYMOUS SASL mechanism
+#auth_anonymous_username = anonymous
+
+# Maximum number of dovecot-auth worker processes. They're used to execute
+# blocking passdb and userdb queries (eg. MySQL and PAM). They're
+# automatically created and destroyed as needed.
+#auth_worker_max_count = 30
+
+# Host name to use in GSSAPI principal names. The default is to use the
+# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
+# entries.
+#auth_gssapi_hostname =
+
+# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
+# default (usually /etc/krb5.keytab) if not specified. You may need to change
+# the auth service to run as root to be able to read this file.
+#auth_krb5_keytab =
+
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
+#auth_use_winbind = no
+
+# Path for Samba's ntlm_auth helper binary.
+#auth_winbind_helper_path = /usr/bin/ntlm_auth
+
+# Time to delay before replying to failed authentications.
+#auth_failure_delay = 2 secs
+
+# Require a valid SSL client certificate or the authentication fails.
+#auth_ssl_require_client_cert = no
+
+# Take the username from client's SSL certificate, using
+# X509_NAME_get_text_by_NID() which returns the subject's DN's
+# CommonName.
+#auth_ssl_username_from_cert = no
+
+# Space separated list of wanted authentication mechanisms:
+# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
+# gss-spnego
+# NOTE: See also disable_plaintext_auth setting.
+auth_mechanisms = plain
+
+##
+## Password and user databases
+##
+
+#
+# Password database is used to verify user's password (and nothing more).
+# You can have multiple passdbs and userdbs. This is useful if you want to
+# allow both system users (/etc/passwd) and virtual users to login without
+# duplicating the system users into virtual database.
+#
+# <doc/wiki/PasswordDatabase.txt>
+#
+# User database specifies where mails are located and what user/group IDs
+# own them. For single-UID configuration use "static" userdb.
+#
+# <doc/wiki/UserDatabase.txt>
+
+#!include auth-deny.conf.ext
+#!include auth-master.conf.ext
+
+!include auth-system.conf.ext
+#!include auth-sql.conf.ext
+#!include auth-ldap.conf.ext
+#!include auth-passwdfile.conf.ext
+#!include auth-checkpassword.conf.ext
+#!include auth-vpopmail.conf.ext
+#!include auth-static.conf.ext
--- /dev/null
+##
+## Director-specific settings.
+##
+
+# Director can be used by Dovecot proxy to keep a temporary user -> mail server
+# mapping. As long as user has simultaneous connections, the user is always
+# redirected to the same server. Each proxy server is running its own director
+# process, and the directors are communicating the state to each others.
+# Directors are mainly useful with NFS-like setups.
+
+# List of IPs or hostnames to all director servers, including ourself.
+# Ports can be specified as ip:port. The default port is the same as
+# what director service's inet_listener is using.
+#director_servers =
+
+# List of IPs or hostnames to all backend mail servers. Ranges are allowed
+# too, like 10.0.0.10-10.0.0.30.
+#director_mail_servers =
+
+# How long to redirect users to a specific server after it no longer has
+# any connections.
+#director_user_expire = 15 min
+
+# TCP/IP port that accepts doveadm connections (instead of director connections)
+# If you enable this, you'll also need to add inet_listener for the port.
+#director_doveadm_port = 0
+
+# How the username is translated before being hashed. Useful values include
+# %Ln if user can log in with or without @domain, %Ld if mailboxes are shared
+# within domain.
+#director_username_hash = %Lu
+
+# To enable director service, uncomment the modes and assign a port.
+service director {
+ unix_listener login/director {
+ #mode = 0666
+ }
+ fifo_listener login/proxy-notify {
+ #mode = 0666
+ }
+ unix_listener director-userdb {
+ #mode = 0600
+ }
+ inet_listener {
+ #port =
+ }
+}
+
+# Enable director for the wanted login services by telling them to
+# connect to director socket instead of the default login socket:
+service imap-login {
+ #executable = imap-login director
+}
+service pop3-login {
+ #executable = pop3-login director
+}
+
+# Enable director for LMTP proxying:
+protocol lmtp {
+ #auth_socket_path = director-userdb
+}
--- /dev/null
+##
+## Log destination.
+##
+
+# Log file to use for error messages. "syslog" logs to syslog,
+# /dev/stderr logs to stderr.
+#log_path = syslog
+
+# Log file to use for informational messages. Defaults to log_path.
+#info_log_path =
+# Log file to use for debug messages. Defaults to info_log_path.
+#debug_log_path =
+
+# Syslog facility to use if you're logging to syslog. Usually if you don't
+# want to use "mail", you'll use local0..local7. Also other standard
+# facilities are supported.
+#syslog_facility = mail
+
+##
+## Logging verbosity and debugging.
+##
+
+# Log unsuccessful authentication attempts and the reasons why they failed.
+#auth_verbose = no
+
+# In case of password mismatches, log the attempted password. Valid values are
+# no, plain and sha1. sha1 can be useful for detecting brute force password
+# attempts vs. user simply trying the same password over and over again.
+# You can also truncate the value to n chars by appending ":n" (e.g. sha1:6).
+#auth_verbose_passwords = no
+
+# Even more verbose logging for debugging purposes. Shows for example SQL
+# queries.
+#auth_debug = no
+
+# In case of password mismatches, log the passwords and used scheme so the
+# problem can be debugged. Enabling this also enables auth_debug.
+#auth_debug_passwords = no
+
+# Enable mail process debugging. This can help you figure out why Dovecot
+# isn't finding your mails.
+#mail_debug = no
+
+# Show protocol level SSL errors.
+#verbose_ssl = no
+
+# mail_log plugin provides more event logging for mail processes.
+plugin {
+ # Events to log. Also available: flag_change append
+ #mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
+ # Available fields: uid, box, msgid, from, subject, size, vsize, flags
+ # size and vsize are available only for expunge and copy events.
+ #mail_log_fields = uid box msgid size
+}
+
+##
+## Log formatting.
+##
+
+# Prefix for each line written to log file. % codes are in strftime(3)
+# format.
+#log_timestamp = "%b %d %H:%M:%S "
+
+# Space-separated list of elements we want to log. The elements which have
+# a non-empty variable value are joined together to form a comma-separated
+# string.
+#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
+
+# Login log format. %s contains login_log_format_elements string, %$ contains
+# the data we want to log.
+#login_log_format = %$: %s
+
+# Log prefix for mail processes. See doc/wiki/Variables.txt for list of
+# possible variables you can use.
+#mail_log_prefix = "%s(%u): "
+
+# Format to use for logging mail deliveries. You can use variables:
+# %$ - Delivery status message (e.g. "saved to INBOX")
+# %m - Message-ID
+# %s - Subject
+# %f - From address
+# %p - Physical size
+# %w - Virtual size
+#deliver_log_format = msgid=%m: %$
--- /dev/null
+##
+## Mailbox locations and namespaces
+##
+
+# Location for users' mailboxes. The default is empty, which means that Dovecot
+# tries to find the mailboxes automatically. This won't work if the user
+# doesn't yet have any mail, so you should explicitly tell Dovecot the full
+# location.
+#
+# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
+# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
+# kept. This is called the "root mail directory", and it must be the first
+# path given in the mail_location setting.
+#
+# There are a few special variables you can use, eg.:
+#
+# %u - username
+# %n - user part in user@domain, same as %u if there's no domain
+# %d - domain part in user@domain, empty if there's no domain
+# %h - home directory
+#
+# See doc/wiki/Variables.txt for full list. Some examples:
+#
+# mail_location = maildir:~/Maildir
+# mail_location = mbox:~/mail:INBOX=/var/mail/%u
+# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
+#
+# <doc/wiki/MailLocation.txt>
+#
+mail_location = mbox:~/mail:INBOX=/var/mail/%u
+
+# If you need to set multiple mailbox locations or want to change default
+# namespace settings, you can do it by defining namespace sections.
+#
+# You can have private, shared and public namespaces. Private namespaces
+# are for user's personal mails. Shared namespaces are for accessing other
+# users' mailboxes that have been shared. Public namespaces are for shared
+# mailboxes that are managed by sysadmin. If you create any shared or public
+# namespaces you'll typically want to enable ACL plugin also, otherwise all
+# users can access all the shared mailboxes, assuming they have permissions
+# on filesystem level to do so.
+namespace inbox {
+ # Namespace type: private, shared or public
+ #type = private
+
+ # Hierarchy separator to use. You should use the same separator for all
+ # namespaces or some clients get confused. '/' is usually a good one.
+ # The default however depends on the underlying mail storage format.
+ #separator =
+
+ # Prefix required to access this namespace. This needs to be different for
+ # all namespaces. For example "Public/".
+ #prefix =
+
+ # Physical location of the mailbox. This is in same format as
+ # mail_location, which is also the default for it.
+ #location =
+
+ # There can be only one INBOX, and this setting defines which namespace
+ # has it.
+ inbox = yes
+
+ # If namespace is hidden, it's not advertised to clients via NAMESPACE
+ # extension. You'll most likely also want to set list=no. This is mostly
+ # useful when converting from another server with different namespaces which
+ # you want to deprecate but still keep working. For example you can create
+ # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/".
+ #hidden = no
+
+ # Show the mailboxes under this namespace with LIST command. This makes the
+ # namespace visible for clients that don't support NAMESPACE extension.
+ # "children" value lists child mailboxes, but hides the namespace prefix.
+ #list = yes
+
+ # Namespace handles its own subscriptions. If set to "no", the parent
+ # namespace handles them (empty prefix should always have this as "yes")
+ #subscriptions = yes
+}
+
+# Example shared namespace configuration
+#namespace {
+ #type = shared
+ #separator = /
+
+ # Mailboxes are visible under "shared/user@domain/"
+ # %%n, %%d and %%u are expanded to the destination user.
+ #prefix = shared/%%u/
+
+ # Mail location for other users' mailboxes. Note that %variables and ~/
+ # expands to the logged in user's data. %%n, %%d, %%u and %%h expand to the
+ # destination user's data.
+ #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
+
+ # Use the default namespace for saving subscriptions.
+ #subscriptions = no
+
+ # List the shared/ namespace only if there are visible shared mailboxes.
+ #list = children
+#}
+# Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"?
+#mail_shared_explicit_inbox = no
+
+# System user and group used to access mails. If you use multiple, userdb
+# can override these by returning uid or gid fields. You can use either numbers
+# or names. <doc/wiki/UserIds.txt>
+#mail_uid =
+#mail_gid =
+
+# Group to enable temporarily for privileged operations. Currently this is
+# used only with INBOX when either its initial creation or dotlocking fails.
+# Typically this is set to "mail" to give access to /var/mail.
+#mail_privileged_group =
+
+# Grant access to these supplementary groups for mail processes. Typically
+# these are used to set up access to shared mailboxes. Note that it may be
+# dangerous to set these if users can create symlinks (e.g. if "mail" group is
+# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
+# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
+#mail_access_groups =
+
+# Allow full filesystem access to clients. There's no access checks other than
+# what the operating system does for the active UID/GID. It works with both
+# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
+# or ~user/.
+#mail_full_filesystem_access = no
+
+# Dictionary for key=value mailbox attributes. Currently used by URLAUTH, but
+# soon intended to be used by METADATA as well.
+#mail_attribute_dict =
+
+##
+## Mail processes
+##
+
+# Don't use mmap() at all. This is required if you store indexes to shared
+# filesystems (NFS or clustered filesystem).
+#mmap_disable = no
+
+# Rely on O_EXCL to work when creating dotlock files. NFS supports O_EXCL
+# since version 3, so this should be safe to use nowadays by default.
+#dotlock_use_excl = yes
+
+# When to use fsync() or fdatasync() calls:
+# optimized (default): Whenever necessary to avoid losing important data
+# always: Useful with e.g. NFS when write()s are delayed
+# never: Never use it (best performance, but crashes can lose data)
+#mail_fsync = optimized
+
+# Locking method for index files. Alternatives are fcntl, flock and dotlock.
+# Dotlocking uses some tricks which may create more disk I/O than other locking
+# methods. NFS users: flock doesn't work, remember to change mmap_disable.
+#lock_method = fcntl
+
+# Directory in which LDA/LMTP temporarily stores incoming mails >128 kB.
+#mail_temp_dir = /tmp
+
+# Valid UID range for users, defaults to 500 and above. This is mostly
+# to make sure that users can't log in as daemons or other system users.
+# Note that denying root logins is hardcoded to dovecot binary and can't
+# be done even if first_valid_uid is set to 0.
+#first_valid_uid = 500
+#last_valid_uid = 0
+
+# Valid GID range for users, defaults to non-root/wheel. Users having
+# non-valid GID as primary group ID aren't allowed to log in. If user
+# belongs to supplementary groups with non-valid GIDs, those groups are
+# not set.
+#first_valid_gid = 1
+#last_valid_gid = 0
+
+# Maximum allowed length for mail keyword name. It's only forced when trying
+# to create new keywords.
+#mail_max_keyword_length = 50
+
+# ':' separated list of directories under which chrooting is allowed for mail
+# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
+# This setting doesn't affect login_chroot, mail_chroot or auth chroot
+# settings. If this setting is empty, "/./" in home dirs are ignored.
+# WARNING: Never add directories here which local users can modify, that
+# may lead to root exploit. Usually this should be done only if you don't
+# allow shell access for users. <doc/wiki/Chrooting.txt>
+#valid_chroot_dirs =
+
+# Default chroot directory for mail processes. This can be overridden for
+# specific users in user database by giving /./ in user's home directory
+# (eg. /home/./user chroots into /home). Note that usually there is no real
+# need to do chrooting, Dovecot doesn't allow users to access files outside
+# their mail directory anyway. If your home directories are prefixed with
+# the chroot directory, append "/." to mail_chroot. <doc/wiki/Chrooting.txt>
+#mail_chroot =
+
+# UNIX socket path to master authentication server to find users.
+# This is used by imap (for shared users) and lda.
+#auth_socket_path = /var/run/dovecot/auth-userdb
+
+# Directory where to look up mail plugins.
+#mail_plugin_dir = /usr/lib/dovecot/modules
+
+# Space separated list of plugins to load for all services. Plugins specific to
+# IMAP, LDA, etc. are added to this list in their own .conf files.
+#mail_plugins =
+
+##
+## Mailbox handling optimizations
+##
+
+# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are
+# also required for IMAP NOTIFY extension to be enabled.
+#mailbox_list_index = no
+
+# The minimum number of mails in a mailbox before updates are done to cache
+# file. This allows optimizing Dovecot's behavior to do less disk writes at
+# the cost of more disk reads.
+#mail_cache_min_mail_count = 0
+
+# When IDLE command is running, mailbox is checked once in a while to see if
+# there are any new mails or other changes. This setting defines the minimum
+# time to wait between those checks. Dovecot can also use dnotify, inotify and
+# kqueue to find out immediately when changes occur.
+#mailbox_idle_check_interval = 30 secs
+
+# Save mails with CR+LF instead of plain LF. This makes sending those mails
+# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
+# But it also creates a bit more disk I/O which may just make it slower.
+# Also note that if other software reads the mboxes/maildirs, they may handle
+# the extra CRs wrong and cause problems.
+#mail_save_crlf = no
+
+# Max number of mails to keep open and prefetch to memory. This only works with
+# some mailbox formats and/or operating systems.
+#mail_prefetch_count = 0
+
+# How often to scan for stale temporary files and delete them (0 = never).
+# These should exist only after Dovecot dies in the middle of saving mails.
+#mail_temp_scan_interval = 1w
+
+##
+## Maildir-specific settings
+##
+
+# By default LIST command returns all entries in maildir beginning with a dot.
+# Enabling this option makes Dovecot return only entries which are directories.
+# This is done by stat()ing each entry, so it causes more disk I/O.
+# (For systems setting struct dirent->d_type, this check is free and it's
+# done always regardless of this setting)
+#maildir_stat_dirs = no
+
+# When copying a message, do it with hard links whenever possible. This makes
+# the performance much better, and it's unlikely to have any side effects.
+#maildir_copy_with_hardlinks = yes
+
+# Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only
+# when its mtime changes unexpectedly or when we can't find the mail otherwise.
+#maildir_very_dirty_syncs = no
+
+# If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for
+# getting the mail's physical size, except when recalculating Maildir++ quota.
+# This can be useful in systems where a lot of the Maildir filenames have a
+# broken size. The performance hit for enabling this is very small.
+#maildir_broken_filename_sizes = no
+
+# Always move mails from new/ directory to cur/, even when the \Recent flags
+# aren't being reset.
+#maildir_empty_new = no
+
+##
+## mbox-specific settings
+##
+
+# Which locking methods to use for locking mbox. There are four available:
+# dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
+# solution. If you want to use /var/mail/ like directory, the users
+# will need write access to that directory.
+# dotlock_try: Same as dotlock, but if it fails because of permissions or
+# because there isn't enough disk space, just skip it.
+# fcntl : Use this if possible. Works with NFS too if lockd is used.
+# flock : May not exist in all systems. Doesn't work with NFS.
+# lockf : May not exist in all systems. Doesn't work with NFS.
+#
+# You can use multiple locking methods; if you do the order they're declared
+# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+# locking methods as well. Some operating systems don't allow using some of
+# them simultaneously.
+#
+# The Debian value for mbox_write_locks differs from upstream Dovecot. It is
+# changed to be compliant with Debian Policy (section 11.6) for NFS safety.
+# Dovecot: mbox_write_locks = dotlock fcntl
+# Debian: mbox_write_locks = fcntl dotlock
+#
+#mbox_read_locks = fcntl
+#mbox_write_locks = fcntl dotlock
+
+# Maximum time to wait for lock (all of them) before aborting.
+#mbox_lock_timeout = 5 mins
+
+# If dotlock exists but the mailbox isn't modified in any way, override the
+# lock file after this much time.
+#mbox_dotlock_change_timeout = 2 mins
+
+# When mbox changes unexpectedly we have to fully read it to find out what
+# changed. If the mbox is large this can take a long time. Since the change
+# is usually just a newly appended mail, it'd be faster to simply read the
+# new mails. If this setting is enabled, Dovecot does this but still safely
+# fallbacks to re-reading the whole mbox file whenever something in mbox isn't
+# how it's expected to be. The only real downside to this setting is that if
+# some other MUA changes message flags, Dovecot doesn't notice it immediately.
+# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK
+# commands.
+#mbox_dirty_syncs = yes
+
+# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE,
+# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.
+#mbox_very_dirty_syncs = no
+
+# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK
+# commands and when closing the mailbox). This is especially useful for POP3
+# where clients often delete all mails. The downside is that our changes
+# aren't immediately visible to other MUAs.
+#mbox_lazy_writes = yes
+
+# If mbox size is smaller than this (e.g. 100k), don't write index files.
+# If an index file already exists it's still read, just not updated.
+#mbox_min_index_size = 0
+
+# Mail header selection algorithm to use for MD5 POP3 UIDLs when
+# pop3_uidl_format=%m. For backwards compatibility we use apop3d inspired
+# algorithm, but it fails if the first Received: header isn't unique in all
+# mails. An alternative algorithm is "all" that selects all headers.
+#mbox_md5 = apop3d
+
+##
+## mdbox-specific settings
+##
+
+# Maximum dbox file size until it's rotated.
+#mdbox_rotate_size = 2M
+
+# Maximum dbox file age until it's rotated. Typically in days. Day begins
+# from midnight, so 1d = today, 2d = yesterday, etc. 0 = check disabled.
+#mdbox_rotate_interval = 0
+
+# When creating new mdbox files, immediately preallocate their size to
+# mdbox_rotate_size. This setting currently works only in Linux with some
+# filesystems (ext4, xfs).
+#mdbox_preallocate_space = no
+
+##
+## Mail attachments
+##
+
+# sdbox and mdbox support saving mail attachments to external files, which
+# also allows single instance storage for them. Other backends don't support
+# this for now.
+
+# Directory root where to store mail attachments. Disabled, if empty.
+#mail_attachment_dir =
+
+# Attachments smaller than this aren't saved externally. It's also possible to
+# write a plugin to disable saving specific attachments externally.
+#mail_attachment_min_size = 128k
+
+# Filesystem backend to use for saving attachments:
+# posix : No SiS done by Dovecot (but this might help FS's own deduplication)
+# sis posix : SiS with immediate byte-by-byte comparison during saving
+# sis-queue posix : SiS with delayed comparison and deduplication
+#mail_attachment_fs = sis posix
+
+# Hash format to use in attachment filenames. You can add any text and
+# variables: %{md4}, %{md5}, %{sha1}, %{sha256}, %{sha512}, %{size}.
+# Variables can be truncated, e.g. %{sha256:80} returns only first 80 bits
+#mail_attachment_hash = %{sha1}
--- /dev/null
+#default_process_limit = 100
+#default_client_limit = 1000
+
+# Default VSZ (virtual memory size) limit for service processes. This is mainly
+# intended to catch and kill processes that leak memory before they eat up
+# everything.
+#default_vsz_limit = 256M
+
+# Login user is internally used by login processes. This is the most untrusted
+# user in Dovecot system. It shouldn't have access to anything at all.
+#default_login_user = dovenull
+
+# Internal user is used by unprivileged processes. It should be separate from
+# login user, so that login processes can't disturb other processes.
+#default_internal_user = dovecot
+
+service imap-login {
+ inet_listener imap {
+ #port = 143
+ }
+ inet_listener imaps {
+ #port = 993
+ #ssl = yes
+ }
+
+ # Number of connections to handle before starting a new process. Typically
+ # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+ # is faster. <doc/wiki/LoginProcess.txt>
+ #service_count = 1
+
+ # Number of processes to always keep waiting for more connections.
+ #process_min_avail = 0
+
+ # If you set service_count=0, you probably need to grow this.
+ #vsz_limit = $default_vsz_limit
+}
+
+service pop3-login {
+ inet_listener pop3 {
+ #port = 110
+ }
+ inet_listener pop3s {
+ #port = 995
+ #ssl = yes
+ }
+}
+
+service lmtp {
+ unix_listener lmtp {
+ #mode = 0666
+ }
+
+ # Create inet listener only if you can't use the above UNIX socket
+ #inet_listener lmtp {
+ # Avoid making LMTP visible for the entire internet
+ #address =
+ #port =
+ #}
+}
+
+service imap {
+ # Most of the memory goes to mmap()ing files. You may need to increase this
+ # limit if you have huge mailboxes.
+ #vsz_limit = $default_vsz_limit
+
+ # Max. number of IMAP processes (connections)
+ #process_limit = 1024
+}
+
+service pop3 {
+ # Max. number of POP3 processes (connections)
+ #process_limit = 1024
+}
+
+service auth {
+ # auth_socket_path points to this userdb socket by default. It's typically
+ # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
+ # full permissions to this socket are able to get a list of all usernames and
+ # get the results of everyone's userdb lookups.
+ #
+ # The default 0666 mode allows anyone to connect to the socket, but the
+ # userdb lookups will succeed only if the userdb returns an "uid" field that
+ # matches the caller process's UID. Also if caller's uid or gid matches the
+ # socket's uid or gid the lookup succeeds. Anything else causes a failure.
+ #
+ # To give the caller full permissions to lookup all users, set the mode to
+ # something else than 0666 and Dovecot lets the kernel enforce the
+ # permissions (e.g. 0777 allows everyone full permissions).
+ unix_listener auth-userdb {
+ #mode = 0666
+ #user =
+ #group =
+ }
+
+ # Postfix smtp-auth
+ #unix_listener /var/spool/postfix/private/auth {
+ # mode = 0666
+ #}
+
+ # Auth process is run as this user.
+ #user = $default_internal_user
+}
+
+service auth-worker {
+ # Auth worker process is run as root by default, so that it can access
+ # /etc/shadow. If this isn't necessary, the user should be changed to
+ # $default_internal_user.
+ #user = root
+}
+
+service dict {
+ # If dict proxy is used, mail processes should have access to its socket.
+ # For example: mode=0660, group=vmail and global mail_access_groups=vmail
+ unix_listener dict {
+ #mode = 0600
+ #user =
+ #group =
+ }
+}
--- /dev/null
+##
+## SSL settings
+##
+
+# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
+ssl = no
+
+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+# dropping root privileges, so keep the key file unreadable by anyone but
+# root. Included doc/mkcert.sh can be used to easily generate self-signed
+# certificate, just make sure to update the domains in dovecot-openssl.cnf
+#ssl_cert = </etc/dovecot/dovecot.pem
+#ssl_key = </etc/dovecot/private/dovecot.pem
+
+# If key file is password protected, give the password here. Alternatively
+# give it when starting dovecot with -p parameter. Since this file is often
+# world-readable, you may want to place this setting instead to a different
+# root owned 0600 file by using ssl_key_password = <path.
+#ssl_key_password =
+
+# PEM encoded trusted certificate authority. Set this only if you intend to use
+# ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
+# followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
+#ssl_ca =
+
+# Require that CRL check succeeds for client certificates.
+#ssl_require_crl = yes
+
+# Directory and/or file for trusted SSL CA certificates. These are used only
+# when Dovecot needs to act as an SSL client (e.g. imapc backend). The
+# directory is usually /etc/ssl/certs in Debian-based systems and the file is
+# /etc/pki/tls/cert.pem in RedHat-based systems.
+#ssl_client_ca_dir =
+#ssl_client_ca_file =
+
+# Request client to send a certificate. If you also want to require it, set
+# auth_ssl_require_client_cert=yes in auth section.
+#ssl_verify_client_cert = no
+
+# Which field from certificate to use for username. commonName and
+# x500UniqueIdentifier are the usual choices. You'll also need to set
+# auth_ssl_username_from_cert=yes.
+#ssl_cert_username_field = commonName
+
+# DH parameters length to use.
+#ssl_dh_parameters_length = 1024
+
+# SSL protocols to use
+#ssl_protocols = !SSLv2
+
+# SSL ciphers to use
+#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
+
+# Prefer the server's order of ciphers over client's.
+#ssl_prefer_server_ciphers = no
+
+# SSL crypto device to use, for valid values run "openssl engine"
+#ssl_crypto_device =
--- /dev/null
+# 10-tcpwrapper.conf
+#
+# service name for hosts.{allow|deny} are those defined as
+# inet_listener in master.conf
+#
+#login_access_sockets = tcpwrap
+#
+#service tcpwrap {
+# unix_listener login/tcpwrap {
+# group = $default_login_user
+# mode = 0600
+# user = $default_login_user
+# }
+#}
--- /dev/null
+##
+## LDA specific settings (also used by LMTP)
+##
+
+# Address to use when sending rejection mails.
+# Default is postmaster@<your domain>. %d expands to recipient domain.
+#postmaster_address =
+
+# Hostname to use in various parts of sent mails (e.g. in Message-Id) and
+# in LMTP replies. Default is the system's real hostname@domain.
+#hostname =
+
+# If user is over quota, return with temporary failure instead of
+# bouncing the mail.
+#quota_full_tempfail = no
+
+# Binary to use for sending mails.
+#sendmail_path = /usr/sbin/sendmail
+
+# If non-empty, send mails via this SMTP host[:port] instead of sendmail.
+#submission_host =
+
+# Subject: header to use for rejection mails. You can use the same variables
+# as for rejection_reason below.
+#rejection_subject = Rejected: %s
+
+# Human readable error message for rejection mails. You can use variables:
+# %n = CRLF, %r = reason, %s = original subject, %t = recipient
+#rejection_reason = Your message to <%t> was automatically rejected:%n%r
+
+# Delimiter character between local-part and detail in email address.
+#recipient_delimiter = +
+
+# Header where the original recipient address (SMTP's RCPT TO: address) is taken
+# from if not available elsewhere. With dovecot-lda -a parameter overrides this.
+# A commonly used header for this is X-Original-To.
+#lda_original_recipient_header =
+
+# Should saving a mail to a nonexistent mailbox automatically create it?
+#lda_mailbox_autocreate = no
+
+# Should automatically created mailboxes be also automatically subscribed?
+#lda_mailbox_autosubscribe = no
+
+protocol lda {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+}
--- /dev/null
+##
+## Mailbox definitions
+##
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+
+ #mailbox name {
+ # auto=create will automatically create this mailbox.
+ # auto=subscribe will both create and subscribe to the mailbox.
+ #auto = no
+
+ # Space separated list of IMAP SPECIAL-USE attributes as specified by
+ # RFC 6154: \All \Archive \Drafts \Flagged \Junk \Sent \Trash
+ #special_use =
+ #}
+
+ # These mailboxes are widely used and could perhaps be created automatically:
+ mailbox Drafts {
+ special_use = \Drafts
+ }
+ mailbox Junk {
+ special_use = \Junk
+ }
+ mailbox Trash {
+ special_use = \Trash
+ }
+
+ # For \Sent mailboxes there are two widely used names. We'll mark both of
+ # them as \Sent. User typically deletes one of them if duplicates are created.
+ mailbox Sent {
+ special_use = \Sent
+ }
+ mailbox "Sent Messages" {
+ special_use = \Sent
+ }
+
+ # If you have a virtual "All messages" mailbox:
+ #mailbox virtual/All {
+ # special_use = \All
+ #}
+
+ # If you have a virtual "Flagged" mailbox:
+ #mailbox virtual/Flagged {
+ # special_use = \Flagged
+ #}
+}
--- /dev/null
+##
+## IMAP specific settings
+##
+
+# Maximum IMAP command line length. Some clients generate very long command
+# lines with huge mailboxes, so you may need to raise this if you get
+# "Too long argument" or "IMAP command line too large" errors often.
+#imap_max_line_length = 64k
+
+# IMAP logout format string:
+# %i - total number of bytes read from client
+# %o - total number of bytes sent to client
+#imap_logout_format = in=%i out=%o
+
+# Override the IMAP CAPABILITY response. If the value begins with '+',
+# add the given capabilities on top of the defaults (e.g. +XFOO XBAR).
+#imap_capability =
+
+# How long to wait between "OK Still here" notifications when client is
+# IDLEing.
+#imap_idle_notify_interval = 2 mins
+
+# ID field names and values to send to clients. Using * as the value makes
+# Dovecot use the default value. The following fields have default values
+# currently: name, version, os, os-version, support-url, support-email.
+#imap_id_send =
+
+# ID fields sent by client to log. * means everything.
+#imap_id_log =
+
+# Workarounds for various client bugs:
+# delay-newmail:
+# Send EXISTS/RECENT new mail notifications only when replying to NOOP
+# and CHECK commands. Some clients ignore them otherwise, for example OSX
+# Mail (<v2.1). Outlook Express breaks more badly though, without this it
+# may show user "Message no longer in server" errors. Note that OE6 still
+# breaks even with this workaround if synchronization is set to
+# "Headers Only".
+# tb-extra-mailbox-sep:
+# Thunderbird gets somehow confused with LAYOUT=fs (mbox and dbox) and
+# adds extra '/' suffixes to mailbox names. This option causes Dovecot to
+# ignore the extra '/' instead of treating it as invalid mailbox name.
+# tb-lsub-flags:
+# Show \Noselect flags for LSUB replies with LAYOUT=fs (e.g. mbox).
+# This makes Thunderbird realize they aren't selectable and show them
+# greyed out, instead of only later giving "not selectable" popup error.
+#
+# The list is space-separated.
+#imap_client_workarounds =
+
+# Host allowed in URLAUTH URLs sent by client. "*" allows all.
+#imap_urlauth_host =
+
+protocol imap {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+
+ # Maximum number of IMAP connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+}
--- /dev/null
+##
+## LMTP specific settings
+##
+
+# Support proxying to other LMTP/SMTP servers by performing passdb lookups.
+#lmtp_proxy = no
+
+# When recipient address includes the detail (e.g. user+detail), try to save
+# the mail to the detail mailbox. See also recipient_delimiter and
+# lda_mailbox_autocreate settings.
+#lmtp_save_to_detail_mailbox = no
+
+# Verify quota before replying to RCPT TO. This adds a small overhead.
+#lmtp_rcpt_check_quota = no
+
+protocol lmtp {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+}
+
\ No newline at end of file
--- /dev/null
+##
+## ManageSieve specific settings
+##
+
+# Uncomment to enable managesieve protocol:
+protocols = $protocols sieve
+
+# Service definitions
+
+service managesieve-login {
+ inet_listener sieve {
+ port = 4190
+ }
+
+ #inet_listener sieve_deprecated {
+ # port = 2000
+ #}
+
+ # Number of connections to handle before starting a new process. Typically
+ # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+ # is faster. <doc/wiki/LoginProcess.txt>
+ service_count = 1
+
+ # Number of processes to always keep waiting for more connections.
+ process_min_avail = 0
+
+ # If you set service_count=0, you probably need to grow this.
+ vsz_limit = 64M
+}
+
+service managesieve {
+ # Max. number of ManageSieve processes (connections)
+ process_limit = 1024
+}
+
+# Service configuration
+
+protocol sieve {
+ # Maximum ManageSieve command line length in bytes. ManageSieve usually does
+ # not involve overly long command lines, so this setting will not normally
+ # need adjustment
+ #managesieve_max_line_length = 65536
+
+ # Maximum number of ManageSieve connections allowed for a user from each IP
+ # address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+
+ # Space separated list of plugins to load (none known to be useful so far).
+ # Do NOT try to load IMAP plugins here.
+ #mail_plugins =
+
+ # MANAGESIEVE logout format string:
+ # %i - total number of bytes read from client
+ # %o - total number of bytes sent to client
+ #managesieve_logout_format = bytes=%i/%o
+
+ # To fool ManageSieve clients that are focused on CMU's timesieved you can
+ # specify the IMPLEMENTATION capability that Dovecot reports to clients.
+ # For example: 'Cyrus timsieved v2.2.13'
+ #managesieve_implementation_string = Dovecot Pigeonhole
+
+ # Explicitly specify the SIEVE and NOTIFY capability reported by the server
+ # before login. If left unassigned these will be reported dynamically
+ # according to what the Sieve interpreter supports by default (after login
+ # this may differ depending on the user).
+ #managesieve_sieve_capability =
+ #managesieve_notify_capability =
+
+ # The maximum number of compile errors that are returned to the client upon
+ # script upload or script verification.
+ #managesieve_max_compile_errors = 5
+
+ # Refer to 90-sieve.conf for script quota configuration and configuration of
+ # Sieve execution limits.
+}
--- /dev/null
+##
+## POP3 specific settings
+##
+
+# Don't try to set mails non-recent or seen with POP3 sessions. This is
+# mostly intended to reduce disk I/O. With maildir it doesn't move files
+# from new/ to cur/, with mbox it doesn't write Status-header.
+#pop3_no_flag_updates = no
+
+# Support LAST command which exists in old POP3 specs, but has been removed
+# from new ones. Some clients still wish to use this though. Enabling this
+# makes RSET command clear all \Seen flags from messages.
+#pop3_enable_last = no
+
+# If mail has X-UIDL header, use it as the mail's UIDL.
+#pop3_reuse_xuidl = no
+
+# Allow only one POP3 session to run simultaneously for the same user.
+#pop3_lock_session = no
+
+# POP3 requires message sizes to be listed as if they had CR+LF linefeeds.
+# Many POP3 servers violate this by returning the sizes with LF linefeeds,
+# because it's faster to get. When this setting is enabled, Dovecot still
+# tries to do the right thing first, but if that requires opening the
+# message, it fallbacks to the easier (but incorrect) size.
+#pop3_fast_size_lookups = no
+
+# POP3 UIDL (unique mail identifier) format to use. You can use following
+# variables, along with the variable modifiers described in
+# doc/wiki/Variables.txt (e.g. %Uf for the filename in uppercase)
+#
+# %v - Mailbox's IMAP UIDVALIDITY
+# %u - Mail's IMAP UID
+# %m - MD5 sum of the mailbox headers in hex (mbox only)
+# %f - filename (maildir only)
+# %g - Mail's GUID
+#
+# If you want UIDL compatibility with other POP3 servers, use:
+# UW's ipop3d : %08Xv%08Xu
+# Courier : %f or %v-%u (both might be used simultaneosly)
+# Cyrus (<= 2.1.3) : %u
+# Cyrus (>= 2.1.4) : %v.%u
+# Dovecot v0.99.x : %v.%u
+# tpop3d : %Mf
+#
+# Note that Outlook 2003 seems to have problems with %v.%u format which was
+# Dovecot's default, so if you're building a new server it would be a good
+# idea to change this. %08Xu%08Xv should be pretty fail-safe.
+#
+#pop3_uidl_format = %08Xu%08Xv
+
+# Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+# won't change those UIDLs. Currently this works only with Maildir.
+#pop3_save_uidl = no
+
+# What to do about duplicate UIDLs if they exist?
+# allow: Show duplicates to clients.
+# rename: Append a temporary -2, -3, etc. counter after the UIDL.
+#pop3_uidl_duplicates = allow
+
+# This option changes POP3 behavior so that it's not possible to actually
+# delete mails via POP3, only hide them from future POP3 sessions. The mails
+# will still be counted towards user's quota until actually deleted via IMAP.
+# Use e.g. "$POP3Deleted" as the value (it will be visible as IMAP keyword).
+# Make sure you can legally archive mails before enabling this setting.
+#pop3_deleted_flag =
+
+# POP3 logout format string:
+# %i - total number of bytes read from client
+# %o - total number of bytes sent to client
+# %t - number of TOP commands
+# %p - number of bytes sent to client as a result of TOP command
+# %r - number of RETR commands
+# %b - number of bytes sent to client as a result of RETR command
+# %d - number of deleted messages
+# %m - number of messages (before deletion)
+# %s - mailbox size in bytes (before deletion)
+# %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+#pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+# Workarounds for various client bugs:
+# outlook-no-nuls:
+# Outlook and Outlook Express hang if mails contain NUL characters.
+# This setting replaces them with 0x80 character.
+# oe-ns-eoh:
+# Outlook Express and Netscape Mail breaks if end of headers-line is
+# missing. This option simply sends it if it's missing.
+# The list is space-separated.
+#pop3_client_workarounds =
+
+protocol pop3 {
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+
+ # Maximum number of POP3 connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+}
--- /dev/null
+##
+## Mailbox access control lists.
+##
+
+# vfile backend reads ACLs from "dovecot-acl" file from mail directory.
+# You can also optionally give a global ACL directory path where ACLs are
+# applied to all users' mailboxes. The global ACL directory contains
+# one file for each mailbox, eg. INBOX or sub.mailbox. cache_secs parameter
+# specifies how many seconds to wait between stat()ing dovecot-acl file
+# to see if it changed.
+plugin {
+ #acl = vfile:/etc/dovecot/global-acls:cache_secs=300
+}
+
+# To let users LIST mailboxes shared by other users, Dovecot needs a
+# shared mailbox dictionary. For example:
+plugin {
+ #acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
+}
--- /dev/null
+##
+## Plugin settings
+##
+
+# All wanted plugins must be listed in mail_plugins setting before any of the
+# settings take effect. See <doc/wiki/Plugins.txt> for list of plugins and
+# their configuration. Note that %variable expansion is done for all values.
+
+plugin {
+ #setting_name = value
+}
--- /dev/null
+##
+## Quota configuration.
+##
+
+# Note that you also have to enable quota plugin in mail_plugins setting.
+# <doc/wiki/Quota.txt>
+
+##
+## Quota limits
+##
+
+# Quota limits are set using "quota_rule" parameters. To get per-user quota
+# limits, you can set/override them by returning "quota_rule" extra field
+# from userdb. It's also possible to give mailbox-specific limits, for example
+# to give additional 100 MB when saving to Trash:
+
+plugin {
+ #quota_rule = *:storage=1G
+ #quota_rule2 = Trash:storage=+100M
+
+ # LDA/LMTP allows saving the last mail to bring user from under quota to
+ # over quota, if the quota doesn't grow too high. Default is to allow as
+ # long as quota will stay under 10% above the limit. Also allowed e.g. 10M.
+ #quota_grace = 10%%
+}
+
+##
+## Quota warnings
+##
+
+# You can execute a given command when user exceeds a specified quota limit.
+# Each quota root has separate limits. Only the command for the first
+# exceeded limit is excecuted, so put the highest limit first.
+# The commands are executed via script service by connecting to the named
+# UNIX socket (quota-warning below).
+# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
+
+plugin {
+ #quota_warning = storage=95%% quota-warning 95 %u
+ #quota_warning2 = storage=80%% quota-warning 80 %u
+}
+
+# Example quota-warning service. The unix listener's permissions should be
+# set in a way that mail processes can connect to it. Below example assumes
+# that mail processes run as vmail user. If you use mode=0666, all system users
+# can generate quota warnings to anyone.
+#service quota-warning {
+# executable = script /usr/local/bin/quota-warning.sh
+# user = dovecot
+# unix_listener quota-warning {
+# user = vmail
+# }
+#}
+
+##
+## Quota backends
+##
+
+# Multiple backends are supported:
+# dirsize: Find and sum all the files found from mail directory.
+# Extremely SLOW with Maildir. It'll eat your CPU and disk I/O.
+# dict: Keep quota stored in dictionary (eg. SQL)
+# maildir: Maildir++ quota
+# fs: Read-only support for filesystem quota
+
+plugin {
+ #quota = dirsize:User quota
+ #quota = maildir:User quota
+ #quota = dict:User quota::proxy::quota
+ #quota = fs:User quota
+}
+
+# Multiple quota roots are also possible, for example this gives each user
+# their own 100MB quota and one shared 1GB quota within the domain:
+plugin {
+ #quota = dict:user::proxy::quota
+ #quota2 = dict:domain:%d:proxy::quota_domain
+ #quota_rule = *:storage=102400
+ #quota2_rule = *:storage=1048576
+}
--- /dev/null
+# Sieve Extprograms plugin configuration
+
+# Don't forget to add the sieve_extprograms plugin to the sieve_plugins setting.
+# Also enable the extensions you need (one or more of vnd.dovecot.pipe,
+# vnd.dovecot.filter and vnd.dovecot.execute) by adding these to the
+# sieve_extensions or sieve_global_extensions settings. Restricting these
+# extensions to a global context using sieve_global_extensions is recommended.
+
+plugin {
+
+ # The directory where the program sockets are located for the
+ # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+ # respectively. The name of each unix socket contained in that directory
+ # directly maps to a program-name referenced from the Sieve script.
+ #sieve_pipe_socket_dir = sieve-pipe
+ #sieve_filter_socket_dir = sieve-filter
+ #sieve_execute_socket_dir = sieve-execute
+
+ # The directory where the scripts are located for direct execution by the
+ # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+ # respectively. The name of each script contained in that directory
+ # directly maps to a program-name referenced from the Sieve script.
+ #sieve_pipe_bin_dir = /usr/lib/dovecot/sieve-pipe
+ #sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
+ #sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
+}
+
+# An example program service called 'do-something' to pipe messages to
+#service do-something {
+ # Define the executed script as parameter to the sieve service
+ #executable = script /usr/lib/dovecot/sieve-pipe/do-something.sh
+
+ # Use some unprivileged user for executing the program
+ #user = dovenull
+
+ # The unix socket located in the sieve_pipe_socket_dir (as defined in the
+ # plugin {} section above)
+ #unix_listener sieve-pipe/do-something {
+ # LDA/LMTP must have access
+ # user = vmail
+ # mode = 0600
+ #}
+#}
+
--- /dev/null
+##
+## Settings for the Sieve interpreter
+##
+
+# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
+# by adding it to the respective mail_plugins= settings.
+
+plugin {
+ # The path to the user's main active script. If ManageSieve is used, this the
+ # location of the symbolic link controlled by ManageSieve.
+ sieve = ~/.dovecot.sieve
+
+ # The default Sieve script when the user has none. This is a path to a global
+ # sieve script file, which gets executed ONLY if user's private Sieve script
+ # doesn't exist. Be sure to pre-compile this script manually using the sievec
+ # command line tool.
+ # --> See sieve_before fore executing scripts before the user's personal
+ # script.
+ #sieve_default = /var/lib/dovecot/sieve/default.sieve
+
+ # Directory for :personal include scripts for the include extension. This
+ # is also where the ManageSieve service stores the user's scripts.
+ sieve_dir = ~/sieve
+
+ # Directory for :global include scripts for the include extension.
+ #sieve_global_dir =
+
+ # Path to a script file or a directory containing script files that need to be
+ # executed before the user's script. If the path points to a directory, all
+ # the Sieve scripts contained therein (with the proper .sieve extension) are
+ # executed. The order of execution within a directory is determined by the
+ # file names, using a normal 8bit per-character comparison. Multiple script
+ # file or directory paths can be specified by appending an increasing number.
+ #sieve_before =
+ #sieve_before2 =
+ #sieve_before3 = (etc...)
+
+ # Identical to sieve_before, only the specified scripts are executed after the
+ # user's script (only when keep is still in effect!). Multiple script file or
+ # directory paths can be specified by appending an increasing number.
+ #sieve_after =
+ #sieve_after2 =
+ #sieve_after2 = (etc...)
+
+ # Which Sieve language extensions are available to users. By default, all
+ # supported extensions are available, except for deprecated extensions or
+ # those that are still under development. Some system administrators may want
+ # to disable certain Sieve extensions or enable those that are not available
+ # by default. This setting can use '+' and '-' to specify differences relative
+ # to the default. For example `sieve_extensions = +imapflags' will enable the
+ # deprecated imapflags extension in addition to all extensions were already
+ # enabled by default.
+ #sieve_extensions = +notify +imapflags
+
+ # Which Sieve language extensions are ONLY available in global scripts. This
+ # can be used to restrict the use of certain Sieve extensions to administrator
+ # control, for instance when these extensions can cause security concerns.
+ # This setting has higher precedence than the `sieve_extensions' setting
+ # (above), meaning that the extensions enabled with this setting are never
+ # available to the user's personal script no matter what is specified for the
+ # `sieve_extensions' setting. The syntax of this setting is similar to the
+ # `sieve_extensions' setting, with the difference that extensions are
+ # enabled or disabled for exclusive use in global scripts. Currently, no
+ # extensions are marked as such by default.
+ #sieve_global_extensions =
+
+ # The Pigeonhole Sieve interpreter can have plugins of its own. Using this
+ # setting, the used plugins can be specified. Check the Dovecot wiki
+ # (wiki2.dovecot.org) or the pigeonhole website
+ # (http://pigeonhole.dovecot.org) for available plugins.
+ # The sieve_extprograms plugin is included in this release.
+ #sieve_plugins =
+
+ # The separator that is expected between the :user and :detail
+ # address parts introduced by the subaddress extension. This may
+ # also be a sequence of characters (e.g. '--'). The current
+ # implementation looks for the separator from the left of the
+ # localpart and uses the first one encountered. The :user part is
+ # left of the separator and the :detail part is right. This setting
+ # is also used by Dovecot's LMTP service.
+ #recipient_delimiter = +
+
+ # The maximum size of a Sieve script. The compiler will refuse to compile any
+ # script larger than this limit. If set to 0, no limit on the script size is
+ # enforced.
+ #sieve_max_script_size = 1M
+
+ # The maximum number of actions that can be performed during a single script
+ # execution. If set to 0, no limit on the total number of actions is enforced.
+ #sieve_max_actions = 32
+
+ # The maximum number of redirect actions that can be performed during a single
+ # script execution. If set to 0, no redirect actions are allowed.
+ #sieve_max_redirects = 4
+
+ # The maximum number of personal Sieve scripts a single user can have. If set
+ # to 0, no limit on the number of scripts is enforced.
+ # (Currently only relevant for ManageSieve)
+ #sieve_quota_max_scripts = 0
+
+ # The maximum amount of disk storage a single user's scripts may occupy. If
+ # set to 0, no limit on the used amount of disk storage is enforced.
+ # (Currently only relevant for ManageSieve)
+ #sieve_quota_max_storage = 0
+}
--- /dev/null
+# Authentication for checkpassword users. Included from 10-auth.conf.
+#
+# <doc/wiki/AuthDatabase.CheckPassword.txt>
+
+passdb {
+ driver = checkpassword
+ args = /usr/bin/checkpassword
+}
+
+# passdb lookup should return also userdb info
+userdb {
+ driver = prefetch
+}
+
+# Standard checkpassword doesn't support direct userdb lookups.
+# If you need checkpassword userdb, the checkpassword must support
+# Dovecot-specific extensions.
+#userdb {
+# driver = checkpassword
+# args = /usr/bin/checkpassword
+#}
--- /dev/null
+# Deny access for users. Included from 10-auth.conf.
+
+# Users can be (temporarily) disabled by adding a passdb with deny=yes.
+# If the user is found from that database, authentication will fail.
+# The deny passdb should always be specified before others, so it gets
+# checked first.
+
+# Example deny passdb using passwd-file. You can use any passdb though.
+passdb {
+ driver = passwd-file
+ deny = yes
+
+ # File contains a list of usernames, one per line
+ args = /etc/dovecot/deny-users
+}
--- /dev/null
+# Authentication via dict backend. Included from 10-auth.conf.
+#
+# <doc/wiki/AuthDatabase.Dict.txt>
+
+passdb {
+ driver = dict
+
+ # Path for dict configuration file, see
+ # example-config/dovecot-dict-auth.conf.ext
+ args = /etc/dovecot/dovecot-dict-auth.conf.ext
+}
+
+userdb {
+ driver = dict
+ args = /etc/dovecot/dovecot-dict-auth.conf.ext
+}
--- /dev/null
+# Authentication for master users. Included from 10-auth.conf.
+
+# By adding master=yes setting inside a passdb you make the passdb a list
+# of "master users", who can log in as anyone else.
+# <doc/wiki/Authentication.MasterUsers.txt>
+
+# Example master user passdb using passwd-file. You can use any passdb though.
+passdb {
+ driver = passwd-file
+ master = yes
+ args = /etc/dovecot/master-users
+
+ # Unless you're using PAM, you probably still want the destination user to
+ # be looked up from passdb that it really exists. pass=yes does that.
+ pass = yes
+}
--- /dev/null
+# Authentication for passwd-file users. Included from 10-auth.conf.
+#
+# passwd-like file with specified location.
+# <doc/wiki/AuthDatabase.PasswdFile.txt>
+
+passdb {
+ driver = passwd-file
+ args = scheme=CRYPT username_format=%u /etc/dovecot/users
+}
+
+userdb {
+ driver = passwd-file
+ args = username_format=%u /etc/dovecot/users
+
+ # Default fields that can be overridden by passwd-file
+ #default_fields = quota_rule=*:storage=1G
+
+ # Override fields from passwd-file
+ #override_fields = home=/home/virtual/%u
+}
--- /dev/null
+# Authentication for SQL users. Included from 10-auth.conf.
+#
+# <doc/wiki/AuthDatabase.SQL.txt>
+
+passdb {
+ driver = sql
+
+ # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
+ args = /etc/dovecot/dovecot-sql.conf.ext
+}
+
+# "prefetch" user database means that the passdb already provided the
+# needed information and there's no need to do a separate userdb lookup.
+# <doc/wiki/UserDatabase.Prefetch.txt>
+#userdb {
+# driver = prefetch
+#}
+
+userdb {
+ driver = sql
+ args = /etc/dovecot/dovecot-sql.conf.ext
+}
+
+# If you don't have any user-specific settings, you can avoid the user_query
+# by using userdb static instead of userdb sql, for example:
+# <doc/wiki/UserDatabase.Static.txt>
+#userdb {
+ #driver = static
+ #args = uid=vmail gid=vmail home=/var/vmail/%u
+#}
--- /dev/null
+# Static passdb. Included from 10-auth.conf.
+
+# This can be used for situations where Dovecot doesn't need to verify the
+# username or the password, or if there is a single password for all users:
+#
+# - proxy frontend, where the backend verifies the password
+# - proxy backend, where the frontend already verified the password
+# - authentication with SSL certificates
+# - simple testing
+
+#passdb {
+# driver = static
+# args = proxy=y host=%1Mu.example.com nopassword=y
+#}
+
+#passdb {
+# driver = static
+# args = password=test
+#}
+
+#userdb {
+# driver = static
+# args = uid=vmail gid=vmail home=/home/%u
+#}
--- /dev/null
+# Authentication for system users. Included from 10-auth.conf.
+#
+# <doc/wiki/PasswordDatabase.txt>
+# <doc/wiki/UserDatabase.txt>
+
+# PAM authentication. Preferred nowadays by most systems.
+# PAM is typically used with either userdb passwd or userdb static.
+# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
+# authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
+passdb {
+ driver = pam
+ # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
+ # [cache_key=<key>] [<service name>]
+ #args = dovecot
+}
+
+# System users (NSS, /etc/passwd, or similiar).
+# In many systems nowadays this uses Name Service Switch, which is
+# configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
+#passdb {
+ #driver = passwd
+ # [blocking=no]
+ #args =
+#}
+
+# Shadow passwords for system users (NSS, /etc/shadow or similiar).
+# Deprecated by PAM nowadays.
+# <doc/wiki/PasswordDatabase.Shadow.txt>
+#passdb {
+ #driver = shadow
+ # [blocking=no]
+ #args =
+#}
+
+# PAM-like authentication for OpenBSD.
+# <doc/wiki/PasswordDatabase.BSDAuth.txt>
+#passdb {
+ #driver = bsdauth
+ # [blocking=no] [cache_key=<key>]
+ #args =
+#}
+
+##
+## User databases
+##
+
+# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
+# uses Name Service Switch, which is configured in /etc/nsswitch.conf.
+userdb {
+ # <doc/wiki/AuthDatabase.Passwd.txt>
+ driver = passwd
+ # [blocking=no]
+ #args =
+
+ # Override fields from passwd
+ #override_fields = home=/home/virtual/%u
+}
+
+# Static settings generated from template <doc/wiki/UserDatabase.Static.txt>
+#userdb {
+ #driver = static
+ # Can return anything a userdb could normally return. For example:
+ #
+ # args = uid=500 gid=500 home=/var/mail/%u
+ #
+ # LDA and LMTP needs to look up users only from the userdb. This of course
+ # doesn't work with static userdb because there is no list of users.
+ # Normally static userdb handles this by doing a passdb lookup. This works
+ # with most passdbs, with PAM being the most notable exception. If you do
+ # the user verification another way, you can add allow_all_users=yes to
+ # the args in which case the passdb lookup is skipped.
+ #
+ #args =
+#}
--- /dev/null
+# Authentication for vpopmail users. Included from 10-auth.conf.
+#
+# <doc/wiki/AuthDatabase.VPopMail.txt>
+
+passdb {
+ driver = vpopmail
+
+ # [cache_key=<key>] [webmail=<ip>]
+ args =
+}
+
+userdb {
+ driver = vpopmail
+
+ # [quota_template=<template>] - %q expands to Maildir++ quota
+ args = quota_template=quota_rule=*:backend=%q
+}
--- /dev/null
+# This file is commonly accessed via passdb {} or userdb {} section in
+# conf.d/auth-dict.conf.ext
+
+# Dictionary URI
+#uri =
+
+# Default password scheme
+default_pass_scheme = MD5
+
+# Username iteration prefix. Keys under this are assumed to contain usernames.
+iterate_prefix = userdb/
+
+# Should iteration be disabled for this userdb? If this userdb acts only as a
+# cache there's no reason to try to iterate the (partial & duplicate) users.
+#iterate_disable = no
+
+# The example here shows how to do multiple dict lookups and merge the replies.
+# The "passdb" and "userdb" keys are JSON objects containing key/value pairs,
+# for example: { "uid": 1000, "gid": 1000, "home": "/home/user" }
+
+key passdb {
+ key = passdb/%u
+ format = json
+}
+key userdb {
+ key = userdb/%u
+ format = json
+}
+key quota {
+ key = userdb/%u/quota
+ #format = value
+ # The default_value is used if the key isn't found. If default_value setting
+ # isn't specified at all (even as empty), the passdb/userdb lookup fails with
+ # "user doesn't exist".
+ default_value = 100M
+}
+
+# Space separated list of keys whose values contain key/value paired objects.
+# All the key/value pairs inside the object are added as passdb fields.
+passdb_objects = passdb
+
+#passdb_fields {
+#}
+
+# Userdb key/value object list.
+userdb_objects = userdb
+
+userdb_fields {
+ # dict:<key> refers to key names
+ quota_rule = *:storage=%{dict:quota}
+
+ # dict:<key>.<objkey> refers to the objkey inside (JSON) object
+ mail = maildir:%{dict:userdb.home}/Maildir
+}
--- /dev/null
+# This file is commonly accessed via dict {} section in dovecot.conf
+
+#connect = host=localhost dbname=mails user=testuser password=pass
+
+# CREATE TABLE quota (
+# username varchar(100) not null,
+# bytes bigint not null default 0,
+# messages integer not null default 0,
+# primary key (username)
+# );
+
+map {
+ pattern = priv/quota/storage
+ table = quota
+ username_field = username
+ value_field = bytes
+}
+map {
+ pattern = priv/quota/messages
+ table = quota
+ username_field = username
+ value_field = messages
+}
+
+# CREATE TABLE expires (
+# username varchar(100) not null,
+# mailbox varchar(255) not null,
+# expire_stamp integer not null,
+# primary key (username, mailbox)
+# );
+
+map {
+ pattern = shared/expire/$user/$mailbox
+ table = expires
+ value_field = expire_stamp
+
+ fields {
+ username = $user
+ mailbox = $mailbox
+ }
+}
--- /dev/null
+driver = mysql
+default_pass_scheme = CRYPT
+connect = host=127.0.0.1 dbname=vmail user=vmail password=511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+# Required by 'doveadm mailbox ...'.
+iterate_query = SELECT username AS user FROM mailbox
+password_query = SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active=1
+user_query = SELECT \
+ '%u' AS master_user, \
+ CONCAT(mailbox.storagebasedirectory, '/', mailbox.storagenode, '/', mailbox.maildir) AS home, \
+ CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule \
+FROM mailbox,domain \
+WHERE mailbox.username='%u' \
+ AND mailbox.domain='%d' \
+ AND mailbox.`enable%Ls%Lc`=1 \
+ AND mailbox.domain=domain.domain \
+ AND domain.backupmx=0 \
+ AND domain.active=1 \
+ AND mailbox.active=1
--- /dev/null
+connect = host=127.0.0.1 dbname=vmail user=vmailadmin password=sqHfGqnVpWY9DxN4mpvm6WlqAnu3D0
+map {
+ pattern = shared/shared-boxes/user/$to/$from
+ table = share_folder
+ value_field = dummy
+
+ fields {
+ from_user = $from
+ to_user = $to
+ }
+}
+
+# To share mailbox to anyone, please uncomment 'acl_anyone = allow' in
+# dovecot.conf
+map {
+ pattern = shared/shared-boxes/anyone/$from
+ table = anyone_shares
+ value_field = dummy
+ fields {
+ from_user = $from
+ }
+}
--- /dev/null
+# This file is commonly accessed via passdb {} or userdb {} section in
+# conf.d/auth-sql.conf.ext
+
+# This file is opened as root, so it should be owned by root and mode 0600.
+#
+# http://wiki2.dovecot.org/AuthDatabase/SQL
+#
+# For the sql passdb module, you'll need a database with a table that
+# contains fields for at least the username and password. If you want to
+# use the user@domain syntax, you might want to have a separate domain
+# field as well.
+#
+# If your users all have the same uig/gid, and have predictable home
+# directories, you can use the static userdb module to generate the home
+# dir based on the username and domain. In this case, you won't need fields
+# for home, uid, or gid in the database.
+#
+# If you prefer to use the sql userdb module, you'll want to add fields
+# for home, uid, and gid. Here is an example table:
+#
+# CREATE TABLE users (
+# username VARCHAR(128) NOT NULL,
+# domain VARCHAR(128) NOT NULL,
+# password VARCHAR(64) NOT NULL,
+# home VARCHAR(255) NOT NULL,
+# uid INTEGER NOT NULL,
+# gid INTEGER NOT NULL,
+# active CHAR(1) DEFAULT 'Y' NOT NULL
+# );
+
+# Database driver: mysql, pgsql, sqlite
+#driver =
+
+# Database connection string. This is driver-specific setting.
+#
+# HA / round-robin load-balancing is supported by giving multiple host
+# settings, like: host=sql1.host.org host=sql2.host.org
+#
+# pgsql:
+# For available options, see the PostgreSQL documention for the
+# PQconnectdb function of libpq.
+# Use maxconns=n (default 5) to change how many connections Dovecot can
+# create to pgsql.
+#
+# mysql:
+# Basic options emulate PostgreSQL option names:
+# host, port, user, password, dbname
+#
+# But also adds some new settings:
+# client_flags - See MySQL manual
+# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
+# ssl_cert, ssl_key - For sending client-side certificates to server
+# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
+# ssl_verify_server_cert - Verify that the name in the server SSL certificate
+# matches the host (default: no)
+# option_file - Read options from the given file instead of
+# the default my.cnf location
+# option_group - Read options from the given group (default: client)
+#
+# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
+# Note that currently you can't use spaces in parameters.
+#
+# sqlite:
+# The path to the database file.
+#
+# Examples:
+# connect = host=192.168.1.1 dbname=users
+# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
+# connect = /etc/dovecot/authdb.sqlite
+#
+#connect =
+
+# Default password scheme.
+#
+# List of supported schemes is in
+# http://wiki2.dovecot.org/Authentication/PasswordSchemes
+#
+#default_pass_scheme = MD5
+
+# passdb query to retrieve the password. It can return fields:
+# password - The user's password. This field must be returned.
+# user - user@domain from the database. Needed with case-insensitive lookups.
+# username and domain - An alternative way to represent the "user" field.
+#
+# The "user" field is often necessary with case-insensitive lookups to avoid
+# e.g. "name" and "nAme" logins creating two different mail directories. If
+# your user and domain names are in separate fields, you can return "username"
+# and "domain" fields instead of "user".
+#
+# The query can also return other fields which have a special meaning, see
+# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
+#
+# Commonly used available substitutions (see http://wiki2.dovecot.org/Variables
+# for full list):
+# %u = entire user@domain
+# %n = user part of user@domain
+# %d = domain part of user@domain
+#
+# Note that these can be used only as input to SQL query. If the query outputs
+# any of these substitutions, they're not touched. Otherwise it would be
+# difficult to have eg. usernames containing '%' characters.
+#
+# Example:
+# password_query = SELECT userid AS user, pw AS password \
+# FROM users WHERE userid = '%u' AND active = 'Y'
+#
+#password_query = \
+# SELECT username, domain, password \
+# FROM users WHERE username = '%n' AND domain = '%d'
+
+# userdb query to retrieve the user information. It can return fields:
+# uid - System UID (overrides mail_uid setting)
+# gid - System GID (overrides mail_gid setting)
+# home - Home directory
+# mail - Mail location (overrides mail_location setting)
+#
+# None of these are strictly required. If you use a single UID and GID, and
+# home or mail directory fits to a template string, you could use userdb static
+# instead. For a list of all fields that can be returned, see
+# http://wiki2.dovecot.org/UserDatabase/ExtraFields
+#
+# Examples:
+# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
+# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
+# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
+#
+#user_query = \
+# SELECT home, uid, gid \
+# FROM users WHERE username = '%n' AND domain = '%d'
+
+# If you wish to avoid two SQL lookups (passdb + userdb), you can use
+# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
+# also have to return userdb fields in password_query prefixed with "userdb_"
+# string. For example:
+#password_query = \
+# SELECT userid AS user, password, \
+# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
+# FROM users WHERE userid = '%u'
+
+# Query to get a list of all usernames.
+#iterate_query = SELECT username AS user FROM users
--- /dev/null
+connect = host=127.0.0.1 dbname=vmail user=vmailadmin password=sqHfGqnVpWY9DxN4mpvm6WlqAnu3D0
+map {
+ pattern = priv/quota/storage
+ table = used_quota
+ username_field = username
+ value_field = bytes
+}
+map {
+ pattern = priv/quota/messages
+ table = used_quota
+ username_field = username
+ value_field = messages
+}
--- /dev/null
+
+# Listen addresses.
+# - '*' means all available IPv4 addresses.
+# - '[::]' means all available IPv6 addresses.
+# Listen on all available addresses by default
+listen = * [::]
+
+#base_dir = /var/run/dovecot
+mail_plugins = quota mailbox_alias acl
+
+# Enabled mail protocols.
+protocols = pop3 imap sieve lmtp
+
+# User/group who owns the message files:
+mail_uid = 2000
+mail_gid = 2000
+
+# Assign uid to virtual users.
+first_valid_uid = 2000
+last_valid_uid = 2000
+
+# Logging. Reference: http://wiki2.dovecot.org/Logging
+log_path = /var/log/dovecot.log
+
+# Debug
+#mail_debug = yes
+#auth_verbose = yes
+#auth_debug = yes
+#auth_debug_passwords = yes
+# Possible values: no, plain, sha1.
+#auth_verbose_passwords = no
+
+# SSL: Global settings.
+# Refer to wiki site for per protocol, ip, server name SSL settings:
+# http://wiki2.dovecot.org/SSL/DovecotConfiguration
+ssl_protocols = !SSLv2 !SSLv3
+ssl = required
+verbose_ssl = no
+#ssl_ca = </path/to/ca
+ssl_cert = </etc/ssl/certs/iRedMail.crt
+ssl_key = </etc/ssl/private/iRedMail.key
+
+# Fix 'The Logjam Attack'
+ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
+# Dovecot 2.2.6 or greater:
+# Specify the wanted DH parameters length
+ssl_dh_parameters_length = 2048
+ssl_prefer_server_ciphers = yes
+
+# IP ranges specified by login_trusted_networks setting are assumed to be secure.
+#login_trusted_networks = 127.0.0.1
+
+# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory.
+# Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted
+# insecurely.
+disable_plaintext_auth = yes
+# Allow plain text password per IP address/net
+#remote 192.168.0.0/24 {
+# disable_plaintext_auth = no
+#}
+
+# Mail location and mailbox format.
+mail_location = maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/
+
+# Authentication related settings.
+# Append this domain name if client gives empty realm.
+auth_default_realm = uhu-banane.net
+
+# Authentication mechanisms.
+auth_mechanisms = PLAIN LOGIN
+
+# Limits the number of users that can be logging in at the same time.
+# Default is 100. This can be overridden by `process_limit =` in
+# `service [protocol]` block.
+# e.g.
+# protocol imap-login {
+# ...
+# process_limit = 500
+# }
+#default_process_limit = 100
+
+service auth {
+ unix_listener /var/spool/postfix/private/dovecot-auth {
+ user = postfix
+ group = postfix
+ mode = 0666
+ }
+ unix_listener auth-master {
+ user = vmail
+ group = vmail
+ mode = 0666
+ }
+ unix_listener auth-userdb {
+ user = vmail
+ group = vmail
+ mode = 0660
+ }
+}
+
+# LMTP server (Local Mail Transfer Protocol).
+# Reference: http://wiki2.dovecot.org/LMTP
+service lmtp {
+ user = vmail
+
+ # For higher volume sites, it may be desirable to increase the number of
+ # active listener processes. A range of 5 to 20 is probably good for most
+ # sites.
+ process_min_avail = 5
+
+ # Logging.
+ # Require 'info_log_path =' in 'protocol lmtp {}' block.
+ executable = lmtp -L
+
+ # Listening on socket file and TCP
+ unix_listener /var/spool/postfix/private/dovecot-lmtp {
+ user = postfix
+ group = postfix
+ mode = 0600
+ }
+
+ inet_listener lmtp {
+ # Listen on localhost (ipv4)
+ address = 127.0.0.1
+ port = 24
+ }
+}
+
+# Virtual mail accounts.
+userdb {
+ args = /etc/dovecot/dovecot-mysql.conf
+ driver = sql
+}
+passdb {
+ args = /etc/dovecot/dovecot-mysql.conf
+ driver = sql
+}
+
+# Master user.
+# Master users are able to log in as other users. It's also possible to
+# directly log in as any user using a master password, although this isn't
+# recommended.
+# Reference: http://wiki2.dovecot.org/Authentication/MasterUsers
+auth_master_user_separator = *
+passdb {
+ driver = passwd-file
+ args = /etc/dovecot/dovecot-master-users
+ master = yes
+}
+
+plugin {
+ auth_socket_path = /var/run/dovecot/auth-master
+
+ # Quota configuration.
+ # Reference: http://wiki2.dovecot.org/Quota/Configuration
+ quota = dict:user::proxy::quotadict
+ quota_rule = *:storage=1G
+ #quota_rule2 = *:messages=0
+ #quota_rule3 = Trash:storage=1G
+ #quota_rule4 = Junk:ignore
+
+ # Quota warning.
+ #
+ # If user suddenly receives a huge mail and the quota jumps from
+ # 85% to 95%, only the 95% script is executed.
+ #
+ # Only the command for the first exceeded limit is executed, so configure
+ # the highest limit first.
+ quota_warning = storage=100%% quota-warning 100 %u
+ quota_warning2 = storage=95%% quota-warning 95 %u
+ quota_warning3 = storage=90%% quota-warning 90 %u
+ quota_warning4 = storage=85%% quota-warning 85 %u
+
+ # allow user to become max 10% (or 50 MB) over quota
+ quota_grace = 10%%
+ #quota_grace = 50 M
+
+ # Custom Quota Exceeded Message.
+ # You can specify the message directly or read the message from a file.
+ #quota_exceeded_message = Quota exceeded, please try again later.
+ #quota_exceeded_message = </path/to/quota_exceeded_message.txt
+
+ # Plugin: expire.
+ #expire = Trash 7 Trash/* 7 Junk 30
+ #expire_dict = proxy::expire
+
+ # ACL and share folder
+ acl = vfile
+ acl_shared_dict = proxy::acl
+
+ # By default Dovecot doesn't allow using the IMAP "anyone" or
+ # "authenticated" identifier, because it would be an easy way to spam
+ # other users in the system. If you wish to allow it,
+ #acl_anyone = allow
+
+ # Pigeonhole managesieve service.
+ # Reference: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
+ # Per-user sieve settings.
+ sieve_dir = %Lh/sieve
+ sieve = %Lh/sieve/dovecot.sieve
+
+ # Global sieve settings.
+ sieve_global_dir = /home/vmail/sieve
+ # Note: if user has personal sieve script, global sieve rules defined in
+ # sieve_default will be ignored. Please use sieve_before or
+ # sieve_after instead.
+ #sieve_default =
+
+ sieve_before = /home/vmail/sieve/dovecot.sieve
+ #sieve_after =
+
+ # The maximum number of redirect actions that can be performed during a
+ # single script execution.
+ # The meaning of 0 differs based on your version. For pigeonhole-0.3.0 and
+ # beyond this means that redirect is prohibited. For older versions,
+ # however, this means that the number of redirects is unlimited.
+ #sieve_max_redirects = 4
+
+ # Reference: http://wiki2.dovecot.org/Plugins/MailboxAlias
+ mailbox_alias_old = Sent
+ mailbox_alias_new = Sent Messages
+ mailbox_alias_old2 = Sent
+ mailbox_alias_new2 = Sent Items
+}
+
+service quota-warning {
+ executable = script /usr/local/bin/dovecot-quota-warning.sh
+ unix_listener quota-warning {
+ user = vmail
+ group = vmail
+ mode = 0660
+ }
+}
+
+service dict {
+ unix_listener dict {
+ mode = 0660
+ user = vmail
+ group = vmail
+ }
+}
+
+dict {
+ #expire = db:/var/lib/dovecot/expire/expire.db
+ quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
+ acl = mysql:/etc/dovecot/dovecot-share-folder.conf
+}
+
+protocol lda {
+ # Reference: http://wiki2.dovecot.org/LDA
+ mail_plugins = $mail_plugins sieve
+ auth_socket_path = /var/run/dovecot/auth-master
+ log_path = /var/log/dovecot-sieve.log
+ lda_mailbox_autocreate = yes
+ lda_mailbox_autosubscribe = yes
+ postmaster_address = root
+}
+
+protocol lmtp {
+ # Log file
+ info_log_path = /var/log/dovecot-lmtp.log
+
+ # Plugins
+ mail_plugins = quota sieve
+ postmaster_address = postmaster
+
+ lmtp_save_to_detail_mailbox = yes
+ recipient_delimiter = +
+}
+
+protocol imap {
+ mail_plugins = $mail_plugins imap_quota imap_acl
+ imap_client_workarounds = tb-extra-mailbox-sep
+
+ # Maximum number of IMAP connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ # Default is 10.
+ # Increase it to avoid issue like below:
+ # "Maximum number of concurrent IMAP connections exceeded"
+ mail_max_userip_connections = 30
+}
+
+protocol pop3 {
+ mail_plugins = $mail_plugins
+ pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
+ pop3_uidl_format = %08Xu%08Xv
+
+ # Maximum number of IMAP connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ # Default is 10.
+ mail_max_userip_connections = 30
+}
+
+# Login processes. Refer to Dovecot wiki for more details:
+# http://wiki2.dovecot.org/LoginProcess
+service imap-login {
+ #inet_listener imap {
+ # port = 143
+ #}
+ #inet_listener imaps {
+ # port = 993
+ # ssl = yes
+ #}
+ #
+ # Require Dovecot-2.2.19+
+ #inet_listener imap_haproxy {
+ # port = 10143
+ # haproxy = yes
+ #}
+
+ service_count = 1
+
+ # To avoid startup latency for new client connections, set process_min_avail
+ # to higher than zero. That many idling processes are always kept around
+ # waiting for new connections.
+ #process_min_avail = 0
+
+ # number of simultaneous IMAP connections
+ process_limit = 500
+
+ # vsz_limit should be fine at its default 64MB value
+ #vsz_limit = 64M
+}
+
+service pop3-login {
+ #inet_listener pop3 {
+ # port = 110
+ #}
+ #inet_listener pop3s {
+ # port = 995
+ # ssl = yes
+ #}
+ #
+ # Require Dovecot-2.2.19+
+ #inet_listener pop3_haproxy {
+ # port = 10110
+ # haproxy = yes
+ #}
+
+ service_count = 1
+
+ # number of simultaneous POP3 connections
+ #process_limit = 500
+}
+
+service managesieve-login {
+ inet_listener sieve {
+ # Listen on localhost (ipv4)
+ #address = 127.0.0.1
+ port = 4190
+ }
+}
+
+namespace {
+ type = private
+ separator = /
+ prefix =
+ #location defaults to mail_location.
+ inbox = yes
+
+ # Refer to document for more details about alias mailbox:
+ # http://wiki2.dovecot.org/MailboxSettings
+ #
+ # Sent
+ mailbox Sent {
+ auto = subscribe
+ special_use = \Sent
+ }
+ mailbox "Sent Messages" {
+ auto = no
+ special_use = \Sent
+ }
+ mailbox "Sent Items" {
+ auto = no
+ special_use = \Sent
+ }
+
+ mailbox Drafts {
+ auto = subscribe
+ special_use = \Drafts
+ }
+
+ # Trash
+ mailbox Trash {
+ auto = subscribe
+ special_use = \Trash
+ }
+
+ mailbox "Deleted Messages" {
+ auto = no
+ special_use = \Trash
+ }
+
+ # Junk
+ mailbox Junk {
+ auto = subscribe
+ special_use = \Junk
+ }
+ mailbox Spam {
+ auto = no
+ special_use = \Junk
+ }
+ mailbox "Junk E-mail" {
+ auto = no
+ special_use = \Junk
+ }
+
+ # Archive
+ mailbox Archive {
+ auto = no
+ special_use = \Archive
+ }
+ mailbox Archives {
+ auto = no
+ special_use = \Archive
+ }
+}
+
+namespace {
+ type = shared
+ separator = /
+ prefix = Shared/%%u/
+ location = maildir:%%Lh/Maildir/:INDEX=%%Lh/Maildir/Shared/%%u
+ # this namespace should handle its own subscriptions or not.
+ subscriptions = yes
+ list = children
+}
+
+# Public mailboxes.
+# Refer to Dovecot wiki page for more details:
+# http://wiki2.dovecot.org/SharedMailboxes/Public
+#namespace {
+# type = public
+# separator = /
+# prefix = Public/
+#
+# # CONTROL=: Mark this public folder as read-only mailbox
+# # INDEX=: Per-user \Seen flag
+# location = maildir:/var/vmail/public/:CONTROL=~/Maildir/public:INDEX=~/Maildir/public
+#
+# # Allow users to subscribe to the public folders.
+# subscriptions = yes
+#}
--- /dev/null
+## Dovecot configuration file
+
+# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration
+
+# "doveconf -n" command gives a clean output of the changed settings. Use it
+# instead of copy&pasting files when posting to the Dovecot mailing list.
+
+# '#' character and everything after it is treated as comments. Extra spaces
+# and tabs are ignored. If you want to use either of these explicitly, put the
+# value inside quotes, eg.: key = "# char and trailing whitespace "
+
+# Most (but not all) settings can be overridden by different protocols and/or
+# source/destination IPs by placing the settings inside sections, for example:
+# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }
+
+# Default values are shown for each setting, it's not required to uncomment
+# those. These are exceptions to this though: No sections (e.g. namespace {})
+# or plugin settings are added by default, they're listed only as examples.
+# Paths are also just examples with the real defaults being based on configure
+# options. The paths listed here are for configure --prefix=/usr
+# --sysconfdir=/etc --localstatedir=/var
+
+# Enable installed protocols
+!include_try /usr/share/dovecot/protocols.d/*.protocol
+
+# A comma separated list of IPs or hosts where to listen in for connections.
+# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
+# If you want to specify non-default ports or anything more complex,
+# edit conf.d/master.conf.
+#listen = *, ::
+
+# Base directory where to store runtime data.
+#base_dir = /var/run/dovecot/
+
+# Name of this instance. In multi-instance setup doveadm and other commands
+# can use -i <instance_name> to select which instance is used (an alternative
+# to -c <config_path>). The instance name is also added to Dovecot processes
+# in ps output.
+#instance_name = dovecot
+
+# Greeting message for clients.
+#login_greeting = Dovecot ready.
+
+# Space separated list of trusted network ranges. Connections from these
+# IPs are allowed to override their IP addresses and ports (for logging and
+# for authentication checks). disable_plaintext_auth is also ignored for
+# these networks. Typically you'd specify your IMAP proxy servers here.
+#login_trusted_networks =
+
+# Space separated list of login access check sockets (e.g. tcpwrap)
+#login_access_sockets =
+
+# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
+# proxying. This isn't necessary normally, but may be useful if the destination
+# IP is e.g. a load balancer's IP.
+#auth_proxy_self =
+
+# Show more verbose process titles (in ps). Currently shows user name and
+# IP address. Useful for seeing who are actually using the IMAP processes
+# (eg. shared mailboxes or if same uid is used for multiple accounts).
+#verbose_proctitle = no
+
+# Should all processes be killed when Dovecot master process shuts down.
+# Setting this to "no" means that Dovecot can be upgraded without
+# forcing existing client connections to close (although that could also be
+# a problem if the upgrade is e.g. because of a security fix).
+#shutdown_clients = yes
+
+# If non-zero, run mail commands via this many connections to doveadm server,
+# instead of running them directly in the same process.
+#doveadm_worker_count = 0
+# UNIX socket or host:port used for connecting to doveadm server
+#doveadm_socket_path = doveadm-server
+
+# Space separated list of environment variables that are preserved on Dovecot
+# startup and passed down to all of its child processes. You can also give
+# key=value pairs to always set specific settings.
+#import_environment = TZ
+
+##
+## Dictionary server settings
+##
+
+# Dictionary can be used to store key=value lists. This is used by several
+# plugins. The dictionary can be accessed either directly or though a
+# dictionary server. The following dict block maps dictionary names to URIs
+# when the server is used. These can then be referenced using URIs in format
+# "proxy::<name>".
+
+dict {
+ #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
+ #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
+}
+
+# Most of the actual configuration gets included below. The filenames are
+# first sorted by their ASCII value and parsed in that order. The 00-prefixes
+# in filenames are intended to make it easier to understand the ordering.
+!include conf.d/*.conf
+
+# A config file can also tried to be included without giving an error if
+# it's not found:
+!include_try local.conf
--- /dev/null
+# dpkg configuration file
+#
+# This file can contain default options for dpkg. All command-line
+# options are allowed. Values can be specified by putting them after
+# the option, separated by whitespace and/or an `=' sign.
+#
+
+# Do not enable debsig-verify by default; since the distribution is not using
+# embedded signatures, debsig-verify would reject all packages.
+no-debsig
+
+# Log status changes and actions to a file.
+log /var/log/dpkg.log
--- /dev/null
+Vendor: Debian
+Vendor-URL: http://www.debian.org/
+Bugs: debbugs://bugs.debian.org
--- /dev/null
+debian
\ No newline at end of file
--- /dev/null
+;; 00debian-vars.el
+;;
+;; Initialize some emacs variables from debian policy files.
+;;
+;; Copyright (C) 1997, Frederic Lepied <Frederic.Lepied@sugix.frmug.org>
+;;
+;; original Author: Frederic Lepied <Frederic.Lepied@sugix.frmug.org>
+;; enhanced and documented by: Mark Eichin <eichin@kitten.gen.ma.us>
+
+;;=============================================================================
+;; Autoloaded section.
+;;=============================================================================
+
+\f
+;;;###
+
+(eval-when-compile
+ ;; Quiet byte compiler
+ (defvar gnus-nntpserver-file))
+
+;;;***
+\f
+
+;;=============================================================================
+;; Configuration section.
+;;=============================================================================
+(defun debian-file->string (name &optional func)
+ "Convert a file into a string"
+ (interactive "fFile name : ")
+ (let ((filename (expand-file-name name)))
+ (if (not (file-readable-p filename))
+ nil
+ (with-temp-buffer
+ ;; Do not run any user `find-file-hooks'
+ (insert-file-contents-literally filename)
+ (if func
+ (funcall func))
+ (buffer-string)))))
+
+(defun debian-clean-mailname ()
+ (while (search-forward "\n" nil t)
+ (replace-match "" nil t)))
+
+;; Particular variables, and their justification:
+;; policy/ch4.html, 4.3 Mail processing on Debian systems, /etc/mailname
+;; policy/ch-binarypkg.html, 3.5 Maintainer scripts, /etc/news/server
+
+(let ((mailname
+ (debian-file->string "/etc/mailname" (function debian-clean-mailname))))
+ (if mailname
+ (setq mail-host-address mailname)))
+
+;; Don't need to check NNTPSERVER for override, gnus does that for us.
+(if (file-readable-p "/etc/news/server")
+ (setq gnus-nntpserver-file "/etc/news/server"))
+
+;;; 00debian-vars.el ends here
--- /dev/null
+;; File: startup.el.in
+;; Description: Emacsen startup for dictionaries-common in Debian
+;; Authors: Rafael Laboissière <rafael@debian.org>
+;; Agustin Martin <agmartin@debian.org>
+;; Created on: Fri Oct 22 09:48:21 CEST 1999
+
+(let ((skip-emacs-flavors-list '(emacs19
+ emacs20
+ emacs21
+ emacs22
+ emacs-snapshot))
+ (debian-dict-entries "/var/cache/dictionaries-common/emacsen-ispell-dicts.el"))
+ (if (member debian-emacs-flavor skip-emacs-flavors-list)
+ (message "Skipping dictionaries-common setup for %s" debian-emacs-flavor)
+
+ (debian-pkg-add-load-path-item
+ (concat "/usr/share/"
+ (symbol-name debian-emacs-flavor)
+ "/site-lisp/dictionaries-common"))
+
+ (autoload 'flyspell-word "flyspell" nil t)
+ (autoload 'flyspell-mode "flyspell" nil t)
+ (autoload 'flyspell-prog-mode "flyspell" nil t)
+
+ ;; Load Debian emacsen cache file, with entries for installed dictionaries
+ ;; This might result in a call to debian-ispell, so do this only if
+ ;; a) It exists, that is, package is not removed.
+ ;; b) Not in installations under dpkg control, otherwise we might get some
+ ;; bogus errors on installation because of #132355 and friends.
+ (if (file-exists-p "/usr/share/emacs/site-lisp/dictionaries-common/debian-ispell.el")
+ (if (getenv "DPKG_RUNNING_VERSION")
+ (message "Info: Skip debian-el loading if run under dpkg control.")
+ (let ((coding-system-for-read 'raw-text)) ;; Read these as data streams
+ (load "debian-ispell" t)
+ (load debian-dict-entries t)))
+ (message "Info: Package dictionaries-common removed but not purged."))))
+
+;;; Previous code for loading ispell.el and refreshing spell-checking
+;;; pulldown menus has been removed from this file since it should no
+;;; longer be needed.
--- /dev/null
+;; Emacsen independent startup file. All of the various installed
+;; flavors of emacs (emacs22, emacs23, xemacs21) will load this file
+;; at startup. Make sure any code you put here is emacs flavor
+;; independent.
+
+;; Package maintainers: do not have Debian packages edit this file.
+;; See /usr/share/doc/emacsen-common/debian-emacs-policy.gz for the
+;; proper way to handle Emacs package initialization code.
--- /dev/null
+#!/bin/sh
+set -e
+
+not_enabled_warning() {
+ echo "etckeeper warning: etckeeper is not yet enabled for $(pwd)" >&2
+ echo "etckeeper warning: run etckeeper init to enable it" >&2
+}
+
+if [ "$VCS" = git ] && [ ! -d .git ]; then
+ not_enabled_warning
+elif [ "$VCS" = hg ] && [ ! -d .hg ]; then
+ not_enabled_warning
+elif [ "$VCS" = bzr ] && [ ! -d .bzr ]; then
+ not_enabled_warning
+elif [ "$VCS" = darcs ] && [ ! -d _darcs ]; then
+ not_enabled_warning
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = bzr ] && [ -d .bzr ]; then
+ if ! bzr add -q .; then
+ echo "etckeeper warning: bzr add failed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = darcs ] && [ -d _darcs ]; then
+ rc=0
+ res=$( darcs add -qr . 2>&1 ) || rc=$?
+ if test $rc -ne 0; then
+ if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then
+ printf "%s" "$res"
+ echo "etckeeper warning: darcs add failed" >&2
+ fi
+ fi
+ unset rc res
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ] && [ -d .git ]; then
+ if ! git add --all; then
+ echo "etckeeper warning: git add --all" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = hg ] && [ -d .hg ]; then
+ if ! hg addremove .; then
+ echo "etckeeper warning: hg addremove failed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+cleanup () {
+ if [ -n "$logfile" ]; then
+ rm -f "$logfile"
+ fi
+}
+if [ -n "$1" ]; then
+ trap cleanup EXIT
+ logfile="$(mktemp -t etckeeper-$VCS.XXXXXXXXXX)"
+ if [ "x$1" = "x--stdin" ]; then
+ cat > "$logfile"
+ else
+ if [ "x$1" = "x-m" ]; then
+ shift 1
+ fi
+ echo "$1" > "$logfile"
+ fi
+else
+ logfile=""
+fi
+
+hostname=`hostname`
+hostname="${hostname%%.*}"
+dnsdomainname=`dnsdomainname 2>/dev/null || true`
+if [ -n "$dnsdomainname" ]; then
+ hostname="$hostname.$dnsdomainname"
+fi
+
+USER=
+if [ -n "$SUDO_USER" ]; then
+ USER="$SUDO_USER"
+else
+ # try to check tty ownership, in case user su'd to root
+ TTY="$(tty 2>/dev/null || true)"
+ if [ -n "$TTY" ] && [ -c "$TTY" ]; then
+ USER="$(find "$TTY" -printf "%u")"
+ fi
+fi
+
+if [ "$VCS" = git ] && [ -d .git ]; then
+ if [ -n "$USER" ]; then
+ # Use user.name and user.email from the gitconfig belonging
+ # to the user who became root.
+ USER_HOME="$(perl -e 'print ((getpwnam(shift()))[7])' "$USER")"
+ if [ -n "$USER_HOME" ] && [ -e "$USER_HOME/.gitconfig" ]; then
+ if [ -z "$GIT_AUTHOR_NAME" ]; then
+ GIT_AUTHOR_NAME="$(git config -f "$USER_HOME/.gitconfig" user.name)" || true
+ export GIT_AUTHOR_NAME
+ fi
+ if [ -z "$GIT_AUTHOR_EMAIL" ]; then
+ GIT_AUTHOR_EMAIL="$(git config -f "$USER_HOME/.gitconfig" user.email)" || true
+ export GIT_AUTHOR_EMAIL
+ fi
+ fi
+ if [ -z "$GIT_COMMITTER_EMAIL" ]; then
+ GIT_COMMITER_EMAIL="$(git config --global user.email)" || true
+ export GIT_COMMITER_EMAIL
+ fi
+
+ if [ -z "$GIT_AUTHOR_NAME" ]; then
+ GIT_AUTHOR_NAME="$USER"
+ export GIT_AUTHOR_NAME
+ fi
+ if [ -z "$GIT_AUTHOR_EMAIL" ]; then
+ GIT_AUTHOR_EMAIL="$USER@$hostname"
+ export GIT_AUTHOR_EMAIL
+ fi
+ if [ -z "$GIT_COMMITTER_EMAIL" ]; then
+ GIT_COMMITTER_EMAIL=`whoami`"@$hostname"
+ export GIT_COMMITTER_EMAIL
+ fi
+ fi
+ if [ -n "$logfile" ]; then
+ git commit $GIT_COMMIT_OPTIONS -F "$logfile"
+ else
+ git commit $GIT_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = hg ] && [ -d .hg ]; then
+ if [ -n "$USER" ]; then
+ LOGNAME="$USER"
+ export LOGNAME
+ fi
+ if [ -z "$HGUSER" ]; then
+ HGUSER="$USER@$hostname"
+ export HGUSER
+ fi
+ if [ -n "$logfile" ]; then
+ hg commit $HG_COMMIT_OPTIONS -l "$logfile"
+ else
+ hg commit $HG_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = bzr ] && [ -d .bzr ]; then
+ if [ -z "$EMAIL" ] && [ -n "$USER" ]; then
+ EMAIL="$USER <$USER@$hostname>"
+ export EMAIL
+ fi
+ if [ -n "$logfile" ]; then
+ bzr commit $BZR_COMMIT_OPTIONS -F "$logfile"
+ else
+ bzr commit $BZR_COMMIT_OPTIONS
+ fi
+elif [ "$VCS" = darcs ] && [ -d _darcs ]; then
+ if [ -z "$USER" ]; then
+ USER=root
+ fi
+ if [ -n "$logfile" ]; then
+ darcs record --author="$USER" $DARCS_COMMIT_OPTIONS --logfile="$logfile"
+ else
+ darcs record --author="$USER" $DARCS_COMMIT_OPTIONS
+ fi
+fi
--- /dev/null
+#!/bin/sh
+if [ -n "$PUSH_REMOTE" ]; then
+ if [ "$VCS" = git ] && [ -d .git ]; then
+ for REMOTE in $PUSH_REMOTE; do
+ git push "$REMOTE" master || true
+ done
+ elif [ "$VCS" = hg ] && [ -d .hg ]; then
+ for REMOTE in $PUSH_REMOTE; do
+ hg push "$REMOTE" || true
+ done
+ else
+ echo "PUSH_REMOTE not yet supported for $VCS" >&2
+ fi
+fi
--- /dev/null
+Files in this directory are run when there might be changes to commit.
+(Before and after packages are installed, upgraded, etc.)
+They should commit changes and new files in /etc to repository.
--- /dev/null
+# The VCS to use.
+#VCS="hg"
+VCS="git"
+#VCS="bzr"
+#VCS="darcs"
+
+# Options passed to git commit when run by etckeeper.
+GIT_COMMIT_OPTIONS=""
+
+# Options passed to hg commit when run by etckeeper.
+HG_COMMIT_OPTIONS=""
+
+# Options passed to bzr commit when run by etckeeper.
+BZR_COMMIT_OPTIONS=""
+
+# Options passed to darcs record when run by etckeeper.
+DARCS_COMMIT_OPTIONS="-a"
+
+# Uncomment to avoid etckeeper committing existing changes
+# to /etc automatically once per day.
+#AVOID_DAILY_AUTOCOMMITS=1
+
+# Uncomment the following to avoid special file warning
+# (the option is enabled automatically by cronjob regardless).
+#AVOID_SPECIAL_FILE_WARNING=1
+
+# Uncomment to avoid etckeeper committing existing changes to
+# /etc before installation. It will cancel the installation,
+# so you can commit the changes by hand.
+#AVOID_COMMIT_BEFORE_INSTALL=1
+
+# The high-level package manager that's being used.
+# (apt, pacman-g2, yum, zypper etc)
+HIGHLEVEL_PACKAGE_MANAGER=apt
+
+# The low-level package manager that's being used.
+# (dpkg, rpm, pacman, pacman-g2, etc)
+LOWLEVEL_PACKAGE_MANAGER=dpkg
+
+# To push each commit to a remote, put the name of the remote here.
+# (eg, "origin" for git). Space-separated lists of multiple remotes
+# also work (eg, "origin gitlab github" for git).
+PUSH_REMOTE=""
--- /dev/null
+#!/bin/sh
+set -e
+
+# Note that metastore doesn't check that the .metastore file only changes
+# perms of files in the current directory. It's ok to trust the .metastore
+# file won't do anything shady, because, as documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .metadata ]; then
+ if which metastore >/dev/null; then
+ metastore --apply --mtime
+ else
+ echo "etckeeper warning: legacy .metastore file is present but metastore is not installed" >&2
+ fi
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# Used by .etckeeper to run a command if the file it acts on
+# (the last parameter) exists.
+maybe () {
+ command="$1"
+ shift 1
+
+ if eval [ -e "\"\$$#\"" ]; then
+ "$command" "$@"
+ fi
+}
+
+# Yes, this runs code from the repository. As documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .etckeeper ]; then
+ . ./.etckeeper
+else
+ touch .etckeeper
+ chmod 600 .etckeeper
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ] && [ ! -e .git ]; then
+ git init
+ echo "$(hostname) /etc repository" > .git/description
+elif [ "$VCS" = hg ] && [ ! -e .hg ]; then
+ hg init
+ echo "[web]" > .hg/hgrc
+ echo "description = $(hostname) /etc repository" >> .hg/hgrc
+elif [ "$VCS" = bzr ] && [ ! -e .bzr ]; then
+ bzr init
+ bzr nick "$(hostname) /etc repository"
+elif [ "$VCS" = darcs ] && [ ! -e _darcs ]; then
+ darcs initialize
+ echo "$(hostname) /etc repository" > _darcs/prefs/motd
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+etckeeper update-ignore -a || true
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ chmod 700 .git
+elif [ "$VCS" = hg ]; then
+ chmod 700 .hg
+elif [ "$VCS" = bzr ]; then
+ chmod 700 .bzr
+elif [ "$VCS" = darcs ]; then
+ chmod 700 _darcs
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+case "$VCS" in
+ git)
+ if [ -x .git/hooks/pre-commit ]; then
+ if ! grep -q "etckeeper pre-commit" .git/hooks/pre-commit; then
+ echo "etckeeper warning: .git/hooks/pre-commit needs to be manually modified to run: etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ cat >.git/hooks/pre-commit <<EOF
+#!/bin/sh
+# pre-commit hook for etckeeper, to store metadata and do sanity checks
+set -e
+etckeeper pre-commit -d `pwd`
+EOF
+ chmod +x .git/hooks/pre-commit
+ fi
+ ;;
+ hg)
+ if [ -e .hg/hgrc ] && grep "^\[hooks\]" .hg/hgrc; then
+ if ! grep "^pre-commit" .hg/hgrc | grep -q "etckeeper pre-commit"; then
+ echo "etckeeper warning: [hooks] section in .hg/hgrc needs to be manually modified to contain: pre-commit = etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ touch .hg/hgrc
+ cat >>.hg/hgrc <<EOF
+[hooks]
+# pre-commit hook for etckeeper, to store metadata and do sanity checks
+pre-commit = etckeeper pre-commit -d `pwd`
+EOF
+ fi
+ ;;
+ darcs)
+ if [ -e _darcs/prefs/defaults ]; then
+ if ! ( grep -q "record prehook etckeeper pre-commit" _darcs/prefs/defaults &&
+ grep -q "whatsnew prehook etckeeper pre-commit" _darcs/prefs/defaults ); then
+ echo "etckeeper warning: _darcs/prefs/defaults needs to be manually modified to run: etckeeper pre-commit -d `pwd`" >&2
+ fi
+ else
+ cat >_darcs/prefs/defaults <<EOF
+record prehook etckeeper pre-commit -d `pwd`
+record run-prehook
+whatsnew prehook etckeeper pre-commit -d `pwd`
+whatsnew run-prehook
+EOF
+ fi
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+set -e
+
+filter_ignore() {
+ if [ "$VCS" = darcs ]; then
+ ignorefile=.darcsignore
+ fi
+
+ if [ "$VCS" = darcs ] && [ -e "$ignorefile" ]; then
+ # Spaces embedded into patterns would break it.
+ # But really, why would anyone want to use ' ' instead of '\s' ?
+ #patterns=$( grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" | xargs -n 1 printf " -e %s" )
+ #grep -Ev $patterns
+ #unset patterns
+ # Alternative using a temp file
+ patternsfile="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" > "$patternsfile" || true
+ grep -Evf "$patternsfile"
+ rm -f "$patternsfile"
+ unset patternsfile
+ else
+ cat -
+ fi
+}
+
+
+if [ "$VCS" = darcs ];then
+ NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o'
+
+ # We assume that if .etckeeper is empty this is the first run
+ if [ -s .etckeeper ]; then
+ linksindex="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ grep '^ln -s' .etckeeper | while IFS="'" read n n n link n; do
+ printf "%s\n" "$link" >> "$linksindex"
+ done
+
+ # Warn about symbolic links that shouldn't exist
+ if links=$( find $NOVCS -type l -print | filter_ignore | grep -vFf "$linksindex" ); then
+ printf "%s\n%s\n" \
+ "The following symbolic links should not exist:" \
+ "$links" >&2
+ fi
+
+ rm -f "$linksindex"
+ unset links linksindex
+ fi
+
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ if ! git add .; then
+ echo "etckeeper warning: git add failed" >&2
+ fi
+elif [ "$VCS" = hg ]; then
+ if ! hg add .; then
+ echo "etckeeper warning: hg add failed" >&2
+ fi
+elif [ "$VCS" = bzr ]; then
+ if ! bzr add .; then
+ echo "etckeeper warning: bzr add failed" >&2
+ fi
+elif [ "$VCS" = darcs ]; then
+ # Don't warn if all the files were already added.
+ rc=0
+ res=$( darcs add -qr . 2>&1 ) || rc=$?
+ if test $rc -ne 0; then
+ if ! test $rc -eq 2 -a "${res%No files were added}" != "$res"; then
+ printf "%s" "$res"
+ echo "etckeeper warning: darcs add failed" >&2
+ fi
+ fi
+ unset rc res
+fi
--- /dev/null
+Executable files in this directory are run to initialise the working directory
+for use by etckeeper. If the working directory is not already in version
+control, that includes setting up the version control, but not actually
+committing anything. If the working directory is in version control,
+it includes applying stored metadata to the checked out files in the
+working directory.
+
+Please be careful to *never* overwrite existing files/directories
+in the working directory (or use absolute care when doing so). If a file
+you need to write already exists, check if its contents are sane, and
+if not, emit a warning on stderr.
+
+If initialisation fails, exit nonzero and no later files will be run.
--- /dev/null
+#!/bin/sh
+# Output to stdout a *sorted* list of all currently installed
+# (or removed but still with config-files) packages, in the
+# format "package version\n" (or something similar).
+if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then
+ dpkg-query -W -f '${Status}\t${Package} ${Version}\n' | \
+ egrep '(ok installed|ok config-files)' | cut -f2,3
+elif [ "$LOWLEVEL_PACKAGE_MANAGER" = rpm ]; then
+ rpm -qa --qf "%|epoch?{%{epoch}}:{0}|:%{name}-%{version}-%{release}.%{arch}\n" | sort
+elif [ "$LOWLEVEL_PACKAGE_MANAGER" = pacman ]; then
+ pacman -Q
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+pl="/var/cache/etckeeper/packagelist"
+
+if etckeeper unclean; then
+ message="committing changes in /etc after $HIGHLEVEL_PACKAGE_MANAGER run"
+
+ set +e
+ if [ -e $pl.pre-install ]; then
+ (
+ echo "$message"
+ echo
+ echo "Package changes:"
+ etckeeper list-installed | diff -U0 $pl.pre-install - | tail -n+4 | egrep '^[-+]' || true
+ ) | etckeeper commit --stdin
+ else
+ etckeeper commit "$(printf "$message")"
+ fi
+ status=$?
+ set -e
+
+ if [ "$status" != 0 ]; then
+ echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2
+ fi
+fi
+
+if [ -e $pl.pre-install ]; then
+ rm -f $pl.pre-install
+fi
--- /dev/null
+Files in this directory are run after packages are installed, upgraded, etc.
+They should commit changes and new files in /etc to repository.
--- /dev/null
+#!/bin/sh
+set -e
+
+exclude_internal () {
+ egrep -v '(^|/)(.git|.hg|.bzr|_darcs)/'
+}
+
+if [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then
+ special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 | exclude_internal ) || true
+elif [ "$VCS" = hg ]; then
+ special=$(find . ! -type d ! -type f ! -type l | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 -exec hg status {} \; | exclude_internal ) || true
+elif [ "$VCS" = git ]; then
+ special=$(find . ! -type d ! -type f ! -type l -exec git ls-files --exclude-standard --cached --others {} \; | exclude_internal) || true
+ hardlinks=$(find . -type f ! -links 1 -exec git ls-files --exclude-standard --cached --others {} \; | exclude_internal) || true
+else
+ special=""
+fi
+
+if [ -n "$special" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then
+ echo "etckeeper warning: special files could cause problems with $VCS:" >&2
+ echo "$special" >&2
+fi
+if [ -n "$hardlinks" ] && [ -z "$AVOID_SPECIAL_FILE_WARNING" ]; then
+ echo "etckeeper warning: hardlinked files could cause problems with $VCS:" >&2
+ echo "$hardlinks" >&2
+fi
+
+true
--- /dev/null
+#!/bin/sh
+set -e
+
+# Filters out UNKNOWN users and groups, prints a warning on stderr.
+filter_unknown() {
+ CMD=$1
+ while read line; do
+ # if the first n chars of $line equal "$CMD UNKNOWN "...
+ if [ "$(printf %.$((9+${#CMD}))s "$line")" = "$CMD UNKNOWN " ]; then
+ echo Bad "$2" for "$line" >&2
+ else
+ echo "$line"
+ fi
+ done
+}
+
+filter_ignore() {
+ case "$VCS" in
+ darcs) ignorefile=.darcsignore ;;
+ git) ignorefile=.gitignore ;;
+ esac
+
+ if [ -n "$ignorefile" ] && [ -e "$ignorefile" ]; then
+ listfile="$( mktemp -t etckeeper-$VCS.XXXXXXXXXX )"
+ case "$VCS" in
+ darcs)
+ grep -v '^[[:space:]]*\(#\|$\)' "$ignorefile" > "$listfile" || true
+ grep -Evf "$listfile"
+ ;;
+ git)
+ (git ls-files -oi --exclude-standard; git ls-files -oi --exclude-standard --directory) | sort | uniq > "$listfile" || true
+ sed 's/^\.\///' | grep -xFvf "$listfile"
+ ;;
+ esac
+ rm -f "$listfile"
+ unset listfile
+ else
+ cat -
+ fi
+}
+
+shellquote() {
+ # Single quotes text, escaping existing single quotes.
+ sed -e "s/'/'\"'\"'/g" -e "s/^/'/" -e "s/$/'/"
+}
+
+generate_metadata() {
+ # This function generates the script commands to fix any file
+ # ownerships that aren't owner=root, group=root, as well as to
+ # store the permissions of files.
+ # The script is produced on stdout. Errors go to stderr.
+ #
+ # The script can use a 'maybe' function, which only runs a command
+ # if the file in its last argument exists.
+
+ # We want files in the directory containing VCS data
+ # but we want find to ignore the VCS files themselves.
+ #
+ # (Note that when using this, the find expression must end with
+ # -print or -exec, else the excluded directories will actually be
+ # printed!)
+ NOVCS='. -path ./.git -prune -o -path ./.bzr -prune -o -path ./.hg -prune -o -path ./_darcs -prune -o'
+
+ # Keep the sort order the same at all times.
+ LC_COLLATE=C
+ export LC_COLLATE
+
+ if [ "$VCS" = git ] || [ "$VCS" = hg ]; then
+ # These version control systems do not track directories,
+ # so empty directories must be stored specially.
+ find $NOVCS -type d -empty -print |
+ sort | shellquote | sed -e "s/^/mkdir -p /"
+ fi
+
+ if [ "$VCS" = darcs ]; then
+ # This version control system does not track symlinks,
+ # so they must be stored specially.
+ find $NOVCS -type l -print | sort | filter_ignore | while read link; do
+ dest=$( readlink "$link" )
+ printf "ln -sf '%s' '%s'\n" "$(echo "$dest" | shellquote)" "$(echo "$link" | shellquote)"
+ done
+ fi
+
+ # Store things that don't have the default user or group.
+ # Store all file modes, in case the user has an unusual umask.
+ find $NOVCS \( -type f -or -type d \) -print | filter_ignore | sort | perl -ne '
+ BEGIN { $q=chr(39) }
+ sub uidname {
+ my $want=shift;
+ if (exists $uidcache{$want}) {
+ return $uidcache{$want};
+ }
+ my $name=scalar getpwuid($want);
+ return $uidcache{$want}=defined $name ? $name : $want;
+ }
+ sub gidname {
+ my $want=shift;
+ if (exists $gidcache{$want}) {
+ return $gidcache{$want};
+ }
+ my $name=scalar getgrgid($want);
+ return $gidcache{$want}=defined $name ? $name : $want;
+ }
+ chomp;
+ my @stat=stat($_);
+ my $mode = $stat[2];
+ my $uid = $stat[4];
+ my $gid = $stat[5];
+ s/$q/$q"$q"$q/g; # escape single quotes
+ s/^/$q/;
+ s/$/$q/;
+ if ($uid != $>) {
+ printf "maybe chown $q%s$q %s\n", uidname($uid), $_;
+ }
+ if ($gid != $)) {
+ printf "maybe chgrp $q%s$q %s\n", gidname($gid), $_;
+ }
+ printf "maybe chmod %04o %s\n", $mode & 07777, $_;
+ '
+
+ # We don't handle xattrs.
+ # Maybe check for getfattr/setfattr and use them if they're available?
+}
+
+if [ "$VCS" = git ] || [ "$VCS" = hg ] || [ "$VCS" = bzr ] || [ "$VCS" = darcs ]; then
+ if [ -f .metadata ]; then
+ # remove obsolete .metadata file
+ # git allows fully deleting it at this point, other VCS
+ # may not (the repo is locked for hg).
+ if [ "$VCS" = git ]; then
+ $VCS rm .metadata
+ else
+ rm -f .metadata
+ fi
+ fi
+
+ echo "# Generated by etckeeper. Do not edit." > .etckeeper
+ echo >> .etckeeper
+
+ # Make sure the file is not readable by others, since it can leak
+ # information about contents of non-readable directories in /etc.
+ chmod 700 .etckeeper
+
+ generate_metadata >> .etckeeper
+
+ # stage the file as part of the current commit
+ if [ "$VCS" = git ]; then
+ # this will do nothing if the metadata file is unchanged.
+ git add .etckeeper
+ fi
+ # hg, bzr and darcs add not done, they will automatically
+ # include the file in the current commit
+fi
--- /dev/null
+This is run by a git pre-commit hook before committing changes to the
+repository. This can be used for storing metadata, and for sanity checks.
--- /dev/null
+#!/bin/sh
+# This list will be later used when committing.
+mkdir -p /var/cache/etckeeper/
+etckeeper list-installed > /var/cache/etckeeper/packagelist.pre-install
--- /dev/null
+#!/bin/sh
+set -e
+
+if etckeeper unclean; then
+ if [ "$AVOID_COMMIT_BEFORE_INSTALL" = 1 ]; then
+ echo "" >&2
+ echo "** etckeeper detected uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run" >&2
+ echo "** Aborting $HIGHLEVEL_PACKAGE_MANAGER run. Manually commit and restart." >&2
+ echo "" >&2
+ exit 1
+ fi
+ if ! etckeeper commit "saving uncommitted changes in /etc prior to $HIGHLEVEL_PACKAGE_MANAGER run"; then
+ echo "warning: etckeeper failed to commit changes in /etc using $VCS" >&2
+ fi
+fi
--- /dev/null
+Files in this directory are run before packages are installed, upgraded,
+etc. This is mostly used for sanity checks, ie, does /etc have any
+uncommitted changes?
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ [ -d .git ] && [ -n "`git status --porcelain`" ]
+elif [ "$VCS" = hg ]; then
+ [ -d .hg ] && ! hg status 2>&1 | wc -l | grep -q "^0$"
+elif [ "$VCS" = bzr ]; then
+ [ -d .bzr ] && ! bzr version-info --custom --template="{clean}\n" | grep -q "^1$"
+elif [ "$VCS" = darcs ]; then
+ [ -d _darcs ] && darcs whatsnew -l >/dev/null
+fi
--- /dev/null
+Files in this directory are used to test if the working copy has
+uncommitted changes.
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" != "-f" ]; then
+ echo "** Warning: This will DESTROY all recorded history for $ETCKEEPER_DIR,"
+ echo "** including the $VCS repository."
+ echo ""
+ printf "Are you sure you want to do this? [yN] "
+ read answer
+ case "$answer" in
+ [Yy]*)
+ echo "Proceeding.."
+ exit 0
+ ;;
+ *)
+ echo "Aborting etckeeper uninit."
+ exit 1
+ ;;
+ esac
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# Files generated by etckeeper to store metadata the VCS cannot preserve.
+rm -f .etckeeper
+rm -f .metadata # only generated by old versions
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ rm -rf .git
+ file=.gitignore
+elif [ "$VCS" = hg ]; then
+ rm -rf .hg
+ file=.hgignore
+elif [ "$VCS" = bzr ]; then
+ rm -rf .bzr
+ file=.bzrignore
+elif [ "$VCS" = darcs ]; then
+ rm -rf _darcs
+ file=.darcsignore
+fi
+
+managed_by_etckeeper="managed by etckeeper"
+
+if ! grep -q "$managed_by_etckeeper" "$file"; then
+ exit 0
+else
+ realfile="$file"
+ if which tempfile >/dev/null 2>&1 || type -p tempfile >/dev/null 2>&1; then
+ tempfile="tempfile"
+ elif which mktemp >/dev/null 2>&1 || type -p mktemp >/dev/null 2>&1; then
+ tempfile="mktemp"
+ else
+ echo "etckeeper warning: can't find tempfile or mktemp" >&2
+ exit 1
+ fi
+ file=$($tempfile)
+ otherentries=
+ skipping=
+ while read -r line; do
+ if echo "$line" | grep -q "$managed_by_etckeeper"; then
+ if [ ! "$skipping" ]; then
+ skipping=1
+ else
+ skipping=
+ fi
+ elif [ ! "$skipping" ]; then
+ echo "$line" >> "$file"
+ otherentries=1
+ fi
+ done <"$realfile"
+
+ if [ "$otherentries" ]; then
+ mv -f "$file" "$realfile"
+ else
+ rm -f "$file"
+ rm -f "$realfile"
+ fi
+fi
--- /dev/null
+Executable files in this directory are run to uninitialise the working
+directory, removing files added by `etckeeper init`.
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$VCS" = git ]; then
+ dir=.git
+ file=.gitignore
+elif [ "$VCS" = hg ]; then
+ dir=.hg
+ file=.hgignore
+elif [ "$VCS" = bzr ]; then
+ dir=.bzr
+ file=.bzrignore
+elif [ "$VCS" = darcs ]; then
+ dir=_darcs
+ file=.darcsignore
+else
+ echo "etckeeper: unsupported VCS $VCS" >&2
+ exit 1
+fi
+
+if [ ! -d "$dir" ]; then
+ exit 0
+fi
+
+managed_by_etckeeper="managed by etckeeper"
+
+nl() {
+ echo >>"$file"
+}
+
+comment() {
+ comment="$1"
+ echo "# $comment" >>"$file"
+}
+
+ignore() {
+ glob="$1"
+
+ case "$VCS" in
+ git)
+ # escape "#" in ignores, as otherwise it may
+ # be considered a comment
+ echo "$glob" | sed 's/#/\\#/g' >>"$file"
+ ;;
+ bzr)
+ echo "$glob" >>"$file"
+ ;;
+ hg)
+ # rather than converting the glob to a regexp, just
+ # configure hg to use globs
+ if [ -z "$hg_syntax_printed" ]; then
+ comment "use glob syntax"
+ echo "syntax: glob" >>"$file"
+ nl
+ hg_syntax_printed=1
+ fi
+ echo "$glob" | sed 's/#/\\#/g' >>"$file"
+ ;;
+ darcs)
+ # darcs doesn't understand globs, so we need to
+ # translate them into regexs. Not a complete converter,
+ # but suitable for given globs.
+ if [ "${glob%\*}" != "$glob" ]; then
+ glob="${glob%\*}"
+ else
+ glob="$glob"'($|/)'
+ fi
+ if [ "${glob#\*}" != "$glob" ]; then
+ glob="${glob#\*}"
+ else
+ glob='(^|/)'"$glob"
+ fi
+ glob="$( printf %s $glob | sed -e 's/\./\\./g;s/\*/[^\/]*/g;s/\?/[^\/]/g' )"
+ echo "$glob" >>"$file"
+ esac
+}
+
+writefile () {
+ comment "begin section $managed_by_etckeeper (do not edit this section by hand)"
+ nl
+
+ if [ "$VCS" = darcs ]; then
+ darcs setpref boringfile .darcsignore
+ fi
+
+ if [ "$LOWLEVEL_PACKAGE_MANAGER" = dpkg ]; then
+ comment "new and old versions of conffiles, stored by dpkg"
+ ignore "*.dpkg-*"
+ comment "new and old versions of conffiles, stored by ucf"
+ ignore "*.ucf-*"
+ nl
+ elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "rpm" ]; then
+ comment "new and old versions of conffiles, stored by apt/rpm"
+ ignore "*.rpm*"
+ nl
+ elif [ "$LOWLEVEL_PACKAGE_MANAGER" = "pacman-g2" -o "$LOWLEVEL_PACKAGE_MANAGER" = "pacman" ]; then
+ comment "new and old versions of conffiles, stored by pacman"
+ ignore "*.pacnew"
+ ignore "*.pacorig"
+ ignore "*.pacsave"
+ nl
+ fi
+
+ comment "old versions of files"
+ ignore "*.old"
+ # Not currently ignored as admins tend to rely on these files.
+ #ignore "passwd-"
+ #ignore "group-"
+ #ignore "shadow-"
+ #ignore "gshadow-"
+ nl
+
+ comment "mount(8) records system state here, no need to store these"
+ ignore blkid.tab
+ ignore blkid.tab.old
+ nl
+
+ comment "some other files in /etc that typically do not need to be tracked"
+ ignore nologin
+ ignore ld.so.cache
+ ignore prelink.cache
+ ignore mtab
+ ignore mtab.fuselock
+ ignore .pwd.lock
+ ignore "*.LOCK"
+ ignore network/run
+ ignore adjtime
+ ignore lvm/cache
+ ignore lvm/archive
+ ignore "X11/xdm/authdir/authfiles/*"
+ ignore ntp.conf.dhcp
+ ignore .initctl
+ ignore "webmin/fsdump/*.status"
+ ignore "webmin/webmin/oscache"
+ ignore "apparmor.d/cache/*"
+ ignore "service/*/supervise/*"
+ ignore "service/*/log/supervise/*"
+ ignore "sv/*/supervise/*"
+ ignore "sv/*/log/supervise/*"
+ ignore "*.elc"
+ ignore "*.pyc"
+ ignore "*.pyo"
+ ignore "init.d/.depend.*"
+ ignore "openvpn/openvpn-status.log"
+ ignore "cups/subscriptions.conf"
+ ignore "cups/subscriptions.conf.O"
+ ignore "fake-hwclock.data"
+ ignore "check_mk/logwatch.state"
+ nl
+
+ comment "editor temp files"
+ ignore "*~"
+ ignore ".*.sw?"
+ ignore ".sw?"
+ ignore "#*#"
+ ignore DEADJOE
+
+ nl
+ comment "end section $managed_by_etckeeper"
+}
+
+if [ -e "$file" ]; then
+ if ! grep -q "$managed_by_etckeeper" "$file"; then
+ if [ "$1" != "-a" ]; then
+ echo "etckeeper: "$file" does not contain \"$managed_by_etckeeper\" comment; not updating"
+ exit 1
+ else
+ echo "etckeeper: "$file" exists but does not contain \"$managed_by_etckeeper\" comment; updating"
+ writefile
+ exit 0
+ fi
+ fi
+ realfile="$file"
+ if which tempfile >/dev/null 2>&1 || type -p tempfile >/dev/null 2>&1; then
+ tempfile="tempfile"
+ elif which mktemp >/dev/null 2>&1 || type -p mktemp >/dev/null 2>&1; then
+ tempfile="mktemp"
+ else
+ echo "etckeeper warning: can't find tempfile or mktemp" >&2
+ fi
+ file=$($tempfile)
+ (
+ skipping=
+ while read -r line; do
+ if echo "$line" | grep -q "$managed_by_etckeeper"; then
+ if [ ! "$skipping" ]; then
+ skipping=1
+ else
+ skipping=
+ writefile
+ fi
+ elif [ ! "$skipping" ]; then
+ echo "$line" >> "$file"
+ fi
+ done
+ if [ "$skipping" ]; then
+ # reached end of file w/o ending block
+ writefile
+ fi
+ ) <"$realfile"
+
+ mv -f "$file" "$realfile"
+else
+ writefile
+fi
--- /dev/null
+Executable files in this directory are run to update the VCS ignore file,
+or create it if it does not exist.
--- /dev/null
+#!/bin/sh
+set -e
+
+# check whether we can locate the vcs binary
+if [ -n "$VCS" ] && which "$VCS" > /dev/null; then
+ # pass commands to the VCS application
+ $VCS "$@"
+else
+ echo "error: VCS ($VCS) not set or not in PATH" >&2
+ exit 1
+fi
--- /dev/null
+# Fail2Ban configuration file
+# https://www.rfxn.com/projects/advanced-policy-firewall/
+#
+# Note: APF doesn't play nicely with other actions. It has been observed to
+# remove bans created by other iptables based actions. If you are going to use
+# this action, use it for all of your jails.
+#
+# DON'T MIX APF and other IPTABLES based actions
+[Definition]
+
+actionstart =
+actionstop =
+actioncheck =
+actionban = apf --deny <ip> "banned by Fail2Ban <name>"
+actionunban = apf --remove <ip>
+
+[Init]
+
+# Name used in APF configuration
+#
+name = default
+
+# DEV NOTES:
+#
+# Author: Mark McKinstry
--- /dev/null
+# Fail2ban reporting to badips.com
+#
+# Note: This reports and IP only and does not actually ban traffic. Use
+# another action in the same jail if you want bans to occur.
+#
+# Set the category to the appropriate value before use.
+#
+# To get see register and optional key to get personalised graphs see:
+# http://www.badips.com/blog/personalized-statistics-track-the-attackers-of-all-your-servers-with-one-key
+
+[Definition]
+
+actionban = curl --fail --user-agent "fail2ban v0.8.12" http://www.badips.com/add/<category>/<ip>
+
+[Init]
+
+# Option: category
+# Notes.: Values are from the list here: http://www.badips.com/get/categories
+category =
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Steven Hiscocks
+#
+#
+
+# Action to report IP address to blocklist.de
+# Blocklist.de must be signed up to at www.blocklist.de
+# Once registered, one or more servers can be added.
+# This action requires the server 'email address' and the assoicate apikey.
+#
+# From blocklist.de:
+# www.blocklist.de is a free and voluntary service provided by a
+# Fraud/Abuse-specialist, whose servers are often attacked on SSH-,
+# Mail-Login-, FTP-, Webserver- and other services.
+# The mission is to report all attacks to the abuse deparments of the
+# infected PCs/servers to ensure that the responsible provider can inform
+# the customer about the infection and disable them
+#
+# IMPORTANT:
+#
+# Reporting an IP of abuse is a serious complaint. Make sure that it is
+# serious. Fail2ban developers and network owners recommend you only use this
+# action for:
+# * The recidive where the IP has been banned multiple times
+# * Where maxretry has been set quite high, beyond the normal user typing
+# password incorrectly.
+# * For filters that have a low likelyhood of receiving human errors
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = curl --fail --data-urlencode 'server=<email>' --data 'apikey=<apikey>' --data 'service=<service>' --data 'ip=<ip>' --data-urlencode 'logs=<matches>' --data 'format=text' --user-agent "fail2ban v0.8.12" "https://www.blocklist.de/en/httpreports.html"
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Option: email
+# Notes server email address, as per blocklise.de account
+# Values: STRING Default: None
+#
+#email =
+
+# Option: apikey
+# Notes your user blocklist.de user account apikey
+# Values: STRING Default: None
+#
+#apikey =
+
+# Option: service
+# Notes service name you are reporting on, typically aligns with filter name
+# see http://www.blocklist.de/en/httpreports.html for full list
+# Values: STRING Default: None
+#
+#service =
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Ken Menzel
+# Daniel Black (start/stop)
+# Fabian Wenk (many ideas as per fail2ban users list)
+#
+# Ensure firewall_enable="YES" in the top of /etc/rc.conf
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipfw show | fgrep -q 'table(<table>)' || ( ipfw show | awk 'BEGIN { b = 1 } { if ($1 <= b) { b = $1 + 1 } else { e = b } } END { if (e) exit e <br> else exit b }'; num=$?; ipfw -q add $num <blocktype> <block> from table\(<table>\) to me <port>; echo $num > "<startstatefile>" )
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = [ ! -f <startstatefile> ] || ( read num < "<startstatefile>" <br> ipfw -q delete $num <br> rm "<startstatefile>" )
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# requires an ipfw rule like "deny ip from table(1) to me"
+actionban = ipfw table <table> add <ip>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipfw table <table> delete <ip>
+
+[Init]
+# Option: table
+# Notes: The ipfw table to use. If a ipfw rule using this table already exists,
+# this action will not create a ipfw rule to block it and the following
+# options will have no effect.
+# Values: NUM
+table = 1
+
+# Option: port
+# Notes.: Specifies port to monitor. Blank indicate block all ports.
+# Values: [ NUM | STRING ]
+#
+port =
+
+# Option: startstatefile
+# Notes: A file to indicate that the table rule that was added. Ensure it is unique per table.
+# Values: STRING
+startstatefile = /var/run/fail2ban/ipfw-started-table_<table>
+
+# Option: block
+# Notes: This is how much to block.
+# Can be "ip", "tcp", "udp" or various other options.
+# Values: STRING
+block = ip
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 5 ipfw
+# Common values: deny, unreach port, reset
+# ACTION defination at the top of man ipfw for allowed values.
+# Values: STRING
+#
+blocktype = unreach port
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>, Daniel Black
+# Sends a complaint e-mail to addresses listed in the whois record for an
+# offending IP address.
+# This uses the https://abusix.com/contactdb.html to lookup abuse contacts.
+#
+# DEPENDANCIES:
+# This requires the dig command from bind-utils
+#
+# You should provide the <logpath> in the jail config - lines from the log
+# matching the given IP address will be provided in the complaint as evidence.
+#
+# WARNING
+# -------
+#
+# Please do not use this action unless you are certain that fail2ban
+# does not result in "false positives" for your deployment. False
+# positive reports could serve a mis-favor to the original cause by
+# flooding corresponding contact addresses, and complicating the work
+# of administration personnel responsible for handling (verified) legit
+# complains.
+#
+# Please consider using e.g. sendmail-whois-lines.conf action which
+# would send the reports with relevant information to you, so the
+# report could be first reviewed and then forwarded to a corresponding
+# contact if legit.
+#
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = oifs=${IFS}; IFS=.;SEP_IP=( <ip> ); set -- ${SEP_IP}; ADDRESSES=$(dig +short -t txt -q $4.$3.$2.$1.abuse-contacts.abusix.org); IFS=${oifs}
+ IP=<ip>
+ if [ ! -z "$ADDRESSES" ]; then
+ (printf %%b "<message>\n"; date '+Note: Local timezone is %%z (%%Z)'; grep -E '(^|[^0-9])<ip>([^0-9]|$)' <logpath>) | <mailcmd> "Abuse from <ip>" <mailargs> ${ADDRESSES//,/\" \"}
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+message = Dear Sir/Madam,\n\nWe have detected abuse from the IP address $IP, which according to a abusix.com is on your network. We would appreciate if you would investigate and take action as appropriate.\n\nLog lines are given below, but please ask if you require any further information.\n\n(If you are not the correct person to contact about this please accept our apologies - your e-mail address was extracted from the whois record by an automated process.)\n\n This mail was generated by Fail2Ban.\nThe recipient address of this report was provided by the Abuse Contact DB by abusix.com. abusix.com does not maintain the content of the database. All information which we pass out, derives from the RIR databases and is processed for ease of use. If you want to change or report non working abuse contacts please contact the appropriate RIR. If you have any further question, contact abusix.com directly via email (info@abusix.com). Information about the Abuse Contact Database can be found here: https://abusix.com/global-reporting/abuse-contact-db\nabusix.com is neither responsible nor liable for the content or accuracy of this message.\n
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
+
+# Option: mailcmd
+# Notes.: Your system mail command. Is passed 2 args: subject and recipient
+# Values: CMD
+#
+mailcmd = mail -s
+
+# Option: mailargs
+# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
+# CC reports to another address:
+# -c me@example.com
+# Appear to come from a different address - the '--' indicates
+# arguments to be passed to Sendmail:
+# -- -f me@example.com
+# Values: [ STRING ]
+#
+mailargs =
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>
+# Submits attack reports to DShield (http://www.dshield.org/)
+#
+# You MUST configure at least:
+# <port> (the port that's being attacked - use number not name).
+#
+# You SHOULD also provide:
+# <myip> (your public IP address, if it's not the address of eth0)
+# <userid> (your DShield userID, if you have one - recommended, but reports will
+# be used anonymously if not)
+# <protocol> (the protocol in use - defaults to tcp)
+#
+# Best practice is to provide <port> and <protocol> in jail.conf like this:
+# action = dshield[port=1234,protocol=tcp]
+#
+# ...and create "dshield.local" with contents something like this:
+# [Init]
+# myip = 10.0.0.1
+# userid = 12345
+#
+# Other useful configuration values are <mailargs> (you can use for specifying
+# a different sender address for the report e-mails, which should match what is
+# configured at DShield), and <lines>/<minreportinterval>/<maxbufferage> (to
+# configure how often the buffer is flushed).
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile>.buffer ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ `date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'` Fail2Ban" <mailargs> <dest>
+ date +%%s > <tmpfile>.lastsent
+ fi
+ rm -f <tmpfile>.buffer <tmpfile>.first
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# See http://www.dshield.org/specs.html for more on report format/notes
+#
+# Note: We are currently using <time> for the timestamp because no tag is
+# available to indicate the timestamp of the log message(s) which triggered the
+# ban. Therefore the timestamps we are using in the report, whilst often only a
+# few seconds out, are incorrect. See
+# http://sourceforge.net/tracker/index.php?func=detail&aid=2017795&group_id=121032&atid=689047
+#
+actionban = TZONE=`date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'`
+ DATETIME="`perl -e '@t=localtime(<time>);printf "%%4d-%%02d-%%02d %%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'` $TZONE"
+ PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
+ if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
+ printf %%b "$DATETIME\t<userid>\t<failures>\t<ip>\t<srcport>\t<myip>\t<port>\t$PROTOCOL\t<tcpflags>\n" >> <tmpfile>.buffer
+ NOW=`date +%%s`
+ if [ ! -f <tmpfile>.first ]; then
+ echo <time> | cut -d. -f1 > <tmpfile>.first
+ fi
+ if [ ! -f <tmpfile>.lastsent ]; then
+ echo 0 > <tmpfile>.lastsent
+ fi
+ LOGAGE=$(($NOW - `cat <tmpfile>.first`))
+ LASTREPORT=$(($NOW - `cat <tmpfile>.lastsent`))
+ LINES=$( wc -l <tmpfile>.buffer | awk '{ print $1 }' )
+ if [ $LINES -ge <lines> && $LASTREPORT -gt <minreportinterval> ] || [ $LOGAGE -gt <maxbufferage> ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ $TZONE Fail2Ban" <mailargs> <dest>
+ rm -f <tmpfile>.buffer <tmpfile>.first
+ echo $NOW > <tmpfile>.lastsent
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = if [ -f <tmpfile>.first ]; then
+ NOW=`date +%%s`
+ LOGAGE=$(($NOW - `cat <tmpfile>.first`))
+ if [ $LOGAGE -gt <maxbufferage> ]; then
+ cat <tmpfile>.buffer | <mailcmd> "FORMAT DSHIELD USERID <userid> TZ `date +%%z | sed 's/\([+-]..\)\(..\)/\1:\2/'` Fail2Ban" <mailargs> <dest>
+ rm -f <tmpfile>.buffer <tmpfile>.first
+ echo $NOW > <tmpfile>.lastsent
+ fi
+ fi
+
+
+[Init]
+# Option: port
+# Notes.: The target port for the attack (numerical). MUST be provided in the
+# jail config, as it cannot be detected here.
+# Values: [ NUM ]
+#
+port = ???
+
+# Option: userid
+# Notes.: Your DShield user ID. Should be provided either in the jail config or
+# in a .local file.
+# Register at https://secure.dshield.org/register.html
+# Values: [ NUM ]
+#
+userid = 0
+
+# Option: myip
+# Notes.: The target IP for the attack (your public IP). Should be provided
+# either in the jail config or in a .local file unless your PUBLIC IP
+# is the first IP assigned to eth0
+# Values: [ an IP address ] Default: Tries to find the IP address of eth0,
+# which in most cases will be a private IP, and therefore incorrect
+#
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+
+# Option: protocol
+# Notes.: The protocol over which the attack is happening
+# Values: [ tcp | udp | icmp | (any other protocol name from /etc/protocols) | NUM ] Default: tcp
+#
+protocol = tcp
+
+# Option: lines
+# Notes.: How many lines to buffer before making a report. Regardless of this,
+# reports are sent a minimum of <minreportinterval> apart, or if the
+# buffer contains an event over <maxbufferage> old, or on shutdown
+# Values: [ NUM ]
+#
+lines = 50
+
+# Option: minreportinterval
+# Notes.: Minimum period (in seconds) that must elapse before we submit another
+# batch of reports. DShield request a minimum of 1 hour (3600 secs)
+# between reports.
+# Values: [ NUM ]
+#
+minreportinterval = 3600
+
+# Option: maxbufferage
+# Notes.: Maximum age (in seconds) of the oldest report in the buffer before we
+# submit the batch, even if we haven't reached <lines> yet. Note that
+# this is only checked on each ban/unban, and that we always send
+# anything in the buffer on shutdown. Must be greater than
+# Values: [ NUM ]
+#
+maxbufferage = 21600
+
+# Option: srcport
+# Notes.: The source port of the attack. You're unlikely to have this info, so
+# you can leave the default
+# Values: [ NUM ]
+#
+srcport = ???
+
+# Option: tcpflags
+# Notes.: TCP flags on attack. You're unlikely to have this info, so you can
+# leave empty
+# Values: [ STRING ]
+#
+tcpflags =
+
+# Option: mailcmd
+# Notes.: Your system mail command. Is passed 2 args: subject and recipient
+# Values: CMD
+#
+mailcmd = mail -s
+
+# Option: mailargs
+# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
+# CC reports to another address:
+# -c me@example.com
+# Appear to come from a different address (the From address must match
+# the one configured at DShield - the '--' indicates arguments to be
+# passed to Sendmail):
+# -- -f me@example.com
+# Values: [ STRING ]
+#
+mailargs =
+
+# Option: dest
+# Notes.: Destination e-mail address for reports
+# Values: [ STRING ]
+#
+dest = reports@dshield.org
+
+# Option: tmpfile
+# Notes.: Base name of temporary files used for buffering
+# Values: [ STRING ]
+#
+tmpfile = /var/run/fail2ban/tmp-dshield
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = touch /var/run/fail2ban/fail2ban.dummy
+ printf %%b "<init>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = rm -f /var/run/fail2ban/fail2ban.dummy
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "+<ip>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = printf %%b "-<ip>\n" >> /var/run/fail2ban/fail2ban.dummy
+
+[Init]
+
+init = 123
+
--- /dev/null
+# Fail2Ban action file for firewall-cmd/ipset
+#
+# This requires:
+# ipset (package: ipset)
+# firewall-cmd (package: firewalld)
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ]
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: [ STRING ]
+#
+chain = INPUT_direct
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
+
+
+# DEV NOTES:
+#
+# Author: Edgar Hoch and Daniel Black
+# firewallcmd-new / iptables-ipset-proto6 combined for maximium goodness
--- /dev/null
+# Fail2Ban configuration file
+#
+# Because of the --remove-rules in stop this action requires firewalld-0.3.8+
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+actionstart = firewall-cmd --direct --add-chain ipv4 filter fail2ban-<name>
+ firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 1000 -j RETURN
+ firewall-cmd --direct --add-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+
+actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+ firewall-cmd --direct --remove-rules ipv4 filter fail2ban-<name>
+ firewall-cmd --direct --remove-chain ipv4 filter fail2ban-<name>
+
+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '^fail2ban-<name>$'
+
+actionban = firewall-cmd --direct --add-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+
+actionunban = firewall-cmd --direct --remove-rule ipv4 filter fail2ban-<name> 0 -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ]
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: [ STRING ]
+#
+chain = INPUT_direct
+
+# DEV NOTES:
+#
+# Author: Edgar Hoch
+# Copied from iptables-new.conf and modified for use with firewalld by Edgar Hoch.
+# It uses "firewall-cmd" instead of "iptables".
+#
+# Output:
+#
+# $ firewall-cmd --direct --add-chain ipv4 filter fail2ban-name
+# success
+# $ firewall-cmd --direct --add-rule ipv4 filter fail2ban-name 1000 -j RETURN
+# success
+# $ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -m state --state NEW -p tcp --dport 22 -j fail2ban-name
+# success
+# $ firewall-cmd --direct --get-chains ipv4 filter
+# fail2ban-name
+# $ firewall-cmd --direct --get-chains ipv4 filter | od -h
+# 0000000 6166 6c69 6232 6e61 6e2d 6d61 0a65
+# $ firewall-cmd --direct --get-chains ipv4 filter | grep -Eq 'fail2ban-name( |$)' ; echo $?
+# 0
+# $ firewall-cmd -V
+# 0.3.8
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Edited for cross platform by: James Stout, Yaroslav Halchenko and Daniel Black
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = IP=<ip> &&
+ printf %%b "<daemon_list>: $IP\n" >> <file>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = echo "/^<daemon_list>: <ip>$/<br>d<br>w<br>q" | ed <file>
+
+[Init]
+
+# Option: file
+# Notes.: hosts.deny file path.
+# Values: STR Default: /etc/hosts.deny
+#
+file = /etc/hosts.deny
+
+# Option: daemon_list
+# Notes: The list of services that this action will deny. See the man page
+# for hosts.deny/hosts_access. Default is all services.
+# Values: STR Default: ALL
+daemon_list = ALL
--- /dev/null
+# Fail2Ban configuration file
+#
+# NetBSD ipfilter (ipf command) ban/unban
+#
+# Author: Ed Ravin <eravin@panix.com>
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# enable IPF if not already enabled
+actionstart = /sbin/ipf -E
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+# don't disable IPF with "/sbin/ipf -D", there may be other filters in use
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = echo block <blocktype> in quick from <ip>/32 | /sbin/ipf -f -
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+# note -r option used to remove matching rule
+actionunban = echo block <blocktype> in quick from <ip>/32 | /sbin/ipf -r -f -
+
+[Init]
+
+# Option: Blocktype
+# Notes : This is the return-icmp[return-code] mentioned in the ipf man page section 5. Keep this quoted to prevent
+# Shell expansion. This should be blank (unquoted) to drop the packet.
+# Values: STRING
+blocktype = "return-icmp(port-unr)"
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipfw add <blocktype> tcp from <ip> to <localhost> <port>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipfw delete `ipfw list | grep -i "[^0-9]<ip>[^0-9]" | awk '{print $1;}'`
+
+[Init]
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: localhost
+# Notes.: the local IP address of the network interface
+# Values: IP
+#
+localhost = 127.0.0.1
+
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 5 ipfw
+# Common values: deny, unreach port, reset
+# Values: STRING
+#
+blocktype = unreach port
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified: Yaroslav O. Halchenko <debian@onerussian.com>
+# made active on all ports from original iptables.conf
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is a included configuration file and includes the defination for the blocktype
+# used in all iptables based actions by default.
+#
+# The user can override the default in iptables-blocktype.local
+
+[INCLUDES]
+
+after = iptables-blocktype.local
+
+[Init]
+
+# Option: blocktype
+# Note: This is what the action does with rules. This can be any jump target
+# as per the iptables man page (section 8). Common values are DROP
+# REJECT, REJECT --reject-with icmp-port-unreachable
+# Values: STRING
+blocktype = REJECT --reject-with icmp-port-unreachable
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 4 (ipset v4.2). If you have a later version
+# of ipset try to use the iptables-ipset-proto6.conf as it does some things
+# nicer.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules. Debian squeeze can do this with:
+# apt-get install xtables-addons-source
+# module-assistant auto-install xtables-addons
+#
+# Debian wheezy and above uses protocol 6
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset --create fail2ban-<name> iphash
+ iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset --flush fail2ban-<name>
+ ipset --destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset --test fail2ban-<name> <ip> || ipset --add fail2ban-<name> <ip>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset --test fail2ban-<name> <ip> && ipset --del fail2ban-<name> <ip>
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default: ssh
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version. Version 4 should use
+# iptables-ipset-proto4.conf.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules which probably won't be protocol version 6.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ iptables -I INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Daniel Black
+#
+# This is for ipset protocol 6 (and hopefully later) (ipset v6.14).
+# Use ipset -V to see the protocol and version. Version 4 should use
+# iptables-ipset-proto4.conf.
+#
+# This requires the program ipset which is normally in package called ipset.
+#
+# IPset was a feature introduced in the linux kernel 2.6.39 and 3.0.0 kernels.
+#
+# If you are running on an older kernel you make need to patch in external
+# modules.
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = ipset create fail2ban-<name> hash:ip timeout <bantime>
+ iptables -I INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D INPUT -p <protocol> -m multiport --dports <port> -m set --match-set fail2ban-<name> src -j <blocktype>
+ ipset flush fail2ban-<name>
+ ipset destroy fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = ipset add fail2ban-<name> <ip> timeout <bantime> -exist
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = ipset del fail2ban-<name> <ip> -exist
+
+[Init]
+
+# Default name of the ipset
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default: ssh
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: bantime
+# Notes: specifies the bantime in seconds (handled internally rather than by fail2ban)
+# Values: [ NUM ] Default: 600
+
+bantime = 600
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Guido Bozzetto
+# Modified: Cyril Jaquier
+#
+# make "fail2ban-<name>" chain to match drop IP
+# make "fail2ban-<name>-log" chain to log and drop
+# insert a jump to fail2ban-<name> from -I <chain> if proto/port match
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> 1 -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -N fail2ban-<name>-log
+ iptables -I fail2ban-<name>-log -j LOG --log-prefix "$(expr fail2ban-<name> : '\(.\{1,23\}\)'):DROP " --log-level warning -m limit --limit 6/m --limit-burst 2
+ iptables -A fail2ban-<name>-log -j <blocktype>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -F fail2ban-<name>-log
+ iptables -X fail2ban-<name>
+ iptables -X fail2ban-<name>-log
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L fail2ban-<name>-log >/dev/null
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j fail2ban-<name>-log
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j fail2ban-<name>-log
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified by Yaroslav Halchenko for multiport banning
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Copied from iptables.conf and modified by Yaroslav Halchenko
+# to fulfill the needs of bugreporter dbts#350746.
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -m state --state NEW -p <protocol> --dport <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# Changing iptables rules requires root privileges. If fail2ban is
+# configured to run as root, firewall setup can be performed by
+# fail2ban automatically. However, if fail2ban is configured to run as
+# a normal user, the configuration must be done by some other means
+# (e.g. using static firewall configuration with the
+# iptables-persistent package).
+#
+# Explanation of the rule below:
+# Check if any packets coming from an IP on the fail2ban-<name>
+# list have been seen in the last 3600 seconds. If yes, update the
+# timestamp for this IP and drop the packet. If not, let the packet
+# through.
+#
+# Fail2ban inserts blacklisted hosts into the fail2ban-<name> list
+# and removes them from the list after some time, according to its
+# own rules. The 3600 second timeout is independent and acts as a
+# safeguard in case the fail2ban process dies unexpectedly. The
+# shorter of the two timeouts actually matters.
+actionstart = if [ `id -u` -eq 0 ];then iptables -I INPUT -m recent --update --seconds 3600 --name fail2ban-<name> -j <blocktype>;fi
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = echo / > /proc/net/xt_recent/fail2ban-<name>
+ if [ `id -u` -eq 0 ];then iptables -D INPUT -m recent --update --seconds 3600 --name fail2ban-<name> -j <blocktype>;fi
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = test -e /proc/net/xt_recent/fail2ban-<name>
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = echo +<ip> > /proc/net/xt_recent/fail2ban-<name>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = echo -<ip> > /proc/net/xt_recent/fail2ban-<name>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = iptables-blocktype.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = iptables -N fail2ban-<name>
+ iptables -A fail2ban-<name> -j RETURN
+ iptables -I <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = iptables -D <chain> -p <protocol> --dport <port> -j fail2ban-<name>
+ iptables -F fail2ban-<name>
+ iptables -X fail2ban-<name>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck = iptables -n -L <chain> | grep -q 'fail2ban-<name>[ \t]'
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = iptables -I fail2ban-<name> 1 -s <ip> -j <blocktype>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = iptables -D fail2ban-<name> -s <ip> -j <blocktype>
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Option: port
+# Notes.: specifies port to monitor
+# Values: [ NUM | STRING ] Default:
+#
+port = ssh
+
+# Option: protocol
+# Notes.: internally used by config reader for interpolations.
+# Values: [ tcp | udp | icmp | all ] Default: tcp
+#
+protocol = tcp
+
+# Option: chain
+# Notes specifies the iptables chain to which the fail2ban rules should be
+# added
+# Values: STRING Default: INPUT
+chain = INPUT
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Output will be buffered until <lines> lines are available.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile> ]; then
+ printf %%b "Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from `uname -n`" <dest>
+ rm <tmpfile>
+ fi
+ printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
+ LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
+ if [ $LINE -ge <lines> ]; then
+ printf %%b "Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ \nRegards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
+ rm <tmpfile>
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Default number of lines that are buffered
+#
+lines = 5
+
+# Default temporary file
+#
+tmpfile = /var/run/fail2ban/tmp-mail.txt
+
+# Destination/Addressee of the mail
+#
+dest = root
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Modified-By: Yaroslav Halchenko to include grepping on IP over log files
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `whois <ip> || echo missing whois program`\n\n
+ Lines containing IP:<ip> in <logpath>\n
+ `grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destinataire of the mail
+#
+dest = root
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `whois <ip> || echo missing whois program`\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destination/Addressee of the mail
+#
+dest = root
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: started on `uname -n`" <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on `uname -n`" <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n
+ Regards,\n
+ Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from `uname -n`" <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Destination/Addressee of the mail
+#
+dest = root
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Russell Odom <russ@gloomytrousers.co.uk>
+# Submits attack reports to myNetWatchman (http://www.mynetwatchman.com/)
+#
+# You MUST configure at least:
+# <port> (the port that's being attacked - use number not name).
+# <mnwlogin> (your mNW login).
+# <mnwpass> (your mNW password).
+#
+# You SHOULD also provide:
+# <myip> (your public IP address, if it's not the address of eth0)
+# <protocol> (the protocol in use - defaults to tcp)
+#
+# Best practice is to provide <port> and <protocol> in jail.conf like this:
+# action = mynetwatchman[port=1234,protocol=udp]
+#
+# ...and create "mynetwatchman.local" with contents something like this:
+# [Init]
+# mnwlogin = me@example.com
+# mnwpass = SECRET
+# myip = 10.0.0.1
+#
+# Another useful configuration value is <getcmd>, if you don't have wget
+# installed (an example config for curl is given below)
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+#
+# Note: We are currently using <time> for the timestamp because no tag is
+# available to indicate the timestamp of the log message(s) which triggered the
+# ban. Therefore the timestamps we are using in the report, whilst often only a
+# few seconds out, are incorrect. See
+# http://sourceforge.net/tracker/index.php?func=detail&aid=2017795&group_id=121032&atid=689047
+#
+actionban = MNWLOGIN=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwlogin>'`
+ MNWPASS=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",ord($1)))/eg;print $s' '<mnwpass>'`
+ PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
+ if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
+ DATETIME=`perl -e '@t=gmtime(<time>);printf "%%4d-%%02d-%%02d+%%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'`
+ <getcmd> "<mnwurl>?AT=2&AV=0&AgentEmail=$MNWLOGIN&AgentPassword=$MNWPASS&AttackerIP=<ip>&SrcPort=<srcport>&ProtocolID=$PROTOCOL&DestPort=<port>&AttackCount=<failures>&VictimIP=<myip>&AttackDateTime=$DATETIME" 2>&1 >> <tmpfile>.out && grep -q 'Attack Report Insert Successful' <tmpfile>.out && rm -f <tmpfile>.out
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+# Option: port
+# Notes.: The target port for the attack (numerical). MUST be provided in
+# the jail config, as it cannot be detected here.
+# Values: [ NUM ] Default: ???
+#
+port = 0
+
+# Option: mnwlogin
+# Notes.: Your mNW login e-mail address. MUST be provided either in the jail
+# config or in a .local file.
+# Register at http://www.mynetwatchman.com/reg.asp
+# Values: [ STRING ] Default: (empty)
+#
+mnwlogin =
+
+# Option: mnwpass
+# Notes.: The password corresponding to your mNW login e-mail address. MUST be
+# provided either in the jail config or in a .local file.
+# Values: [ STRING ] Default: (empty)
+#
+mnwpass =
+
+# Option: myip
+# Notes.: The target IP for the attack (your public IP). Should be overridden
+# either in the jail config or in a .local file unless your PUBLIC IP
+# is the first IP assigned to eth0
+# Values: [ an IP address ] Default: Tries to find the IP address of eth0,
+# which in most cases will be a private IP, and therefore incorrect
+#
+myip = `ip -4 addr show dev eth0 | grep inet | head -n 1 | sed -r 's/.*inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/\1/'`
+
+# Option: protocol
+# Notes.: The protocol over which the attack is happening
+# Values: [ tcp | udp | icmp | (any other protocol name from /etc/protocols) | NUM ] Default: tcp
+#
+protocol = tcp
+
+# Option: getcmd
+# Notes.: A command to fetch a URL. Should output page to STDOUT
+# Values: CMD Default: wget
+#
+getcmd = wget --no-verbose --tries=3 --waitretry=10 --connect-timeout=10 --read-timeout=60 --retry-connrefused --output-document=- --user-agent=Fail2Ban
+# Alternative value:
+# getcmd = curl --silent --show-error --retry 3 --connect-timeout 10 --max-time 60 --user-agent Fail2Ban
+
+# Option: srcport
+# Notes.: The source port of the attack. You're unlikely to have this info, so
+# you can leave the default
+# Values: [ NUM ] Default: 0
+#
+srcport = 0
+
+# Option: mnwurl
+# Notes.: The report service URL on the mNW site
+# Values: STRING Default: http://mynetwatchman.com/insertwebreport.asp
+#
+mnwurl = http://mynetwatchman.com/insertwebreport.asp
+
+# Option: tmpfile
+# Notes.: Base name of temporary files
+# Values: [ STRING ] Default: /var/run/fail2ban/tmp-mynetwatchman
+#
+tmpfile = /var/run/fail2ban/tmp-mynetwatchman
--- /dev/null
+# Fail2Ban configuration file for using afctl on Mac OS X Server 10.5
+#
+# Anonymous author
+# http://www.fail2ban.org/wiki/index.php?title=HOWTO_Mac_OS_X_Server_(10.5)&diff=prev&oldid=4081
+#
+# Ref: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/afctl.8.html
+
+[Definition]
+actionstart =
+actionstop =
+actioncheck =
+actionban = /usr/libexec/afctl -a <ip> -t <bantime>
+actionunban = /usr/libexec/afctl -r <ip>
+
+[Init]
+bantime = 2880
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Nick Munger
+# Modified by: Andy Fragen and Daniel Black
+#
+# Mod for OS X, using random rulenum as OSX ipfw doesn't include tables
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# Values: CMD
+#
+actionban = ipfw add <rulenum> set <setnum> <blocktype> log <block> from <ip> to <dst> <port>
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# Values: CMD
+#
+actionunban = ipfw delete `ipfw -S list | grep -i 'set <setnum> <blocktype> log <block> from <ip> to <dst>' | awk '{print $1;}'`
+
+[Init]
+
+# Option: port
+# Notes.: specifies port to block. Can be blank however may require block="ip"
+# Values: [ NUM | STRING ]
+#
+port = ssh
+
+# Option: dst
+# Notes.: the local IP address of the network interface
+# Values: IP, any, me or anything support by ipfw as a dst
+#
+dst = me
+
+# Option: block
+# Notes: This is how much to block.
+# Can be "ip", "tcp", "udp" or various other options.
+# Values: STRING
+block = tcp
+
+# Option: blocktype
+# Notes.: How to block the traffic. Use a action from man 8 ipfw
+# Common values: deny, unreach port, reset
+# Values: STRING
+#
+blocktype = unreach port
+
+# Option: set number
+# Notes.: The ipset number this is added to.
+# Values: 0-31
+setnum = 10
+
+# Option: number for ipfw rule
+# Notes: This is meant to be automatically generated and not overwritten
+# Values: Random value between 10000 and 12000
+rulenum="`echo $((RANDOM%%2000+10000))`"
+
+# Duplicate prevention mechanism
+#rulenum = "`a=$((RANDOM%%2000+10000)); while ipfw show | grep -q ^$a\ ; do a=$((RANDOM%%2000+10000)); done; echo $a`"
--- /dev/null
+# Fail2Ban configuration file
+#
+# OpenBSD pf ban/unban
+#
+# Author: Nick Hilliard <nick@foobar.org>
+#
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+# we don't enable PF automatically, as it will be enabled elsewhere
+actionstart =
+
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+# we don't disable PF automatically either
+actionstop =
+
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# <failures> number of failures
+# <time> unix timestamp of the ban time
+# Values: CMD
+#
+actionban = /sbin/pfctl -t <tablename> -T add <ip>/32
+
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: <ip> IP address
+# <failures> number of failures
+# <time> unix timestamp of the ban time
+# Values: CMD
+#
+# note -r option used to remove matching rule
+actionunban = /sbin/pfctl -t <tablename> -T delete <ip>/32
+
+[Init]
+# Option: tablename
+# Notes.: The pf table name.
+# Values: [ STRING ]
+#
+tablename = fail2ban
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Michael Gebetsroither
+#
+# This is for blocking whole hosts through blackhole routes.
+#
+# PRO:
+# - Works on all kernel versions and as no compatibility problems (back to debian lenny and WAY further).
+# - It's FAST for very large numbers of blocked ips.
+# - It's FAST because it Blocks traffic before it enters common iptables chains used for filtering.
+# - It's per host, ideal as action against ssh password bruteforcing to block further attack attempts.
+# - No additional software required beside iproute/iproute2
+#
+# CON:
+# - Blocking is per IP and NOT per service, but ideal as action against ssh password bruteforcing hosts
+
+[Definition]
+actionban = ip route add <blocktype> <ip>
+actionunban = ip route del <blocktype> <ip>
+
+[Init]
+
+# Option: blocktype
+# Note: Type can be blackhole, unreachable and prohibit. Unreachable and prohibit correspond to the ICMP reject messages.
+# Values: STRING
+blocktype = unreachable
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Output will be buffered until <lines> lines are available.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = if [ -f <tmpfile> ]; then
+ printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+ rm <tmpfile>
+ fi
+ printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ From: Fail2Ban <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
+ LINE=$( wc -l <tmpfile> | awk '{ print $1 }' )
+ if [ $LINE -ge <lines> ]; then
+ printf %%b "Subject: [Fail2Ban] <name>: summary from `uname -n`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ These hosts have been banned by Fail2Ban.\n
+ `cat <tmpfile>`
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+ rm <tmpfile>
+ fi
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Default number of lines that are buffered
+#
+lines = 5
+
+# Default temporary file
+#
+tmpfile = /var/run/fail2ban/tmp-mail.txt
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Common settings for sendmail actions
+#
+# Users can override the defaults in sendmail-common.local
+
+[INCLUDES]
+
+after = sendmail-common.local
+
+[Init]
+
+# Recipient mail address
+#
+dest = root
+
+# Sender mail address
+#
+sender = fail2ban
+
+# Sender display name
+#
+sendername = Fail2Ban
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `/usr/bin/whois <ip> || echo missing whois program`\n\n
+ Lines containing IP:<ip> in <logpath>\n
+ `grep '[^0-9]<ip>[^0-9]' <logpath>`\n\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
+# Path to the log files which contain relevant lines for the abuser IP
+#
+logpath = /dev/null
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n\n
+ Here is more information about <ip>:\n
+ `/usr/bin/whois <ip> || echo missing whois program`\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+
+[INCLUDES]
+
+before = sendmail-common.conf
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart = printf %%b "Subject: [Fail2Ban] <name>: started on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been started successfully.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop = printf %%b "Subject: [Fail2Ban] <name>: stopped on `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The jail <name> has been stopped.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = printf %%b "Subject: [Fail2Ban] <name>: banned <ip> from `uname -n`
+ Date: `LC_TIME=C date -u +"%%a, %%d %%h %%Y %%T +0000"`
+ From: <sendername> <<sender>>
+ To: <dest>\n
+ Hi,\n
+ The IP <ip> has just been banned by Fail2Ban after
+ <failures> attempts against <name>.\n
+ Regards,\n
+ Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban =
+
+[Init]
+
+# Default name of the chain
+#
+name = default
+
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+#
+# The default Shorewall configuration is with "BLACKLISTNEWONLY=Yes" (see
+# file /etc/shorewall/shorewall.conf). This means that when Fail2ban adds a
+# new shorewall rule to ban an IP address, that rule will affect only new
+# connections. So if the attempter goes on trying using the same connection
+# he could even log in. In order to get the same behavior of the iptable
+# action (so that the ban is immediate) the /etc/shorewall/shorewall.conf
+# file should me modified with "BLACKLISTNEWONLY=No".
+#
+
+[Definition]
+
+# Option: actionstart
+# Notes.: command executed once at the start of Fail2Ban.
+# Values: CMD
+#
+actionstart =
+
+# Option: actionstop
+# Notes.: command executed once at the end of Fail2Ban
+# Values: CMD
+#
+actionstop =
+
+# Option: actioncheck
+# Notes.: command executed once before each actionban command
+# Values: CMD
+#
+actioncheck =
+
+# Option: actionban
+# Notes.: command executed when banning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionban = shorewall <blocktype> <ip>
+
+# Option: actionunban
+# Notes.: command executed when unbanning an IP. Take care that the
+# command is executed with Fail2Ban user rights.
+# Tags: See jail.conf(5) man page
+# Values: CMD
+#
+actionunban = shorewall allow <ip>
+
+[Init]
+
+# Option: blocktype
+# Note: This is what the action does with rules.
+# See man page of shorewall for options that include drop, logdrop, reject, or logreject
+# Values: STRING
+blocktype = reject
--- /dev/null
+# Fail2Ban action configuration file for ufw
+#
+# You are required to run "ufw enable" before this will have an effect.
+#
+# The insert position should be approprate to block the required traffic.
+# A number after an allow rule to the application won't be much use.
+
+[Definition]
+
+actionstart =
+
+actionstop =
+
+actioncheck =
+
+actionban = [ -n "<application>" ] && app="app <application>" ; ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
+
+actionunban = [ -n "<application>" ] && app="app <application>" ; ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: insertpos
+# Notes.: The postition number in the firewall list to insert the block rule
+insertpos = 1
+
+# Option: blocktype
+# Notes.: reject or deny
+blocktype = reject
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application =
+
+# DEV NOTES:
+#
+# Author: Guilhem Lettron
+# Enhancements: Daniel Black
--- /dev/null
+# Fail2Ban main configuration file
+#
+# Comments: use '#' for comment lines and ';' (following a space) for inline comments
+#
+# Changes: in most of the cases you should not modify this
+# file, but provide customizations in fail2ban.local file, e.g.:
+#
+# [Definition]
+# loglevel = 4
+#
+
+[Definition]
+
+# Option: loglevel
+# Notes.: Set the log level output.
+# 1 = ERROR
+# 2 = WARN
+# 3 = INFO
+# 4 = DEBUG
+# Values: [ NUM ] Default: 1
+#
+loglevel = 3
+
+# Option: logtarget
+# Notes.: Set the log target. This could be a file, SYSLOG, STDERR or STDOUT.
+# Only one log target can be specified.
+# If you change logtarget from the default value and you are
+# using logrotate -- also adjust or disable rotation in the
+# corresponding configuration file
+# (e.g. /etc/logrotate.d/fail2ban on Debian systems)
+# Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR
+#
+logtarget = SYSLOG
+
+# Option: socket
+# Notes.: Set the socket file. This is used to communicate with the daemon. Do
+# not remove this file when Fail2ban runs. It will not be possible to
+# communicate with the server afterwards.
+# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.sock
+#
+socket = /var/run/fail2ban/fail2ban.sock
+
+# Option: pidfile
+# Notes.: Set the PID file. This is used to store the process ID of the
+# fail2ban server.
+# Values: [ FILE ] Default: /var/run/fail2ban/fail2ban.pid
+#
+pidfile = /var/run/fail2ban/fail2ban.pid
+
--- /dev/null
+# Fail2Ban filter for 3proxy
+#
+#
+
+[Definition]
+
+
+failregex = ^\s[+-]\d{4} \S+ \d{3}0[1-9] \S+ <HOST>:\d+ [\d.]+:\d+ \d+ \d+ \d+\s
+
+ignoreregex =
+
+# DEV Notes:
+# http://www.3proxy.ru/howtoe.asp#ERRORS indicates that 01-09 are
+# all authentication problems (%E field)
+# Log format is: "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T"
+#
+# Requested by ykimon in https://github.com/fail2ban/fail2ban/issues/246
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban apache-auth filter
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# apache-common.local
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server configuration: (uri )?\S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01617: )?user .*? authentication failure for "\S*": Password Mismatch(, referer: \S+)?$
+ ^%(_apache_error_client)s (AH01618: )?user .*? not found(: )?\S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01614: )?client used wrong authentication scheme: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH\d+: )?Authorization of user \S+ to access \S* failed, reason: .*$
+ ^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*?: password mismatch: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*?' in realm `.+' (not found|denied by provider): \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01631: )?user .*?: authorization failure for "\S*":(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* received - length is not \S+(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - got `.*?' but expected `.+'(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm `.*?' received: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01793: )?invalid qop `.*?' received: \S*(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s (AH01777: )?(Digest: )?invalid nonce .*? received - user attempted time travel(, referer: \S+)?\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# This filter matches the authorization failures of Apache. It takes the log messages
+# from the modules in aaa that return HTTP_UNAUTHORIZED, HTTP_METHOD_NOT_ALLOWED or
+# HTTP_FORBIDDEN and not AUTH_GENERAL_ERROR or HTTP_INTERNAL_SERVER_ERROR.
+#
+# An unauthorized response 401 is the first step for a browser to instigate authentication
+# however apache doesn't log this as an error. Only subsequent errors are logged in the
+# error log.
+#
+# Source:
+#
+# By searching the code in http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/*
+# for ap_log_rerror(APLOG_MARK, APLOG_ERR and examining resulting return code should get
+# all of these expressions. Lots of submodules like mod_authz_* return back to mod_authz_core
+# to return the actual failure.
+#
+# See also: http://wiki.apache.org/httpd/ListOfErrors
+# Expressions that don't have tests and aren't common.
+# more be added with https://issues.apache.org/bugzilla/show_bug.cgi?id=55284
+# ^%(_apache_error_client)s (AH01778: )?user .*: nonce expired \([\d.]+ seconds old - max lifetime [\d.]+\) - sending new nonce\s*$
+# ^%(_apache_error_client)s (AH01779: )?user .*: one-time-nonce mismatch - sending new nonce\s*$
+# ^%(_apache_error_client)s (AH02486: )?realm mismatch - got `.*' but no realm specified\s*$
+#
+# referer is always in error log messages if it exists added as per the log_error_core function in server/log.c
+#
+# Author: Cyril Jaquier
+# Major edits by Daniel Black
--- /dev/null
+# Fail2Ban configuration file
+#
+# Regexp to catch known spambots and software alike. Please verify
+# that it is your intent to block IPs which were driven by
+# above mentioned bots.
+
+
+[Definition]
+
+badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider
+badbots = Atomic_Email_Hunter/4\.0|atSpider/1\.0|autoemailspider|bwh3_user_agent|China Local Browse 2\.6|ContactBot/0\.2|ContentSmartz|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailSpider|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Guestbook Auto Submitter|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 +http\://letscrawl\.com/|Lincoln State Web Browser|LMQueueBot/0\.2|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|MVAClient|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/3\.0 \(compatible; scan4mail \(advanced version\) http\://www\.peterspages\.net/?scan4mail\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|NameOfAgent \(CMS Spider\)|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|ShablastBot 1\.0|snap\.com beta crawler v0|Snapbot/1\.0|Snapbot/1\.0 \(Snap Shots, +http\://www\.snap\.com\)|sogou develop spider|Sogou Orion spider/3\.0\(+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sogou spider|Sogou web spider/3\.0\(+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|VadixBot|WebVulnCrawl\.unknown/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00
+
+failregex = ^<HOST> -.*"(GET|POST).*HTTP.*"(?:%(badbots)s|%(badbotscustom)s)"$
+
+ignoreregex =
+
+# DEV Notes:
+# List of bad bots fetched from http://www.user-agents.org
+# Generated on Thu Nov 7 14:23:35 PST 2013 by files/gen_badbots.
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Generic configuration items (to be used as interpolations) in other
+# apache filters.
+
+[INCLUDES]
+
+# Load customizations if any available
+after = apache-common.local
+
+[DEFAULT]
+
+_apache_error_client = \[[^]]*\] \[(:?error|\S+:\S+)\]( \[pid \d+(:\S+ \d+)?\])? \[client <HOST>(:\d{1,5})?\]
+
+# Common prefix for [error] apache messages which also would include <HOST>
+# Depending on the version it could be
+# 2.2: [Sat Jun 01 11:23:08 2013] [error] [client 1.2.3.4]
+# 2.4: [Thu Jun 27 11:55:44.569531 2013] [core:info] [pid 4101:tid 2992634688] [client 1.2.3.4:46652]
+# 2.4 (perfork): [Mon Dec 23 07:49:01.981912 2013] [:error] [pid 3790] [client 204.232.202.107:46301] script '/var/www/timthumb.php' not found or unable to
+#
+# Reference: https://github.com/fail2ban/fail2ban/issues/268
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban apache-modsec filter
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# apache-common.local
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s ModSecurity: (\[.*?\] )*Access denied with code [45]\d\d.*$
+
+ignoreregex =
+
+# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter to web requests for home directories on Apache servers
+#
+# Regex to match failures to find a home directory on a server, which
+# became popular last days. Most often attacker just uses IP instead of
+# domain name -- so expect to see them in generic error.log if you have
+# per-domain log files.
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s (AH00128: )?File does not exist: .*/~.*
+
+ignoreregex =
+
+# Author: Yaroslav O. Halchenko <debian@onerussian.com>
--- /dev/null
+# Fail2Ban filter to block web requests for scripts (on non scripted websites)
+#
+#
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+failregex = ^%(_apache_error_client)s ((AH001(28|30): )?File does not exist|(AH01264: )?script not found or unable to stat): /\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)(, referer: \S+)?\s*$
+ ^%(_apache_error_client)s script '/\S*(php([45]|[.-]cgi)?|\.asp|\.exe|\.pl)\S*' not found or unable to stat(, referer: \S+)?\s*$
+
+ignoreregex =
+
+
+# DEV Notes:
+#
+# https://wiki.apache.org/httpd/ListOfErrors for apache error IDs
+#
+# Second regex, script '/\S*(\.php|\.asp|\.exe|\.pl)\S*' not found or unable to stat\s*$ is Before http-2.2
+#
+# Author: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter to block web requests on a long or suspicious nature
+#
+
+[INCLUDES]
+
+# overwrite with apache-common.local if _apache_error_client is incorrect.
+before = apache-common.conf
+
+[Definition]
+
+failregex = ^%(_apache_error_client)s ((AH0013[456]: )?Invalid (method|URI) in request .*( - possible attempt to establish SSL connection on non-SSL port)?|(AH00565: )?request failed: URI too long \(longer than \d+\)|request failed: erroneous characters after protocol string: .*|AH00566: request failed: invalid characters in URI)(, referer: \S+)?$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# fgrep -r 'URI too long' httpd-2.*
+# httpd-2.2.25/server/protocol.c: "request failed: URI too long (longer than %d)", r->server->limit_req_line);
+# httpd-2.4.4/server/protocol.c: "request failed: URI too long (longer than %d)",
+#
+# fgrep -r 'in request' ../httpd-2.* | fgrep Invalid
+# httpd-2.2.25/server/core.c: "Invalid URI in request %s", r->the_request);
+# httpd-2.2.25/server/core.c: "Invalid method in request %s", r->the_request);
+# httpd-2.2.25/docs/manual/rewrite/flags.html.fr:avertissements 'Invalid URI in request'.
+# httpd-2.4.4/server/core.c: "Invalid URI in request %s", r->the_request);
+# httpd-2.4.4/server/core.c: "Invalid method in request %s - possible attempt to establish SSL connection on non-SSL port", r->the_request);
+# httpd-2.4.4/server/core.c: "Invalid method in request %s", r->the_request);
+#
+# fgrep -r 'invalid characters in URI' httpd-2.*
+# httpd-2.4.4/server/protocol.c: "request failed: invalid characters in URI");
+#
+# http://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?r1=739382&r2=739620&pathrev=739620
+# ...possible attempt to establish SSL connection on non-SSL port
+#
+# https://wiki.apache.org/httpd/ListOfErrors
+# Author: Tim Connors
--- /dev/null
+# Fail2Ban filter for Anti-Spam SMTP Proxy Server also known as ASSP
+#
+# Honmepage: http://www.magicvillage.de/~Fritz_Borgstedt/assp/0003D91C-8000001C/
+# ProjektSite: http://sourceforge.net/projects/assp/?source=directory
+#
+#
+
+[Definition]
+
+__assp_actions = (?:dropping|refusing)
+
+failregex = ^(:? \[SSL-out\])? <HOST> max sender authentication errors \(\d{,3}\) exceeded -- %(__assp_actions)s connection - after reply: \d{3} \d{1}\.\d{1}.\d{1} Error: authentication failed: \w+;$
+ ^(?: \[SSL-out\])? <HOST> SSL negotiation with client failed: SSL accept attempt failed with unknown error.*:unknown protocol;$
+ ^ Blocking <HOST> - too much AUTH errors \(\d{,3}\);$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Examples: Apr-27-13 02:33:09 Blocking 217.194.197.97 - too much AUTH errors (41);
+# Dec-29-12 17:10:31 [SSL-out] 200.247.87.82 SSL negotiation with client failed: SSL accept attempt failed with unknown errorerror:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol;
+# Dec-30-12 04:01:47 [SSL-out] 81.82.232.66 max sender authentication errors (5) exceeded
+#
+# Author: Enrico Labedzki (enrico.labedzki@deiwos.de)
--- /dev/null
+# Fail2Ban filter for asterisk authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = asterisk
+
+__pid_re = (?:\[\d+\])
+
+# All Asterisk log messages begin like this:
+log_prefix= (?:NOTICE|SECURITY)%(__pid_re)s:?(?:\[C-[\da-f]*\])? \S+:\d*( in \w+:)?
+
+failregex = ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Registration from '[^']*' failed for '<HOST>(:\d+)?' - (Wrong password|Username/auth name mismatch|No matching peer found|Not a local domain|Device does not match ACL|Peer is not supposed to register|ACL error \(permit/deny\)|Not a local domain)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Call from '[^']*' \(<HOST>:\d+\) to extension '\d+' rejected because extension not found in context 'default'\.$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Host <HOST> failed to authenticate as '[^']*'$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s No registration for peer '[^']*' \(from <HOST>\)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Host <HOST> failed MD5 authentication for '[^']*' \([^)]+\)$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s Failed to authenticate (user|device) [^@]+@<HOST>\S*$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s (?:handle_request_subscribe: )?Sending fake auth rejection for (device|user) \d*<sip:[^@]+@<HOST>>;tag=\w+\S*$
+ ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s SecurityEvent="(FailedACL|InvalidAccountID|ChallengeResponseFailed|InvalidPassword)",EventTV="[\d-]+",Severity="[\w]+",Service="[\w]+",EventVersion="\d+",AccountID="\d*",SessionID="0x[\da-f]+",LocalAddress="IPV[46]/(UD|TC)P/[\da-fA-F:.]+/\d+",RemoteAddress="IPV[46]/(UD|TC)P/<HOST>/\d+"(,Challenge="\w+",ReceivedChallenge="\w+")?(,ReceivedHash="[\da-f]+")?(,ACLName="\w+")?$
+ ^(%(__prefix_line)s|\[\]\s*WARNING%(__pid_re)s:?(?:\[C-[\da-f]*\])? )Ext\. s: "Rejecting unknown SIP connection from <HOST>"$
+
+ignoreregex =
+
+
+# Author: Xavier Devlamynck / Daniel Black
+#
+# General log format - main/logger.c:ast_log
+# Address format - ast_sockaddr_stringify
+#
+# First regex: channels/chan_sip.c
+#
+# main/logger.c:ast_log_vsyslog - "in {functionname}:" only occurs in syslog
--- /dev/null
+# Generic configuration items (to be used as interpolations) in other
+# filters or actions configurations
+#
+
+[INCLUDES]
+
+# Load customizations if any available
+after = common.local
+
+
+[DEFAULT]
+
+# Daemon definition is to be specialized (if needed) in .conf file
+_daemon = \S*
+
+#
+# Shortcuts for easier comprehension of the failregex
+#
+# PID.
+# EXAMPLES: [123]
+__pid_re = (?:\[\d+\])
+
+# Daemon name (with optional source_file:line or whatever)
+# EXAMPLES: pam_rhosts_auth, [sshd], pop(pam_unix)
+__daemon_re = [\[\(]?%(_daemon)s(?:\(\S+\))?[\]\)]?:?
+
+# extra daemon info
+# EXAMPLE: [ID 800047 auth.info]
+__daemon_extra_re = (?:\[ID \d+ \S+\])
+
+# Combinations of daemon name and PID
+# EXAMPLES: sshd[31607], pop(pam_unix)[4920]
+__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:?)
+
+# Some messages have a kernel prefix with a timestamp
+# EXAMPLES: kernel: [769570.846956]
+__kernel_prefix = kernel: \[ *\d+\.\d+\]
+
+__hostname = \S+
+
+# A MD5 hex
+# EXAMPLES: 07:06:27:55:b0:e3:0c:3c:5a:28:2d:7c:7e:4c:77:5f
+__md5hex = (?:[\da-f]{2}:){15}[\da-f]{2}
+
+# bsdverbose is where syslogd is started with -v or -vv and results in <4.3> or
+# <auth.info> appearing before the host as per testcases/files/logs/bsd/*.
+__bsd_syslog_verbose = (<[^.]+\.[^.]+>)
+
+# Common line prefixes (beginnings) which could be used in filters
+#
+# [bsdverbose]? [hostname] [vserver tag] daemon_id spaces
+#
+# This can be optional (for instance if we match named native log files)
+__prefix_line = \s*%(__bsd_syslog_verbose)s?\s*(?:%(__hostname)s )?(?:%(__kernel_prefix)s )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s%(__daemon_extra_re)s?\s*
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for courier authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
+
+failregex = ^%(__prefix_line)sLOGIN FAILED, user=.*, ip=\[<HOST>\]$
+
+ignoreregex =
+
+# Author: Christoph Haas
+# Modified by: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter to block relay attempts though a Courier smtp server
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = courieresmtpd
+
+failregex = ^%(__prefix_line)serror,relay=<HOST>,.*: 550 User unknown\.$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
--- /dev/null
+# Fail2Ban filter for authentication failures on Cyrus imap server
+#
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = (?:cyrus/)?(?:imapd?|pop3d?)
+
+failregex = ^%(__prefix_line)sbadlogin: \S+ ?\[<HOST>\] \S+ .*?\[?SASL\(-13\): authentication failure: .*\]?$
+
+ignoreregex =
+
+# Author: Jan Wagner <waja@cyconet.org>
--- /dev/null
+# Fail2Ban filter Dovecot authentication and pop3/imap server
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (auth|dovecot(-auth)?|auth-worker)
+
+failregex = ^%(__prefix_line)s(pam_unix(\(dovecot:auth\))?:)?\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S* rhost=<HOST>(\s+user=\S*)?\s*$
+ ^%(__prefix_line)s(pop3|imap)-login: (Info: )?(Aborted login|Disconnected)(: Inactivity)? \(((auth failed, \d+ attempts)( in \d+ secs)?|tried to use (disabled|disallowed) \S+ auth)\):( user=<\S*>,)?( method=\S+,)? rip=<HOST>(, lip=(\d{1,3}\.){3}\d{1,3})?(, TLS( handshaking(: SSL_accept\(\) failed: error:[\dA-F]+:SSL routines:[TLS\d]+_GET_CLIENT_HELLO:unknown protocol)?)?(: Disconnected)?)?(, session=<\S+>)?\s*$
+ ^%(__prefix_line)s(Info|dovecot: auth\(default\)): pam\(\S+,<HOST>\): pam_authenticate\(\) failed: (User not known to the underlying authentication module: \d+ Time\(s\)|Authentication failure \(password mismatch\?\))\s*$
+
+ignoreregex =
+
+# DEV Notes:
+# * the first regex is essentially a copy of pam-generic.conf
+# * Probably doesn't do dovecot sql/ldap backends properly
+# * Removed the 'no auth attempts' log lines from the matches because produces
+# lots of false positives on misconfigured MTAs making regexp unuseable
+#
+# Author: Martin Waschbuesch
+# Daniel Black (rewrote with begin and end anchors)
--- /dev/null
+[Definition]
+failregex = Authentication failure.* rip=<HOST>
+ Aborted login \(no auth attempts in .* rip=<HOST>
+ Aborted login \(auth failed.* rip=<HOST>
+ Aborted login \(tried to use disallowed .* rip=<HOST>
+ Aborted login \(tried to use disabled .* rip=<HOST>
+
+ignoreregex =
--- /dev/null
+# Fail2Ban filter for dropbear
+#
+# NOTE: The regex below is ONLY intended to work with a patched
+# version of Dropbear as described here:
+# http://www.unchartedbackwaters.co.uk/pyblosxom/static/patches
+# ^%(__prefix_line)sexit before auth from <HOST>.*\s*$
+#
+# The standard Dropbear output doesn't provide enough information to
+# ban all types of attack. The Dropbear patch adds IP address
+# information to the 'exit before auth' message which is always
+# produced for any form of non-successful login. It is that message
+# which this file matches.
+#
+# More information: http://bugs.debian.org/546913
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = dropbear
+
+failregex = ^%(__prefix_line)s[Ll]ogin attempt for nonexistent user ('.*' )?from <HOST>:\d+$
+ ^%(__prefix_line)s[Bb]ad (PAM )?password attempt for .+ from <HOST>(:\d+)?$
+ ^%(__prefix_line)s[Ee]xit before auth \(user '.+', \d+ fails\): Max auth tries reached - user '.+' from <HOST>:\d+\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# The first two regexs here match the unmodified dropbear messages. It isn't
+# possible to match the source of the 'exit before auth' messages from dropbear
+# as they don't include the "from <HOST>" bit.
+#
+# The second last failregex line we need to match with the modified dropbear.
+#
+# For the second regex the following apply:
+#
+# http://www.netmite.com/android/mydroid/external/dropbear/svr-authpam.c
+# http://svn.dd-wrt.com/changeset/16642#file64
+#
+# http://svn.dd-wrt.com/changeset/16642/src/router/dropbear/svr-authpasswd.c
+#
+# Author: Francis Russell
+# Zak B. Elep
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Steven Hiscocks
+#
+#
+
+[Definition]
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+# host must be matched by a group named "host". The tag "<HOST>" can
+# be used for standard IP/hostname matching and is only an alias for
+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
+# Multiline regexs should use tag "<SKIPLINES>" to separate lines.
+# This allows lines between the matching lines to continue to be
+# searched for other failures. This tag can be used multiple times.
+# Values: TEXT
+#
+failregex = ^(?:\.\d+)? \[info\] <0\.\d+\.\d>@ejabberd_c2s:wait_for_feature_request:\d+ \([^\)]+\) Failed authentication for \S+ from IP <HOST>$
--- /dev/null
+# Fail2Ban filter file for common exim expressions
+#
+# This is to be used by other exim filters
+
+[INCLUDES]
+
+# Load customizations if any available
+after = exim-common.local
+
+[Definition]
+
+host_info = H=([\w.-]+ )?(\(\S+\) )?\[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?(U=\S+ )?(P=e?smtp )?
+pid = ( \[\d+\])?
+
+# DEV Notes:
+# From exim source code: ./src/receive.c:add_host_info_for_log
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for exim the spam rejection messages
+#
+## For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used.
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# exim-common.local
+before = exim-common.conf
+
+[Definition]
+
+failregex = ^%(pid)s \S+ F=(<>|\S+@\S+) %(host_info)srejected by local_scan\(\): .{0,256}$
+ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: .*dnsbl.*\s*$
+ ^%(pid)s \S+ %(host_info)sF=(<>|[^@]+@\S+) rejected after DATA: This message contains a virus \(\S+\)\.\s*$
+ ^%(pid)s \S+ SA: Action: silently tossed message: score=\d+\.\d+ required=\d+\.\d+ trigger=\d+\.\d+ \(scanned in \d+/\d+ secs \| Message-Id: \S+\)\. From \S+ \(host=(\S+ )?\[<HOST>\]\) for \S+$
+
+ignoreregex =
+
+# DEV Notes:
+# The %(host_info) defination contains a <HOST> match
+#
+# Author: Cyril Jaquier
+# Daniel Black (rewrote with strong regexs)
--- /dev/null
+# Fail2Ban filter for exim
+#
+# This includes the rejection messages of exim. For spam and filter
+# related bans use the exim-spam.conf
+#
+
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# exim-common.local
+before = exim-common.conf
+
+[Definition]
+
+failregex = ^%(pid)s %(host_info)ssender verify fail for <\S+>: (?:Unknown user|Unrouteable address|all relevant MX records point to non-existent hosts)\s*$
+ ^%(pid)s \w+ authenticator failed for (\S+ )?\(\S+\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))?\s*$
+ ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: (relay not permitted|Sender verify failed|Unknown user)\s*$
+ ^%(pid)s SMTP protocol synchronization error \([^)]*\): rejected (connection from|"\S+") %(host_info)s(next )?input=".*"\s*$
+ ^%(pid)s SMTP call from \S+ \[<HOST>\](:\d+)? (I=\[\S+\]:\d+ )?dropped: too many nonmail commands \(last was "\S+"\)\s*$
+
+ignoreregex =
+
+# DEV Notes:
+# The %(host_info) defination contains a <HOST> match
+#
+# SMTP protocol synchronization error \([^)]*\) <- This needs to be non-greedy
+# to void capture beyond ")" to avoid a DoS Injection vulnerabilty as input= is
+# user injectable data.
+#
+# Author: Cyril Jaquier
+# Daniel Black (rewrote with strong regexs)
--- /dev/null
+# Fail2Ban configuration file
+#
+# Enable "log-auth-failures" on each Sofia profile to monitor
+# <param name="log-auth-failures" value="true"/>
+# -- this requires a high enough loglevel on your logs to save these messages.
+#
+# In the fail2ban jail.local file for this filter set ignoreip to the internal
+# IP addresses on your LAN.
+#
+
+[Definition]
+
+failregex = ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ SIP auth (failure|challenge) \((REGISTER|INVITE)\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>$
+ ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ Can't find user \[\d+@\d+\.\d+\.\d+\.\d+\] from <HOST>$
+
+ignoreregex =
+
+# Author: Rupa SChomaker, soapee01, Daniel Black
+# http://wiki.freeswitch.org/wiki/Fail2ban
+# Thanks to Jim on mailing list of samples and guidance
+#
+# No need to match the following. Its a duplicate of the SIP auth regex.
+# ^\.\d+ \[DEBUG\] sofia\.c:\d+ IP <HOST> Rejected by acl "\S+"\. Falling back to Digest auth\.$
--- /dev/null
+# Fail2Ban filter for Group-Office
+#
+# Enable logging with:
+# $config['info_log']='/home/groupoffice/log/info.log';
+#
+
+[Definition]
+
+failregex = ^\[\]LOGIN FAILED for user: "\S+" from IP: <HOST>$
+
+
+
+# Author: Daniel Black
+
--- /dev/null
+# Fail2Ban filter file for gssftp
+#
+# Note: gssftp is part of the krb5-appl-servers in Fedora
+#
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = ftpd
+
+failregex = ^%(__prefix_line)srepeated login failures from <HOST> \(\S+\)$
+
+ignoreregex =
+
+# Author: Kevin Zembower
+# Edited: Daniel Black - syslog based daemon
--- /dev/null
+# fail2ban filter configuration for horde
+
+
+[Definition]
+
+
+failregex = ^ HORDE \[error\] \[(horde|imp)\] FAILED LOGIN for \S+ \[<HOST>\](\(forwarded for \[\S+\]\))? to (Horde|{[^}]+}) \[(pid \d+ )?on line \d+ of \S+\]$
+
+
+ignoreregex =
+
+# DEV NOTES:
+# https://github.com/horde/horde/blob/master/imp/lib/Auth.php#L132
+# https://github.com/horde/horde/blob/master/horde/login.php
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter to match wrong passwords as notified by lighttpd's auth Module
+#
+
+[Definition]
+
+failregex = ^: \(http_auth\.c\.\d+\) (password doesn\'t match .* username: .*|digest: auth failed for .*: wrong password|get_password failed), IP: <HOST>\s*$
+
+ignoreregex =
+
+# Author: Francois Boulogne <fboulogne@april.org>
--- /dev/null
+# Fail2Ban filter for unsuccesfull MySQL authentication attempts
+#
+#
+# To log wrong MySQL access attempts add to /etc/my.cnf in [mysqld]:
+# log-error=/var/log/mysqld.log
+# log-warning = 2
+#
+# If using mysql syslog [mysql_safe] has syslog in /etc/my.cnf
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = mysqld
+
+failregex = ^%(__prefix_line)s(\d{6} \s?\d{1,2}:\d{2}:\d{2} )?\[Warning\] Access denied for user '\w+'@'<HOST>' (to database '[^']*'|\(using password: (YES|NO)\))*\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Technically __prefix_line can equate to an empty string hence it can support
+# syslog and non-syslog at once.
+# Example:
+# 130322 11:26:54 [Warning] Access denied for user 'root'@'127.0.0.1' (using password: YES)
+#
+# Authors: Artur Penttinen
+# Yaroslav O. Halchenko
--- /dev/null
+# Fail2Ban filter for Nagios Remote Plugin Executor (nrpe2)
+# Detecting unauthorized access to the nrpe2 daemon
+# typically logged in /var/log/messages syslog
+#
+
+[INCLUDES]
+# Read syslog common prefixes
+before = common.conf
+
+[Definition]
+_daemon = nrpe
+failregex = ^%(__prefix_line)sHost <HOST> is not allowed to talk to us!\s*$
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Ivo Truxa - 2014/02/03
--- /dev/null
+# Fail2Ban filter file for named (bind9).
+#
+
+# This filter blocks attacks against named (bind9) however it requires special
+# configuration on bind.
+#
+# By default, logging is off with bind9 installation.
+#
+# You will need something like this in your named.conf to provide proper logging.
+#
+# logging {
+# channel security_file {
+# file "/var/log/named/security.log" versions 3 size 30m;
+# severity dynamic;
+# print-time yes;
+# };
+# category security {
+# security_file;
+# };
+# };
+
+[Definition]
+
+# Daemon name
+_daemon=named
+
+# Shortcuts for easier comprehension of the failregex
+
+__pid_re=(?:\[\d+\])
+__daemon_re=\(?%(_daemon)s(?:\(\S+\))?\)?:?
+__daemon_combs_re=(?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:)
+
+# hostname daemon_id spaces
+# this can be optional (for instance if we match named native log files)
+__line_prefix=(?:\s\S+ %(__daemon_combs_re)s\s+)?
+
+failregex = ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: (view (internal|external): )?query(?: \(cache\))? '.*' denied\s*$
+ ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: zone transfer '\S+/AXFR/\w+' denied\s*$
+ ^%(__line_prefix)s(\.\d+)?( error:)?\s*client <HOST>#\S+( \([\S.]+\))?: bad zone transfer request: '\S+/IN': non-authoritative zone \(NOTAUTH\)\s*$
+
+# DEV Notes:
+# Trying to generalize the
+# structure which is general to capture general patterns in log
+# lines to cover different configurations/distributions
+#
+# (\.\d+)? is a really ugly catch of the microseconds not captured in the date detector
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# fail2ban filter configuration for nginx
+
+
+[Definition]
+
+
+failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
+
+ignoreregex =
+
+# DEV NOTES:
+# Based on samples in https://github.com/fail2ban/fail2ban/pull/43/files
+# Extensive search of all nginx auth failures not done yet.
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban configuration file
+#
+# Author: Bas van den Dikkenberg
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = nsd
+
+# Option: failregex
+# Notes.: regex to match the password failures messages in the logfile. The
+# host must be matched by a group named "host". The tag "<HOST>" can
+# be used for standard IP/hostname matching and is only an alias for
+# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
+# Values: TEXT
+
+failregex = ^\[\]%(__prefix_line)sinfo: ratelimit block .* query <HOST> TYPE255$
+ ^\[\]%(__prefix_line)sinfo: .* <HOST> refused, no acl matches\.$
--- /dev/null
+# Fail2Ban filter for Openwebmail
+# banning hosts with authentication errors in /var/log/openwebmail.log
+# OpenWebMail http://openwebmail.org
+#
+
+[Definition]
+
+failregex = ^ - \[\d+\] \(<HOST>\) (?P<USER>\S+) - login error - (no such user - loginname=(?P=USER)|auth_unix.pl, ret -4, Password incorrect)$
+ ^ - \[\d+\] \(<HOST>\) (?P<USER>\S+) - userinfo error - auth_unix.pl, ret -4, User (?P=USER) doesn't exist$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Ivo Truxa (c) 2013 truXoft.com
--- /dev/null
+# Fail2Ban configuration file for generic PAM authentication errors
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+# if you want to catch only login errors from specific daemons, use something like
+#_ttys_re=(?:ssh|pure-ftpd|ftp)
+#
+# Default: catch all failed logins
+_ttys_re=\S*
+
+__pam_re=\(?pam_unix(?:\(\S+\))?\)?:?
+_daemon = \S+
+
+failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# for linux-pam before 0.99.2.0 (late 2005) (removed before 0.8.11 release)
+# _daemon = \S*\(?pam_unix\)?
+# failregex = ^%(__prefix_line)sauthentication failure; logname=\S* uid=\S* euid=\S* tty=%(_ttys_re)s ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+#
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for perdition
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon=perdition.\S+
+
+failregex = ^%(__prefix_line)sAuth: <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+ client-secure=\S+ authorisation_id=NONE authentication_id=".+" server="\S+" protocol=\S+ server-secure=\S+ status="failed: (local authentication failure|Re-Authentication Failure)"$
+ ^%(__prefix_line)sFatal Error reading authentication information from client <HOST>:\d+->(\d{1,3}\.){3}\d{1,3}:\d+: Exiting child$
+
+ignoreregex =
+
+# Author: Christophe Carles and Daniel Black
--- /dev/null
+# Fail2Ban filter for URLs with a URL as a script parameters
+# which can be an indication of a fopen url php injection
+#
+# Example of web requests in Apache access log:
+# 66.185.212.172 - - [26/Mar/2009:08:44:20 -0500] "GET /index.php?n=http://eatmyfood.hostinginfive.com/pizza.htm? HTTP/1.1" 200 114 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
+
+[Definition]
+
+failregex = ^<HOST> -.*"(GET|POST).*\?.*\=http\:\/\/.* HTTP\/.*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Version 2
+# fixes the failregex so REFERERS that contain =http:// don't get blocked
+# (mentioned by "fasuto" (no real email provided... blog comment) in this entry:
+# http://blogs.buanzo.com.ar/2009/04/fail2ban-filter-for-php-injection-attacks.html#comment-1489
+#
+# Author: Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
--- /dev/null
+# Fail2Ban filter for postfix authentication failures
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = postfix/smtpd
+
+failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for selected Postfix SMTP rejections
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = postfix/smtpd
+
+failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
+ ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
+ ^%(__prefix_line)sNOQUEUE: reject: VRFY from \S+\[<HOST>\]: 550 5\.1\.1 .*$
+ ^%(__prefix_line)simproper command pipelining after \S+ from [^[]*\[<HOST>\]:?$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
--- /dev/null
+[Definition]
+failregex = \[<HOST>\]: SASL (PLAIN|LOGIN) authentication failed
+ lost connection after (AUTH|UNKNOWN|EHLO) from (.*)\[<HOST>\]
+ reject: RCPT from (.*)\[<HOST>\]: 550 5.1.1
+ reject: RCPT from (.*)\[<HOST>\]: 450 4.7.1
+ reject: RCPT from (.*)\[<HOST>\]: 554 5.7.1
+ reject: RCPT from (.*)\[<HOST>\]: 504 5.5.2 (.*) Helo command rejected: need fully-qualified hostname
+ reject: RCPT from (.*)\[<HOST>\]:\d+: 550
+ warning: Illegal address syntax from (.*)\[<HOST>\] in RCPT command
+ignoreregex =
--- /dev/null
+# Fail2Ban fitler for the Proftpd FTP daemon
+#
+# Set "UseReverseDNS off" in proftpd.conf to avoid the need for DNS.
+# See: http://www.proftpd.org/docs/howto/DNS.html
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = proftpd
+
+__suffix_failed_login = (User not authorized for login|No such user found|Incorrect password|Password expired|Account disabled|Invalid shell: '\S+'|User in \S+|Limit (access|configuration) denies login|Not a UserAlias|maximum login length exceeded).?
+
+failregex = ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ USER .*: no such user found from \S+ \[\S+\] to \S+:\S+ *$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ USER .* \(Login failed\): %(__suffix_failed_login)s\s*$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: .* login attempted\. *$
+ ^%(__prefix_line)s%(__hostname)s \(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded *$
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
+# Daniel Black - hardening of regex
--- /dev/null
+# Fail2Ban filter for pureftp
+#
+# Disable hostname based logging by:
+#
+# Start pure-ftpd with the -H switch or on Ubuntu 'echo yes > /etc/pure-ftpd/conf/DontResolve'
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = pure-ftpd
+
+# Error message specified in multiple languages
+__errmsg = (?:�ϥΪ�\[.*\]���ҥ���|ʹ����\[.*\]��֤ʧ��|\[.*\] kullan�c�s� i�in giri� hatal�|����������� �� ������� ������������ \[.*\]|Godkjennelse mislyktes for \[.*\]|Beh�righetskontroll misslyckas f�r anv�ndare \[.*\]|Autentifikacia uzivatela zlyhala \[.*\]|Autentificare esuata pentru utilizatorul \[.*\]|Autentica��o falhou para usu�rio \[.*\]|Autentyfikacja nie powiod�a si� dla u�ytkownika \[.*\]|Autorisatie faalde voor gebruiker \[.*\]|\[.*\] ��� ���� ����|Autenticazione falita per l'utente \[.*\]|Azonos�t�s sikertelen \[.*\] felhaszn�l�nak|\[.*\] c'est un batard, il connait pas son code|Erreur d'authentification pour l'utilisateur \[.*\]|Autentificaci�n fallida para el usuario \[.*\]|Authentication failed for user \[.*\]|Authentifizierung fehlgeschlagen f�r Benutzer \[.*\].|Godkendelse mislykkedes for \[.*\]|Autentifikace u�ivatele selhala \[.*\])
+
+failregex = ^%(__prefix_line)s\(.+?@<HOST>\) \[WARNING\] %(__errmsg)s\s*$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
+# Modified: Yaroslav Halchenko for pure-ftpd
+# Documentation thanks to Blake on http://www.fail2ban.org/wiki/index.php?title=Fail2ban:Community_Portal
+#
+# Only logs to syslog though facility can be changed configuration file/command line
+#
+# fgrep -r MSG_AUTH_FAILED_LOG pure-ftpd-1.0.36/src
--- /dev/null
+# Fail2Ban filters for qmail RBL patches/fake proxies
+#
+# the default djb RBL implementation doesn't log any rejections
+# so is useless with this filter.
+#
+# One patch is here:
+#
+# http://www.tjsi.com/rblsmtpd/faq/ patch to rblsmtpd
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:qmail|rblsmtpd)
+
+failregex = ^%(__prefix_line)s\d+\.\d+ rblsmtpd: <HOST> pid \d+ \S+ 4\d\d \S+\s*$
+ ^%(__prefix_line)s\d+\.\d+ qmail-smtpd: 4\d\d badiprbl: ip <HOST> rbl: \S+\s*$
+ ^%(__prefix_line)s\S+ blocked <HOST> \S+ -\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# These seem to be for two or 3 different patches to qmail or rblsmtpd
+# so you'll probably only ever see one of these regex's that match.
+#
+# ref: https://github.com/fail2ban/fail2ban/pull/386
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for repeat bans
+#
+# This filter monitors the fail2ban log file, and enables you to add long
+# time bans for ip addresses that get banned by fail2ban multiple times.
+#
+# Reasons to use this: block very persistent attackers for a longer time,
+# stop receiving email notifications about the same attacker over and
+# over again.
+#
+# This jail is only useful if you set the 'findtime' and 'bantime' parameters
+# in jail.conf to a higher value than the other jails. Also, this jail has its
+# drawbacks, namely in that it works only with iptables, or if you use a
+# different blocking mechanism for this jail versus others (e.g. hostsdeny
+# for most jails, and shorewall for this one).
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = fail2ban\.actions
+
+# The name of the jail that this filter is used for. In jail.conf, name the
+# jail using this filter 'recidive', or change this line!
+_jailname = recidive
+
+failregex = ^(%(__prefix_line)s|,\d{3} fail2ban.actions%(__pid_re)s?:\s+)WARNING\s+\[(?!%(_jailname)s\])(?:.*)\]\s+Ban\s+<HOST>\s*$
+
+# Author: Tom Hendrikx, modifications by Amir Caspi
--- /dev/null
+# Fail2Ban configuration file for roundcube web server
+#
+#
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex = ^\s*(\[(\s[+-][0-9]{4})?\])?(%(__hostname)s roundcube: IMAP Error)?: (FAILED login|Login failed) for .*? from <HOST>(\. .* in .*?/rcube_imap\.php on line \d+ \(\S+ \S+\))?$
+
+ignoreregex =
+# DEV Notes:
+#
+# Source: https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap.php#L180
+#
+# Part after <HOST> comes straight from IMAP server up until the " in ....."
+# Earlier versions didn't log the IMAP response hence optional.
+#
+# DoS resistance:
+#
+# Assume that the user can inject "from <HOST>" into the imap response
+# somehow. Write test cases around this to ensure that the combination of
+# arbitrary user input and IMAP response doesn't inject the wrong IP for
+# fail2ban
+#
+# Author: Teodor Micu & Yaroslav Halchenko & terence namusonge & Daniel Black
--- /dev/null
+[Definition]
+failregex = roundcube: (.*) Error: Login failed for (.*) from <HOST>\.
+ignoreregex =
--- /dev/null
+# Fail2Ban configuration file for generic SELinux audit messages
+#
+# This file is not intended to be used directly, and should be included into a
+# filter file which would define following variables. See selinux-ssh.conf as
+# and example.
+#
+# _type
+# _uid
+# _auid
+# _subj
+# _msg
+#
+# Also one of these variables must include <HOST>.
+
+[Definition]
+
+failregex = ^type=%(_type)s msg=audit\(:\d+\): (user )?pid=\d+ uid=%(_uid)s auid=%(_auid)s ses=\d+ subj=%(_subj)s msg='%(_msg)s'$
+
+ignoreregex =
+
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban configuration file for SELinux ssh authentication errors
+#
+
+[INCLUDES]
+
+after = selinux-common.conf
+
+[Definition]
+
+_type = USER_(ERR|AUTH)
+_uid = 0
+_auid = \d+
+_subj = (?:unconfined_u|system_u):system_r:sshd_t:s0-s0:c0\.c1023
+
+_exe =/usr/sbin/sshd
+_terminal = ssh
+
+_msg = op=\S+ acct=(?P<_quote_acct>"?)\S+(?P=_quote_acct) exe="%(_exe)s" hostname=(\?|(\d+\.){3}\d+) addr=<HOST> terminal=%(_terminal)s res=failed
+
+# DEV Notes:
+#
+# Note: USER_LOGIN is ignored as this is the duplicate messsage
+# ssh logs after 3 USER_AUTH failures.
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for sendmail authentication failures
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:sm-(mta|acceptingconnections))
+
+failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Daniel Black
--- /dev/null
+# Fail2Ban filter for sendmail spam/relay type failures
+#
+# Some of the below failregex will only work properly, when the following
+# options are set in the .mc file (see your Sendmail documentation on how
+# to modify it and generate the corresponding .cf file):
+#
+# FEATURE(`delay_checks')
+# FEATURE(`greet_pause', `500')
+# FEATURE(`ratecontrol', `nodelay', `terminate')
+# FEATURE(`conncontrol', `nodelay', `terminate')
+#
+# ratecontrol and conncontrol also need corresponding options ClientRate:
+# and ClientConn: in the access file, see documentation for ratecontrol and
+# conncontrol in the sendmail/cf/README file.
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:sm-(mta|acceptingconnections))
+
+failregex = ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=(?P<email><\S+@\S+>), relay=(\S+ )?\[<HOST>\]( \(may be forged\))?, reject=(550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.|IP name lookup failed \[(\d+\.){3}\d+\])|553 5\.1\.8 (?P=email)\.\.\. Domain of sender address \S+ does not exist|550 5\.[71]\.1 (?P=email)\.\.\. (Rejected: .*|User unknown))$
+ ^%(__prefix_line)sruleset=check_relay, arg1=(?P<dom>\S+), arg2=<HOST>, relay=((?P=dom) )?\[(\d+\.){3}\d+\]( \(may be forged\))?, reject=421 4\.3\.2 (Connection rate limit exceeded\.|Too many open connections\.)$
+ ^%(__prefix_line)s\w{14}: rejecting commands from (\S+ )?\[<HOST>\] due to pre-greeting traffic after \d+ seconds$
+ ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]: ((?i)expn|vrfy) \S+ \[rejected\]$
+
+
+ignoreregex =
+
+# DEV Notes:
+#
+# Author: Daniel Black and Fabian Wenk
--- /dev/null
+# Fail2Ban filter for sieve authentication failures
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_deamon = (?:cyrus/)?(?:tim)?sieved?
+
+failregex = ^%(__prefix_line)sbadlogin: \S+ ?\[<HOST>\] \S+ authentication failure$
+
+ignoreregex =
+
+# Author: Jan Wagner <waja@cyconet.org>
--- /dev/null
+# Fail2ban filter for SOGo authentcation
+#
+# Log file usually in /var/log/sogo/sogo.log
+
+[Definition]
+
+failregex = ^ sogod \[\d+\]: SOGoRootPage Login from '<HOST>' for user '.*' might not have worked( - password policy: \d* grace: -?\d* expire: -?\d* bound: -?\d*)?\s*$
+
+ignoreregex =
+
+#
+# DEV Notes:
+#
+# The error log may contain multiple hosts, whereas the first one
+# is the client and all others are poxys. We match the first one, only
+#
+# Author: Arnd Brandes
--- /dev/null
+# Fail2Ban filter for unsuccesful solid-pop3 authentication attempts
+#
+# Doesn't currently provide PAM support as PAM log messages don't include rhost as
+# remote IP.
+#
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = solid-pop3d
+
+failregex = ^%(__prefix_line)sauthentication failed: (no such user|can't map user name): .*? - <HOST>$
+ ^%(__prefix_line)s(APOP )?authentication failed for (mapped )?user .*? - <HOST>$
+ ^%(__prefix_line)sroot login not allowed - <HOST>$
+ ^%(__prefix_line)scan't find APOP secret for user .*? - <HOST>$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# solid-pop3d needs to be compiled with --enable-logextend to support
+# IP addresses in log messages.
+#
+# solid-pop3d-0.15/src/main.c contains all authentication errors
+# except for PAM authentication messages ( src/authenticate.c )
+#
+# A pam authentication failure message (note no IP for rhost).
+# Nov 17 23:17:50 emf1pt2-2-35-70 solid-pop3d[17176]: pam_unix(solid-pop3d:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=jacques
+#
+# Authors: Daniel Black
--- /dev/null
+# Fail2Ban filter for Squid attempted proxy bypasses
+#
+#
+
+[Definition]
+
+failregex = ^\s+\d\s<HOST>\s+[A-Z_]+_DENIED/403 .*$
+ ^\s+\d\s<HOST>\s+NONE/405 .*$
+
+
+
+# Author: Daniel Black
+
--- /dev/null
+# Fail2Ban ssh filter for at attempted exploit
+#
+# The regex here also relates to a exploit:
+#
+# http://www.securityfocus.com/bid/17958/exploit
+# The example code here shows the pushing of the exploit straight after
+# reading the server version. This is where the client version string normally
+# pushed. As such the server will read this unparsible information as
+# "Did not receive identification string".
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = sshd
+
+failregex = ^%(__prefix_line)sDid not receive identification string from <HOST>\s*$
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for openssh
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = sshd
+
+failregex = ^%(__prefix_line)s(?:error: PAM: )?[aA]uthentication (?:failure|error) for .* from <HOST>( via \S+)?\s*$
+ ^%(__prefix_line)s(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\s*$
+ ^%(__prefix_line)sFailed \S+ for .*? from <HOST>(?: port \d*)?(?: ssh\d*)?(: (ruser .*|(\S+ ID \S+ \(serial \d+\) CA )?\S+ %(__md5hex)s(, client user ".*", client host ".*")?))?\s*$
+ ^%(__prefix_line)sROOT LOGIN REFUSED.* FROM <HOST>\s*$
+ ^%(__prefix_line)s[iI](?:llegal|nvalid) user .* from <HOST>\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because not listed in AllowUsers\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because listed in DenyUsers\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because not in any group\s*$
+ ^%(__prefix_line)srefused connect from \S+ \(<HOST>\)\s*$
+ ^%(__prefix_line)sReceived disconnect from <HOST>: 3: \S+: Auth fail$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because a group is listed in DenyGroups\s*$
+ ^%(__prefix_line)sUser .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# "Failed \S+ for .*? from <HOST>..." failregex uses non-greedy catch-all because
+# it is coming before use of <HOST> which is not hard-anchored at the end as well,
+# and later catch-all's could contain user-provided input, which need to be greedily
+# matched away first.
+#
+# Author: Cyril Jaquier, Yaroslav Halchenko, Petr Voralek, Daniel Black
--- /dev/null
+# Fail2Ban filter for suhosian PHP hardening
+#
+# This occurs with lighttpd or directly from the plugin
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+
+[Definition]
+
+_daemon = (?:lighttpd|suhosin)
+
+
+_lighttpd_prefix = (?:\(mod_fastcgi\.c\.\d+\) FastCGI-stderr:\s)
+
+failregex = ^%(__prefix_line)s%(_lighttpd_prefix)s?ALERT - .* \(attacker '<HOST>', file '.*'(?:, line \d+)?\)$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# https://github.com/stefanesser/suhosin/blob/1fba865ab73cc98a3109f88d85eb82c1bfc29b37/log.c#L161
+#
+# Author: Arturo 'Buanzo' Busleiman <buanzo@buanzo.com.ar>
--- /dev/null
+# Fail2Ban filter for uwimap
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = (?:ipop3d|imapd)
+
+failregex = ^%(__prefix_line)sLogin (?:failed|excessive login failures|disabled|SYSTEM BREAK-IN ATTEMPT) user=\S* auth=\S* host=.*\[<HOST>\]\s*$
+ ^%(__prefix_line)sFailed .* override of user=.* host=.*\[<HOST>\]\s*$
+
+ignoreregex =
+
+# Author: Amir Caspi
--- /dev/null
+# Fail2Ban filter for vsftp
+#
+# Configure VSFTP for "dual_log_enable=YES", and have fail2ban watch
+# /var/log/vsftpd.log instead of /var/log/secure. vsftpd.log file shows the
+# incoming ip address rather than domain names.
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+__pam_re=\(?pam_unix(?:\(\S+\))?\)?:?
+_daemon = vsftpd
+
+failregex = ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+ ^ \[pid \d+\] \[.+\] FAIL LOGIN: Client "<HOST>"\s*$
+
+ignoreregex =
+
+# Author: Cyril Jaquier
+# Documentation from fail2ban wiki
--- /dev/null
+# Fail2Ban filter for webmin
+#
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+_daemon = webmin
+
+failregex = ^%(__prefix_line)sNon-existent login as .+ from <HOST>\s*$
+ ^%(__prefix_line)sInvalid login as .+ from <HOST>\s*$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# pattern : webmin[15673]: Non-existent login as toto from 86.0.6.217
+# webmin[29544]: Invalid login as root from 86.0.6.217
+#
+# Rule Author: Delvit Guillaume
--- /dev/null
+# Fail2Ban configuration file for wuftpd
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = wu-ftpd
+__pam_re=\(?pam_unix(?:\(wu-ftpd:auth\))?\)?:?
+
+failregex = ^%(__prefix_line)sfailed login from \S+ \[<HOST>\]\s*$
+ ^%(__prefix_line)s%(__pam_re)s\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=(ftp)? ruser=\S* rhost=<HOST>(?:\s+user=.*)?\s*$
+
+
+ignoreregex =
+
+# Author: Yaroslav Halchenko
--- /dev/null
+# Fail2Ban filter for xinetd failures
+#
+# Cfr.: /var/log/(daemon\.|sys)log
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+_daemon = xinetd
+
+failregex = ^%(__prefix_line)sFAIL: \S+ address from=<HOST>$
+ ^%(__prefix_line)sFAIL: \S+ libwrap from=<HOST>$
+
+ignoreregex =
+
+# DEV Notes:
+#
+# libwrap => tcp wrappers: hosts.(allow|deny)
+# address => xinetd: deny_from|only_from
+#
+# Author: Guido Bozzetto
--- /dev/null
+# Fail2Ban configuration file.
+#
+# This file was composed for Debian systems from the original one
+# provided now under /usr/share/doc/fail2ban/examples/jail.conf
+# for additional examples.
+#
+# Comments: use '#' for comment lines and ';' for inline comments
+#
+# To avoid merges during upgrades DO NOT MODIFY THIS FILE
+# and rather provide your changes in /etc/fail2ban/jail.local
+#
+
+# The DEFAULT allows a global definition of the options. They can be overridden
+# in each jail afterwards.
+
+[DEFAULT]
+
+# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
+# ban a host which matches an address in this list. Several addresses can be
+# defined using space separator.
+ignoreip = 127.0.0.1/8
+
+# External command that will take an tagged arguments to ignore, e.g. <ip>,
+# and return true if the IP is to be ignored. False otherwise.
+#
+# ignorecommand = /path/to/command <ip>
+ignorecommand =
+
+# "bantime" is the number of seconds that a host is banned.
+bantime = 600
+
+# A host is banned if it has generated "maxretry" during the last "findtime"
+# seconds.
+findtime = 600
+maxretry = 3
+
+# "backend" specifies the backend used to get files modification.
+# Available options are "pyinotify", "gamin", "polling" and "auto".
+# This option can be overridden in each jail as well.
+#
+# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
+# If pyinotify is not installed, Fail2ban will use auto.
+# gamin: requires Gamin (a file alteration monitor) to be installed.
+# If Gamin is not installed, Fail2ban will use auto.
+# polling: uses a polling algorithm which does not require external libraries.
+# auto: will try to use the following backends, in order:
+# pyinotify, gamin, polling.
+backend = auto
+
+# "usedns" specifies if jails should trust hostnames in logs,
+# warn when reverse DNS lookups are performed, or ignore all hostnames in logs
+#
+# yes: if a hostname is encountered, a reverse DNS lookup will be performed.
+# warn: if a hostname is encountered, a reverse DNS lookup will be performed,
+# but it will be logged as a warning.
+# no: if a hostname is encountered, will not be used for banning,
+# but it will be logged as info.
+usedns = warn
+
+#
+# Destination email address used solely for the interpolations in
+# jail.{conf,local} configuration files.
+destemail = root@localhost
+
+#
+# Name of the sender for mta actions
+sendername = Fail2Ban
+
+# Email address of the sender
+sender = fail2ban@localhost
+
+#
+# ACTIONS
+#
+
+# Default banning action (e.g. iptables, iptables-new,
+# iptables-multiport, shorewall, etc) It is used to define
+# action_* variables. Can be overridden globally or per
+# section within jail.local file
+banaction = iptables-multiport
+
+# email action. Since 0.8.1 upstream fail2ban uses sendmail
+# MTA for the mailing. Change mta configuration parameter to mail
+# if you want to revert to conventional 'mail'.
+mta = sendmail
+
+# Default protocol
+protocol = tcp
+
+# Specify chain where jumps would need to be added in iptables-* actions
+chain = INPUT
+
+#
+# Action shortcuts. To be used to define action parameter
+
+# The simplest action to take: ban only
+action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+
+# ban & send an e-mail with whois report to the destemail.
+action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+ %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sendername="%(sendername)s"]
+
+# ban & send an e-mail with whois report and relevant log lines
+# to the destemail.
+action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+ %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
+
+# Choose default action. To change, just override value of 'action' with the
+# interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local
+# globally (section [DEFAULT]) or per specific section
+action = %(action_)s
+
+#
+# JAILS
+#
+
+# Next jails corresponds to the standard configuration in Fail2ban 0.6 which
+# was shipped in Debian. Enable any defined here jail by including
+#
+# [SECTION_NAME]
+# enabled = true
+
+#
+# in /etc/fail2ban/jail.local.
+#
+# Optionally you may override any other parameter (e.g. banaction,
+# action, port, logpath, etc) in that section within jail.local
+
+[ssh]
+
+enabled = false
+port = ssh
+filter = sshd
+logpath = /var/log/auth.log
+maxretry = 6
+
+[dropbear]
+
+enabled = false
+port = ssh
+filter = dropbear
+logpath = /var/log/auth.log
+maxretry = 6
+
+# Generic filter for pam. Has to be used with action which bans all ports
+# such as iptables-allports, shorewall
+[pam-generic]
+
+enabled = false
+# pam-generic filter can be customized to monitor specific subset of 'tty's
+filter = pam-generic
+# port actually must be irrelevant but lets leave it all for some possible uses
+port = all
+banaction = iptables-allports
+port = anyport
+logpath = /var/log/auth.log
+maxretry = 6
+
+[xinetd-fail]
+
+enabled = false
+filter = xinetd-fail
+port = all
+banaction = iptables-multiport-log
+logpath = /var/log/daemon.log
+maxretry = 2
+
+
+[ssh-ddos]
+
+enabled = false
+port = ssh
+filter = sshd-ddos
+logpath = /var/log/auth.log
+maxretry = 6
+
+
+# Here we use blackhole routes for not requiring any additional kernel support
+# to store large volumes of banned IPs
+
+[ssh-route]
+
+enabled = false
+filter = sshd
+action = route
+logpath = /var/log/sshd.log
+maxretry = 6
+
+# Here we use a combination of Netfilter/Iptables and IPsets
+# for storing large volumes of banned IPs
+#
+# IPset comes in two versions. See ipset -V for which one to use
+# requires the ipset package and kernel support.
+[ssh-iptables-ipset4]
+
+enabled = false
+port = ssh
+filter = sshd
+banaction = iptables-ipset-proto4
+logpath = /var/log/sshd.log
+maxretry = 6
+
+[ssh-iptables-ipset6]
+
+enabled = false
+port = ssh
+filter = sshd
+banaction = iptables-ipset-proto6
+logpath = /var/log/sshd.log
+maxretry = 6
+
+
+#
+# HTTP servers
+#
+
+[apache]
+
+enabled = false
+port = http,https
+filter = apache-auth
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
+# default action is now multiport, so apache-multiport jail was left
+# for compatibility with previous (<0.7.6-2) releases
+[apache-multiport]
+
+enabled = false
+port = http,https
+filter = apache-auth
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
+[apache-noscript]
+
+enabled = false
+port = http,https
+filter = apache-noscript
+logpath = /var/log/apache*/*error.log
+maxretry = 6
+
+[apache-overflows]
+
+enabled = false
+port = http,https
+filter = apache-overflows
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+[apache-modsecurity]
+
+enabled = false
+filter = apache-modsecurity
+port = http,https
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+[apache-nohome]
+
+enabled = false
+filter = apache-nohome
+port = http,https
+logpath = /var/log/apache*/*error.log
+maxretry = 2
+
+# Ban attackers that try to use PHP's URL-fopen() functionality
+# through GET/POST variables. - Experimental, with more than a year
+# of usage in production environments.
+
+[php-url-fopen]
+
+enabled = false
+port = http,https
+filter = php-url-fopen
+logpath = /var/www/*/logs/access_log
+
+# A simple PHP-fastcgi jail which works with lighttpd.
+# If you run a lighttpd server, then you probably will
+# find these kinds of messages in your error_log:
+# ALERT – tried to register forbidden variable ‘GLOBALS’
+# through GET variables (attacker '1.2.3.4', file '/var/www/default/htdocs/index.php')
+
+[lighttpd-fastcgi]
+
+enabled = false
+port = http,https
+filter = lighttpd-fastcgi
+logpath = /var/log/lighttpd/error.log
+
+# Same as above for mod_auth
+# It catches wrong authentifications
+
+[lighttpd-auth]
+
+enabled = false
+port = http,https
+filter = suhosin
+logpath = /var/log/lighttpd/error.log
+
+[nginx-http-auth]
+
+enabled = false
+filter = nginx-http-auth
+port = http,https
+logpath = /var/log/nginx/error.log
+
+# Monitor roundcube server
+
+[roundcube-auth]
+
+enabled = false
+filter = roundcube-auth
+port = http,https
+logpath = /var/log/roundcube/userlogins
+
+
+[sogo-auth]
+
+enabled = false
+filter = sogo-auth
+port = http, https
+# without proxy this would be:
+# port = 20000
+logpath = /var/log/sogo/sogo.log
+
+
+#
+# FTP servers
+#
+
+[vsftpd]
+
+enabled = false
+port = ftp,ftp-data,ftps,ftps-data
+filter = vsftpd
+logpath = /var/log/vsftpd.log
+# or overwrite it in jails.local to be
+# logpath = /var/log/auth.log
+# if you want to rely on PAM failed login attempts
+# vsftpd's failregex should match both of those formats
+maxretry = 6
+
+
+[proftpd]
+
+enabled = false
+port = ftp,ftp-data,ftps,ftps-data
+filter = proftpd
+logpath = /var/log/proftpd/proftpd.log
+maxretry = 6
+
+
+[pure-ftpd]
+
+enabled = false
+port = ftp,ftp-data,ftps,ftps-data
+filter = pure-ftpd
+logpath = /var/log/syslog
+maxretry = 6
+
+
+[wuftpd]
+
+enabled = false
+port = ftp,ftp-data,ftps,ftps-data
+filter = wuftpd
+logpath = /var/log/syslog
+maxretry = 6
+
+
+#
+# Mail servers
+#
+
+[postfix]
+
+enabled = false
+port = smtp,ssmtp,submission
+filter = postfix
+logpath = /var/log/mail.log
+
+
+[couriersmtp]
+
+enabled = false
+port = smtp,ssmtp,submission
+filter = couriersmtp
+logpath = /var/log/mail.log
+
+
+#
+# Mail servers authenticators: might be used for smtp,ftp,imap servers, so
+# all relevant ports get banned
+#
+
+[courierauth]
+
+enabled = false
+port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+filter = courierlogin
+logpath = /var/log/mail.log
+
+
+[sasl]
+
+enabled = false
+port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+filter = postfix-sasl
+# You might consider monitoring /var/log/mail.warn instead if you are
+# running postfix since it would provide the same log lines at the
+# "warn" level but overall at the smaller filesize.
+logpath = /var/log/mail.log
+
+[dovecot]
+
+enabled = false
+port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
+filter = dovecot
+logpath = /var/log/mail.log
+
+# To log wrong MySQL access attempts add to /etc/my.cnf:
+# log-error=/var/log/mysqld.log
+# log-warning = 2
+[mysqld-auth]
+
+enabled = false
+filter = mysqld-auth
+port = 3306
+logpath = /var/log/mysqld.log
+
+
+# DNS Servers
+
+
+# These jails block attacks against named (bind9). By default, logging is off
+# with bind9 installation. You will need something like this:
+#
+# logging {
+# channel security_file {
+# file "/var/log/named/security.log" versions 3 size 30m;
+# severity dynamic;
+# print-time yes;
+# };
+# category security {
+# security_file;
+# };
+# };
+#
+# in your named.conf to provide proper logging
+
+# !!! WARNING !!!
+# Since UDP is connection-less protocol, spoofing of IP and imitation
+# of illegal actions is way too simple. Thus enabling of this filter
+# might provide an easy way for implementing a DoS against a chosen
+# victim. See
+# http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html
+# Please DO NOT USE this jail unless you know what you are doing.
+#[named-refused-udp]
+#
+#enabled = false
+#port = domain,953
+#protocol = udp
+#filter = named-refused
+#logpath = /var/log/named/security.log
+
+[named-refused-tcp]
+
+enabled = false
+port = domain,953
+protocol = tcp
+filter = named-refused
+logpath = /var/log/named/security.log
+
+[freeswitch]
+
+enabled = false
+filter = freeswitch
+logpath = /var/log/freeswitch.log
+maxretry = 10
+action = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp]
+ iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp]
+
+[ejabberd-auth]
+
+enabled = false
+filter = ejabberd-auth
+port = xmpp-client
+protocol = tcp
+logpath = /var/log/ejabberd/ejabberd.log
+
+
+# Multiple jails, 1 per protocol, are necessary ATM:
+# see https://github.com/fail2ban/fail2ban/issues/37
+[asterisk-tcp]
+
+enabled = false
+filter = asterisk
+port = 5060,5061
+protocol = tcp
+logpath = /var/log/asterisk/messages
+
+[asterisk-udp]
+
+enabled = false
+filter = asterisk
+port = 5060,5061
+protocol = udp
+logpath = /var/log/asterisk/messages
+
+
+# Jail for more extended banning of persistent abusers
+# !!! WARNING !!!
+# Make sure that your loglevel specified in fail2ban.conf/.local
+# is not at DEBUG level -- which might then cause fail2ban to fall into
+# an infinite loop constantly feeding itself with non-informative lines
+[recidive]
+
+enabled = false
+filter = recidive
+logpath = /var/log/fail2ban.log
+action = iptables-allports[name=recidive]
+ sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
+bantime = 604800 ; 1 week
+findtime = 86400 ; 1 day
+maxretry = 5
+
+# See the IMPORTANT note in action.d/blocklist_de.conf for when to
+# use this action
+#
+# Report block via blocklist.de fail2ban reporting service API
+# See action.d/blocklist_de.conf for more information
+[ssh-blocklist]
+
+enabled = false
+filter = sshd
+action = iptables[name=SSH, port=ssh, protocol=tcp]
+ sendmail-whois[name=SSH, dest="%(destemail)s", sender="%(sender)s", sendername="%(sendername)s"]
+ blocklist_de[email="%(sender)s", apikey="xxxxxx", service="%(filter)s"]
+logpath = /var/log/sshd.log
+maxretry = 20
+
+
+# consider low maxretry and a long bantime
+# nobody except your own Nagios server should ever probe nrpe
+[nagios]
+enabled = false
+filter = nagios
+action = iptables[name=Nagios, port=5666, protocol=tcp]
+ sendmail-whois[name=Nagios, dest="%(destemail)s", sender="%(sender)s", sendername="%(sendername)s"]
+logpath = /var/log/messages ; nrpe.cfg may define a different log_facility
+maxretry = 1
--- /dev/null
+# Refer to /etc/fail2ban/jail.conf for more examples.
+[DEFAULT]
+# time is in seconds. 3600 = 1 hour, 86400 = 24 hours (1 day)
+findtime = 3600
+bantime = 86400
+maxretry = 5
+ignoreip = 127.0.0.1 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
+
+[sshd]
+enabled = true
+filter = sshd
+action = iptables-multiport[name=sshd, port="22", protocol=tcp]
+logpath = /var/log/syslog.d/auth.log
+
+[sshd-ddos]
+enabled = true
+filter = sshd-ddos
+action = iptables-multiport[name=sshd-ddos, port="22", protocol=tcp]
+logpath = /var/log/syslog.d/auth.log
+
+[roundcube-iredmail]
+enabled = true
+filter = roundcube.iredmail
+action = iptables-multiport[name=roundcube, port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
+logpath = /var/log/syslog.d/mail.log
+findtime = 3600
+
+[dovecot-iredmail]
+enabled = true
+filter = dovecot.iredmail
+action = iptables-multiport[name=dovecot, port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
+logpath = /var/log/dovecot.log
+
+[postfix-iredmail]
+enabled = true
+filter = postfix.iredmail
+action = iptables-multiport[name=postfix, port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
+# sendmail[name=Postfix, dest=root, sender=fail2ban@localhost]
+logpath = /var/log/syslog.d/mail.log
+
+[sogo-iredmail]
+enabled = false
+filter = sogo-auth
+action = iptables-multiport[name=sogo, port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
+logpath = /var/log/sogo/sogo.log
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-lgc-sans-mono.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu LGC Sans Mono</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-lgc-sans.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu LGC Sans</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-lgc-serif.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu LGC Serif</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-sans-mono.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu Sans Mono</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-sans.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu Sans</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<fontconfig>
+ <!-- /etc/fonts/conf.d/20-unhint-small-dejavu-serif.conf
+
+ Disable hinting manually at smaller sizes (< 8ppem)
+ This is a copy of the Bistream Vera fonts fonts rule, as DejaVu is
+ derived from Vera.
+
+ The Bistream Vera fonts have GASP entries suggesting that hinting be
+ disabled below 8 ppem, but FreeType ignores those, preferring to use
+ the data found in the instructed hints. The initial Vera release
+ didn't include the right instructions in the 'prep' table.
+ -->
+ <match target="font">
+ <test name="family">
+ <string>DejaVu Serif</string>
+ </test>
+ <test compare="less" name="pixelsize">
+ <double>7.5</double>
+ </test>
+ <edit name="hinting">
+ <bool>false</bool>
+ </edit>
+ </match>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/57-dejavu-sans-mono.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu Sans Mono.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Bepa Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Prima Sans Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Sans Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu LGC Sans Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Sans Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Sans Mono</family>
+ <accept>
+ <family>DejaVu Sans Mono</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu Sans Mono</family>
+ <default>
+ <family>monospace</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>monospace</family>
+ <prefer>
+ <family>DejaVu Sans Mono</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/57-dejavu-sans.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu Sans.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Arev Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bepa</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Prima Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu LGC Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Hunky Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Sans</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Verajja</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <!-- In case VerajjaPDA stops declaring itself as Verajja -->
+ <alias binding="same">
+ <family>VerajjaPDA</family>
+ <accept>
+ <family>DejaVu Sans</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu Sans</family>
+ <default>
+ <family>sans-serif</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>sans-serif</family>
+ <prefer>
+ <family>DejaVu Sans</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/57-dejavu-serif.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu Serif.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Bitstream Prima Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu LGC Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Hunky Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <!-- In case Verajja Serif stops declaring itself as DejaVu Serif -->
+ <alias binding="same">
+ <family>Verajja Serif</family>
+ <accept>
+ <family>DejaVu Serif</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu Serif</family>
+ <default>
+ <family>serif</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>serif</family>
+ <prefer>
+ <family>DejaVu Serif</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/58-dejavu-lgc-sans-mono.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu LGC Sans Mono.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Bepa Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Prima Sans Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Sans Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu Sans Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Sans Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Sans Mono</family>
+ <accept>
+ <family>DejaVu LGC Sans Mono</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu LGC Sans Mono</family>
+ <default>
+ <family>monospace</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>monospace</family>
+ <prefer>
+ <family>DejaVu LGC Sans Mono</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/58-dejavu-lgc-sans.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu LGC Sans.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Arev Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bepa</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Prima Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Hunky Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Sans</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Verajja</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <!-- In case VerajjaPDA stops declaring itself as Verajja -->
+ <alias binding="same">
+ <family>VerajjaPDA</family>
+ <accept>
+ <family>DejaVu LGC Sans</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu LGC Sans</family>
+ <default>
+ <family>sans-serif</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>sans-serif</family>
+ <prefer>
+ <family>DejaVu LGC Sans</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE fontconfig SYSTEM "../fonts.dtd">
+<!-- /etc/fonts/conf.d/58-dejavu-lgc-serif.conf
+
+ Define aliasing and other fontconfig settings for
+ DejaVu LGC Serif.
+
+ © 2006-2008 Nicolas Mailhot <nicolas.mailhot at laposte.net>
+-->
+<fontconfig>
+ <!-- Font substitution rules -->
+ <alias binding="same">
+ <family>Bitstream Prima Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Bitstream Vera Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>DejaVu Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Hunky Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>Olwen Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <alias binding="same">
+ <family>SUSE Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <!-- In case Verajja Serif stops declaring itself as DejaVu Serif -->
+ <alias binding="same">
+ <family>Verajja Serif</family>
+ <accept>
+ <family>DejaVu LGC Serif</family>
+ </accept>
+ </alias>
+ <!-- Generic name assignment -->
+ <alias>
+ <family>DejaVu LGC Serif</family>
+ <default>
+ <family>serif</family>
+ </default>
+ </alias>
+ <!-- Generic name aliasing -->
+ <alias>
+ <family>serif</family>
+ <prefer>
+ <family>DejaVu LGC Serif</family>
+ </prefer>
+ </alias>
+</fontconfig>
--- /dev/null
+/usr/share/fontconfig/conf.avail/10-scale-bitmap-fonts.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/11-lcdfilter-default.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-lgc-sans.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-lgc-serif.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-sans-mono.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-sans.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/20-unhint-small-dejavu-serif.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/20-unhint-small-vera.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/30-metric-aliases.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/30-urw-aliases.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/40-nonlatin.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/45-latin.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/49-sansserif.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/50-user.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/51-local.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/57-dejavu-sans-mono.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/57-dejavu-sans.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/57-dejavu-serif.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/58-dejavu-lgc-sans-mono.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/58-dejavu-lgc-sans.conf
\ No newline at end of file
--- /dev/null
+../conf.avail/58-dejavu-lgc-serif.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/60-latin.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/65-fonts-persian.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/65-nonlatin.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/69-unifont.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/70-no-bitmaps.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/80-delicious.conf
\ No newline at end of file
--- /dev/null
+/usr/share/fontconfig/conf.avail/90-synthetic.conf
\ No newline at end of file
--- /dev/null
+conf.d/README
+
+Each file in this directory is a fontconfig configuration file. Fontconfig
+scans this directory, loading all files of the form [0-9][0-9]*.conf.
+These files are normally installed in /usr/share/fontconfig/conf.avail
+and then symlinked here, allowing them to be easily installed and then
+enabled/disabled by adjusting the symlinks.
+
+The files are loaded in numeric order, the structure of the configuration
+has led to the following conventions in usage:
+
+ Files begining with: Contain:
+
+ 00 through 09 Font directories
+ 10 through 19 system rendering defaults (AA, etc)
+ 20 through 29 font rendering options
+ 30 through 39 family substitution
+ 40 through 49 generic identification, map family->generic
+ 50 through 59 alternate config file loading
+ 60 through 69 generic aliases, map generic->family
+ 70 through 79 select font (adjust which fonts are available)
+ 80 through 89 match target="scan" (modify scanned patterns)
+ 90 through 99 font synthesis
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
+<!-- /etc/fonts/fonts.conf file to configure system font access -->
+<fontconfig>
+
+<!--
+ DO NOT EDIT THIS FILE.
+ IT WILL BE REPLACED WHEN FONTCONFIG IS UPDATED.
+ LOCAL CHANGES BELONG IN 'local.conf'.
+
+ The intent of this standard configuration file is to be adequate for
+ most environments. If you have a reasonably normal environment and
+ have found problems with this configuration, they are probably
+ things that others will also want fixed. Please submit any
+ problems to the fontconfig bugzilla system located at fontconfig.org
+
+ Note that the normal 'make install' procedure for fontconfig is to
+ replace any existing fonts.conf file with the new version. Place
+ any local customizations in local.conf which this file references.
+
+ Keith Packard
+-->
+
+<!-- Font directory list -->
+
+ <dir>/usr/share/fonts</dir>
+ <dir>/usr/X11R6/lib/X11/fonts</dir> <dir>/usr/local/share/fonts</dir>
+ <dir prefix="xdg">fonts</dir>
+ <!-- the following element will be removed in the future -->
+ <dir>~/.fonts</dir>
+
+<!--
+ Accept deprecated 'mono' alias, replacing it with 'monospace'
+-->
+ <match target="pattern">
+ <test qual="any" name="family">
+ <string>mono</string>
+ </test>
+ <edit name="family" mode="assign" binding="same">
+ <string>monospace</string>
+ </edit>
+ </match>
+
+<!--
+ Accept alternate 'sans serif' spelling, replacing it with 'sans-serif'
+-->
+ <match target="pattern">
+ <test qual="any" name="family">
+ <string>sans serif</string>
+ </test>
+ <edit name="family" mode="assign" binding="same">
+ <string>sans-serif</string>
+ </edit>
+ </match>
+
+<!--
+ Accept deprecated 'sans' alias, replacing it with 'sans-serif'
+-->
+ <match target="pattern">
+ <test qual="any" name="family">
+ <string>sans</string>
+ </test>
+ <edit name="family" mode="assign" binding="same">
+ <string>sans-serif</string>
+ </edit>
+ </match>
+
+<!--
+ Load local system customization file
+-->
+ <include ignore_missing="yes">conf.d</include>
+
+<!-- Font cache directory list -->
+
+ <cachedir>/var/cache/fontconfig</cachedir>
+ <cachedir prefix="xdg">fontconfig</cachedir>
+ <!-- the following element will be removed in the future -->
+ <cachedir>~/.fontconfig</cachedir>
+
+ <config>
+<!--
+ These are the default Unicode chars that are expected to be blank
+ in fonts. All other blank chars are assumed to be broken and
+ won't appear in the resulting charsets
+ -->
+ <blank>
+ <int>0x0020</int> <!-- SPACE -->
+ <int>0x00A0</int> <!-- NO-BREAK SPACE -->
+ <int>0x00AD</int> <!-- SOFT HYPHEN -->
+ <int>0x034F</int> <!-- COMBINING GRAPHEME JOINER -->
+ <int>0x0600</int> <!-- ARABIC NUMBER SIGN -->
+ <int>0x0601</int> <!-- ARABIC SIGN SANAH -->
+ <int>0x0602</int> <!-- ARABIC FOOTNOTE MARKER -->
+ <int>0x0603</int> <!-- ARABIC SIGN SAFHA -->
+ <int>0x06DD</int> <!-- ARABIC END OF AYAH -->
+ <int>0x070F</int> <!-- SYRIAC ABBREVIATION MARK -->
+ <int>0x115F</int> <!-- HANGUL CHOSEONG FILLER -->
+ <int>0x1160</int> <!-- HANGUL JUNGSEONG FILLER -->
+ <int>0x1680</int> <!-- OGHAM SPACE MARK -->
+ <int>0x17B4</int> <!-- KHMER VOWEL INHERENT AQ -->
+ <int>0x17B5</int> <!-- KHMER VOWEL INHERENT AA -->
+ <int>0x180E</int> <!-- MONGOLIAN VOWEL SEPARATOR -->
+ <int>0x2000</int> <!-- EN QUAD -->
+ <int>0x2001</int> <!-- EM QUAD -->
+ <int>0x2002</int> <!-- EN SPACE -->
+ <int>0x2003</int> <!-- EM SPACE -->
+ <int>0x2004</int> <!-- THREE-PER-EM SPACE -->
+ <int>0x2005</int> <!-- FOUR-PER-EM SPACE -->
+ <int>0x2006</int> <!-- SIX-PER-EM SPACE -->
+ <int>0x2007</int> <!-- FIGURE SPACE -->
+ <int>0x2008</int> <!-- PUNCTUATION SPACE -->
+ <int>0x2009</int> <!-- THIN SPACE -->
+ <int>0x200A</int> <!-- HAIR SPACE -->
+ <int>0x200B</int> <!-- ZERO WIDTH SPACE -->
+ <int>0x200C</int> <!-- ZERO WIDTH NON-JOINER -->
+ <int>0x200D</int> <!-- ZERO WIDTH JOINER -->
+ <int>0x200E</int> <!-- LEFT-TO-RIGHT MARK -->
+ <int>0x200F</int> <!-- RIGHT-TO-LEFT MARK -->
+ <int>0x2028</int> <!-- LINE SEPARATOR -->
+ <int>0x2029</int> <!-- PARAGRAPH SEPARATOR -->
+ <int>0x202A</int> <!-- LEFT-TO-RIGHT EMBEDDING -->
+ <int>0x202B</int> <!-- RIGHT-TO-LEFT EMBEDDING -->
+ <int>0x202C</int> <!-- POP DIRECTIONAL FORMATTING -->
+ <int>0x202D</int> <!-- LEFT-TO-RIGHT OVERRIDE -->
+ <int>0x202E</int> <!-- RIGHT-TO-LEFT OVERRIDE -->
+ <int>0x202F</int> <!-- NARROW NO-BREAK SPACE -->
+ <int>0x205F</int> <!-- MEDIUM MATHEMATICAL SPACE -->
+ <int>0x2060</int> <!-- WORD JOINER -->
+ <int>0x2061</int> <!-- FUNCTION APPLICATION -->
+ <int>0x2062</int> <!-- INVISIBLE TIMES -->
+ <int>0x2063</int> <!-- INVISIBLE SEPARATOR -->
+ <int>0x206A</int> <!-- INHIBIT SYMMETRIC SWAPPING -->
+ <int>0x206B</int> <!-- ACTIVATE SYMMETRIC SWAPPING -->
+ <int>0x206C</int> <!-- INHIBIT ARABIC FORM SHAPING -->
+ <int>0x206D</int> <!-- ACTIVATE ARABIC FORM SHAPING -->
+ <int>0x206E</int> <!-- NATIONAL DIGIT SHAPES -->
+ <int>0x206F</int> <!-- NOMINAL DIGIT SHAPES -->
+ <int>0x2800</int> <!-- BRAILLE PATTERN BLANK -->
+ <int>0x3000</int> <!-- IDEOGRAPHIC SPACE -->
+ <int>0x3164</int> <!-- HANGUL FILLER -->
+ <int>0xFEFF</int> <!-- ZERO WIDTH NO-BREAK SPACE -->
+ <int>0xFFA0</int> <!-- HALFWIDTH HANGUL FILLER -->
+ <int>0xFFF9</int> <!-- INTERLINEAR ANNOTATION ANCHOR -->
+ <int>0xFFFA</int> <!-- INTERLINEAR ANNOTATION SEPARATOR -->
+ <int>0xFFFB</int> <!-- INTERLINEAR ANNOTATION TERMINATOR -->
+ </blank>
+<!--
+ Rescan configuration every 30 seconds when FcFontSetList is called
+ -->
+ <rescan>
+ <int>30</int>
+ </rescan>
+ </config>
+
+</fontconfig>
--- /dev/null
+# /etc/fstab: static file system information.
+#
+# Use 'blkid' to print the universally unique identifier for a
+# device; this may be used with UUID= as a more robust way to name devices
+# that works even if disks are added and removed. See fstab(5).
+#
+# <file system> <mount point> <type> <options> <dump> <pass>
+UUID=4c99a050-4920-4de3-b4ca-b13e38992978 / ext4 errors=remount-ro 0 1
+/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
+/dev/mapper/vg00-swap none swap sw 0 0
+/dev/mapper/vg00-var /var ext4 acl,user_xattr 0 2
+/dev/mapper/vg00-opt /opt ext4 acl,user_xattr 0 2
+/dev/mapper/vg00-home /home ext4 acl,user_xattr 0 2
+/dev/mapper/vg00-tmp /tmp ext4 noatime 0 2
+
--- /dev/null
+# Configuration for getaddrinfo(3).
+#
+# So far only configuration for the destination address sorting is needed.
+# RFC 3484 governs the sorting. But the RFC also says that system
+# administrators should be able to overwrite the defaults. This can be
+# achieved here.
+#
+# All lines have an initial identifier specifying the option followed by
+# up to two values. Information specified in this file replaces the
+# default information. Complete absence of data of one kind causes the
+# appropriate default information to be used. The supported commands include:
+#
+# reload <yes|no>
+# If set to yes, each getaddrinfo(3) call will check whether this file
+# changed and if necessary reload. This option should not really be
+# used. There are possible runtime problems. The default is no.
+#
+# label <mask> <value>
+# Add another rule to the RFC 3484 label table. See section 2.1 in
+# RFC 3484. The default is:
+#
+#label ::1/128 0
+#label ::/0 1
+#label 2002::/16 2
+#label ::/96 3
+#label ::ffff:0:0/96 4
+#label fec0::/10 5
+#label fc00::/7 6
+#label 2001:0::/32 7
+#
+# This default differs from the tables given in RFC 3484 by handling
+# (now obsolete) site-local IPv6 addresses and Unique Local Addresses.
+# The reason for this difference is that these addresses are never
+# NATed while IPv4 site-local addresses most probably are. Given
+# the precedence of IPv6 over IPv4 (see below) on machines having only
+# site-local IPv4 and IPv6 addresses a lookup for a global address would
+# see the IPv6 be preferred. The result is a long delay because the
+# site-local IPv6 addresses cannot be used while the IPv4 address is
+# (at least for the foreseeable future) NATed. We also treat Teredo
+# tunnels special.
+#
+# precedence <mask> <value>
+# Add another rule to the RFC 3484 precedence table. See section 2.1
+# and 10.3 in RFC 3484. The default is:
+#
+#precedence ::1/128 50
+#precedence ::/0 40
+#precedence 2002::/16 30
+#precedence ::/96 20
+#precedence ::ffff:0:0/96 10
+#
+# For sites which prefer IPv4 connections change the last line to
+#
+#precedence ::ffff:0:0/96 100
+
+#
+# scopev4 <mask> <value>
+# Add another rule to the RFC 6724 scope table for IPv4 addresses.
+# By default the scope IDs described in section 3.2 in RFC 6724 are
+# used. Changing these defaults should hardly ever be necessary.
+# The defaults are equivalent to:
+#
+#scopev4 ::ffff:169.254.0.0/112 2
+#scopev4 ::ffff:127.0.0.0/104 2
+#scopev4 ::ffff:0.0.0.0/96 14
--- /dev/null
+.\" This file is loaded after an-old.tmac.
+.\" Put any local modifications to an-old.tmac here.
+.
+.if n \{\
+. \" Debian: Map \(oq to ' rather than ` in nroff mode for devices other
+. \" than utf8.
+. if !'\*[.T]'utf8' \
+. tr \[oq]'
+.
+. \" Debian: Disable the use of SGR (ANSI colour) escape sequences by
+. \" grotty.
+. if '\V[GROFF_SGR]'' \
+. output x X tty: sgr 0
+.
+. \" Debian: Strictly, "-" is a hyphen while "\-" is a minus sign, and the
+. \" former may not always be rendered in the form expected for things like
+. \" command-line options. Uncomment this if you want to make sure that
+. \" manual pages you're writing are clear of this problem.
+. \" if '\*[.T]'utf8' \
+. \" char - \[hy]
+.\}
--- /dev/null
+.\" This file is loaded after doc.tmac.
+.\" Put any local modifications to doc.tmac here.
+.
+.if n \{\
+. \" Debian: Map \(oq to ' rather than ` in nroff mode for devices other
+. \" than utf8.
+. if !'\*[.T]'utf8' \
+. tr \[oq]'
+.
+. \" Debian: Disable the use of SGR (ANSI colour) escape sequences by
+. \" grotty.
+. if '\V[GROFF_SGR]'' \
+. output x X tty: sgr 0
+.
+. \" Debian: Strictly, "-" is a hyphen while "\-" is a minus sign, and the
+. \" former may not always be rendered in the form expected for things like
+. \" command-line options. Uncomment this if you want to make sure that
+. \" manual pages you're writing are clear of this problem.
+. \" if '\*[.T]'utf8' \
+. \" char - \[hy]
+.\}
--- /dev/null
+root:x:0:frank
+daemon:x:1:frank
+bin:x:2:frank
+sys:x:3:frank
+adm:x:4:
+tty:x:5:frank
+disk:x:6:frank
+lp:x:7:frank
+mail:x:8:frank
+news:x:9:
+uucp:x:10:
+man:x:12:frank
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:frank
+audio:x:29:frank
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:frank
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:frank
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:frank
+games:x:60:frank
+users:x:100:
+nogroup:x:65534:
+input:x:101:
+systemd-journal:x:102:
+systemd-timesync:x:103:
+systemd-network:x:104:
+systemd-resolve:x:105:
+systemd-bus-proxy:x:106:
+crontab:x:107:frank
+netdev:x:108:
+ssh:x:109:
+messagebus:x:110:
+mlocate:x:111:frank
+mysql:x:112:
+ssl-cert:x:113:
+postfix:x:114:
+postdrop:x:115:
+clamav:x:116:
+dovecot:x:117:
+dovenull:x:118:
+amavis:x:119:clamav
+debian-spamd:x:120:
+vmail:x:2000:
+iredadmin:x:2001:
+iredapd:x:2002:
+ulog:x:121:
+wireshark:x:122:
--- /dev/null
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+input:x:101:
+systemd-journal:x:102:
+systemd-timesync:x:103:
+systemd-network:x:104:
+systemd-resolve:x:105:
+systemd-bus-proxy:x:106:
+crontab:x:107:
+netdev:x:108:
+ssh:x:109:
+messagebus:x:110:
+mlocate:x:111:
+mysql:x:112:
+ssl-cert:x:113:
+postfix:x:114:
+postdrop:x:115:
+clamav:x:116:
+dovecot:x:117:
+dovenull:x:118:
+amavis:x:119:clamav
+debian-spamd:x:120:
+vmail:x:2000:
+iredadmin:x:2001:
+iredapd:x:2002:
+ulog:x:121:
+wireshark:x:122:
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+grub_lang=`echo $LANG | cut -d . -f 1`
+grubdir="`echo "/boot/grub" | sed 's,//*,/,g'`"
+quick_boot="0"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+# Do this as early as possible, since other commands might depend on it.
+# (e.g. the `loadfont' command might need lvm or raid modules)
+for i in ${GRUB_PRELOAD_MODULES} ; do
+ echo "insmod $i"
+done
+
+if [ "x${GRUB_DEFAULT}" = "x" ] ; then GRUB_DEFAULT=0 ; fi
+if [ "x${GRUB_DEFAULT}" = "xsaved" ] ; then GRUB_DEFAULT='${saved_entry}' ; fi
+if [ "x${GRUB_TIMEOUT}" = "x" ] ; then GRUB_TIMEOUT=5 ; fi
+if [ "x${GRUB_GFXMODE}" = "x" ] ; then GRUB_GFXMODE=auto ; fi
+
+if [ "x${GRUB_DEFAULT_BUTTON}" = "x" ] ; then GRUB_DEFAULT_BUTTON="$GRUB_DEFAULT" ; fi
+if [ "x${GRUB_DEFAULT_BUTTON}" = "xsaved" ] ; then GRUB_DEFAULT_BUTTON='${saved_entry}' ; fi
+if [ "x${GRUB_TIMEOUT_BUTTON}" = "x" ] ; then GRUB_TIMEOUT_BUTTON="$GRUB_TIMEOUT" ; fi
+
+cat << EOF
+if [ -s \$prefix/grubenv ]; then
+ set have_grubenv=true
+ load_env
+fi
+EOF
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ]; then
+ cat <<EOF
+if cmostest $GRUB_BUTTON_CMOS_ADDRESS ; then
+ set default="${GRUB_DEFAULT_BUTTON}"
+elif [ "\${next_entry}" ] ; then
+ set default="\${next_entry}"
+ set next_entry=
+ save_env next_entry
+ set boot_once=true
+else
+ set default="${GRUB_DEFAULT}"
+fi
+EOF
+else
+ cat <<EOF
+if [ "\${next_entry}" ] ; then
+ set default="\${next_entry}"
+ set next_entry=
+ save_env next_entry
+ set boot_once=true
+else
+ set default="${GRUB_DEFAULT}"
+fi
+EOF
+fi
+cat <<EOF
+
+if [ x"\${feature_menuentry_id}" = xy ]; then
+ menuentry_id_option="--id"
+else
+ menuentry_id_option=""
+fi
+
+export menuentry_id_option
+
+if [ "\${prev_saved_entry}" ]; then
+ set saved_entry="\${prev_saved_entry}"
+ save_env saved_entry
+ set prev_saved_entry=
+ save_env prev_saved_entry
+ set boot_once=true
+fi
+
+function savedefault {
+ if [ -z "\${boot_once}" ]; then
+ saved_entry="\${chosen}"
+ save_env saved_entry
+ fi
+}
+EOF
+
+if [ "$quick_boot" = 1 ]; then
+ cat <<EOF
+function recordfail {
+ set recordfail=1
+EOF
+ FS="$(grub-probe --target=fs "${grubdir}")"
+ case "$FS" in
+ btrfs | cpiofs | newc | odc | romfs | squash4 | tarfs | zfs)
+ cat <<EOF
+ # GRUB lacks write support for $FS, so recordfail support is disabled.
+EOF
+ ;;
+ *)
+ cat <<EOF
+ if [ -n "\${have_grubenv}" ]; then if [ -z "\${boot_once}" ]; then save_env recordfail; fi; fi
+EOF
+ esac
+ cat <<EOF
+}
+EOF
+fi
+
+cat <<EOF
+function load_video {
+EOF
+if [ -n "${GRUB_VIDEO_BACKEND}" ]; then
+ cat <<EOF
+ insmod ${GRUB_VIDEO_BACKEND}
+EOF
+else
+# If all_video.mod isn't available load all modules available
+# with versions prior to introduction of all_video.mod
+cat <<EOF
+ if [ x\$feature_all_video_module = xy ]; then
+ insmod all_video
+ else
+ insmod efi_gop
+ insmod efi_uga
+ insmod ieee1275_fb
+ insmod vbe
+ insmod vga
+ insmod video_bochs
+ insmod video_cirrus
+ fi
+EOF
+fi
+cat <<EOF
+}
+
+EOF
+
+serial=0;
+gfxterm=0;
+for x in ${GRUB_TERMINAL_INPUT} ${GRUB_TERMINAL_OUTPUT}; do
+ if [ xserial = "x$x" ]; then
+ serial=1;
+ fi
+ if [ xgfxterm = "x$x" ]; then
+ gfxterm=1;
+ fi
+done
+
+if [ "x$serial" = x1 ]; then
+ if [ "x${GRUB_SERIAL_COMMAND}" = "x" ] ; then
+ grub_warn "$(gettext "Requested serial terminal but GRUB_SERIAL_COMMAND is unspecified. Default parameters will be used.")"
+ GRUB_SERIAL_COMMAND=serial
+ fi
+ echo "${GRUB_SERIAL_COMMAND}"
+fi
+
+if [ "x$gfxterm" = x1 ]; then
+ if [ -n "$GRUB_FONT" ] ; then
+ # Make the font accessible
+ prepare_grub_to_access_device `${grub_probe} --target=device "${GRUB_FONT}"`
+ cat << EOF
+if loadfont `make_system_path_relative_to_its_root "${GRUB_FONT}"` ; then
+EOF
+ else
+ for dir in "${pkgdatadir}" "`echo '/boot/grub' | sed "s,//*,/,g"`" /usr/share/grub ; do
+ for basename in unicode unifont ascii; do
+ path="${dir}/${basename}.pf2"
+ if is_path_readable_by_grub "${path}" > /dev/null ; then
+ font_path="${path}"
+ else
+ continue
+ fi
+ break 2
+ done
+ done
+ if [ -n "${font_path}" ] ; then
+ cat << EOF
+if [ x\$feature_default_font_path = xy ] ; then
+ font=unicode
+else
+EOF
+ # Make the font accessible
+ prepare_grub_to_access_device `${grub_probe} --target=device "${font_path}"`
+ cat << EOF
+ font="`make_system_path_relative_to_its_root "${font_path}"`"
+fi
+
+if loadfont \$font ; then
+EOF
+ else
+ cat << EOF
+if loadfont unicode ; then
+EOF
+ fi
+ fi
+
+ cat << EOF
+ set gfxmode=${GRUB_GFXMODE}
+ load_video
+ insmod gfxterm
+EOF
+
+# Gettext variables and module
+if [ "x${LANG}" != "xC" ] && [ "x${LANG}" != "x" ]; then
+ cat << EOF
+ set locale_dir=\$prefix/locale
+ set lang=${grub_lang}
+ insmod gettext
+EOF
+fi
+
+cat <<EOF
+fi
+EOF
+fi
+
+case x${GRUB_TERMINAL_INPUT} in
+ x)
+ # Just use the native terminal
+ ;;
+ x*)
+ cat << EOF
+terminal_input ${GRUB_TERMINAL_INPUT}
+EOF
+ ;;
+esac
+
+case x${GRUB_TERMINAL_OUTPUT} in
+ x)
+ # Just use the native terminal
+ ;;
+ x*)
+ cat << EOF
+terminal_output ${GRUB_TERMINAL_OUTPUT}
+EOF
+ ;;
+esac
+
+if [ "x$gfxterm" = x1 ]; then
+ if [ "x$GRUB_THEME" != x ] && [ -f "$GRUB_THEME" ] \
+ && is_path_readable_by_grub "$GRUB_THEME"; then
+ gettext_printf "Found theme: %s\n" "$GRUB_THEME" >&2
+
+ prepare_grub_to_access_device `${grub_probe} --target=device "$GRUB_THEME"`
+ cat << EOF
+insmod gfxmenu
+EOF
+ themedir="`dirname "$GRUB_THEME"`"
+ for x in "$themedir"/*.pf2 "$themedir"/f/*.pf2; do
+ if [ -f "$x" ]; then
+ cat << EOF
+loadfont (\$root)`make_system_path_relative_to_its_root $x`
+EOF
+ fi
+ done
+ if [ x"`echo "$themedir"/*.jpg`" != x"$themedir/*.jpg" ] || [ x"`echo "$themedir"/*.jpeg`" != x"$themedir/*.jpeg" ]; then
+ cat << EOF
+insmod jpeg
+EOF
+ fi
+ if [ x"`echo "$themedir"/*.png`" != x"$themedir/*.png" ]; then
+ cat << EOF
+insmod png
+EOF
+ fi
+ if [ x"`echo "$themedir"/*.tga`" != x"$themedir/*.tga" ]; then
+ cat << EOF
+insmod tga
+EOF
+ fi
+
+ cat << EOF
+set theme=(\$root)`make_system_path_relative_to_its_root $GRUB_THEME`
+export theme
+EOF
+ elif [ "x$GRUB_BACKGROUND" != x ] && [ -f "$GRUB_BACKGROUND" ] \
+ && is_path_readable_by_grub "$GRUB_BACKGROUND"; then
+ gettext_printf "Found background: %s\n" "$GRUB_BACKGROUND" >&2
+ case "$GRUB_BACKGROUND" in
+ *.png) reader=png ;;
+ *.tga) reader=tga ;;
+ *.jpg|*.jpeg) reader=jpeg ;;
+ *) gettext "Unsupported image format" >&2; echo >&2; exit 1 ;;
+ esac
+ prepare_grub_to_access_device `${grub_probe} --target=device "$GRUB_BACKGROUND"`
+ cat << EOF
+insmod $reader
+background_image -m stretch `make_system_path_relative_to_its_root "$GRUB_BACKGROUND"`
+EOF
+ fi
+fi
+
+make_timeout ()
+{
+ cat << EOF
+if [ "\${recordfail}" = 1 ] ; then
+ set timeout=${GRUB_RECORDFAIL_TIMEOUT:--1}
+else
+EOF
+ if [ "x${3}" != "x" ] ; then
+ timeout="${2}"
+ style="${3}"
+ elif [ "x${1}" != "x" ] && \
+ ([ "$quick_boot" = 1 ] || [ "x${1}" != "x0" ]) ; then
+ # Handle the deprecated GRUB_HIDDEN_TIMEOUT scheme.
+ timeout="${1}"
+ if [ "x${2}" != "x0" ] ; then
+ grub_warn "$(gettext "Setting GRUB_TIMEOUT to a non-zero value when GRUB_HIDDEN_TIMEOUT is set is no longer supported.")"
+ fi
+ if [ "x${GRUB_HIDDEN_TIMEOUT_QUIET}" = "xtrue" ] ; then
+ style="hidden"
+ verbose=
+ else
+ style="countdown"
+ verbose=" --verbose"
+ fi
+ else
+ # No hidden timeout, so treat as GRUB_TIMEOUT_STYLE=menu
+ timeout="${2}"
+ style="menu"
+ fi
+ cat << EOF
+ if [ x\$feature_timeout_style = xy ] ; then
+ set timeout_style=${style}
+ set timeout=${timeout}
+EOF
+ if [ "x${style}" = "xmenu" ] ; then
+ cat << EOF
+ # Fallback normal timeout code in case the timeout_style feature is
+ # unavailable.
+ else
+ set timeout=${timeout}
+EOF
+ else
+ cat << EOF
+ # Fallback hidden-timeout code in case the timeout_style feature is
+ # unavailable.
+ elif sleep${verbose} --interruptible ${timeout} ; then
+ set timeout=0
+EOF
+ fi
+ cat << EOF
+ fi
+fi
+EOF
+}
+
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ]; then
+ cat <<EOF
+if cmostest $GRUB_BUTTON_CMOS_ADDRESS ; then
+EOF
+make_timeout "${GRUB_HIDDEN_TIMEOUT_BUTTON}" "${GRUB_TIMEOUT_BUTTON}" "${GRUB_TIMEOUT_STYLE_BUTTON}"
+echo else
+make_timeout "${GRUB_HIDDEN_TIMEOUT}" "${GRUB_TIMEOUT}" "${GRUB_TIMEOUT_STYLE}"
+echo fi
+else
+make_timeout "${GRUB_HIDDEN_TIMEOUT}" "${GRUB_TIMEOUT}" "${GRUB_TIMEOUT_STYLE}"
+fi
+
+if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ] && [ "x$GRUB_BUTTON_CMOS_CLEAN" = "xyes" ]; then
+ cat <<EOF
+cmosclean $GRUB_BUTTON_CMOS_ADDRESS
+EOF
+fi
+
+# Play an initial tune
+if [ "x${GRUB_INIT_TUNE}" != "x" ] ; then
+ echo "play ${GRUB_INIT_TUNE}"
+fi
+
+if [ "x${GRUB_BADRAM}" != "x" ] ; then
+ echo "badram ${GRUB_BADRAM}"
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2010 Alexander Kurtz <kurtz.alex@googlemail.com>
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+# Include the GRUB helper library for grub-mkconfig.
+. /usr/share/grub/grub-mkconfig_lib
+
+# We want to work in /boot/grub/ only.
+test -d /boot/grub; cd /boot/grub
+
+# Set the location of a possibly necessary cache file for the background image.
+# NOTE: This MUST BE A DOTFILE to avoid confusing it with user-defined images.
+BACKGROUND_CACHE=".background_cache"
+
+set_default_theme(){
+ case $GRUB_DISTRIBUTOR in
+ Tanglu|Ubuntu|Kubuntu)
+ # Set a monochromatic theme for Tanglu/Ubuntu.
+ echo "${1}set menu_color_normal=white/black"
+ echo "${1}set menu_color_highlight=black/light-gray"
+
+ if [ -e /lib/plymouth/themes/default.grub ]; then
+ sed "s/^/${1}/" /lib/plymouth/themes/default.grub
+ fi
+ ;;
+ *)
+ # Set the traditional Debian blue theme.
+ echo "${1}set menu_color_normal=cyan/blue"
+ echo "${1}set menu_color_highlight=white/blue"
+ ;;
+ esac
+}
+
+module_available(){
+ local module
+ for module in "${1}.mod" */"${1}.mod"; do
+ if [ -f "${module}" ]; then
+ return 0
+ fi
+ done
+ return 1
+}
+
+set_background_image(){
+ # Step #1: Search all available output modes ...
+ local output
+ for output in ${GRUB_TERMINAL_OUTPUT}; do
+ if [ "x$output" = "xgfxterm" ]; then
+ break
+ fi
+ done
+
+ # ... and check if we are able to display a background image at all.
+ if ! [ "x${output}" = "xgfxterm" ]; then
+ return 1
+ fi
+
+ # Step #2: Check if the specified background image exists.
+ if ! [ -f "${1}" ]; then
+ return 2
+ fi
+
+ # Step #3: Search the correct GRUB module for our background image.
+ local reader
+ case "${1}" in
+ *.jpg|*.JPG|*.jpeg|*.JPEG) reader="jpeg";;
+ *.png|*.PNG) reader="png";;
+ *.tga|*.TGA) reader="tga";;
+ *) return 3;; # Unknown image type.
+ esac
+
+ # Step #4: Check if the necessary GRUB module is available.
+ if ! module_available "${reader}"; then
+ return 4
+ fi
+
+ # Step #5: Check if GRUB can read the background image directly.
+ # If so, we can remove the cache file (if any). Otherwise the backgound
+ # image needs to be cached under /boot/grub/.
+ if is_path_readable_by_grub "${1}"; then
+ rm --force "${BACKGROUND_CACHE}.jpeg" \
+ "${BACKGROUND_CACHE}.png" "${BACKGROUND_CACHE}.tga"
+ elif cp "${1}" "${BACKGROUND_CACHE}.${reader}"; then
+ set -- "${BACKGROUND_CACHE}.${reader}" "${2}" "${3}"
+ else
+ return 5
+ fi
+
+ # Step #6: Prepare GRUB to read the background image.
+ if ! prepare_grub_to_access_device "`${grub_probe} --target=device "${1}"`"; then
+ return 6
+ fi
+
+ # Step #7: Everything went fine, print out a message to stderr ...
+ echo "Found background image: ${1}" >&2
+
+ # ... and write our configuration snippet to stdout. Use the colors
+ # desktop-base specified. If we're using a user-defined background, use
+ # the default colors since we've got no idea how the image looks like.
+ # If loading the background image fails, use the default theme.
+ echo "insmod ${reader}"
+ echo "if background_image `make_system_path_relative_to_its_root "${1}"`; then"
+ if [ -n "${2}" ]; then
+ echo " set color_normal=${2}"
+ fi
+ if [ -n "${3}" ]; then
+ echo " set color_highlight=${3}"
+ fi
+ if [ -z "${2}" ] && [ -z "${3}" ]; then
+ echo " true"
+ fi
+ echo "else"
+ set_default_theme " "
+ echo "fi"
+}
+
+# Earlier versions of grub-pc copied the default background image to /boot/grub
+# during postinst. Remove those obsolete images if they haven't been touched by
+# the user. They are still available under /usr/share/images/desktop-base/ if
+# desktop-base is installed.
+while read checksum background; do
+ if [ -f "${background}" ] && [ "x`sha1sum "${background}"`" = "x${checksum} ${background}" ]; then
+ echo "Removing old background image: ${background}" >&2
+ rm "${background}"
+ fi
+done <<EOF
+648ee65dd0c157a69b019a5372cbcfea4fc754a5 debian-blueish-wallpaper-640x480.png
+0431e97a6c661084c59676c4baeeb8c2f602edb8 debian-blueish-wallpaper-640x480.png
+968ecf6696c5638cfe80e8e70aba239526270864 debian-blueish-wallpaper-640x480.tga
+11143e8c92a073401de0b0fd42d0c052af4ccd9b moreblue-orbit-grub.png
+d00d5e505ab63f2d53fa880bfac447e2d3bb197c moreblue-orbit-grub.png
+f5b12c1009ec0a3b029185f6b66cd0d7e5611019 moreblue-orbit-grub.png
+EOF
+
+# Include the configuration of desktop-base if available.
+if [ -f "/usr/share/desktop-base/grub_background.sh" ]; then
+ . "/usr/share/desktop-base/grub_background.sh"
+fi
+
+# First check whether the user has specified a background image explicitly.
+# If so, try to use it. Don't try the other possibilities in that case
+# (#608263).
+if [ -n "${GRUB_BACKGROUND+x}" ]; then
+ set_background_image "${GRUB_BACKGROUND}" || set_default_theme
+ exit 0
+fi
+
+# Next search for pictures the user put into /boot/grub/ and use the first one.
+for background in *.jpg *.JPG *.jpeg *.JPEG *.png *.PNG *.tga *.TGA; do
+ if set_background_image "${background}"; then
+ exit 0
+ fi
+done
+
+# Next try to use the background image and colors specified by desktop-base.
+if set_background_image "${WALLPAPER}" "${COLOR_NORMAL}" "${COLOR_HIGHLIGHT}"; then
+ exit 0
+fi
+
+# If we haven't found a background image yet, use the default from desktop-base.
+case $GRUB_DISTRIBUTOR in
+ Ubuntu|Kubuntu)
+ ;;
+ Tanglu)
+ if set_background_image "/usr/share/images/grub/grub.png"; then
+ exit 0
+ fi
+ ;;
+ *)
+ if set_background_image "/usr/share/images/desktop-base/desktop-grub.png"; then
+ exit 0
+ fi
+ ;;
+esac
+
+# Finally, if all of the above fails, use the default theme.
+set_default_theme
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+ubuntu_recovery="0"
+quiet_boot="0"
+quick_boot="0"
+gfxpayload_dynamic="0"
+vt_handoff="0"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+CLASS="--class gnu-linux --class gnu --class os"
+SUPPORTED_INITS="sysvinit:/lib/sysvinit/init systemd:/lib/systemd/systemd upstart:/sbin/upstart"
+
+if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
+ OS=GNU/Linux
+else
+ case ${GRUB_DISTRIBUTOR} in
+ Ubuntu|Kubuntu)
+ OS="${GRUB_DISTRIBUTOR}"
+ ;;
+ *)
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ ;;
+ esac
+ CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
+fi
+
+# loop-AES arranges things so that /dev/loop/X can be our root device, but
+# the initrds that Linux uses don't like that.
+case ${GRUB_DEVICE} in
+ /dev/loop/*|/dev/loop[0-9])
+ GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"`
+ # We can't cope with devices loop-mounted from files here.
+ case ${GRUB_DEVICE} in
+ /dev/*) ;;
+ *) exit 0 ;;
+ esac
+ ;;
+esac
+
+if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
+ || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
+ || uses_abstraction "${GRUB_DEVICE}" lvm; then
+ LINUX_ROOT_DEVICE=${GRUB_DEVICE}
+else
+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
+fi
+
+case x"$GRUB_FS" in
+ xbtrfs)
+ rootsubvol="`make_system_path_relative_to_its_root /`"
+ rootsubvol="${rootsubvol#/}"
+ if [ "x${rootsubvol}" != x ]; then
+ GRUB_CMDLINE_LINUX="rootflags=subvol=${rootsubvol} ${GRUB_CMDLINE_LINUX}"
+ fi;;
+ xzfs)
+ rpool=`${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true`
+ bootfs="`make_system_path_relative_to_its_root / | sed -e "s,@$,,"`"
+ LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}"
+ ;;
+esac
+
+title_correction_code=
+
+if [ -x /lib/recovery-mode/recovery-menu ]; then
+ GRUB_CMDLINE_LINUX_RECOVERY=recovery
+else
+ GRUB_CMDLINE_LINUX_RECOVERY=single
+fi
+if [ "$ubuntu_recovery" = 1 ]; then
+ GRUB_CMDLINE_LINUX_RECOVERY="$GRUB_CMDLINE_LINUX_RECOVERY nomodeset"
+fi
+
+if [ "$vt_handoff" = 1 ]; then
+ for word in $GRUB_CMDLINE_LINUX_DEFAULT; do
+ if [ "$word" = splash ]; then
+ GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT \$vt_handoff"
+ fi
+ done
+fi
+
+linux_entry ()
+{
+ os="$1"
+ version="$2"
+ type="$3"
+ args="$4"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ x$type != xsimple ] ; then
+ case $type in
+ recovery)
+ title="$(gettext_printf "%s, with Linux %s (%s)" "${os}" "${version}" "$(gettext "${GRUB_RECOVERY_TITLE}")")" ;;
+ init-*)
+ title="$(gettext_printf "%s, with Linux %s (%s)" "${os}" "${version}" "${type#init-}")" ;;
+ *)
+ title="$(gettext_printf "%s, with Linux %s" "${os}" "${version}")" ;;
+ esac
+ if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ replacement_title="$(echo "Advanced options for ${OS}" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ else
+ echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ "$quick_boot" = 1 ]; then
+ echo " recordfail" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x$type != xrecovery ] ; then
+ save_default_entry | grub_add_tab
+ fi
+
+ # Use ELILO's generic "efifb" when it's known to be available.
+ # FIXME: We need an interface to select vesafb in case efifb can't be used.
+ if [ "x$GRUB_GFXPAYLOAD_LINUX" = x ]; then
+ echo " load_video" | sed "s/^/$submenu_indentation/"
+ else
+ if [ "x$GRUB_GFXPAYLOAD_LINUX" != xtext ]; then
+ echo " load_video" | sed "s/^/$submenu_indentation/"
+ fi
+ fi
+ if ([ "$ubuntu_recovery" = 0 ] || [ x$type != xrecovery ]) && \
+ ([ "x$GRUB_GFXPAYLOAD_LINUX" != x ] || [ "$gfxpayload_dynamic" = 1 ]); then
+ echo " gfxmode \$linux_gfx_mode" | sed "s/^/$submenu_indentation/"
+ fi
+
+ echo " insmod gzio" | sed "s/^/$submenu_indentation/"
+ echo " if [ x\$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi" | sed "s/^/$submenu_indentation/"
+
+ if [ x$dirname = x/ ]; then
+ if [ -z "${prepare_root_cache}" ]; then
+ prepare_root_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_root_cache}" | sed "s/^/$submenu_indentation/"
+ else
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x"$quiet_boot" = x0 ] || [ x"$type" != xsimple ]; then
+ message="$(gettext_printf "Loading Linux %s ..." ${version})"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+EOF
+ fi
+ if test -d /sys/firmware/efi && test -e "${linux}.efi.signed"; then
+ sed "s/^/$submenu_indentation/" << EOF
+ linux ${rel_dirname}/${basename}.efi.signed root=${linux_root_device_thisversion} ro ${args}
+EOF
+ else
+ sed "s/^/$submenu_indentation/" << EOF
+ linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
+EOF
+ fi
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ if [ x"$quiet_boot" = x0 ] || [ x"$type" != xsimple ]; then
+ message="$(gettext_printf "Loading initial ramdisk ...")"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+ initrd ${rel_dirname}/${initrd}
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+}
+EOF
+}
+
+machine=`uname -m`
+case "x$machine" in
+ xi?86 | xx86_64)
+ list=`for i in /boot/vmlinuz-* /vmlinuz-* /boot/kernel-* ; do
+ if grub_file_is_not_garbage "$i" ; then echo -n "$i " ; fi
+ done` ;;
+ *)
+ list=`for i in /boot/vmlinuz-* /boot/vmlinux-* /vmlinuz-* /vmlinux-* /boot/kernel-* ; do
+ if grub_file_is_not_garbage "$i" ; then echo -n "$i " ; fi
+ done` ;;
+esac
+
+case "$machine" in
+ i?86) GENKERNEL_ARCH="x86" ;;
+ mips|mips64) GENKERNEL_ARCH="mips" ;;
+ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;;
+ arm*) GENKERNEL_ARCH="arm" ;;
+ *) GENKERNEL_ARCH="$machine" ;;
+esac
+
+prepare_boot_cache=
+prepare_root_cache=
+boot_device_id=
+title_correction_code=
+
+cat << 'EOF'
+function gfxmode {
+ set gfxpayload="${1}"
+EOF
+if [ "$vt_handoff" = 1 ]; then
+ cat << 'EOF'
+ if [ "${1}" = "keep" ]; then
+ set vt_handoff=vt.handoff=7
+ else
+ set vt_handoff=
+ fi
+EOF
+fi
+cat << EOF
+}
+EOF
+
+# Use ELILO's generic "efifb" when it's known to be available.
+# FIXME: We need an interface to select vesafb in case efifb can't be used.
+if [ "x$GRUB_GFXPAYLOAD_LINUX" != x ] || [ "$gfxpayload_dynamic" = 0 ]; then
+ echo "set linux_gfx_mode=$GRUB_GFXPAYLOAD_LINUX"
+else
+ cat << EOF
+if [ "\${recordfail}" != 1 ]; then
+ if [ -e \${prefix}/gfxblacklist.txt ]; then
+ if hwmatch \${prefix}/gfxblacklist.txt 3; then
+ if [ \${match} = 0 ]; then
+ set linux_gfx_mode=keep
+ else
+ set linux_gfx_mode=text
+ fi
+ else
+ set linux_gfx_mode=text
+ fi
+ else
+ set linux_gfx_mode=keep
+ fi
+else
+ set linux_gfx_mode=text
+fi
+EOF
+fi
+cat << EOF
+export linux_gfx_mode
+EOF
+
+# Extra indentation to add to menu entries in a submenu. We're not in a submenu
+# yet, so it's empty. In a submenu it will be equal to '\t' (one tab).
+submenu_indentation=""
+
+is_top_level=true
+while [ "x$list" != "x" ] ; do
+ linux=`version_find_latest $list`
+ case $linux in
+ *.efi.signed)
+ # We handle these in linux_entry.
+ list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '`
+ continue
+ ;;
+ esac
+ gettext_printf "Found linux image: %s\n" "$linux" >&2
+ basename=`basename $linux`
+ dirname=`dirname $linux`
+ rel_dirname=`make_system_path_relative_to_its_root $dirname`
+ version=`echo $basename | sed -e "s,^[^0-9]*-,,g"`
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+ initrd=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+ "initrd-${alt_version}" "initramfs-${alt_version}.img" \
+ "initramfs-genkernel-${version}" \
+ "initramfs-genkernel-${alt_version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}"; do
+ if test -e "${dirname}/${i}" ; then
+ initrd="$i"
+ break
+ fi
+ done
+
+ config=
+ for i in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${i}" ; then
+ config="${i}"
+ break
+ fi
+ done
+
+ initramfs=
+ if test -n "${config}" ; then
+ initramfs=`grep CONFIG_INITRAMFS_SOURCE= "${config}" | cut -f2 -d= | tr -d \"`
+ fi
+
+ if test -n "${initrd}" ; then
+ gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+ elif test -z "${initramfs}" ; then
+ # "UUID=" and "ZFS=" magic is parsed by initrd or initramfs. Since there's
+ # no initrd or builtin initramfs, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+ fi
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ linux_entry "${OS}" "${version}" simple \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+
+ submenu_indentation="$grub_tab"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ # TRANSLATORS: %s is replaced with an OS name
+ echo "submenu '$(gettext_printf "Advanced options for %s" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
+ is_top_level=false
+ fi
+
+ linux_entry "${OS}" "${version}" advanced \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}"
+ for supported_init in ${SUPPORTED_INITS}; do
+ init_path="${supported_init#*:}"
+ if [ -x "${init_path}" ] && [ "$(readlink -f /sbin/init)" != "${init_path}" ]; then
+ linux_entry "${OS}" "${version}" "init-${supported_init%%:*}" \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} init=${init_path}"
+ fi
+ done
+ if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
+ linux_entry "${OS}" "${version}" recovery \
+ "${GRUB_CMDLINE_LINUX_RECOVERY} ${GRUB_CMDLINE_LINUX}"
+ fi
+
+ list=`echo $list | tr ' ' '\n' | fgrep -vx "$linux" | tr '\n' ' '`
+done
+
+# If at least one kernel was found, then we need to
+# add a closing '}' for the submenu command.
+if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+fi
+
+echo "$title_correction_code"
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009,2010 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+CLASS="--class gnu-linux --class gnu --class os --class xen"
+SUPPORTED_INITS="sysvinit:/lib/sysvinit/init systemd:/lib/systemd/systemd upstart:/sbin/upstart"
+
+if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
+ OS=GNU/Linux
+else
+ OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+ CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1|LC_ALL=C sed 's,[^[:alnum:]_],_,g') ${CLASS}"
+fi
+
+# loop-AES arranges things so that /dev/loop/X can be our root device, but
+# the initrds that Linux uses don't like that.
+case ${GRUB_DEVICE} in
+ /dev/loop/*|/dev/loop[0-9])
+ GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"`
+ # We can't cope with devices loop-mounted from files here.
+ case ${GRUB_DEVICE} in
+ /dev/*) ;;
+ *) exit 0 ;;
+ esac
+ ;;
+esac
+
+if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
+ || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
+ || uses_abstraction "${GRUB_DEVICE}" lvm; then
+ LINUX_ROOT_DEVICE=${GRUB_DEVICE}
+else
+ LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
+fi
+
+# Allow overriding GRUB_CMDLINE_LINUX and GRUB_CMDLINE_LINUX_DEFAULT.
+if [ "${GRUB_CMDLINE_LINUX_XEN_REPLACE}" ]; then
+ GRUB_CMDLINE_LINUX="${GRUB_CMDLINE_LINUX_XEN_REPLACE}"
+fi
+if [ "${GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT}" ]; then
+ GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT}"
+fi
+
+case x"$GRUB_FS" in
+ xbtrfs)
+ rootsubvol="`make_system_path_relative_to_its_root /`"
+ rootsubvol="${rootsubvol#/}"
+ if [ "x${rootsubvol}" != x ]; then
+ GRUB_CMDLINE_LINUX="rootflags=subvol=${rootsubvol} ${GRUB_CMDLINE_LINUX}"
+ fi;;
+ xzfs)
+ rpool=`${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true`
+ bootfs="`make_system_path_relative_to_its_root / | sed -e "s,@$,,"`"
+ LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}"
+ ;;
+esac
+
+title_correction_code=
+
+linux_entry ()
+{
+ os="$1"
+ version="$2"
+ xen_version="$3"
+ type="$4"
+ args="$5"
+ xen_args="$6"
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ x$type != xsimple ] ; then
+ if [ x$type = xrecovery ] ; then
+ title="$(gettext_printf "%s, with Xen %s and Linux %s (%s)" "${os}" "${xen_version}" "${version}" "$(gettext "${GRUB_RECOVERY_TITLE}")")"
+ elif [ "${type#init-}" != "$type" ] ; then
+ title="$(gettext_printf "%s, with Xen %s and Linux %s (%s)" "${os}" "${xen_version}" "${version}" "${type#init-}")"
+ else
+ title="$(gettext_printf "%s, with Xen %s and Linux %s" "${os}" "${xen_version}" "${version}")"
+ fi
+ replacement_title="$(echo "Advanced options for ${OS}" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ if [ x"Xen ${xen_version}>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'xen-gnulinux-$version-$type-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ else
+ title="$(gettext_printf "%s, with Xen hypervisor" "${os}")"
+ echo "menuentry '$(echo "$title" | grub_quote)' ${CLASS} \$menuentry_id_option 'xen-gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"
+ fi
+ if [ x$type != xrecovery ] ; then
+ save_default_entry | grub_add_tab | sed "s/^/$submenu_indentation/"
+ fi
+
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE_BOOT} | grub_add_tab)"
+ fi
+ printf '%s\n' "${prepare_boot_cache}" | sed "s/^/$submenu_indentation/"
+ xmessage="$(gettext_printf "Loading Xen %s ..." ${xen_version})"
+ lmessage="$(gettext_printf "Loading Linux %s ..." ${version})"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$xmessage" | grub_quote)'
+ if [ "\$grub_platform" = "pc" -o "\$grub_platform" = "" ]; then
+ xen_rm_opts=
+ else
+ xen_rm_opts="no-real-mode edd=off"
+ fi
+ multiboot ${rel_xen_dirname}/${xen_basename} placeholder ${xen_args} \${xen_rm_opts}
+ echo '$(echo "$lmessage" | grub_quote)'
+ module ${rel_dirname}/${basename} placeholder root=${linux_root_device_thisversion} ro ${args}
+EOF
+ if test -n "${initrd}" ; then
+ # TRANSLATORS: ramdisk isn't identifier. Should be translated.
+ message="$(gettext_printf "Loading initial ramdisk ...")"
+ sed "s/^/$submenu_indentation/" << EOF
+ echo '$(echo "$message" | grub_quote)'
+ module --nounzip ${rel_dirname}/${initrd}
+EOF
+ fi
+ sed "s/^/$submenu_indentation/" << EOF
+}
+EOF
+}
+
+linux_list=`for i in /boot/vmlinu[xz]-* /vmlinu[xz]-* /boot/kernel-*; do
+ if grub_file_is_not_garbage "$i"; then
+ basename=$(basename $i)
+ version=$(echo $basename | sed -e "s,^[^0-9]*-,,g")
+ dirname=$(dirname $i)
+ config=
+ for j in "${dirname}/config-${version}" "${dirname}/config-${alt_version}" "/etc/kernels/kernel-config-${version}" ; do
+ if test -e "${j}" ; then
+ config="${j}"
+ break
+ fi
+ done
+ if (grep -qx "CONFIG_XEN_DOM0=y" "${config}" 2> /dev/null || grep -qx "CONFIG_XEN_PRIVILEGED_GUEST=y" "${config}" 2> /dev/null); then echo -n "$i " ; fi
+ fi
+ done`
+if [ "x${linux_list}" = "x" ] ; then
+ exit 0
+fi
+
+file_is_not_sym () {
+ case "$1" in
+ */xen-syms-*)
+ return 1;;
+ *)
+ return 0;;
+ esac
+}
+
+xen_list=`for i in /boot/xen*; do
+ if grub_file_is_not_garbage "$i" && file_is_not_sym "$i" ; then echo -n "$i " ; fi
+ done`
+prepare_boot_cache=
+boot_device_id=
+
+title_correction_code=
+
+machine=`uname -m`
+
+case "$machine" in
+ i?86) GENKERNEL_ARCH="x86" ;;
+ mips|mips64) GENKERNEL_ARCH="mips" ;;
+ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;;
+ arm*) GENKERNEL_ARCH="arm" ;;
+ *) GENKERNEL_ARCH="$machine" ;;
+esac
+
+# Extra indentation to add to menu entries in a submenu. We're not in a submenu
+# yet, so it's empty. In a submenu it will be equal to '\t' (one tab).
+submenu_indentation=""
+
+is_top_level=true
+
+while [ "x${xen_list}" != "x" ] ; do
+ list="${linux_list}"
+ current_xen=`version_find_latest $xen_list`
+ xen_basename=`basename ${current_xen}`
+ xen_dirname=`dirname ${current_xen}`
+ rel_xen_dirname=`make_system_path_relative_to_its_root $xen_dirname`
+ xen_version=`echo $xen_basename | sed -e "s,.gz$,,g;s,^xen-,,g"`
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ if [ "x$is_top_level" != xtrue ]; then
+ echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {"
+ fi
+ while [ "x$list" != "x" ] ; do
+ linux=`version_find_latest $list`
+ gettext_printf "Found linux image: %s\n" "$linux" >&2
+ basename=`basename $linux`
+ dirname=`dirname $linux`
+ rel_dirname=`make_system_path_relative_to_its_root $dirname`
+ version=`echo $basename | sed -e "s,^[^0-9]*-,,g"`
+ alt_version=`echo $version | sed -e "s,\.old$,,g"`
+ linux_root_device_thisversion="${LINUX_ROOT_DEVICE}"
+
+ initrd=
+ for i in "initrd.img-${version}" "initrd-${version}.img" "initrd-${version}.gz" \
+ "initrd-${version}" "initramfs-${version}.img" \
+ "initrd.img-${alt_version}" "initrd-${alt_version}.img" \
+ "initrd-${alt_version}" "initramfs-${alt_version}.img" \
+ "initramfs-genkernel-${version}" \
+ "initramfs-genkernel-${alt_version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \
+ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}" ; do
+ if test -e "${dirname}/${i}" ; then
+ initrd="$i"
+ break
+ fi
+ done
+ if test -n "${initrd}" ; then
+ gettext_printf "Found initrd image: %s\n" "${dirname}/${initrd}" >&2
+ else
+ # "UUID=" magic is parsed by initrds. Since there's no initrd, it can't work here.
+ linux_root_device_thisversion=${GRUB_DEVICE}
+ fi
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" simple \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+
+ submenu_indentation="$grub_tab$grub_tab"
+
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${GRUB_DEVICE}")"
+ fi
+ # TRANSLATORS: %s is replaced with an OS name
+ echo "submenu '$(gettext_printf "Advanced options for %s (with Xen hypervisor)" "${OS}" | grub_quote)' \$menuentry_id_option 'gnulinux-advanced-$boot_device_id' {"
+ echo " submenu '$(gettext_printf "Xen hypervisor, version %s" "${xen_version}" | grub_quote)' \$menuentry_id_option 'xen-hypervisor-$xen_version-$boot_device_id' {"
+ is_top_level=false
+ fi
+
+ linux_entry "${OS}" "${version}" "${xen_version}" advanced \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+ for supported_init in ${SUPPORTED_INITS}; do
+ init_path="${supported_init#*:}"
+ if [ -x "${init_path}" ] && [ "$(readlink -f /sbin/init)" != "${init_path}" ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" "init-${supported_init%%:*}" \
+ "${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT} init=${init_path}" "${GRUB_CMDLINE_XEN} ${GRUB_CMDLINE_XEN_DEFAULT}"
+
+ fi
+ done
+ if [ "x${GRUB_DISABLE_RECOVERY}" != "xtrue" ]; then
+ linux_entry "${OS}" "${version}" "${xen_version}" recovery \
+ "single ${GRUB_CMDLINE_LINUX}" "${GRUB_CMDLINE_XEN}"
+ fi
+
+ list=`echo $list | tr ' ' '\n' | fgrep -vx "$linux" | tr '\n' ' '`
+ done
+ if [ x"$is_top_level" != xtrue ]; then
+ echo ' }'
+ fi
+ xen_list=`echo $xen_list | tr ' ' '\n' | fgrep -vx "$current_xen" | tr '\n' ' '`
+done
+
+# If at least one kernel was found, then we need to
+# add a closing '}' for the submenu command.
+if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+fi
+
+echo "$title_correction_code"
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2006,2007,2008,2009 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+quick_boot="0"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+found_other_os=
+
+adjust_timeout () {
+ if [ "$quick_boot" = 1 ] && [ "x${found_other_os}" != "x" ]; then
+ cat << EOF
+set timeout_style=menu
+if [ "\${timeout}" = 0 ]; then
+ set timeout=10
+fi
+EOF
+ fi
+}
+
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
+ exit 0
+fi
+
+if [ -z "`which os-prober 2> /dev/null`" -o -z "`which linux-boot-prober 2> /dev/null`" ] ; then
+ # missing os-prober and/or linux-boot-prober
+ exit 0
+fi
+
+OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
+if [ -z "${OSPROBED}" ] ; then
+ # empty os-prober output, nothing doing
+ exit 0
+fi
+
+osx_entry() {
+ found_other_os=1
+ if [ x$2 = x32 ]; then
+ # TRANSLATORS: it refers to kernel architecture (32-bit)
+ bitstr="$(gettext "(32-bit)")"
+ else
+ # TRANSLATORS: it refers to kernel architecture (64-bit)
+ bitstr="$(gettext "(64-bit)")"
+ fi
+ # TRANSLATORS: it refers on the OS residing on device %s
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $bitstr $onstr" | grub_quote)' --class osx --class darwin --class os \$menuentry_id_option 'osprober-xnu-$2-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+ cat << EOF
+ load_video
+ set do_resume=0
+ if [ /var/vm/sleepimage -nt10 / ]; then
+ if xnu_resume /var/vm/sleepimage; then
+ set do_resume=1
+ fi
+ fi
+ if [ \$do_resume = 0 ]; then
+ xnu_uuid ${OSXUUID} uuid
+ if [ -f /Extra/DSDT.aml ]; then
+ acpi -e /Extra/DSDT.aml
+ fi
+ if [ /kernelcache -nt /System/Library/Extensions ]; then
+ $1 /kernelcache boot-uuid=\${uuid} rd=*uuid
+ else
+ $1 /mach_kernel boot-uuid=\${uuid} rd=*uuid
+ if [ /System/Library/Extensions.mkext -nt /System/Library/Extensions ]; then
+ xnu_mkext /System/Library/Extensions.mkext
+ else
+ xnu_kextdir /System/Library/Extensions
+ fi
+ fi
+ if [ -f /Extra/Extensions.mkext ]; then
+ xnu_mkext /Extra/Extensions.mkext
+ fi
+ if [ -d /Extra/Extensions ]; then
+ xnu_kextdir /Extra/Extensions
+ fi
+ if [ -f /Extra/devprop.bin ]; then
+ xnu_devprop_load /Extra/devprop.bin
+ fi
+ if [ -f /Extra/splash.jpg ]; then
+ insmod jpeg
+ xnu_splash /Extra/splash.jpg
+ fi
+ if [ -f /Extra/splash.png ]; then
+ insmod png
+ xnu_splash /Extra/splash.png
+ fi
+ if [ -f /Extra/splash.tga ]; then
+ insmod tga
+ xnu_splash /Extra/splash.tga
+ fi
+ fi
+}
+EOF
+}
+
+used_osprober_linux_ids=
+
+wubi=
+
+for OS in ${OSPROBED} ; do
+ DEVICE="`echo ${OS} | cut -d ':' -f 1`"
+ LONGNAME="`echo ${OS} | cut -d ':' -f 2 | tr '^' ' '`"
+ LABEL="`echo ${OS} | cut -d ':' -f 3 | tr '^' ' '`"
+ BOOT="`echo ${OS} | cut -d ':' -f 4`"
+ if UUID="`${grub_probe} --target=fs_uuid --device ${DEVICE%@*}`"; then
+ EXPUUID="$UUID"
+
+ if [ x"${DEVICE#*@}" != x ] ; then
+ EXPUUID="${EXPUUID}@${DEVICE#*@}"
+ fi
+
+ if [ "x${GRUB_OS_PROBER_SKIP_LIST}" != "x" -a "x`echo ${GRUB_OS_PROBER_SKIP_LIST} | grep -i -e '\b'${EXPUUID}'\b'`" != "x" ] ; then
+ echo "Skipped ${LONGNAME} on ${DEVICE} by user request." >&2
+ continue
+ fi
+ fi
+
+ BTRFS="`echo ${OS} | cut -d ':' -f 5`"
+ if [ "x$BTRFS" = "xbtrfs" ]; then
+ BTRFSuuid="`echo ${OS} | cut -d ':' -f 6`"
+ BTRFSsubvol="`echo ${OS} | cut -d ':' -f 7`"
+ fi
+
+ if [ -z "${LONGNAME}" ] ; then
+ LONGNAME="${LABEL}"
+ fi
+
+ gettext_printf "Found %s on %s\n" "${LONGNAME}" "${DEVICE}" >&2
+
+ case ${BOOT} in
+ chain)
+
+ case ${LONGNAME} in
+ Windows*)
+ if [ -z "$wubi" ]; then
+ if [ -x /usr/share/lupin-support/grub-mkimage ] && \
+ /usr/share/lupin-support/grub-mkimage --test; then
+ wubi=yes
+ else
+ wubi=no
+ fi
+ fi
+ if [ "$wubi" = yes ]; then
+ echo "Skipping ${LONGNAME} on Wubi system" >&2
+ continue
+ fi
+ ;;
+ esac
+
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class windows --class os \$menuentry_id_option 'osprober-chain-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+
+ if [ x"`${grub_probe} --device ${DEVICE} --target=partmap`" = xmsdos ]; then
+ cat << EOF
+ parttool \${root} hidden-
+EOF
+ fi
+
+ case ${LONGNAME} in
+ Windows\ Vista*|Windows\ 7*|Windows\ Server\ 2008*)
+ ;;
+ *)
+ cat << EOF
+ drivemap -s (hd0) \${root}
+EOF
+ ;;
+ esac
+
+ cat <<EOF
+ chainloader +1
+}
+EOF
+ ;;
+ efi)
+
+ found_other_os=1
+ EFIPATH=${DEVICE#*@}
+ DEVICE=${DEVICE%@*}
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class windows --class os \$menuentry_id_option 'osprober-efi-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | sed -e "s/^/\t/"
+ prepare_grub_to_access_device ${DEVICE} | sed -e "s/^/\t/"
+
+ cat <<EOF
+ chainloader ${EFIPATH}
+}
+EOF
+ ;;
+ linux)
+ if [ "x$BTRFS" = "xbtrfs" ]; then
+ LINUXPROBED="`linux-boot-prober btrfs ${BTRFSuuid} ${BTRFSsubvol} 2> /dev/null | tr ' ' '^' | paste -s -d ' '`"
+ else
+ LINUXPROBED="`linux-boot-prober ${DEVICE} 2> /dev/null | tr ' ' '^' | paste -s -d ' '`"
+ fi
+ prepare_boot_cache=
+ boot_device_id=
+ is_top_level=true
+ title_correction_code=
+ OS="${LONGNAME}"
+
+ for LINUX in ${LINUXPROBED} ; do
+ LROOT="`echo ${LINUX} | cut -d ':' -f 1`"
+ LBOOT="`echo ${LINUX} | cut -d ':' -f 2`"
+ LLABEL="`echo ${LINUX} | cut -d ':' -f 3 | tr '^' ' '`"
+ LKERNEL="`echo ${LINUX} | cut -d ':' -f 4`"
+ LINITRD="`echo ${LINUX} | cut -d ':' -f 5`"
+ LPARAMS="`echo ${LINUX} | cut -d ':' -f 6- | tr '^' ' '`"
+
+ if [ -z "${LLABEL}" ] ; then
+ LLABEL="${LONGNAME}"
+ fi
+
+ if [ "${LROOT}" != "${LBOOT}" ]; then
+ LKERNEL="${LKERNEL#/boot}"
+ LINITRD="${LINITRD#/boot}"
+ fi
+
+ if [ -z "${prepare_boot_cache}" ]; then
+ prepare_boot_cache="$(prepare_grub_to_access_device ${LBOOT} | grub_add_tab)"
+ [ "${prepare_boot_cache}" ] || continue
+ fi
+
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ recovery_params="$(echo "${LPARAMS}" | grep 'single\|recovery')" || true
+ counter=1
+ while echo "$used_osprober_linux_ids" | grep 'osprober-gnulinux-$LKERNEL-${recovery_params}-$counter-$boot_device_id' > /dev/null; do
+ counter=$((counter+1));
+ done
+ if [ -z "$boot_device_id" ]; then
+ boot_device_id="$(grub_get_device_id "${DEVICE}")"
+ fi
+ used_osprober_linux_ids="$used_osprober_linux_ids 'osprober-gnulinux-$LKERNEL-${recovery_params}-$counter-$boot_device_id'"
+
+ if [ "x$is_top_level" = xtrue ] && [ "x${GRUB_DISABLE_SUBMENU}" != xy ]; then
+ cat << EOF
+menuentry '$(echo "$OS $onstr" | grub_quote)' --class gnu-linux --class gnu --class os \$menuentry_id_option 'osprober-gnulinux-simple-$boot_device_id' {
+EOF
+ save_default_entry | grub_add_tab
+ printf '%s\n' "${prepare_boot_cache}"
+ cat << EOF
+ linux ${LKERNEL} ${LPARAMS}
+EOF
+ if [ -n "${LINITRD}" ] ; then
+ cat << EOF
+ initrd ${LINITRD}
+EOF
+ fi
+ cat << EOF
+}
+EOF
+ echo "submenu '$(gettext_printf "Advanced options for %s" "${OS} $onstr" | grub_quote)' \$menuentry_id_option 'osprober-gnulinux-advanced-$boot_device_id' {"
+ is_top_level=false
+ fi
+ title="${LLABEL} $onstr"
+ cat << EOF
+ menuentry '$(echo "$title" | grub_quote)' --class gnu-linux --class gnu --class os \$menuentry_id_option 'osprober-gnulinux-$LKERNEL-${recovery_params}-$boot_device_id' {
+EOF
+ save_default_entry | sed -e "s/^/$grub_tab$grub_tab/"
+ printf '%s\n' "${prepare_boot_cache}" | grub_add_tab
+ cat << EOF
+ linux ${LKERNEL} ${LPARAMS}
+EOF
+ if [ -n "${LINITRD}" ] ; then
+ cat << EOF
+ initrd ${LINITRD}
+EOF
+ fi
+ cat << EOF
+ }
+EOF
+ if [ x"$title" = x"$GRUB_ACTUAL_DEFAULT" ] || [ x"Previous Linux versions>$title" = x"$GRUB_ACTUAL_DEFAULT" ]; then
+ replacement_title="$(echo "Advanced options for ${OS} $onstr" | sed 's,>,>>,g')>$(echo "$title" | sed 's,>,>>,g')"
+ quoted="$(echo "$GRUB_ACTUAL_DEFAULT" | grub_quote)"
+ title_correction_code="${title_correction_code}if [ \"x\$default\" = '$quoted' ]; then default='$(echo "$replacement_title" | grub_quote)'; fi;"
+ grub_warn "$(gettext_printf "Please don't use old title \`%s' for GRUB_DEFAULT, use \`%s' (for versions before 2.00) or \`%s' (for 2.00 or later)" "$GRUB_ACTUAL_DEFAULT" "$replacement_title" "gnulinux-advanced-$boot_device_id>gnulinux-$version-$type-$boot_device_id")"
+ fi
+ done
+ if [ x"$is_top_level" != xtrue ]; then
+ echo '}'
+ fi
+ echo "$title_correction_code"
+ ;;
+ macosx)
+ if [ "${UUID}" ]; then
+ OSXUUID="${UUID}"
+ osx_entry xnu_kernel 32
+ osx_entry xnu_kernel64 64
+ fi
+ ;;
+ hurd)
+ found_other_os=1
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+ cat << EOF
+menuentry '$(echo "${LONGNAME} $onstr" | grub_quote)' --class hurd --class gnu --class os \$menuentry_id_option 'osprober-gnuhurd-/boot/gnumach.gz-false-$(grub_get_device_id "${DEVICE}")' {
+EOF
+ save_default_entry | grub_add_tab
+ prepare_grub_to_access_device ${DEVICE} | grub_add_tab
+ grub_device="`${grub_probe} --device ${DEVICE} --target=drive`"
+ mach_device="`echo "${grub_device}" | sed -e 's/(\(hd.*\),msdos\(.*\))/\1s\2/'`"
+ grub_fs="`${grub_probe} --device ${DEVICE} --target=fs`"
+ case "${grub_fs}" in
+ *fs) hurd_fs="${grub_fs}" ;;
+ *) hurd_fs="${grub_fs}fs" ;;
+ esac
+ cat << EOF
+ multiboot /boot/gnumach.gz root=device:${mach_device}
+ module /hurd/${hurd_fs}.static ${hurd_fs} --readonly \\
+ --multiboot-command-line='\${kernel-command-line}' \\
+ --host-priv-port='\${host-port}' \\
+ --device-master-port='\${device-port}' \\
+ --exec-server-task='\${exec-task}' -T typed '\${root}' \\
+ '\$(task-create)' '\$(task-resume)'
+ module /lib/ld.so.1 exec /hurd/exec '\$(exec-task=task-create)'
+}
+EOF
+ ;;
+ minix)
+ cat << EOF
+menuentry "${LONGNAME} (on ${DEVICE}, Multiboot)" {
+EOF
+ save_default_entry | sed -e "s/^/\t/"
+ prepare_grub_to_access_device ${DEVICE} | sed -e "s/^/\t/"
+ cat << EOF
+ multiboot /boot/image_latest
+}
+EOF
+ ;;
+ *)
+ echo -n " "
+ # TRANSLATORS: %s is replaced by OS name.
+ gettext_printf "%s is not yet supported by grub-mkconfig.\n" "${LONGNAME}" >&2
+ ;;
+ esac
+done
+
+adjust_timeout
--- /dev/null
+#! /bin/sh
+set -e
+
+# grub-mkconfig helper script.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+#
+# GRUB is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# GRUB is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+
+prefix="/usr"
+exec_prefix="/usr"
+datarootdir="/usr/share"
+
+export TEXTDOMAIN=grub
+export TEXTDOMAINDIR="${datarootdir}/locale"
+
+. "${datarootdir}/grub/grub-mkconfig_lib"
+
+efi_vars_dir=/sys/firmware/efi/vars
+EFI_GLOBAL_VARIABLE=8be4df61-93ca-11d2-aa0d-00e098032b8c
+OsIndications="$efi_vars_dir/OsIndicationsSupported-$EFI_GLOBAL_VARIABLE/data"
+
+if [ -e "$OsIndications" ] && \
+ [ "$(( $(printf %x \'"$(cat $OsIndications | cut -b1)") & 1 ))" = 1 ]; then
+ LABEL="System setup"
+
+ gettext_printf "Adding boot menu entry for EFI firmware configuration\n" >&2
+
+ onstr="$(gettext_printf "(on %s)" "${DEVICE}")"
+
+ cat << EOF
+menuentry '$LABEL' \$menuentry_id_option 'uefi-firmware' {
+ fwsetup
+}
+EOF
+fi
--- /dev/null
+#!/bin/sh
+exec tail -n +3 $0
+# This file provides an easy way to add custom menu entries. Simply type the
+# menu entries you want to add after this comment. Be careful not to change
+# the 'exec tail' line above.
--- /dev/null
+#!/bin/sh
+cat <<EOF
+if [ -f \${config_directory}/custom.cfg ]; then
+ source \${config_directory}/custom.cfg
+elif [ -z "\${config_directory}" -a -f \$prefix/custom.cfg ]; then
+ source \$prefix/custom.cfg;
+fi
+EOF
+
--- /dev/null
+
+All executable files in this directory are processed in shell expansion order.
+
+ 00_*: Reserved for 00_header.
+ 10_*: Native boot entries.
+ 20_*: Third party apps (e.g. memtest86+).
+
+The number namespace in-between is configurable by system installer and/or
+administrator. For example, you can add an entry to boot another OS as
+01_otheros, 11_otheros, etc, depending on the position you want it to occupy in
+the menu; and then adjust the default setting via /etc/default/grub.
--- /dev/null
+root:*::frank
+daemon:*::frank
+bin:*::frank
+sys:*::frank
+adm:*::
+tty:*::frank
+disk:*::frank
+lp:*::frank
+mail:*::frank
+news:*::
+uucp:*::
+man:*::frank
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::frank
+audio:*::frank
+dip:*::
+www-data:*::
+backup:*::
+operator:*::frank
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::frank
+sasl:*::
+plugdev:*::
+staff:*::frank
+games:*::frank
+users:*::
+nogroup:*::
+input:!::
+systemd-journal:!::
+systemd-timesync:!::
+systemd-network:!::
+systemd-resolve:!::
+systemd-bus-proxy:!::
+crontab:!::frank
+netdev:!::
+ssh:!::
+messagebus:!::
+mlocate:!::frank
+mysql:!::
+ssl-cert:!::
+postfix:!::
+postdrop:!::
+clamav:!::
+dovecot:!::
+dovenull:!::
+amavis:!::clamav
+debian-spamd:!::
+vmail:!::
+iredadmin:!::
+iredapd:!::
+ulog:!::
+wireshark:!::
--- /dev/null
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+input:!::
+systemd-journal:!::
+systemd-timesync:!::
+systemd-network:!::
+systemd-resolve:!::
+systemd-bus-proxy:!::
+crontab:!::
+netdev:!::
+ssh:!::
+messagebus:!::
+mlocate:!::
+mysql:!::
+ssl-cert:!::
+postfix:!::
+postdrop:!::
+clamav:!::
+dovecot:!::
+dovenull:!::
+amavis:!::clamav
+debian-spamd:!::
+vmail:!::
+iredadmin:!::
+iredapd:!::
+ulog:!::
+wireshark:!::
--- /dev/null
+Any file places in this directory ending in .conf will be read as a
+GSS-API mechanism configuration file, and the mechanisms described in
+that file will be dynamically loaded.
+
--- /dev/null
+127.0.0.1 localhost
+127.0.1.1 sarah.uhu-banane.de sarah
+
+# The following lines are desirable for IPv6 capable hosts
+::1 localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
--- /dev/null
+# /etc/hosts.allow: list of hosts that are allowed to access the system.
+# See the manual pages hosts_access(5) and hosts_options(5).
+#
+# Example: ALL: LOCAL @some_netgroup
+# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
+#
+# If you're going to protect the portmapper use the name "rpcbind" for the
+# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
+#
+
--- /dev/null
+# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
+# See the manual pages hosts_access(5) and hosts_options(5).
+#
+# Example: ALL: some.host.name, .some.domain
+# ALL EXCEPT in.fingerd: other.host.name, .other.domain
+#
+# If you're going to protect the portmapper use the name "rpcbind" for the
+# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
+#
+# The PARANOID wildcard matches any host whose name does not match its
+# address.
+#
+# You may wish to enable this to ensure any programs that don't
+# validate looked up hostnames still leave understandable logs. In past
+# versions of Debian this has been the default.
+# ALL: PARANOID
+
--- /dev/null
+ Configuration of System V init under Debian GNU/Linux
+
+Most Unix versions have a file here that describes how the scripts
+in this directory work, and how the links in the /etc/rc?.d/ directories
+influence system startup/shutdown.
+
+For Debian, this information is contained in the policy manual, chapter
+"System run levels and init.d scripts". The Debian Policy Manual is
+available at:
+
+ http://www.debian.org/doc/debian-policy/#contents
+
+The Debian Policy Manual is also available in the Debian package
+"debian-policy". When this package is installed, the policy manual can be
+found in directory /usr/share/doc/debian-policy. If you have a browser
+installed you can probably read it at
+
+ file://localhost/usr/share/doc/debian-policy/
+
+Some more detailed information can also be found in the files in the
+/usr/share/doc/sysv-rc directory.
+
+Debian Policy dictates that /etc/init.d/*.sh scripts must work properly
+when sourced. The following additional rules apply:
+
+* /etc/init.d/*.sh scripts must not rely for their correct functioning
+ on their being sourced rather than executed. That is, they must work
+ properly when executed too. They must include "#!/bin/sh" at the top.
+ This is useful when running scripts in parallel.
+
+* /etc/init.d/*.sh scripts must conform to the rules for sh scripts as
+ spelled out in the Debian policy section entitled "Scripts" (§10.4).
+
+Use the update-rc.d command to create symbolic links in the /etc/rc?.d
+as appropriate. See that man page for more details.
+
+All init.d scripts are expected to have a LSB style header documenting
+dependencies and default runlevel settings. The header look like this
+(not all fields are required):
+
+### BEGIN INIT INFO
+# Provides: skeleton
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $portmap
+# Should-Stop: $portmap
+# X-Start-Before: nis
+# X-Stop-After: nis
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Example initscript
+# Description: This file should be used to construct scripts to be
+# placed in /etc/init.d.
+### END INIT INFO
+
+More information on the format is available from insserv(8). This
+information is used to dynamicaly assign sequence numbers to the
+boot scripts and to run the scripts in parallel during the boot.
+See also /usr/share/doc/insserv/README.Debian.
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: acpid
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# X-Start-Before: kdm gdm3 xdm lightdm
+# X-Stop-After: kdm gdm3 xdm lightdm
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Start the Advanced Configuration and Power Interface daemon
+# Description: Provide a socket for X11, hald and others to multiplex
+# kernel ACPI events.
+### END INIT INFO
+
+set -e
+
+ACPID="/usr/sbin/acpid"
+DEFAULTS="/etc/default/acpid"
+
+# Check for daemon presence
+[ -x "$ACPID" ] || exit 0
+
+OPTIONS=""
+MODULES=""
+# Include acpid defaults if available
+[ -r "$DEFAULTS" ] && . "$DEFAULTS"
+
+# Get lsb functions
+. /lib/lsb/init-functions
+
+# As the name says. If the kernel supports modules, it'll try to load
+# the ones listed in "MODULES".
+load_modules() {
+ [ -f /proc/modules ] || return 0
+ if [ "$MODULES" = "all" ]; then
+ MODULES="$(sed -rn 's#^(/lib/modules/[^/]+/)?kernel/(drivers|ubuntu)/acpi/([^/]+/)*(.*)\.ko:.*#\4#p' "/lib/modules/$(uname -r)/modules.dep")"
+ fi
+
+ if [ -z "$MODULES" ]; then
+ return
+ fi
+
+ log_begin_msg "Loading ACPI kernel modules..."
+ # work around a bug in initramfs which leaks this env var Launchpad #291619
+ # and a bug in modprobe --all --quiet which doesn't load all modules and
+ # exits with non-zero exit status Debian #504088
+ unset MODPROBE_OPTIONS
+ modprobe --all --use-blacklist $MODULES 2>/dev/null
+ log_end_msg $?
+}
+
+case "$1" in
+ start)
+ load_modules || true
+ log_begin_msg "Starting ACPI services..."
+ start-stop-daemon --start --quiet --oknodo --exec "$ACPID" -- $OPTIONS
+ log_end_msg $?
+ ;;
+ stop)
+ log_begin_msg "Stopping ACPI services..."
+ start-stop-daemon --stop --quiet --oknodo --retry 2 --exec "$ACPID"
+ log_end_msg $?
+ ;;
+ restart)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ reload|force-reload)
+ log_begin_msg "Reloading ACPI services..."
+ start-stop-daemon --stop --signal 1 --exec "$ACPID"
+ log_end_msg $?
+ ;;
+ status)
+ status_of_proc "$ACPID" acpid
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/acpid {start|stop|restart|reload|force-reload|status}"
+ exit 1
+esac
+
--- /dev/null
+#! /bin/sh
+#
+# amavisd /etc/init.d/ initscript for amavisd-new
+# $Id: amavisd-new.init 800 2006-01-31 00:07:45Z hmh $
+#
+# Copyright (c) 2003 by Brian May <bam@debian.org>
+# and Henrique M. Holschuh <hmh@debian.org>
+# Distributed under the GPL version 2
+#
+#
+# How this thing works:
+# ${START} must be only what is needed for start-stop-daemon, DO NOT
+# ADD ANY PARAMETERS HERE! we might use it for --test, for example.
+# ${STOP} works just like ${START}, --signal is used with it.
+#
+# ${PARAMS} are the parameters to give the daemon when really starting
+# it.
+### BEGIN INIT INFO
+# Provides: amavisd-new
+# Required-Start: $syslog $network $local_fs $remote_fs
+# Required-Stop: $syslog $network $local_fs $remote_fs
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Starts amavisd-new mailfilter
+# Description: Launches the amavisd-new mailfilter
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/amavisd-new
+DAEMON2=/usr/bin/perl
+NAME=amavisd
+DAEMONNAME=amavisd-new
+DESC=amavisd
+PIDFILE=/var/run/amavis/${NAME}.pid
+
+. /lib/lsb/init-functions
+
+test -f ${DAEMON} || exit 0
+
+set -e
+
+START="--start --quiet --pidfile $PIDFILE --startas ${DAEMON}"
+STOP="--stop --quiet --pidfile $PIDFILE"
+PARAMS=
+
+check_noncompatible_upgrade() {
+ for i in /etc/amavisd.conf /etc/amavis/amavisd.conf ; do
+ if [ -e "${i}.disabled" ] ; then
+ echo "Found incompatible config file flag!" >&2
+ echo "Due to safety concerns, amavisd-new will not be started." >&2
+ echo "Refer to /usr/share/doc/amavisd-new/README.Debian for instructions." >&2
+ exit 1
+ fi
+ done
+}
+
+createdir() {
+# $1 = user
+# $2 = group
+# $3 = permissions (octal)
+# $4 = path to directory
+ [ -d "$4" ] || mkdir -p "$4"
+ chown -c -h "$1:$2" "$4"
+ chmod -c "$3" "$4"
+}
+
+fixdirs() {
+ dir=$(dpkg-statoverride --list /var/run/amavis) || {
+ echo "You are missing a dpkg-statoverride on /var/run/amavis. Fix it, otherwise you risk silent breakage on upgrades." >&2
+ exit 1
+ }
+ [ -z "$dir" ] || createdir $dir
+ :
+}
+
+cleanup() {
+ [ -d /var/lib/amavis ] &&
+ find /var/lib/amavis -maxdepth 1 -name 'amavis-*' -type d \
+ -exec rm -rf "{}" \; >/dev/null 2>&1 || true
+ [ -d /var/lib/amavis/tmp ] &&
+ find /var/lib/amavis/tmp -maxdepth 1 -name 'amavis-*' -type d \
+ -exec rm -rf "{}" \; >/dev/null 2>&1 || true
+ :
+}
+
+case "$1" in
+ start)
+ echo -n "Starting $DESC: "
+ fixdirs
+ check_noncompatible_upgrade
+ export LC_ALL; LC_ALL=C
+ if start-stop-daemon ${START} -- ${PARAMS} start >/dev/null ; then
+ echo "amavisd-new."
+ else
+ if start-stop-daemon --test ${START} >/dev/null 2>&1; then
+ echo "(failed)."
+ exit 1
+ else
+ echo "(already running)."
+ exit 0
+ fi
+ fi
+ ;;
+ stop)
+ echo -n "Stopping $DESC: "
+ if start-stop-daemon ${STOP} --retry 10 >/dev/null ; then
+ cleanup
+ echo "amavisd-new."
+ else
+ if start-stop-daemon --test ${START} >/dev/null 2>&1; then
+ echo "(not running)."
+ exit 0
+ else
+ echo "(failed)."
+ exit 1
+ fi
+ fi
+ ;;
+# reload)
+# echo "Reloading $DESC configuration files."
+# start-stop-daemon ${STOP} --signal 1
+# ;;
+ restart|force-reload)
+ $0 stop
+ exec $0 start
+ ;;
+ debug|debug-sa)
+ mode="$1"
+ echo "Trying to run amavisd-new in ${mode} mode..."
+ fixdirs
+ check_noncompatible_upgrade
+ exec ${DAEMON} ${PARAMS} "${mode}"
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ N=/etc/init.d/amavis
+ #echo "Usage: $N {start|stop|restart|reload|force-reload|debug}" >&2
+ echo "Usage: $N {start|stop|restart|force-reload|status|debug}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: amavis-mc
+# Required-Start: $remote_fs $syslog amavisd-new
+# Should-Start:
+# Should-Stop:
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Startup script for amavis master supervisor
+# Description: This script starts the amavis supervisor for amavis
+# service processes.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="amavis services supervisor"
+NAME=amavis-mc
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="-P /var/run/amavis/$NAME.pid"
+PIDFILE=/var/run/amavis/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+
+if [ "${ENABLED}" != "yes" ]; then
+ log_warning_msg "Not starting ${NAME} - edit
+ /etc/default/${NAME} to enable it"
+ exit 0
+fi
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ if [ -e $PIDFILE ]
+ then
+ if [ -d /proc/`cat $PIDFILE`/ ]
+ then
+ echo "$NAME (${AGENT_BACKEND} version) already running."
+ exit 0;
+ else
+ rm -f $PIDFILE
+ fi
+ fi
+ export LC_ALL; LC_ALL=C
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: amavis-snmp-subagent
+# Required-Start: $remote_fs $syslog amavisd-new
+# Should-Start: snmpd amavis-mc
+# Should-Stop: snmpd
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Startup script for amavis snmp subagent
+# Description: This script starts the daemon used to connect amavis with the
+# snmpd daemon
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="amavis snmp subagent"
+NAME=amavisd-snmp-subagent
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="-P /var/run/$NAME.pid"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+AGENT_BACKEND="bdb"
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+case "$AGENT_BACKEND" in
+ bdb)
+ DAEMON=/usr/sbin/amavisd-snmp-subagent
+ ;;
+ zeromq)
+ DAEMON=/usr/sbin/amavisd-snmp-subagent-zmq
+ ;;
+esac
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+
+if [ "${ENABLED}" != "yes" ]; then
+ log_warning_msg "Not starting ${NAME} - edit
+ /etc/default/${NAME} to enable it"
+ exit 0
+fi
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ if [ -e $PIDFILE ]
+ then
+ if [ -d /proc/`cat $PIDFILE`/ ]
+ then
+ echo "$NAME (${AGENT_BACKEND} version) already running."
+ exit 0;
+ else
+ rm -f $PIDFILE
+ fi
+ fi
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC ($AGENT_BACKEND version)" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: atd
+# Required-Start: $syslog $time $remote_fs
+# Required-Stop: $syslog $time $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Deferred execution scheduler
+# Description: Debian init script for the atd deferred executions
+# scheduler
+### END INIT INFO
+#
+# Author: Ryan Murray <rmurray@debian.org>
+#
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/atd
+PIDFILE=/var/run/atd.pid
+
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting deferred execution scheduler" "atd"
+ start_daemon -p $PIDFILE $DAEMON
+ log_end_msg $?
+ ;;
+ stop)
+ log_daemon_msg "Stopping deferred execution scheduler" "atd"
+ killproc -p $PIDFILE $DAEMON
+ log_end_msg $?
+ ;;
+ force-reload|restart)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON atd && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/atd {start|stop|restart|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: bootlogs
+# Required-Start: hostname $local_fs
+# Required-Stop:
+# Should-Start: $x-display-manager gdm kdm xdm ldm sdm wdm nodm
+# Default-Start: 1 2 3 4 5
+# Default-Stop:
+# Short-Description: Log file handling to be done during bootup.
+# Description: Various things that don't need to be done particularly
+# early in the boot, just before getty is run.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ # Save kernel messages in /var/log/dmesg
+ if which dmesg >/dev/null 2>&1
+ then
+ [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg
+ dmesg -s 524288 > /var/log/dmesg
+ chgrp adm /var/log/dmesg || :
+ elif [ -c /dev/klog ]
+ then
+ [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg
+ dd if=/dev/klog of=/var/log/dmesg &
+ sleep 1
+ kill $!
+ [ -f /var/log/dmesg ] && { chgrp adm /var/log/dmesg || : ; }
+ fi
+}
+
+do_status () {
+ return 0
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: bootlogs [start|stop|status]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: bootmisc
+# Required-Start: $remote_fs
+# Required-Stop:
+# Should-Start: udev
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Miscellaneous things to be done during bootup.
+# Description: Some cleanup. Note, it need to run after mountnfs-bootclean.sh.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ #
+ # If login delaying is enabled then create the flag file
+ # which prevents logins before startup is complete
+ #
+ case "$DELAYLOGIN" in
+ Y*|y*)
+ echo "System bootup in progress - please wait" > /var/lib/initscripts/nologin
+ ;;
+ esac
+
+ # Create /var/run/utmp so we can login.
+ : > /var/run/utmp
+ if grep -q ^utmp: /etc/group
+ then
+ chmod 664 /var/run/utmp
+ chgrp utmp /var/run/utmp
+ fi
+
+ # Remove bootclean's flag files.
+ # Don't run bootclean again after this!
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+ rm -f /tmp/.tmpfs /run/.tmpfs /run/lock/.tmpfs
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: bootmisc.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkfs
+# Required-Start: checkroot
+# Required-Stop:
+# Should-Start:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Check all filesystems.
+### END INIT INFO
+
+# Include /usr/bin in path to find on_ac_power if /usr/ is on the root
+# partition.
+PATH=/sbin:/bin:/usr/bin
+FSCK_LOGFILE=/var/log/fsck/checkfs
+[ "$FSCKFIX" ] || FSCKFIX=no
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+. /lib/init/swap-functions.sh
+
+do_start () {
+ # Trap SIGINT so that we can handle user interupt of fsck.
+ trap "" INT
+
+ # See if we're on AC Power. If not, we're not gonna run our
+ # check. If on_ac_power (in /usr/) is unavailable, behave as
+ # before and check all file systems needing it.
+
+# Disabled AC power check until fsck can be told to only check the
+# file system if it is corrupt when running on battery. (bug #526398)
+# if which on_ac_power >/dev/null 2>&1
+# then
+# on_ac_power >/dev/null 2>&1
+# if [ $? -eq 1 ]
+# then
+# [ "$VERBOSE" = no ] || log_success_msg "Running on battery power, so skipping file system check."
+# BAT=yes
+# fi
+# fi
+ BAT=""
+ fscheck="yes"
+
+ if is_fastboot_active
+ then
+ [ "$fscheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping file system check."
+ fscheck=no
+ fi
+
+ #
+ # Check the rest of the file systems.
+ #
+ if [ "$fscheck" = yes ] && [ ! "$BAT" ] && [ "$FSCKTYPES" != "none" ]
+ then
+
+ # Execute swapon command again, in case there are lvm
+ # or md swap partitions. fsck can suck RAM.
+ swaponagain 'lvm and md'
+
+ if [ -f /forcefsck ] || grep -q -s -w -i "forcefsck" /proc/cmdline
+ then
+ force="-f"
+ else
+ force=""
+ fi
+ if [ "$FSCKFIX" = yes ]
+ then
+ fix="-y"
+ else
+ fix="-a"
+ fi
+ spinner="-C"
+ case "$TERM" in
+ dumb|network|unknown|"")
+ spinner=""
+ ;;
+ esac
+ [ "$(uname -m)" = s390x ] && spinner="" # This should go away
+ FSCKTYPES_OPT=""
+ [ "$FSCKTYPES" ] && FSCKTYPES_OPT="-t $FSCKTYPES"
+ handle_failed_fsck() {
+ log_failure_msg "File system check failed.
+A log is being saved in ${FSCK_LOGFILE} if that location is writable.
+Please repair the file system manually."
+ log_warning_msg "A maintenance shell will now be started.
+CONTROL-D will terminate this shell and resume system boot."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Continuing with system boot in 5 seconds."
+ sleep 5
+ fi
+ }
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Checking file systems"
+ logsave -s $FSCK_LOGFILE fsck $spinner -R -A $fix $force $FSCKTYPES_OPT
+ FSCKCODE=$?
+
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_action_end_msg 1 "code $FSCKCODE"
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ log_action_end_msg 1 "code $FSCKCODE"
+ handle_failed_fsck
+ else
+ log_action_end_msg 0
+ fi
+ else
+ if [ "$FSCKTYPES" ]
+ then
+ log_action_msg "Will now check all file systems of types $FSCKTYPES"
+ else
+ log_action_msg "Will now check all file systems"
+ fi
+ logsave -s $FSCK_LOGFILE fsck $spinner -V -R -A $fix $force $FSCKTYPES_OPT
+ FSCKCODE=$?
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ handle_failed_fsck
+ else
+ log_success_msg "Done checking file systems.
+A log is being saved in ${FSCK_LOGFILE} if that location is writable."
+ fi
+ fi
+ fi
+ rm -f /fastboot /forcefsck 2>/dev/null
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: checkfs.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkroot-bootclean
+# Required-Start: checkroot
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after checkroot.
+# Description: Clean temporary filesystems after
+# the root filesystem has been mounted.
+# At this point, directories which may be
+# masked by future mounts may be cleaned.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /run and /run/lock. Remove the .clean files to
+ # force initial cleaning. This is intended to allow cleaning
+ # of directories masked by mounts while the system was
+ # previously running, which would otherwise prevent them being
+ # cleaned.
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: checkroot-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: checkroot mtab
+# Required-Start: mountdevsubfs hostname
+# Required-Stop:
+# Should-Start: keymap hwclockfirst hdparm bootlogd
+# Should-stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Check to root file system.
+### END INIT INFO
+
+# Include /usr/bin in path to find on_ac_power if /usr/ is on the root
+# partition.
+PATH=/sbin:/bin:/usr/bin
+FSCK_LOGFILE=/var/log/fsck/checkroot
+[ "$FSCKFIX" ] || FSCKFIX=no
+[ "$SULOGIN" ] || SULOGIN=no
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+do_start () {
+ # Trap SIGINT so that we can handle user interrupt of fsck.
+ trap "" INT
+
+ #
+ # Set SULOGIN in /etc/default/rcS to yes if you want a sulogin to
+ # be spawned from this script *before anything else* with a timeout,
+ # like sysv does.
+ #
+ [ "$SULOGIN" = yes ] && sulogin -t 30 $CONSOLE
+
+ KERNEL="$(uname -s)"
+ MACHINE="$(uname -m)"
+
+ read_fstab
+
+ #
+ # Activate the swap device(s) in /etc/fstab. This needs to be done
+ # before fsck, since fsck can be quite memory-hungry.
+ #
+ ENABLE_SWAP=no
+ case "$KERNEL" in
+ Linux)
+ if [ "$NOSWAP" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap as requested via bootoption noswap."
+ ENABLE_SWAP=no
+ else
+ if [ "$swap_on_lv" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on logical volume."
+ elif [ "$swap_on_file" = yes ]
+ then
+ [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on swapfile."
+ else
+ ENABLE_SWAP=yes
+ fi
+ fi
+ ;;
+ *)
+ ENABLE_SWAP=yes
+ ;;
+ esac
+ if [ "$ENABLE_SWAP" = yes ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Activating swap"
+ swapon -a -e >/dev/null 2>&1
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Activating swap"
+ swapon -a -v
+ log_end_msg $?
+ fi
+ fi
+
+ #
+ # Does the root device in /etc/fstab match with the actual device ?
+ # If not we try to use the /dev/root alias device, and if that
+ # fails we create a temporary node in /run.
+ #
+ # Do this only on Linux. Neither kFreeBSD nor Hurd have
+ # /dev/root and the device ids used here are specific to
+ # Linux.
+ KERNEL="$(uname)"
+ if [ "$rootcheck" = yes ] && [ "$KERNEL" = Linux ]
+ then
+ ddev="$(mountpoint -qx $rootdev)"
+ rdev="$(mountpoint -d /)"
+ if [ "$ddev" != "$rdev" ] && [ "$ddev" != "4:0" ]
+ then
+ if [ "$(mountpoint -qx /dev/root)" = "4:0" ]
+ then
+ rootdev=/dev/root
+ else
+ if \
+ rm -f /run/rootdev \
+ && mknod -m 600 /run/rootdev b ${rdev%:*} ${rdev#*:} \
+ && [ -e /run/rootdev ]
+ then
+ rootdev=/run/rootdev
+ else
+ rootfatal=yes
+ fi
+ fi
+ fi
+ fi
+
+ #
+ # Bother, said Pooh.
+ #
+ if [ "$rootfatal" = yes ]
+ then
+ log_failure_msg "The device node $rootdev for the root filesystem is missing or incorrect
+or there is no entry for the root filesystem listed in /etc/fstab.
+The system is also unable to create a temporary node in /run.
+This means you have to fix the problem manually."
+ log_warning_msg "A maintenance shell will now be started.
+CONTROL-D will terminate this shell and restart the system."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Will restart in 5 seconds."
+ sleep 5
+ fi
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ fi
+
+ # See if we're on AC Power. If not, we're not gonna run our
+ # check. If on_ac_power (in /usr/) is unavailable, behave as
+ # before and check all file systems needing it.
+# Disabled AC power check until fsck can be told to only check the
+# file system if it is corrupt when running on battery. (bug #526398)
+# if which on_ac_power >/dev/null 2>&1 && [ "$rootcheck" = yes ]
+# then
+# on_ac_power >/dev/null 2>&1
+# if [ "$?" -eq 1 ]
+# then
+# log_warning_msg "On battery power, so skipping file system check."
+# rootcheck=no
+# fi
+# fi
+
+ #
+ # See if we want to check the root file system.
+ #
+ FSCKCODE=0
+ if is_fastboot_active
+ then
+ [ "$rootcheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping root file system check."
+ rootcheck=no
+ fi
+
+ if which findmnt >/dev/null 2>&1
+ then
+ if [ "$(findmnt -f -n -o FSTYPE /)" = "btrfs" ]
+ then
+ [ "$rootcheck" = yes ] && log_warning_msg "btrfs root detected, so skipping root file system check."
+ rootcheck=no
+ fi
+ fi
+
+ if [ "$rootcheck" = yes ]
+ then
+ #
+ # Ensure that root is quiescent and read-only before fsck'ing.
+ #
+ # mount -n -o remount,ro / would be the correct syntax but
+ # mount can get confused when there is a "bind" mount defined
+ # in fstab that bind-mounts "/" somewhere else.
+ #
+ # So we use mount -n -o remount,ro $rootdev / but that can
+ # fail on older kernels on sparc64/alpha architectures due
+ # to a bug in sys_mount().
+ #
+ # As a compromise we try both.
+ #
+ if \
+ ! mount -n -o remount,ro $rootdev / \
+ && ! mount -n -o remount,ro -t dummytype $rootdev / 2>/dev/null \
+ && ! mount -n -o remount,ro / 2>/dev/null
+ then
+ log_failure_msg "Cannot check root file system because it is not mounted read-only."
+ rootcheck=no
+ fi
+ fi
+
+ #
+ # The actual checking is done here.
+ #
+ if [ "$rootcheck" = yes ]
+ then
+ if [ -f /forcefsck ] || grep -q -s -w -i "forcefsck" /proc/cmdline
+ then
+ force="-f"
+ else
+ force=""
+ fi
+
+ if [ "$FSCKFIX" = yes ]
+ then
+ fix="-y"
+ else
+ fix="-a"
+ fi
+
+ spinner="-C"
+ case "$TERM" in
+ dumb|network|unknown|"")
+ spinner="" ;;
+ esac
+ # This Linux/s390x special case should go away.
+ if [ "${KERNEL}:${MACHINE}" = Linux:s390x ]
+ then
+ spinner=""
+ fi
+
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Checking root file system"
+ logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -t $roottype $rootdev
+ FSCKCODE=$?
+ if [ "$FSCKCODE" = 0 ]
+ then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 1 "code $FSCKCODE"
+ fi
+ else
+ log_daemon_msg "Will now check root file system"
+ logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -V -t $roottype $rootdev
+ FSCKCODE=$?
+ log_end_msg $FSCKCODE
+ fi
+ fi
+
+ #
+ # If there was a failure, drop into single-user mode.
+ #
+ # NOTE: "failure" is defined as exiting with a return code of
+ # 4 or larger. A return code of 1 indicates that file system
+ # errors were corrected but that the boot may proceed. A return
+ # code of 2 or 3 indicates that the system should immediately reboot.
+ #
+ if [ "$FSCKCODE" -eq 32 ]
+ then
+ log_warning_msg "File system check was interrupted by user"
+ elif [ "$FSCKCODE" -gt 3 ]
+ then
+ # Surprise! Re-directing from a HERE document (as in "cat << EOF")
+ # does not work because the root is currently read-only.
+ log_failure_msg "An automatic file system check (fsck) of the root filesystem failed.
+A manual fsck must be performed, then the system restarted.
+The fsck should be performed in maintenance mode with the
+root filesystem mounted in read-only mode."
+ log_warning_msg "The root filesystem is currently mounted in read-only mode.
+A maintenance shell will now be started.
+After performing system maintenance, press CONTROL-D
+to terminate the maintenance shell and restart the system."
+ # Start a single user shell on the console
+ if ! sulogin $CONSOLE
+ then
+ log_failure_msg "Attempt to start maintenance shell failed.
+Will restart in 5 seconds."
+ sleep 5
+ fi
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ elif [ "$FSCKCODE" -gt 1 ]
+ then
+ log_failure_msg "The file system check corrected errors on the root partition
+but requested that the system be restarted."
+ log_warning_msg "The system will be restarted in 5 seconds."
+ sleep 5
+ [ "$VERBOSE" = no ] || log_action_msg "Will now restart"
+ reboot -f
+ fi
+
+ #
+ # Remount root to final mode (rw or ro).
+ #
+ # See the comments above at the previous "mount -o remount"
+ # for an explanation why we try this twice.
+ #
+ if ! mount -n -o remount,$rootopts,$rootmode $fstabroot / 2>/dev/null
+ then
+ mount -n -o remount,$rootopts,$rootmode /
+ fi
+
+ # If possible, migrate /etc/mtab to be a symlink to
+ # /proc/mounts. Note that not all systems e.g. Hurd currently
+ # support this.
+ if [ "$rootmode" != "ro" ]; then
+ mtab_migrate
+ fi
+
+ if selinux_enabled && [ -x /sbin/restorecon ] && [ -r /etc/mtab ]
+ then
+ restorecon /etc/mtab
+ fi
+
+ #
+ # Remove /run/rootdev if we created it.
+ #
+ rm -f /run/rootdev
+
+ # Update mount options for mounts created in early boot
+ # S01mountkernfs.sh
+ /etc/init.d/mountkernfs.sh reload
+ # S03mountdevsubfs.sh
+ /etc/init.d/mountdevsubfs.sh reload
+
+}
+
+do_status () {
+ # If / is read-write or swap is enabled, this script have done
+ # its job.
+ rootrw=false
+ swapon=false
+ if [ -f /etc/mtab ] ; then
+ if grep " / " /etc/mtab |grep -q rw ; then
+ rootrw=true
+ fi
+ fi
+ if [ -f /proc/swaps ] ; then
+ if [ "$(cat /proc/swaps |grep -v ^Filename)" ] ; then
+ swapon=true
+ fi
+ fi
+ if [ true = "$rootrw" ] || [ true = "$swapon" ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: checkroot.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+#
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for Debian by Christoph Lameter <clameter@debian.org>
+# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012
+
+### BEGIN INIT INFO
+# Provides: chrony
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog $network $named $time
+# Should-Stop: $syslog $network $named $time
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Controls chronyd NTP time daemon
+# Description: Chronyd is the NTP time daemon in the Chrony package
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/chronyd
+FLAGS="defaults"
+NAME="chronyd"
+DESC="time daemon"
+
+test -f $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+putonline ()
+{ # Do we have a default route? If so put chronyd online.
+ if timelimit -q -s9 -t5 -- netstat -rn 2>/dev/null | grep -q '0\.0\.0\.0'
+ then
+ sleep 2 # Chronyd can take a while to start.
+ KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+ PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+ # Make sure chronyc can't hang us up.
+ if timelimit -q -s9 -t5 -- /usr/bin/chronyc > /dev/null << EOF
+password $PASSWORD
+online
+burst 5/10
+quit
+EOF
+ then
+ touch /var/run/chrony-ppp-up
+ echo "$NAME is running and online."
+ else
+ rm -f /var/run/chrony-ppp-up
+ echo "$NAME is running and offline."
+ fi
+ else
+ rm -f /var/run/chrony-ppp-up
+ echo "$NAME is running and offline."
+ fi
+}
+
+case "$1" in
+ start)
+ start-stop-daemon --start --verbose --exec $DAEMON
+ case "$?" in
+ 0) # daemon successfully started
+ putonline
+ ;;
+ 1) # daemon already running
+ ;;
+ *) # daemon could not be started
+ echo "$DAEMON failed to start."
+ exit 1
+ ;;
+ esac
+ ;;
+ stop)
+ start-stop-daemon --stop --verbose --oknodo --exec $DAEMON
+ rm -f /var/run/chrony-ppp-up
+ ;;
+ restart|force-reload)
+ echo -n "Restarting $DESC: "
+ start-stop-daemon --stop --quiet --exec $DAEMON
+ sleep 1
+ start-stop-daemon --start --verbose --exec $DAEMON -- -r
+ case "$?" in
+ 0) # daemon successfully started
+ putonline
+ ;;
+ 1) # still running
+ ;;
+ *) # daemon could not be started
+ echo "$DAEMON failed to restart."
+ rm -f /var/run/chrony-ppp-up
+ exit 1
+ ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+# Written by Miquel van Smoorenburg <miquels@cistron.nl>.
+# Modified for Debian GNU/Linux
+# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Clamav version by Magnus Ekdahl <magnus@debian.org>
+# Heavily reworked by Stephen Gran <sgran@debian.org>
+#
+### BEGIN INIT INFO
+# Provides: clamav-daemon
+# Required-Start: $remote_fs $syslog
+# Should-Start:
+# Required-Stop: $remote_fs $syslog
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: ClamAV daemon
+# Description: Clam AntiVirus userspace daemon
+### END INIT INFO
+
+# The exit status codes should comply with LSB.
+# https://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/clamd
+NAME="clamd"
+DESC="ClamAV daemon"
+CLAMAVCONF=/etc/clamav/clamd.conf
+SUPERVISOR=/usr/bin/daemon
+SUPERVISORNAME=daemon
+SUPERVISORPIDFILE="/var/run/clamav/daemon-clamd.pid"
+SUPERVISORARGS="--name=$NAME --respawn $DAEMON -F $SUPERVISORPIDFILE"
+DATABASEDIR="/var/lib/clamav"
+
+# required by Debian policy 9.3.2
+[ -x "$DAEMON" ] || exit 0
+[ -r /etc/default/clamav-daemon ] && . /etc/default/clamav-daemon
+
+to_lower()
+{
+ word="$1"
+ lcword=$(echo "$word" | tr A-Z a-z)
+ echo "$lcword"
+}
+
+is_true()
+{
+ var="$1"
+ lcvar=$(to_lower "$var")
+ [ 'true' = "$lcvar" ] || [ 'yes' = "$lcvar" ] || [ 1 = "$lcvar" ]
+ return $?
+}
+
+is_false()
+{
+ var="$1"
+ lcvar=$(to_lower "$var")
+ [ 'false' = "$lcvar" ] || [ 'no' = "$lcvar" ] || [ 0 = "$lcvar" ]
+ return $?
+}
+
+ucf_cleanup()
+{
+ # This only does something if I've fucked up before
+ # Not entirely impossible :(
+
+ configfile=$1
+
+ if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then
+ grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp
+ grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp
+ mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile
+ fi
+}
+
+add_to_ucf()
+{
+ configfile=$1
+ ucffile=$2
+
+ if ! grep -q "$configfile" /var/lib/ucf/hashfile; then
+ md5sum $configfile >> /var/lib/ucf/hashfile
+ cp $configfile $ucffile
+ fi
+}
+
+ucf_upgrade_check()
+{
+ configfile=$1
+ sourcefile=$2
+ ucffile=$3
+
+ if [ -f "$configfile" ]; then
+ add_to_ucf $configfile $ucffile
+ ucf --three-way --debconf-ok "$sourcefile" "$configfile"
+ else
+ [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache
+ pathfind restorecon && restorecon /var/lib/ucf/cache
+ cp $sourcefile $configfile
+ add_to_ucf $configfile $ucffile
+ fi
+}
+
+slurp_config()
+{
+ CLAMAVCONF="$1"
+
+ if [ -e "$CLAMAVCONF" ]; then
+ for variable in `egrep -a -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do
+ case "$variable" in
+ DatabaseMirror)
+ if [ -z "$DatabaseMirror" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ DatabaseCustomURL)
+ if [ -z "$DatabaseCustomURL" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ IncludePUA)
+ if [ -z "$IncludePUA" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$i $value"
+ done
+ else
+ continue
+ fi
+ ;;
+ ExcludePUA)
+ if [ -z "$ExcludePUA" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$i $value"
+ done
+ else
+ continue
+ fi
+ ;;
+ ExtraDatabase)
+ if [ -z "$ExtraDatabase" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ VirusEvent|OnUpdateExecute|OnErrorExecute|RejectMsg)
+ value=`grep -a ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //`
+ ;;
+ *)
+ value=`grep -a "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'`
+ ;;
+ esac
+ if [ -z "$value" ]; then
+ export "$variable"="true"
+ elif [ "$value" != "$variable" ]; then
+ export "$variable"="$value"
+ else
+ export "$variable"="true"
+ fi
+ unset value
+ done
+ fi
+}
+
+pathfind() {
+ OLDIFS="$IFS"
+ IFS=:
+ for p in $PATH; do
+ if [ -x "$p/$*" ]; then
+ IFS="$OLDIFS"
+ return 0
+ fi
+ done
+ IFS="$OLDIFS"
+ return 1
+}
+
+set_debconf_value()
+{
+prog=$1
+name=$2
+eval variable="\$${name}"
+if [ -n "$variable" ]; then
+ db_set clamav-$prog/$name "$variable" || true
+fi
+}
+
+make_dir()
+{
+ DIR=$1
+ if [ -d "$DIR" ]; then
+ return 0;
+ fi
+ [ -n "$User" ] || User=clamav
+ mkdir -p -m 0755 "$DIR"
+ chown "$User" "$DIR"
+ pathfind restorecon && restorecon "$DIR"
+}
+
+# Debconf Functions
+
+isdigit ()
+{
+ case $1 in
+ [[:digit:]]*)
+ ISDIGIT=1
+ ;;
+ *)
+ ISDIGIT=0
+ ;;
+ esac
+}
+
+inputdigit ()
+{
+ ISDIGIT=0
+ while [ "$ISDIGIT" = '0' ]; do
+ db_input "$1" "$2" || true
+ if ! db_go; then
+ return 30
+ fi
+ db_get $2 || true
+ isdigit $RET
+ if [ "$ISDIGIT" = '0' ]; then
+ db_input critical clamav-base/numinfo || true
+ db_go
+ fi
+ done
+ return 0
+}
+
+StateGeneric()
+{
+ PRIO=$1
+ QUESTION=$2
+ NEXT=$3
+ LAST=$4
+
+ db_input $PRIO $QUESTION || true
+ if db_go; then
+ STATE=$NEXT
+ else
+ STATE=$LAST
+ fi
+}
+
+StateGenericDigit()
+{
+ PRIO=$1
+ QUESTION=$2
+ NEXT=$3
+ LAST=$4
+
+ inputdigit $PRIO $QUESTION || true
+ if db_go; then
+ STATE=$NEXT
+ else
+ STATE=$LAST
+ fi
+}
+
+
+. /lib/lsb/init-functions
+
+if [ ! -f "$CLAMAVCONF" ]; then
+ log_failure_msg "There is no configuration file for Clamav."
+ log_failure_msg "Please either dpkg-reconfigure $DESC, or copy the example from"
+ log_failure_msg "/usr/share/doc/clamav-base/examples/ to $CLAMAVCONF and run"
+ log_failure_msg "'/etc/init.d/clamav-daemon start'"
+ if [ "$1" = "status" ]; then
+ # program or service status is unknown
+ exit 4;
+ else
+ # program is not configured
+ exit 6;
+ fi
+fi
+
+slurp_config "$CLAMAVCONF"
+
+if [ -n "$Example" ]; then
+ log_failure_msg "Clamav is not configured."
+ log_failure_msg "Please edit $CLAMAVCONF and run '/etc/init.d/clamav-daemon start'"
+ if [ "$1" = "status" ]; then
+ # program or service status is unknown
+ exit 4;
+ else
+ # program is not configured
+ exit 6;
+ fi
+fi
+
+if is_true "$Foreground"; then
+ if [ ! -x "$SUPERVISOR" ] ; then
+ log_failure_msg "Foreground specified, but $SUPERVISORNAME not found"
+ if [ "$1" = "status" ]; then
+ # program or service status is unknown
+ exit 4;
+ else
+ # program is not configured correctly
+ exit 6;
+ fi
+ else
+ RUN_SUPERVISED=1
+ fi
+fi
+
+[ -n "$User" ] || User=clamav
+[ -n "$DataBaseDirectory" ] || DataBaseDirectory=/var/run/clamav
+
+make_dir "$DataBaseDirectory"
+make_dir $(dirname "$SUPERVISORPIDFILE")
+
+if [ -z "$RUN_SUPERVISED" ]; then
+ THEPIDFILE="$PidFile"
+ THEDAEMON="$NAME"
+ RELOAD="1"
+else
+ THEPIDFILE="$SUPERVISORPIDFILE"
+ THEDAEMON="$SUPERVISORNAME"
+ RELOAD="0"
+fi
+
+if [ -z "$THEPIDFILE" ]
+then
+ # Set the default PidFile.
+ THEPIDFILE='/run/clamav/clamd.pid'
+fi
+
+make_dir $(dirname "$THEPIDFILE")
+chown $User $(dirname "$THEPIDFILE")
+
+
+case "$1" in
+ start)
+ # Check for database existance (start will fail if it's missing)
+ for db in main daily; do
+ if [ ! -e "$DATABASEDIR"/"$db".cvd ] && [ ! -d "$DATABASEDIR"/"$db".inc ] && [ ! -e "$DATABASEDIR"/"$db".cld ]; then
+ log_failure_msg "Clamav signatures not found in $DATABASEDIR"
+ log_failure_msg "Please retrieve them using freshclam"
+ log_failure_msg "Then run '/etc/init.d/clamav-daemon start'"
+ # this is expected on a fresh installation
+ exit 0
+ fi
+ done
+ if [ -z "$RUN_SUPERVISED" ] ; then
+ log_daemon_msg "Starting $DESC" "$NAME "
+ start-stop-daemon --start --oknodo -c $User --exec $DAEMON --pidfile $THEPIDFILE --quiet -- -c $CLAMAVCONF --pid=$THEPIDFILE
+ ret=$?
+ else
+ log_daemon_msg "Starting $DESC" "$NAME (supervised) "
+ $SUPERVISOR $SUPERVISORARGS
+ ret=$?
+ fi
+ log_end_msg $ret
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --oknodo --name $THEDAEMON --pidfile $THEPIDFILE --quiet --retry TERM/30/KILL/5
+ log_end_msg $?
+ ;;
+ status)
+ start-stop-daemon --status --name $THEDAEMON --pidfile $THEPIDFILE
+ # start-stop-daemon returns LSB compliant exit status codes
+ ret=$?
+ if [ "$ret" = 0 ]; then
+ log_success_msg "$NAME is running"
+ else
+ log_failure_msg "$NAME is not running"
+ exit "$ret"
+ fi
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ reload-database)
+ if [ "$RELOAD" = "1" ]; then
+ log_daemon_msg "Reloading database for $DESC" "$NAME"
+ pkill -USR2 -F $THEPIDFILE $THEDAEMON 2>/dev/null
+ log_end_msg $?
+ else
+ log_failure_msg "reload-database does not work in supervised mode."
+ # unimplemented feature
+ exit 3
+ fi
+ ;;
+ reload-log)
+ if [ "$RELOAD" = "1" ]; then
+ log_daemon_msg "Reloading log file for $DESC" "$NAME"
+ pkill -HUP -F $THEPIDFILE $THEDAEMON 2>/dev/null
+ else
+ log_failure_msg "reload-log does not work in supervised mode."
+ # unimplemented feature
+ exit 3
+ fi
+ log_end_msg $?
+ ;;
+ *)
+ log_action_msg "Usage: $0 {start|stop|restart|force-reload|reload-log|reload-database|status}" >&2
+ # invalid arguments
+ exit 2
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: clamav-freshclam
+# Required-Start: $remote_fs $syslog
+# Should-Start: clamav-daemon
+# Required-Stop: $remote_fs $syslog
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: ClamAV virus database updater
+# Description: Clam AntiVirus virus database updater
+### END INIT INFO
+
+# The exit status codes should comply with LSB.
+# https://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
+
+DAEMON=/usr/bin/freshclam
+NAME=freshclam
+DESC="ClamAV virus database updater"
+
+# required by Debian policy 9.3.2
+[ -x $DAEMON ] || exit 0
+
+CLAMAV_CONF_FILE=/etc/clamav/clamd.conf
+FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf
+
+to_lower()
+{
+ word="$1"
+ lcword=$(echo "$word" | tr A-Z a-z)
+ echo "$lcword"
+}
+
+is_true()
+{
+ var="$1"
+ lcvar=$(to_lower "$var")
+ [ 'true' = "$lcvar" ] || [ 'yes' = "$lcvar" ] || [ 1 = "$lcvar" ]
+ return $?
+}
+
+is_false()
+{
+ var="$1"
+ lcvar=$(to_lower "$var")
+ [ 'false' = "$lcvar" ] || [ 'no' = "$lcvar" ] || [ 0 = "$lcvar" ]
+ return $?
+}
+
+ucf_cleanup()
+{
+ # This only does something if I've fucked up before
+ # Not entirely impossible :(
+
+ configfile=$1
+
+ if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then
+ grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp
+ grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp
+ mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile
+ fi
+}
+
+add_to_ucf()
+{
+ configfile=$1
+ ucffile=$2
+
+ if ! grep -q "$configfile" /var/lib/ucf/hashfile; then
+ md5sum $configfile >> /var/lib/ucf/hashfile
+ cp $configfile $ucffile
+ fi
+}
+
+ucf_upgrade_check()
+{
+ configfile=$1
+ sourcefile=$2
+ ucffile=$3
+
+ if [ -f "$configfile" ]; then
+ add_to_ucf $configfile $ucffile
+ ucf --three-way --debconf-ok "$sourcefile" "$configfile"
+ else
+ [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache
+ pathfind restorecon && restorecon /var/lib/ucf/cache
+ cp $sourcefile $configfile
+ add_to_ucf $configfile $ucffile
+ fi
+}
+
+slurp_config()
+{
+ CLAMAVCONF="$1"
+
+ if [ -e "$CLAMAVCONF" ]; then
+ for variable in `egrep -a -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do
+ case "$variable" in
+ DatabaseMirror)
+ if [ -z "$DatabaseMirror" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ DatabaseCustomURL)
+ if [ -z "$DatabaseCustomURL" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ IncludePUA)
+ if [ -z "$IncludePUA" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$i $value"
+ done
+ else
+ continue
+ fi
+ ;;
+ ExcludePUA)
+ if [ -z "$ExcludePUA" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$i $value"
+ done
+ else
+ continue
+ fi
+ ;;
+ ExtraDatabase)
+ if [ -z "$ExtraDatabase" ]; then
+ for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
+ value="$value $i"
+ done
+ else
+ continue
+ fi
+ ;;
+ VirusEvent|OnUpdateExecute|OnErrorExecute|RejectMsg)
+ value=`grep -a ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //`
+ ;;
+ *)
+ value=`grep -a "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'`
+ ;;
+ esac
+ if [ -z "$value" ]; then
+ export "$variable"="true"
+ elif [ "$value" != "$variable" ]; then
+ export "$variable"="$value"
+ else
+ export "$variable"="true"
+ fi
+ unset value
+ done
+ fi
+}
+
+pathfind() {
+ OLDIFS="$IFS"
+ IFS=:
+ for p in $PATH; do
+ if [ -x "$p/$*" ]; then
+ IFS="$OLDIFS"
+ return 0
+ fi
+ done
+ IFS="$OLDIFS"
+ return 1
+}
+
+set_debconf_value()
+{
+prog=$1
+name=$2
+eval variable="\$${name}"
+if [ -n "$variable" ]; then
+ db_set clamav-$prog/$name "$variable" || true
+fi
+}
+
+make_dir()
+{
+ DIR=$1
+ if [ -d "$DIR" ]; then
+ return 0;
+ fi
+ [ -n "$User" ] || User=clamav
+ mkdir -p -m 0755 "$DIR"
+ chown "$User" "$DIR"
+ pathfind restorecon && restorecon "$DIR"
+}
+
+# Debconf Functions
+
+isdigit ()
+{
+ case $1 in
+ [[:digit:]]*)
+ ISDIGIT=1
+ ;;
+ *)
+ ISDIGIT=0
+ ;;
+ esac
+}
+
+inputdigit ()
+{
+ ISDIGIT=0
+ while [ "$ISDIGIT" = '0' ]; do
+ db_input "$1" "$2" || true
+ if ! db_go; then
+ return 30
+ fi
+ db_get $2 || true
+ isdigit $RET
+ if [ "$ISDIGIT" = '0' ]; then
+ db_input critical clamav-base/numinfo || true
+ db_go
+ fi
+ done
+ return 0
+}
+
+StateGeneric()
+{
+ PRIO=$1
+ QUESTION=$2
+ NEXT=$3
+ LAST=$4
+
+ db_input $PRIO $QUESTION || true
+ if db_go; then
+ STATE=$NEXT
+ else
+ STATE=$LAST
+ fi
+}
+
+StateGenericDigit()
+{
+ PRIO=$1
+ QUESTION=$2
+ NEXT=$3
+ LAST=$4
+
+ inputdigit $PRIO $QUESTION || true
+ if db_go; then
+ STATE=$NEXT
+ else
+ STATE=$LAST
+ fi
+}
+
+
+. /lib/lsb/init-functions
+
+slurp_config "$FRESHCLAM_CONF_FILE"
+
+if [ -z "$PidFile" ]
+then
+ # Set the default PidFile.
+ PidFile='/run/clamav/freshclam.pid'
+fi
+[ -n "$DataBaseDirectory" ] || DataBaseDirectory=/var/run/clamav
+
+make_dir "$DataBaseDirectory"
+make_dir $(dirname "$PidFile")
+
+[ -z "$UpdateLogFile" ] && UpdateLogFile=/var/log/clamav/freshclam.log
+[ -z "$DatabaseDirectory" ] && DatabaseDirectory=/var/lib/clamav/
+[ -n "$DatabaseOwner" ] || DatabaseOwner=clamav
+
+case "$1" in
+ no-daemon)
+ su "$DatabaseOwner" -p -s /bin/sh -c "freshclam -l $UpdateLogFile --datadir $DatabaseDirectory"
+ ;;
+ start)
+ if [ ! -f "$PidFile" ]; then
+ # If clamd is run under a different UID than freshclam then we need
+ # to make sure the PidFile can be written or else we won't be able to
+ # kill it.
+ touch $PidFile
+ chown $DatabaseOwner $PidFile
+ fi
+ # If user wants it run from cron, we only accept no-daemon and stop
+ if [ -f /etc/cron.d/clamav-freshclam ]; then
+ log_warning_msg "Not starting $NAME - cron option selected"
+ log_warning_msg "Run the init script with the 'no-daemon' option"
+ # this is similar to the daemon already running
+ exit 0
+ fi
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --oknodo -c "$DatabaseOwner" --exec $DAEMON --pidfile $PidFile --quiet -- -d --quiet --config-file=$FRESHCLAM_CONF_FILE --pid=$PidFile
+ log_end_msg $?
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --oknodo --name $NAME --pidfile $PidFile --quiet --retry TERM/30/KILL/5
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ reload-log)
+ # If user wants it run from cron, we only accept no-daemon and stop
+ if [ -f /etc/cron.d/clamav-freshclam ]; then
+ log_warning_msg "Not reloading log for $NAME - cron option selected"
+ # log-reloading is not needed, because freshclam is not run as daemon
+ exit 0
+ fi
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ pkill -HUP -F $PidFile $NAME
+ log_end_msg $?
+ ;;
+ skip)
+ ;;
+ status)
+ start-stop-daemon --status --name $NAME --pidfile $PidFile
+ ret="$?"
+ if [ "$ret" = 0 ]; then
+ log_success_msg "$NAME is running"
+ exit 0
+ else
+ log_failure_msg "$NAME is not running"
+ exit "$ret"
+ fi
+ ;;
+ *)
+ log_action_msg "Usage: $0 {no-daemon|start|stop|restart|force-reload|reload-log|skip|status}" >&2
+ # invalid arguments
+ exit 2
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: console-setup
+# Required-Start: $remote_fs
+# Required-Stop:
+# Should-Start: console-screen kbd
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set console font and keymap
+### END INIT INFO
+
+set -e
+
+# This script is used jointly by console-setup and console-setup-mini.
+# It belongs to keyboard-configuration because it is forbidden two
+# different packages to share common configuration file.
+
+test -f /bin/setupcon || exit 0
+
+if [ -f /etc/default/locale ]; then
+ # In order to permit auto-detection of the charmap when
+ # console-setup-mini operates without configuration file.
+ . /etc/default/locale
+ export LANG
+fi
+
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_action_begin_msg () {
+ echo -n "$@... "
+ }
+
+ log_action_end_msg () {
+ if [ "$1" -eq 0 ]; then
+ echo done.
+ else
+ echo failed.
+ fi
+ }
+fi
+
+case "$1" in
+ stop|status)
+ # console-setup isn't a daemon
+ ;;
+ start|force-reload|restart|reload)
+ log_action_begin_msg "Setting up console font and keymap"
+ if setupcon --save; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/console-setup {start|reload|restart|force-reload|stop|status}'
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+# Start/stop the cron daemon.
+#
+### BEGIN INIT INFO
+# Provides: cron
+# Required-Start: $remote_fs $syslog $time
+# Required-Stop: $remote_fs $syslog $time
+# Should-Start: $network $named slapd autofs ypbind nscd nslcd winbind
+# Should-Stop: $network $named slapd autofs ypbind nscd nslcd winbind
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Regular background program processing daemon
+# Description: cron is a standard UNIX program that runs user-specified
+# programs at periodic scheduled times. vixie cron adds a
+# number of features to the basic UNIX cron, including better
+# security and more powerful configuration options.
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DESC="cron daemon"
+NAME=cron
+DAEMON=/usr/sbin/cron
+PIDFILE=/var/run/crond.pid
+SCRIPTNAME=/etc/init.d/"$NAME"
+
+test -f $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+[ -r /etc/default/cron ] && . /etc/default/cron
+
+# Read the system's locale and set cron's locale. This is only used for
+# setting the charset of mails generated by cron. To provide locale
+# information to tasks running under cron, see /etc/pam.d/cron.
+#
+# We read /etc/environment, but warn about locale information in
+# there because it should be in /etc/default/locale.
+parse_environment ()
+{
+ for ENV_FILE in /etc/environment /etc/default/locale; do
+ [ -r "$ENV_FILE" ] || continue
+ [ -s "$ENV_FILE" ] || continue
+
+ for var in LANG LANGUAGE LC_ALL LC_CTYPE; do
+ value=`egrep "^${var}=" "$ENV_FILE" | tail -n1 | cut -d= -f2`
+ [ -n "$value" ] && eval export $var=$value
+
+ if [ -n "$value" ] && [ "$ENV_FILE" = /etc/environment ]; then
+ log_warning_msg "/etc/environment has been deprecated for locale information; use /etc/default/locale for $var=$value instead"
+ fi
+ done
+ done
+
+# Get the timezone set.
+ if [ -z "$TZ" -a -e /etc/timezone ]; then
+ TZ=`cat /etc/timezone`
+ fi
+}
+
+# Parse the system's environment
+if [ "$READ_ENV" = "yes" ] ; then
+ parse_environment
+fi
+
+
+case "$1" in
+start) log_daemon_msg "Starting periodic command scheduler" "cron"
+ start_daemon -p $PIDFILE $DAEMON $EXTRA_OPTS
+ log_end_msg $?
+ ;;
+stop) log_daemon_msg "Stopping periodic command scheduler" "cron"
+ killproc -p $PIDFILE $DAEMON
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && [ -e "$PIDFILE" ] && rm -f $PIDFILE
+ log_end_msg $RETVAL
+ ;;
+restart) log_daemon_msg "Restarting periodic command scheduler" "cron"
+ $0 stop
+ $0 start
+ ;;
+reload|force-reload) log_daemon_msg "Reloading configuration files for periodic command scheduler" "cron"
+ # cron reloads automatically
+ log_end_msg 0
+ ;;
+status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+*) log_action_msg "Usage: /etc/init.d/cron {start|stop|status|restart|reload|force-reload}"
+ exit 2
+ ;;
+esac
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: dbus
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: D-Bus systemwide message bus
+# Description: D-Bus is a simple interprocess messaging system, used
+# for sending messages between applications.
+### END INIT INFO
+# -*- coding: utf-8 -*-
+# Debian init.d script for D-BUS
+# Copyright © 2003 Colin Walters <walters@debian.org>
+# Copyright © 2005 Sjoerd Simons <sjoerd@debian.org>
+
+set -e
+
+DAEMON=/usr/bin/dbus-daemon
+UUIDGEN=/usr/bin/dbus-uuidgen
+UUIDGEN_OPTS=--ensure
+NAME=dbus
+DAEMONUSER=messagebus
+PIDDIR=/var/run/dbus
+PIDFILE=$PIDDIR/pid
+DESC="system message bus"
+
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+# Source defaults file; edit that file to configure this script.
+PARAMS=""
+if [ -e /etc/default/dbus ]; then
+ . /etc/default/dbus
+fi
+
+create_machineid() {
+ # Create machine-id file
+ if [ -x $UUIDGEN ]; then
+ $UUIDGEN $UUIDGEN_OPTS
+ fi
+}
+
+start_it_up()
+{
+ if [ ! -d $PIDDIR ]; then
+ mkdir -p $PIDDIR
+ chown $DAEMONUSER $PIDDIR
+ chgrp $DAEMONUSER $PIDDIR
+ fi
+
+ if ! mountpoint -q /proc/ ; then
+ log_failure_msg "Can't start $DESC - /proc is not mounted"
+ return
+ fi
+
+ if [ -e $PIDFILE ]; then
+ if $0 status > /dev/null ; then
+ log_success_msg "$DESC already started; not starting."
+ return
+ else
+ log_success_msg "Removing stale PID file $PIDFILE."
+ rm -f $PIDFILE
+ fi
+ fi
+
+ create_machineid
+
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --quiet --pidfile $PIDFILE \
+ --exec $DAEMON -- --system $PARAMS
+ log_end_msg $?
+}
+
+shut_it_down()
+{
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --retry 5 --quiet --oknodo --pidfile $PIDFILE \
+ --user $DAEMONUSER
+ # We no longer include these arguments so that start-stop-daemon
+ # can do its job even given that we may have been upgraded.
+ # We rely on the pidfile being sanely managed
+ # --exec $DAEMON -- --system $PARAMS
+ log_end_msg $?
+ rm -f $PIDFILE
+}
+
+reload_it()
+{
+ create_machineid
+ log_action_begin_msg "Reloading $DESC config"
+ dbus-send --print-reply --system --type=method_call \
+ --dest=org.freedesktop.DBus \
+ / org.freedesktop.DBus.ReloadConfig > /dev/null
+ # hopefully this is enough time for dbus to reload it's config file.
+ log_action_end_msg $?
+}
+
+case "$1" in
+ start)
+ start_it_up
+ ;;
+ stop)
+ shut_it_down
+ ;;
+ reload|force-reload)
+ reload_it
+ ;;
+ restart)
+ shut_it_down
+ start_it_up
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/$NAME {start|stop|reload|restart|force-reload|status}" >&2
+ exit 2
+ ;;
+esac
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: dovecot
+# Required-Start: $local_fs $remote_fs $network $syslog $time
+# Required-Stop: $local_fs $remote_fs $network $syslog
+# Should-Start: postgresql mysql slapd winbind nslcd
+# Should-Stop: postgresql mysql slapd winbind nslcd
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Dovecot init script
+# Description: Init script for dovecot services
+### END INIT INFO
+
+# Author: Miquel van Smoorenburg <miquels@cistron.nl>.
+# Modified for Debian GNU/Linux
+# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="IMAP/POP3 mail server"
+NAME=dovecot
+DAEMON=/usr/sbin/dovecot
+DAEMON_ARGS=""
+SCRIPTNAME=/etc/init.d/$NAME
+CONF=/etc/dovecot/${NAME}.conf
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Exit if the configuration file doesn't exist
+[ -f "$CONF" ] || exit 0
+
+# Exit if explicitly told to
+[ "$ENABLED" != "0" ] || exit 0
+
+# Allow core dumps if requested
+[ "$ALLOW_COREDUMPS" != "1" ] || ulimit -c unlimited
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# conf file readable?
+if [ ! -r ${CONF} ]; then
+ log_daemon_msg "${CONF}: not readable" "$NAME" && log_end_msg 1;
+ exit 1;
+fi
+
+# dont check for inetd.conf if its not installed
+if [ -f /etc/inetd.conf ]; then
+ # The init script should do nothing if dovecot or another imap/pop3 server
+ # is being run from inetd, and dovecot is configured to run as an imap or
+ # pop3 service
+ for p in `sed -r "s/^ *(([^:]+|\[[^]]+]|\*):)?(pop3s?|imaps?)[ \t].*/\3/;t;d" \
+ /etc/inetd.conf`
+ do
+ for q in `doveconf -n -h protocols`
+ do
+ if [ $p = $q ]; then
+ log_daemon_msg "protocol ${p} configured both in inetd and in dovecot" "$NAME" && log_end_msg 1
+ exit 0
+ fi
+ done
+ done
+fi
+
+# determine the location of the PID file
+# overide by setting base_dir in conf file or PIDBASE in /etc/defaults/$NAME
+PIDBASE=${PIDBASE:-`doveconf -n -c ${CONF} -h base_dir`}
+PIDFILE=${PIDBASE:-/var/run/dovecot}/master.pid
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test -- -c ${CONF} > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -c ${CONF} \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --pidfile $PIDFILE --name ${DAEMON##*/}
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ restart)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: fail2ban
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Should-Start: $time $network $syslog iptables firehol shorewall ipmasq arno-iptables-firewall iptables-persistent ferm
+# Should-Stop: $network $syslog iptables firehol shorewall ipmasq arno-iptables-firewall iptables-persistent ferm
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start/stop fail2ban
+# Description: Start/stop fail2ban, a daemon scanning the log files and
+# banning potential attackers.
+### END INIT INFO
+
+# Author: Aaron Isotton <aaron@isotton.com>
+# Modified: by Yaroslav Halchenko <debian@onerussian.com>
+# reindented + minor corrections + to work on sarge without modifications
+# Modified: by Glenn Aaldering <glenn@openvideo.nl>
+# added exit codes for status command
+#
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+DESC="authentication failure monitor"
+NAME=fail2ban
+
+# fail2ban-client is not a daemon itself but starts a daemon and
+# loads its with configuration
+DAEMON=/usr/bin/$NAME-client
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Ad-hoc way to parse out socket file name
+SOCKFILE=`grep -h '^[^#]*socket *=' /etc/$NAME/$NAME.conf /etc/$NAME/$NAME.local 2>/dev/null \
+ | tail -n 1 | sed -e 's/.*socket *= *//g' -e 's/ *$//g'`
+[ -z "$SOCKFILE" ] && SOCKFILE='/tmp/fail2ban.sock'
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Run as root by default.
+FAIL2BAN_USER=root
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+DAEMON_ARGS="$FAIL2BAN_OPTS"
+
+# Load the VERBOSE setting and other rcS variables
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+
+# Predefine what can be missing from lsb source later on -- necessary to run
+# on sarge. Just present it in a bit more compact way from what was shipped
+log_daemon_msg () {
+ [ -z "$1" ] && return 1
+ echo -n "$1:"
+ [ -z "$2" ] || echo -n " $2"
+}
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+# Actually has to (>=2.0-7) present in sarge. log_daemon_msg is predefined
+# so we must be ok
+. /lib/lsb/init-functions
+
+#
+# Shortcut function for abnormal init script interruption
+#
+report_bug()
+{
+ echo $*
+ echo "Please submit a bug report to Debian BTS (reportbug fail2ban)"
+ exit 1
+}
+
+#
+# Helper function to check if socket is present, which is often left after
+# abnormal exit of fail2ban and needs to be removed
+#
+check_socket()
+{
+ # Return
+ # 0 if socket is present and readable
+ # 1 if socket file is not present
+ # 2 if socket file is present but not readable
+ # 3 if socket file is present but is not a socket
+ [ -e "$SOCKFILE" ] || return 1
+ [ -r "$SOCKFILE" ] || return 2
+ [ -S "$SOCKFILE" ] || return 3
+ return 0
+}
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ do_status && return 1
+
+ if [ -e "$SOCKFILE" ]; then
+ log_failure_msg "Socket file $SOCKFILE is present"
+ [ "$1" = "force-start" ] \
+ && log_success_msg "Starting anyway as requested" \
+ || return 2
+ DAEMON_ARGS="$DAEMON_ARGS -x"
+ fi
+
+ # Assure that /var/run/fail2ban exists
+ [ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban
+
+ if [ "$FAIL2BAN_USER" != "root" ]; then
+ # Make the socket directory, IP lists and fail2ban log
+ # files writable by fail2ban
+ chown "$FAIL2BAN_USER" /var/run/fail2ban
+ # Create the logfile if it doesn't exist
+ touch /var/log/fail2ban.log
+ chown "$FAIL2BAN_USER" /var/log/fail2ban.log
+ find /proc/net/xt_recent -name 'fail2ban-*' -exec chown "$FAIL2BAN_USER" {} \;
+ fi
+
+ start-stop-daemon --start --quiet --chuid "$FAIL2BAN_USER" --exec $DAEMON -- \
+ $DAEMON_ARGS start > /dev/null\
+ || return 2
+
+ return 0
+}
+
+
+#
+# Function that checks the status of fail2ban and returns
+# corresponding code
+#
+do_status()
+{
+ $DAEMON ping > /dev/null 2>&1
+ return $?
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ $DAEMON status > /dev/null 2>&1 || return 1
+ $DAEMON stop > /dev/null || return 2
+
+ # now we need actually to wait a bit since it might take time
+ # for server to react on client's stop request. Especially
+ # important for restart command on slow boxes
+ count=1
+ while do_status && [ $count -lt 60 ]; do
+ sleep 1
+ count=$(($count+1))
+ done
+ [ $count -lt 60 ] || return 3 # failed to stop
+
+ return 0
+}
+
+#
+# Function to reload configuration
+#
+do_reload() {
+ $DAEMON reload > /dev/null && return 0 || return 1
+ return 0
+}
+
+# yoh:
+# shortcut function to don't duplicate case statements and to don't use
+# bashisms (arrays). Fixes #368218
+#
+log_end_msg_wrapper()
+{
+ if [ "$3" != "no" ]; then
+ [ $1 -lt $2 ] && value=0 || value=1
+ log_end_msg $value
+ fi
+}
+
+command="$1"
+case "$command" in
+ start|force-start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start "$command"
+ log_end_msg_wrapper $? 2 "$VERBOSE"
+ ;;
+
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ log_end_msg_wrapper $? 2 "$VERBOSE"
+ ;;
+
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ log_end_msg_wrapper $? 1 "always"
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+
+ status)
+ log_daemon_msg "Status of $DESC"
+ do_status
+ case $? in
+ 0) log_success_msg " $NAME is running" ;;
+ 255)
+ check_socket
+ case $? in
+ 1) log_failure_msg " $NAME is not running" && exit 3 ;;
+ 0) log_failure_msg " $NAME is not running but $SOCKFILE exists" && exit 3 ;;
+ 2) log_failure_msg " $SOCKFILE not readable, status of $NAME is unknown" && exit 3 ;;
+ 3) log_failure_msg " $SOCKFILE exists but not a socket, status of $NAME is unknown" && exit 3 ;;
+ *) report_bug "Unknown return code from $NAME:check_socket." && exit 4 ;;
+ esac
+ ;;
+ *) report_bug "Unknown $NAME status code" && exit 4
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|force-start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: halt
+# Required-Start:
+# Required-Stop:
+# Default-Start:
+# Default-Stop: 0
+# Short-Description: Execute the halt command.
+# Description:
+### END INIT INFO
+
+NETDOWN=yes
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+[ -f /etc/default/halt ] && . /etc/default/halt
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ if [ "$INIT_HALT" = "" ]
+ then
+ case "$HALT" in
+ [Pp]*)
+ INIT_HALT=POWEROFF
+ ;;
+ [Hh]*)
+ INIT_HALT=HALT
+ ;;
+ *)
+ INIT_HALT=POWEROFF
+ ;;
+ esac
+ fi
+
+ # See if we need to cut the power.
+ if [ "$INIT_HALT" = "POWEROFF" ] && [ -x /etc/init.d/ups-monitor ]
+ then
+ /etc/init.d/ups-monitor poweroff
+ fi
+
+ # Don't shut down drives if we're using RAID.
+ hddown="-h"
+ if grep -qs '^md.*active' /proc/mdstat
+ then
+ hddown=""
+ fi
+
+ # If INIT_HALT=HALT don't poweroff.
+ poweroff="-p"
+ if [ "$INIT_HALT" = "HALT" ]
+ then
+ poweroff=""
+ fi
+
+ # Make it possible to not shut down network interfaces,
+ # needed to use wake-on-lan
+ netdown="-i"
+ if [ "$NETDOWN" = "no" ]; then
+ netdown=""
+ fi
+
+ log_action_msg "Will now halt"
+ halt -d -f $netdown $poweroff $hddown
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: haveged
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Entropy daemon using the HAVEGE algorithm
+# Description: haveged uses HAVEGE (HArdware Volatile Entropy Gathering
+# and Expansion) to maintain a pool of random bytes used
+# to fill /dev/random whenever necessary.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="entropy daemon"
+NAME=haveged
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+. /lib/lsb/init-functions
+
+do_start()
+{
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+do_stop()
+{
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: hostname
+# Required-Start:
+# Required-Stop:
+# Should-Start: glibc
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Set hostname based on /etc/hostname
+# Description: Read the machines hostname from /etc/hostname, and
+# update the kernel value with this value. If
+# /etc/hostname is empty, the current kernel value
+# for hostname is used. If the kernel value is
+# empty, the value 'localhost' is used.
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+do_start () {
+ [ -f /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
+
+ # Keep current name if /etc/hostname is missing.
+ [ -z "$HOSTNAME" ] && HOSTNAME="$(hostname)"
+
+ # And set it to 'localhost' if no setting was found
+ [ -z "$HOSTNAME" ] && HOSTNAME=localhost
+
+ [ "$VERBOSE" != no ] && log_action_begin_msg "Setting hostname to '$HOSTNAME'"
+ hostname "$HOSTNAME"
+ ES=$?
+ [ "$VERBOSE" != no ] && log_action_end_msg $ES
+ exit $ES
+}
+
+do_status () {
+ HOSTNAME=$(hostname)
+ if [ "$HOSTNAME" ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: hostname.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+# hwclock.sh Set and adjust the CMOS clock.
+#
+# Version: @(#)hwclock.sh 2.00 14-Dec-1998 miquels@cistron.nl
+#
+# Patches:
+# 2000-01-30 Henrique M. Holschuh <hmh@rcm.org.br>
+# - Minor cosmetic changes in an attempt to help new
+# users notice something IS changing their clocks
+# during startup/shutdown.
+# - Added comments to alert users of hwclock issues
+# and discourage tampering without proper doc reading.
+# 2012-02-16 Roger Leigh <rleigh@debian.org>
+# - Use the UTC/LOCAL setting in /etc/adjtime rather than
+# the UTC setting in /etc/default/rcS. Additionally
+# source /etc/default/hwclock to permit configuration.
+
+# WARNING: Please read /usr/share/doc/util-linux/README.Debian.hwclock
+# before changing this file. You risk serious clock
+# misbehaviour otherwise.
+
+### BEGIN INIT INFO
+# Provides: hwclock
+# Required-Start: mountdevsubfs
+# Required-Stop: mountdevsubfs
+# Should-Stop: umountfs
+# Default-Start: S
+# X-Start-Before: checkroot
+# Default-Stop: 0 6
+### END INIT INFO
+
+# These defaults are user-overridable in /etc/default/hwclock
+BADYEAR=no
+HWCLOCKACCESS=yes
+HWCLOCKPARS=
+HCTOSYS_DEVICE=rtc0
+
+# We only want to use the system timezone or else we'll get
+# potential inconsistency at startup.
+unset TZ
+
+hwclocksh()
+{
+ [ ! -x /sbin/hwclock ] && return 0
+ [ ! -r /etc/default/rcS ] || . /etc/default/rcS
+ [ ! -r /etc/default/hwclock ] || . /etc/default/hwclock
+
+ . /lib/lsb/init-functions
+ verbose_log_action_msg() { [ "$VERBOSE" = no ] || log_action_msg "$@"; }
+
+ case "$BADYEAR" in
+ no|"") BADYEAR="" ;;
+ yes) BADYEAR="--badyear" ;;
+ *) log_action_msg "unknown BADYEAR setting: \"$BADYEAR\""; return 1 ;;
+ esac
+
+ case "$1" in
+ start)
+ # If the admin deleted the hwclock config, create a blank
+ # template with the defaults.
+ if [ -w /etc ] && [ ! -f /etc/adjtime ] && [ ! -e /etc/adjtime ]; then
+ printf "0.0 0 0.0\n0\nUTC\n" > /etc/adjtime
+ fi
+
+ if [ -d /run/udev ] || [ -d /dev/.udev ]; then
+ return 0
+ fi
+
+ if [ "$HWCLOCKACCESS" != no ]; then
+ log_action_msg "Setting the system clock"
+
+ # Just for reporting.
+ if head -n 3 /etc/adjtime | tail -n 1 | grep -q '^UTC$' ; then
+ UTC="--utc"
+ else
+ UTC=
+ fi
+ # Copies Hardware Clock time to System Clock using the correct
+ # timezone for hardware clocks in local time, and sets kernel
+ # timezone. DO NOT REMOVE.
+ if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --hctosys $HWCLOCKPARS $BADYEAR; then
+ # Announce the local time.
+ verbose_log_action_msg "System Clock set to: `date $UTC`"
+ else
+ log_warning_msg "Unable to set System Clock to: `date $UTC`"
+ fi
+ else
+ verbose_log_action_msg "Not setting System Clock"
+ fi
+ ;;
+ stop|restart|reload|force-reload)
+ #
+ # Updates the Hardware Clock with the System Clock time.
+ # This will *override* any changes made to the Hardware Clock.
+ #
+ # WARNING: If you disable this, any changes to the system
+ # clock will not be carried across reboots.
+ #
+
+ if [ "$HWCLOCKACCESS" != no ]; then
+ log_action_msg "Saving the system clock"
+ if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --systohc $HWCLOCKPARS $BADYEAR; then
+ verbose_log_action_msg "Hardware Clock updated to `date`"
+ fi
+ else
+ verbose_log_action_msg "Not saving System Clock"
+ fi
+ ;;
+ show)
+ if [ "$HWCLOCKACCESS" != no ]; then
+ /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --show $HWCLOCKPARS $BADYEAR
+ fi
+ ;;
+ *)
+ log_success_msg "Usage: hwclock.sh {start|stop|reload|force-reload|show}"
+ log_success_msg " start sets kernel (system) clock from hardware (RTC) clock"
+ log_success_msg " stop and reload set hardware (RTC) clock from kernel (system) clock"
+ return 1
+ ;;
+ esac
+}
+
+hwclocksh "$@"
--- /dev/null
+#!/usr/bin/env bash
+
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail. If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+#
+### BEGIN INIT INFO
+# Provides: iptables
+# Required-Start: $network $syslog
+# Required-Stop: $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Control iptables firewall.
+### END INIT INFO
+#
+# This init.d script is used to control iptables, based on
+# /etc/init.d/iptables on Red Hat Enterprise Linux 5.3, modified
+# by Zhang Huangbin (zhb _at_ iredmail.org), iRedMail project
+# (http://www.iredmail.org/).
+#
+
+#
+# config: /etc/default/iptables
+# config: /etc/default/iptables-config
+
+# Source function library.
+. /lib/lsb/init-functions
+
+IPTABLES='iptables'
+IPTABLES_DATA="/etc/default/$IPTABLES"
+IPTABLES_CONFIG="/etc/default/${IPTABLES}-config"
+IPV="${IPTABLES%tables}" # ip for ipv4 | ip6 for ipv6
+PROC_IPTABLES_NAMES="/proc/net/${IPV}_tables_names"
+VAR_SUBSYS_IPTABLES="/var/lock/subsys/$IPTABLES"
+[ -d $(dirname ${VAR_SUBSYS_IPTABLES}) ] || mkdir -p $(dirname ${VAR_SUBSYS_IPTABLES})
+
+if [ ! -x /sbin/$IPTABLES ]; then
+ log_daemon_msg "/sbin/$IPTABLES does not exist." "iptables"
+ exit 0
+fi
+
+if lsmod 2>/dev/null | grep -q ipchains ; then
+ log_daemon_msg "ipchains and $IPTABLES can not be used together." "iptables"
+ exit 0
+fi
+
+# Old or new modutils
+/sbin/modprobe --version 2>&1 | grep -q module-init-tools \
+ && NEW_MODUTILS=1 \
+ || NEW_MODUTILS=0
+
+# Default firewall configuration:
+IPTABLES_MODULES=""
+IPTABLES_MODULES_UNLOAD="no"
+IPTABLES_SAVE_ON_STOP="no"
+IPTABLES_SAVE_ON_RESTART="no"
+IPTABLES_SAVE_COUNTER="no"
+IPTABLES_STATUS_NUMERIC="yes"
+
+# Load firewall configuration.
+[ -f "$IPTABLES_CONFIG" ] && . "$IPTABLES_CONFIG"
+
+rmmod_r() {
+ # Unload module with all referring modules.
+ # At first all referring modules will be unloaded, then the module itself.
+ local mod=$1
+ local ret=0
+ local ref=
+
+ # Get referring modules.
+ # New modutils have another output format.
+ [ $NEW_MODUTILS = 1 ] \
+ && ref=`lsmod | awk "/^${mod}/ { print \\\$4; }" | tr ',' ' '` \
+ || ref=`lsmod | grep ^${mod} | cut -d "[" -s -f 2 | cut -d "]" -s -f 1`
+
+ # recursive call for all referring modules
+ for i in $ref; do
+ rmmod_r $i
+ let ret+=$?;
+ done
+
+ # Unload module.
+ # The extra test is for 2.6: The module might have autocleaned,
+ # after all referring modules are unloaded.
+ if grep -q "^${mod}" /proc/modules ; then
+ modprobe -r $mod > /dev/null 2>&1
+ let ret+=$?;
+ fi
+
+ return $ret
+}
+
+flush_n_delete() {
+ # Flush firewall rules and delete chains.
+ [ -e "$PROC_IPTABLES_NAMES" ] || return 1
+
+ # Check if firewall is configured (has tables)
+ tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
+ [ -z "$tables" ] && return 1
+
+ log_daemon_msg "Flushing firewall rules" "iptables"
+ ret=0
+ # For all tables
+ for i in $tables; do
+ # Flush firewall rules.
+ $IPTABLES -t $i -F;
+ let ret+=$?;
+
+ # Delete firewall chains.
+ $IPTABLES -t $i -X;
+ let ret+=$?;
+
+ # Set counter to zero.
+ $IPTABLES -t $i -Z;
+ let ret+=$?;
+ done
+
+ [ $ret -eq 0 ] && log_end_msg 0 || log_end_msg 1
+ return $ret
+}
+
+set_policy() {
+ # Set policy for configured tables.
+ policy=$1
+
+ # Check if iptable module is loaded
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1
+
+ # Check if firewall is configured (has tables)
+ tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
+ [ -z "$tables" ] && return 1
+
+ log_daemon_msg "Setting chains to policy $policy"
+ ret=0
+ for i in $tables; do
+ echo -n " $i"
+ case "$i" in
+ security)
+ $IPTABLES -t filter -P INPUT $policy \
+ && $IPTABLES -t filter -P OUTPUT $policy \
+ && $IPTABLES -t filter -P FORWARD $policy \
+ || let ret+=1
+ ;;
+ raw)
+ $IPTABLES -t raw -P PREROUTING $policy \
+ && $IPTABLES -t raw -P OUTPUT $policy \
+ || let ret+=1
+ ;;
+ filter)
+ $IPTABLES -t filter -P INPUT $policy \
+ && $IPTABLES -t filter -P OUTPUT $policy \
+ && $IPTABLES -t filter -P FORWARD $policy \
+ || let ret+=1
+ ;;
+ nat)
+ $IPTABLES -t nat -P PREROUTING $policy \
+ && $IPTABLES -t nat -P POSTROUTING $policy \
+ && $IPTABLES -t nat -P OUTPUT $policy \
+ || let ret+=1
+ ;;
+ mangle)
+ $IPTABLES -t mangle -P PREROUTING $policy \
+ && $IPTABLES -t mangle -P POSTROUTING $policy \
+ && $IPTABLES -t mangle -P INPUT $policy \
+ && $IPTABLES -t mangle -P OUTPUT $policy \
+ && $IPTABLES -t mangle -P FORWARD $policy \
+ || let ret+=1
+ ;;
+ *)
+ let ret+=1
+ ;;
+ esac
+ done
+
+ [ $ret -eq 0 ] && log_end_msg 0 || log_end_msg 1
+ return $ret
+}
+
+start() {
+ # Do not start if there is no config file.
+ [ -f "$IPTABLES_DATA" ] || return 1
+
+ log_daemon_msg "Applying $IPTABLES firewall rules"
+
+ OPT=
+ [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"
+
+ $IPTABLES-restore $OPT $IPTABLES_DATA
+ if [ $? -eq 0 ]; then
+ log_end_msg 0
+ else
+ log_end_msg 1; return 1
+ fi
+
+ # Load additional modules (helpers)
+ if [ -n "$IPTABLES_MODULES" ]; then
+ echo -n "Loading additional $IPTABLES modules"
+ ret=0
+ for mod in $IPTABLES_MODULES; do
+ echo -n "$mod "
+ modprobe $mod > /dev/null 2>&1
+ let ret+=$?;
+ done
+ [ $ret -eq 0 ] && log_end_msg 0 || log_end_msg 1
+ fi
+
+ touch $VAR_SUBSYS_IPTABLES
+ return $ret
+}
+
+stop() {
+ # Do not stop if iptables module is not loaded.
+ [ -e "$PROC_IPTABLES_NAMES" ] || return 1
+
+ flush_n_delete
+ set_policy ACCEPT
+
+ if [ "x$IPTABLES_MODULES_UNLOAD" = "xyes" ]; then
+ echo -n "Unloading $IPTABLES modules"
+ ret=0
+ rmmod_r ${IPV}_tables
+ let ret+=$?;
+ rmmod_r ${IPV}_conntrack
+ let ret+=$?;
+ [ $ret -eq 0 ] && log_end_msg 0 || log_end_msg 1
+ fi
+
+ rm -f $VAR_SUBSYS_IPTABLES
+ return $ret
+}
+
+save() {
+ # Check if iptable module is loaded
+ [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1
+
+ # Check if firewall is configured (has tables)
+ tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
+ [ -z "$tables" ] && return 1
+
+ echo -n "Saving firewall rules to $IPTABLES_DATA"
+
+ OPT=
+ [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"
+
+ ret=0
+ TMP_FILE=`/bin/mktemp -q /tmp/$IPTABLES.XXXXXX` \
+ && chmod 600 "$TMP_FILE" \
+ && $IPTABLES-save $OPT > $TMP_FILE 2>/dev/null \
+ && size=`stat -c '%s' $TMP_FILE` && [ $size -gt 0 ] \
+ || ret=1
+ if [ $ret -eq 0 ]; then
+ if [ -e $IPTABLES_DATA ]; then
+ cp -f $IPTABLES_DATA $IPTABLES_DATA.save \
+ && chmod 600 $IPTABLES_DATA.save \
+ || ret=1
+ fi
+ if [ $ret -eq 0 ]; then
+ cp -f $TMP_FILE $IPTABLES_DATA \
+ && chmod 600 $IPTABLES_DATA \
+ || ret=1
+ fi
+ fi
+ [ $ret -eq 0 ] && log_end_msg 0 || log_end_msg 1
+ echo
+ rm -f $TMP_FILE
+ return $ret
+}
+
+status() {
+ tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
+
+ # Do not print status if lockfile is missing and iptables modules are not
+ # loaded.
+ # Check if iptable module is loaded
+ if [ ! -f "$VAR_SUBSYS_IPTABLES" -a -z "$tables" ]; then
+ echo "Firewall is stopped."
+ return 1
+ fi
+
+ # Check if firewall is configured (has tables)
+ if [ ! -e "$PROC_IPTABLES_NAMES" ]; then
+ echo "Firewall is not configured. "
+ return 1
+ fi
+ if [ -z "$tables" ]; then
+ echo "Firewall is not configured. "
+ return 1
+ fi
+
+ NUM=
+ [ "x$IPTABLES_STATUS_NUMERIC" = "xyes" ] && NUM="-n"
+ VERBOSE=
+ [ "x$IPTABLES_STATUS_VERBOSE" = "xyes" ] && VERBOSE="--verbose"
+ COUNT=
+ [ "x$IPTABLES_STATUS_LINENUMBERS" = "xyes" ] && COUNT="--line-numbers"
+
+ for table in $tables; do
+ echo "Table: $table"
+ $IPTABLES -t $table --list $NUM $VERBOSE $COUNT && echo
+ done
+
+ return 0
+}
+
+restart() {
+ [ "x$IPTABLES_SAVE_ON_RESTART" = "xyes" ] && save
+ stop
+ start
+}
+
+case "$1" in
+ start)
+ stop
+ start
+ RETVAL=$?
+ ;;
+ stop)
+ [ "x$IPTABLES_SAVE_ON_STOP" = "xyes" ] && save
+ stop
+ RETVAL=$?
+ ;;
+ restart)
+ restart
+ RETVAL=$?
+ ;;
+ condrestart)
+ [ -e "$VAR_SUBSYS_IPTABLES" ] && restart
+ ;;
+ status)
+ status
+ RETVAL=$?
+ ;;
+ panic)
+ flush_n_delete
+ set_policy DROP
+ RETVAL=$?
+ ;;
+ save)
+ save
+ RETVAL=$?
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|condrestart|status|panic|save}"
+ exit 1
+ ;;
+esac
+
+exit $RETVAL
--- /dev/null
+#!/usr/bin/env bash
+
+# Author: Zhang Huangbin (zhb@iredmail.org)
+
+### BEGIN INIT INFO
+# Provides: iredapd
+# Required-Start: $network $syslog
+# Required-Stop: $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Control iredapd daemon.
+# Description: Control iredapd daemon.
+### END INIT INFO
+
+PROG='iredapd'
+BINPATH='/opt/iredapd/iredapd.py'
+PIDFILE='/var/run/iredapd.pid'
+
+check_status() {
+ # Usage: check_status pid_number
+ PID="${1}"
+ l=$(ps -p ${PID} | wc -l | awk '{print $1}')
+ if [ X"$l" == X"2" ]; then
+ echo "running"
+ else
+ echo "stopped"
+ fi
+}
+
+start() {
+ if [ -f ${PIDFILE} ]; then
+ PID="$(cat ${PIDFILE})"
+ s="$(check_status ${PID})"
+
+ if [ X"$s" == X"running" ]; then
+ echo "${PROG} is already running."
+ else
+ rm -f ${PIDFILE} >/dev/null 2>&1
+ fi
+ fi
+
+ echo "Starting ${PROG} ..."
+ python ${BINPATH}
+ unset s
+}
+
+stop() {
+ if [ -f ${PIDFILE} ]; then
+ PID="$(cat ${PIDFILE})"
+ s="$(check_status ${PID})"
+
+ if [ X"$s" == X"running" ]; then
+ echo "Stopping ${PROG} ..."
+ kill -9 ${PID}
+ if [ X"$?" == X"0" ]; then
+ rm -f ${PIDFILE} >/dev/null 2>&1
+ else
+ echo -e "\t\t[ FAILED ]"
+ fi
+ else
+ echo "${PROG} is already stopped."
+ rm -f ${PIDFILE} >/dev/null 2>&1
+ fi
+ else
+ echo "${PROG} is already stopped."
+ fi
+ unset s
+}
+
+status() {
+ if [ -f ${PIDFILE} ]; then
+ PID="$(cat ${PIDFILE})"
+ s="$(check_status ${PID})"
+
+ if [ X"$s" == X"running" ]; then
+ echo "${PROG} is running."
+ exit 0
+ else
+ echo "${PROG} is stopped."
+ exit 1
+ fi
+ else
+ echo "${PROG} is stopped."
+ exit 3
+ fi
+}
+
+case "$1" in
+ start) start ;;
+ stop) stop ;;
+ status) status ;;
+ restart) stop && start ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|status}"
+ RETVAL=1
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: kbd
+# Required-Start: $remote_fs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Description: Set console screen modes and fonts
+# Short-Description: Prepare console
+### END INIT INFO
+
+# This is the boot script for the `kbd' package.
+# It loads parameters from /etc/kbd/config and maybe loads
+# default font and map.
+# (c) 1997 Yann Dirson
+
+PKG=kbd
+if [ -r /etc/$PKG/config ]; then
+ . /etc/$PKG/config
+fi
+
+if [ -d /etc/$PKG/config.d ]; then
+ for i in `run-parts --list /etc/$PKG/config.d `; do
+ . $i
+ done
+fi
+
+# do some magic with the variables for compatibility with the config
+# file of console-tools
+for vc in '' `set | grep "^.*_vc[0-9][0-9]*=" | sed 's/^.*\(_vc[0-9][0-9]*\)=.*/\1/'`
+do
+ eval [ '"'\${SCREEN_FONT$vc}'"' ] && eval CONSOLE_FONT$vc=\${CONSOLE_FONT$vc:-\${SCREEN_FONT$vc}}
+ eval [ '"'\${SCREEN_FONT_MAP$vc}'"' ] && eval FONT_MAP$vc=\${FONT_MAP$vc:-\${SCREEN_FONT_MAP$vc}}
+ eval [ '"'\${APP_CHARSET_MAP$vc}'"' ] && eval CONSOLE_MAP$vc=\${CONSOLE_MAP$vc:-\${APP_CHARSET_MAP$vc}}
+done
+
+. /lib/lsb/init-functions
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+SETFONT_OPT="-v"
+
+if which setupcon >/dev/null
+then
+ HAVE_SETUPCON=yes
+fi
+
+# set DEVICE_PREFIX depending on devfs/udev
+if [ -d /dev/vc ]; then
+ DEVICE_PREFIX="/dev/vc/"
+else
+ DEVICE_PREFIX="/dev/tty"
+fi
+
+# determine the system charmap
+ENV_FILE=''
+[ -r /etc/environment ] && ENV_FILE="/etc/environment"
+[ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"
+[ "$ENV_FILE" ] && CHARMAP=$(set -a && . "$ENV_FILE" && locale charmap)
+if [ "$CHARMAP" = "UTF-8" -a -z "$CONSOLE_MAP" ]
+then
+ UNICODE_MODE=yes
+fi
+
+unicode_start_stop ()
+{
+ vc=$1
+ if [ -n "$UNICODE_MODE" -a -z "`eval echo \\$CONSOLE_MAP_vc$vc`" ]; then
+ action=unicode_start
+ else
+ action=unicode_stop
+ fi
+ if [ "${CONSOLE_FONT}" ]; then
+ $action "${CONSOLE_FONT}" < ${DEVICE_PREFIX}$vc > ${DEVICE_PREFIX}$vc 2> /dev/null || true
+ else
+ $action < ${DEVICE_PREFIX}$vc > ${DEVICE_PREFIX}$vc 2> /dev/null || true
+ fi
+}
+
+test_console () {
+ local ok
+ ok=0
+ if which tty >/dev/null; then
+ case "`tty`" in
+ /dev/tty[1-9]*|/dev/vc/[0-9]*|/dev/console|/dev/ttyv[0-9]*)
+ return 0
+ ;;
+ esac
+ ok=1
+ fi
+
+ if which kbd_mode >/dev/null; then
+ mode="`(LC_ALL=C; export LC_ALL; kbd_mode) 2>&1`"
+ mode=${mode#The keyboard is in }
+ case "$mode" in
+ Unicode*|default*|xlate*) return 0 ;;
+ esac
+ ok=1
+ fi
+
+ if which vidcontrol >/dev/null; then
+ if vidcontrol -i adapter >&- 2>&-; then
+ return 0
+ fi
+ ok=1
+ fi
+
+ return $ok
+}
+
+setup ()
+{
+ # be sure the main program is installed
+ which setfont >/dev/null || return
+
+ # drop out if we can't access the console
+ test_console || return
+
+ # start vcstime
+ if [ "${DO_VCSTIME}" = "yes" ] && which vcstime >/dev/null; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Starting clock on text console"
+ vcstime &
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ if [ -d /etc/init ] && which initctl >/dev/null; then
+ # Upstart
+ LIST_CONSOLES=`cd /etc/init; find -name 'tty*.conf' -printf '%f ' | sed -e 's/[^0-9 ]//g'`
+ elif [ -f /etc/systemd/logind.conf ] && which systemd >/dev/null; then
+ # systemd
+ N_CONSOLES=`sed -ne 's/#.*//; /NAutoVTs/ { s/[^0-9]//g; p }' /etc/systemd/logind.conf`
+ if [ -z "$N_CONSOLES" ]; then
+ N_CONSOLES=6
+ fi
+ LIST_CONSOLES=`seq 1 "$N_CONSOLES"`
+ else
+ # traditional SysV init
+ LIST_CONSOLES=`sed -ne '/^[ \t]#/d; /tty[0-9]\+/ s/.*tty\([0-9]\+\).*/\1/ p' /etc/inittab`
+ fi
+
+ # Global default font+map
+ if [ -z "${HAVE_SETUPCON}" -a "${CONSOLE_FONT}${CONSOLE_MAP}${FONT_MAP}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up general console font"
+ sfm="${FONT_MAP}" && [ "$sfm" ] && sfm="-u $sfm"
+ acm="${CONSOLE_MAP}" && [ "$acm" ] && acm="-m $acm"
+
+ # Set for the first 6 VCs (as they are allocated in /etc/inittab)
+ for vc in $LIST_CONSOLES
+ do
+ if ! ( unicode_start_stop $vc \
+ && setfont -C ${DEVICE_PREFIX}$vc ${SETFONT_OPT} $sfm ${CONSOLE_FONT} $acm )
+ then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ # Default to Unicode mode for new VTs?
+ if [ -f /sys/module/vt/parameters/default_utf8 ]; then
+ if [ -n "$UNICODE_MODE" ]; then
+ echo 1
+ else
+ echo 0
+ fi > /sys/module/vt/parameters/default_utf8
+ fi
+
+ # Per-VC font+sfm
+ PERVC_FONTS="`set | grep "^CONSOLE_FONT_vc[0-9]*=" | tr -d \' `"
+ if [ -z "${HAVE_SETUPCON}" -a "${PERVC_FONTS}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up per-VC fonts"
+ for font in ${PERVC_FONTS}
+ do
+ # extract VC and FONTNAME info from variable setting
+ vc=`echo $font | cut -b16- | cut -d= -f1`
+ eval font=\$CONSOLE_FONT_vc$vc
+ # eventually find an associated SFM
+ eval sfm=\${FONT_MAP_vc${vc}}
+ [ "$sfm" ] && sfm="-u $sfm"
+ if ! ( unicode_start_stop $vc \
+ && setfont -C ${DEVICE_PREFIX}$vc ${SETFONT_OPT} $sfm $font )
+ then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+
+ # Per-VC ACMs
+ PERVC_ACMS="`set | grep "^CONSOLE_MAP_vc[0-9]*=" | tr -d \' `"
+ if [ -z "${HAVE_SETUPCON}" -a "${PERVC_ACMS}" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting up per-VC ACM's"
+ for acm in ${PERVC_ACMS}
+ do
+ # extract VC and ACM_FONTNAME info from variable setting
+ vc=`echo $acm | cut -b15- | cut -d= -f1`
+ eval acm=\$CONSOLE_MAP_vc$vc
+ if ! setfont -C "${DEVICE_PREFIX}$vc" ${SETFONT_OPT} -m "$acm"; then
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 1
+ break
+ fi
+ done
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+
+ # screensaver stuff
+ setterm_args=""
+ if [ "$BLANK_TIME" ]; then
+ setterm_args="$setterm_args -blank $BLANK_TIME"
+ fi
+ if [ "$BLANK_DPMS" ]; then
+ setterm_args="$setterm_args -powersave $BLANK_DPMS"
+ fi
+ if [ "$POWERDOWN_TIME" ]; then
+ setterm_args="$setterm_args -powerdown $POWERDOWN_TIME"
+ fi
+ if [ "$setterm_args" ]; then
+ setterm $setterm_args
+ fi
+
+ # Keyboard rate and delay
+ KBDRATE_ARGS=""
+ if [ -n "$KEYBOARD_RATE" ]; then
+ KBDRATE_ARGS="-r $KEYBOARD_RATE"
+ fi
+ if [ -n "$KEYBOARD_DELAY" ]; then
+ KBDRATE_ARGS="$KBDRATE_ARGS -d $KEYBOARD_DELAY"
+ fi
+ if [ -n "$KBDRATE_ARGS" ]; then
+ [ "$VERBOSE" != "no" ] && log_action_begin_msg "Setting keyboard rate and delay"
+ kbdrate -s $KBDRATE_ARGS
+ [ "$VERBOSE" != "no" ] && log_action_end_msg 0
+ fi
+
+ # Inform gpm if present, of potential changes.
+ if [ -f /var/run/gpm.pid ]; then
+ kill -s WINCH `cat /var/run/gpm.pid` 2> /dev/null
+ fi
+
+ # Allow user to remap keys on the console
+ if [ -z "${HAVE_SETUPCON}" -a -r /etc/$PKG/remap ]; then
+ dumpkeys < ${DEVICE_PREFIX}1 | sed -f /etc/$PKG/remap | loadkeys --quiet
+ fi
+
+ # Set LEDS here
+ if [ -n "$LEDS" ]; then
+ for i in $LIST_CONSOLES
+ do
+ setleds -D $LEDS < $DEVICE_PREFIX$i
+ done
+ fi
+}
+
+case "$1" in
+ start|reload|restart|force-reload)
+ if [ -n "$HAVE_SETUPCON" ]
+ then
+ log_action_msg "Setting console screen modes"
+ else
+ log_action_msg "Setting console screen modes and fonts"
+ fi
+ setup
+ ;;
+ stop)
+ ;;
+ status)
+ ;;
+ *)
+ setup
+ ;;
+esac
+
+:
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: keyboard-setup
+# Required-Start: mountkernfs
+# Required-Stop:
+# Should-Start: keymap udev
+# X-Start-Before: checkroot
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set preliminary keymap
+# Description: Set the console keyboard as early as possible
+# so during the file systems checks the administrator
+# can interact. At this stage of the boot process
+# only the ASCII symbols are supported.
+### END INIT INFO
+
+set -e
+
+# This script is not used by keyboard-configuration. It is used
+# jointly by console-setup and console-setup-mini
+
+test -f /bin/setupcon || exit 0
+
+if [ -f /etc/default/locale ]; then
+ # In order to permit auto-detection of the charmap when
+ # console-setup-mini operates without configuration file.
+ . /etc/default/locale
+ export LANG
+fi
+
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_action_begin_msg () {
+ echo -n "$@... "
+ }
+
+ log_action_end_msg () {
+ if [ "$1" -eq 0 ]; then
+ echo done.
+ else
+ echo failed.
+ fi
+ }
+fi
+
+case "$1" in
+ stop|status)
+ # keyboard-setup isn't a daemon
+ ;;
+ start|force-reload|restart|reload)
+ log_action_begin_msg "Setting preliminary keymap"
+ if setupcon -k 2>/dev/null; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+ *)
+ echo 'Usage: /etc/init.d/keyboard-setup {start|reload|restart|force-reload|stop|status}'
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: keymap
+# Required-Start: mountdevsubfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Interactive: true
+# Short-Description: Set keymap
+# Description: Set the Console keymap
+### END INIT INFO
+
+# If setupcon is present, then we've been superseded by console-setup.
+if type setupcon >/dev/null 2>&1; then
+ exit 0
+fi
+
+. /lib/lsb/init-functions
+
+#
+# Load the keymaps *as soon as possible*
+#
+
+# Don't fail on error
+CONSOLE_TYPE=`fgconsole 2>/dev/null` || CONSOLE_TYPE="unknown"
+
+# Don't fail on serial consoles
+
+QUIT=0
+# fail silently if loadkeys not present (yet).
+command -v loadkeys >/dev/null 2>&1 || QUIT=1
+
+CONFDIR=/etc/console
+CONFFILEROOT=boottime
+EXT=kmap
+CONFFILE=${CONFDIR}/${CONFFILEROOT}.${EXT}.gz
+
+reset_kernel()
+{
+ # On Mac PPC machines, we may need to set kernel vars first
+ # We need to mount /proc to do that; not optimal, as its going to
+ # be mounted in S10checkroot, but we need it set up before sulogin
+ # may be run in checkroot, which will need the keyboard to log in...
+ [ -x /sbin/sysctl ] || return
+ [ -r /etc/sysctl.conf ] || return
+ grep -v '^\#' /etc/sysctl.conf | grep -q keycodes
+ if [ "$?" = "0" ] ; then
+ grep keycodes /etc/sysctl.conf | grep -v "^#" | while read d ; do
+ /sbin/sysctl -w $d 2> /dev/null || true
+ done
+ fi
+}
+
+unicode_start_stop()
+{
+ # Switch unicode mode by checking the locale.
+ # This will be needed before loading the keymap.
+ command -v unicode_start > /dev/null || return
+ command -v unicode_stop > /dev/null || return
+
+ ENV_FILE=""
+ [ -r /etc/environment ] && ENV_FILE="/etc/environment"
+ [ -r /etc/default/locale ] && ENV_FILE="/etc/default/locale"
+ [ "$ENV_FILE" ] && CHARMAP=$(set -a && . "$ENV_FILE" && locale charmap)
+ if [ "$CHARMAP" = "UTF-8" ]; then
+ unicode_start 2> /dev/null || true
+ else
+ unicode_stop 2> /dev/null || true
+ fi
+}
+
+if [ ! $QUIT = '1' ] ; then
+
+ case "$1" in
+ start | restart | force-reload | reload)
+
+ # Set kernel variables if required
+ reset_kernel
+
+ # First mount /proc if necessary...and if it is there (#392798)
+ unmount_proc="no"
+ if [ -d /proc ]; then
+ if [ ! -x /proc/$$ ]; then
+ unmount_proc="yes"
+ mount -n /proc
+ fi
+
+
+ if [ -f /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes ] ; then
+ linux_keycodes=`cat /proc/sys/dev/mac_hid/keyboard_sends_linux_keycodes`
+ else
+ linux_keycodes=1;
+ fi
+ else
+ linux_keycodes=1;
+ fi
+
+ # load new map
+ if [ $linux_keycodes -gt 0 ] ; then
+ if [ -r ${CONFFILE} ] ; then
+
+ # Switch console mode to UTF-8 or ASCII as necessary
+ unicode_start_stop
+
+ if [ $CONSOLE_TYPE = "serial" ] ; then
+ loadkeys -q ${CONFFILE} 2>&1 > /dev/null
+ else
+ loadkeys -q ${CONFFILE}
+ fi
+ if [ $? -gt 0 ]
+ then
+ # if we've a serial console, we may not have a keyboard, so don't
+ # complain if we fail.
+ if [ ! $CONSOLE_TYPE = "serial" ]; then
+ log_warning_msg "Problem when loading ${CONFDIR}/${CONFFILEROOT}.${EXT}.gz, use install-keymap"
+ sleep 10
+ fi
+ fi
+ fi
+ fi
+
+ # unmount /proc if we mounted it
+ [ "$unmount_proc" = "no" ] || umount -n /proc
+
+ ;;
+
+ stop)
+ ;;
+
+ status)
+ exit 0
+ ;;
+
+ *)
+ log_warning_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}"
+ ;;
+ esac
+
+fi
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: killprocs
+# Required-Start: $local_fs
+# Required-Stop:
+# Default-Start: 1
+# Default-Stop:
+# Short-Description: executed by init(8) upon entering runlevel 1 (single).
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+do_start () {
+ # Kill all processes.
+ log_action_begin_msg "Asking all remaining processes to terminate"
+ killall5 -15 # SIGTERM
+ log_action_end_msg 0
+ alldead=""
+ for seq in 1 2 3 4 5 6 7 8 9 10; do
+ # use SIGCONT/signal 18 to check if there are
+ # processes left. No need to check the exit code
+ # value, because either killall5 work and it make
+ # sense to wait for processes to die, or it fail and
+ # there is nothing to wait for.
+
+ if killall5 -18 ; then
+ :
+ else
+ alldead=1
+ break
+ fi
+
+ sleep 1
+ done
+ if [ -z "$alldead" ] ; then
+ log_action_begin_msg "Killing all remaining processes"
+ killall5 -9 # SIGKILL
+ log_action_end_msg 1
+ else
+ log_action_begin_msg "All processes ended within $seq seconds."
+ log_action_end_msg 0
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: kmod
+# Required-Start:
+# Required-Stop:
+# Should-Start: checkroot
+# Should-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Load the modules listed in /etc/modules.
+# Description: Load the modules listed in /etc/modules.
+### END INIT INFO
+
+# Silently exit if the kernel does not support modules.
+[ -f /proc/modules ] || exit 0
+[ -x /sbin/modprobe ] || exit 0
+
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+. /lib/lsb/init-functions
+
+PATH='/sbin:/bin'
+
+case "$1" in
+ start)
+ ;;
+
+ stop|restart|reload|force-reload)
+ log_warning_msg "Action '$1' is meaningless for this init script"
+ exit 0
+ ;;
+
+ *)
+ log_success_msg "Usage: $0 start"
+ exit 1
+esac
+
+load_module() {
+ local module args
+ module="$1"
+ args="$2"
+
+ if [ "$VERBOSE" != no ]; then
+ log_action_msg "Loading kernel module $module"
+ modprobe $module $args || true
+ else
+ modprobe $module $args > /dev/null 2>&1 || true
+ fi
+}
+
+modules_files() {
+ local modules_load_dirs='/etc/modules-load.d /run/modules-load.d /lib/modules-load.d'
+ local processed=' '
+ local add_etc_modules=true
+
+ for dir in $modules_load_dirs; do
+ [ -d $dir ] || continue
+ for file in $(run-parts --list --regex='\.conf$' $dir 2> /dev/null || true); do
+ local base=${file##*/}
+ if echo -n "$processed" | grep -qF " $base "; then
+ continue
+ fi
+ if [ "$add_etc_modules" -a -L $file \
+ -a "$(readlink -f $file)" = /etc/modules ]; then
+ add_etc_modules=
+ fi
+ processed="$processed$base "
+ echo $file
+ done
+ done
+
+ if [ "$add_etc_modules" ]; then
+ echo /etc/modules
+ fi
+}
+
+if [ "$VERBOSE" = no ]; then
+ log_action_begin_msg 'Loading kernel modules'
+fi
+
+files=$(modules_files)
+if [ "$files" ] ; then
+ grep -h '^[^#]' $files |
+ while read module args; do
+ [ "$module" ] || continue
+ load_module "$module" "$args"
+ done
+fi
+
+if [ "$VERBOSE" = no ]; then
+ log_action_end_msg 0
+fi
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: lvm2 lvm
+# Required-Start: mountdevsubfs
+# Required-Stop:
+# Should-Start: udev mdadm-raid cryptdisks-early multipath-tools-boot
+# Should-Stop: umountroot mdadm-raid
+# X-Start-Before: checkfs mountall
+# X-Stop-After: umountfs
+# Default-Start: S
+# Default-Stop:
+### END INIT INFO
+
+SCRIPTNAME=/etc/init.d/lvm2
+
+. /lib/lsb/init-functions
+
+[ -x /sbin/vgchange ] || exit 0
+
+case "$1" in
+ start)
+ log_action_begin_msg "Setting up LVM Volume Groups"
+ /sbin/lvm vgchange -aay --sysinit >/dev/null
+ log_action_end_msg "$?"
+ ;;
+ stop|restart|force-reload|status)
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME start" >&2
+ exit 3
+ ;;
+esac
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: motd
+# Required-Start: hostname $local_fs
+# Required-Stop:
+# Should-Start:
+# Default-Start: 1 2 3 4 5
+# Default-Stop:
+# Short-Description: Create dynamic part of /etc/motd
+# Description: /etc/motd is user-editable and static. This script
+# creates the initial dynamic part, by default the
+# output of uname, and stores it in /var/run/motd.dynamic.
+# Both parts are output by pam_motd.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+. /lib/init/vars.sh
+
+do_start () {
+ # Update motd
+ uname -snrvm > /var/run/motd.dynamic
+}
+
+do_status () {
+ if [ -f /var/run/motd.dynamic ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: motd [start|stop|status]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountall-bootclean
+# Required-Start: mountall
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after mountall.
+# Description: Clean temporary filesystems after
+# all local filesystems have been mounted.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /var/lock, /var/run
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountall-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountall
+# Required-Start: checkfs checkroot-bootclean
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount all filesystems.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+. /lib/init/swap-functions.sh
+
+# for ntfs-3g to get correct file name encoding
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG
+fi
+
+do_start() {
+ #
+ # Mount local file systems in /etc/fstab.
+ #
+ mount_all_local() {
+ mount -a -t nonfs,nfs4,smbfs,cifs,ncp,ncpfs,coda,ocfs2,gfs,gfs2,ceph \
+ -O no_netdev
+ }
+ pre_mountall
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Mounting local filesystems"
+ mount_all_local
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now mount local filesystems"
+ mount_all_local
+ log_end_msg $?
+ fi
+ post_mountall
+
+ # We might have mounted something over /run; see if
+ # /run/initctl is present. Look for
+ # /usr/share/sysvinit/update-rc.d to verify that sysvinit (and
+ # not upstart) is installed).
+ INITCTL="/run/initctl"
+ if [ ! -p "$INITCTL" ] && [ -f "/usr/share/sysvinit/update-rc.d" ]; then
+ # Create new control channel
+ rm -f "$INITCTL"
+ mknod -m 600 "$INITCTL" p
+
+ # Reopen control channel.
+ PID="$(pidof -s /sbin/init || echo 1)"
+ [ -n "$PID" ] && kill -s USR1 "$PID"
+ fi
+
+ # Execute swapon command again, in case we want to swap to
+ # a file on a now mounted filesystem.
+ swaponagain 'swapfile'
+
+ # Remount tmpfs filesystems; with increased VM after swapon,
+ # the size limits may be adjusted.
+ mount_run mount_noupdate
+ mount_lock mount_noupdate
+ mount_shm mount_noupdate
+
+ # Now we have mounted everything, check whether we need to
+ # mount a tmpfs on /tmp. We can now also determine swap size
+ # to factor this into our size limit.
+ mount_tmp mount_noupdate
+}
+
+case "$1" in
+ start|"")
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountall.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountdevsubfs
+# Required-Start: mountkernfs
+# Required-Stop:
+# Should-Start: udev
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount special file systems under /dev.
+# Description: Mount the virtual filesystems the kernel provides
+# that ordinarily live under the /dev filesystem.
+### END INIT INFO
+#
+# This script gets called multiple times during boot
+#
+
+PATH=/sbin:/bin
+TTYGRP=5
+TTYMODE=620
+[ -f /etc/default/devpts ] && . /etc/default/devpts
+
+KERNEL="$(uname -s)"
+
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+# May be run several times, so must be idempotent.
+# $1: Mount mode, to allow for remounting
+mount_filesystems () {
+ MNTMODE="$1"
+
+ # Mount a tmpfs on /run/shm
+ mount_shm "$MNTMODE"
+
+ # Mount /dev/pts
+ if [ "$KERNEL" = Linux ]
+ then
+ if [ ! -d /dev/pts ]
+ then
+ mkdir --mode=755 /dev/pts
+ [ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts
+ fi
+ domount "$MNTMODE" devpts "" /dev/pts devpts "-onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE"
+ fi
+}
+
+case "$1" in
+ "")
+ echo "Warning: mountdevsubfs should be called with the 'start' argument." >&2
+ mount_filesystems mount_noupdate
+ ;;
+ start)
+ mount_filesystems mount_noupdate
+ ;;
+ restart|reload|force-reload)
+ mount_filesystems remount
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountdevsubfs [start|stop]" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountkernfs
+# Required-Start:
+# Required-Stop:
+# Should-Start: glibc
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Mount kernel virtual file systems.
+# Description: Mount initial set of virtual filesystems the kernel
+# provides and that are required by everything.
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+. /lib/init/tmpfs.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+# May be run several times, so must be idempotent.
+# $1: Mount mode, to allow for remounting
+mount_filesystems () {
+ MNTMODE="$1"
+
+ #
+ # Mount tmpfs on /run and/or /run/lock
+ #
+ mount_run "$MNTMODE"
+ mount_lock "$MNTMODE"
+
+ #
+ # Mount proc filesystem on /proc
+ #
+ domount "$MNTMODE" proc "" /proc proc "-onodev,noexec,nosuid"
+
+ #
+ # Mount sysfs on /sys
+ #
+ # Only mount sysfs if it is supported (kernel >= 2.6)
+ if grep -E -qs "sysfs\$" /proc/filesystems
+ then
+ domount "$MNTMODE" sysfs "" /sys sysfs "-onodev,noexec,nosuid"
+ fi
+
+ if [ -d /sys/fs/pstore ]
+ then
+ domount "$MNTMODE" pstore "" /sys/fs/pstore pstore ""
+ fi
+
+ if [ -d /sys/kernel/config ]
+ then
+ domount "$MNTMODE" configfs "" /sys/kernel/config configfs ""
+ fi
+}
+
+case "$1" in
+ "")
+ echo "Warning: mountkernfs should be called with the 'start' argument." >&2
+ mount_filesystems mount_noupdate
+ ;;
+ start)
+ mount_filesystems mount_noupdate
+ ;;
+ restart|reload|force-reload)
+ mount_filesystems remount
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountkernfs [start|stop]" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountnfs-bootclean
+# Required-Start: $local_fs mountnfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# X-Start-Before: bootmisc
+# Short-Description: bootclean after mountnfs.
+# Description: Clean temporary filesystems after
+# network filesystems have been mounted.
+### END INIT INFO
+
+. /lib/init/bootclean.sh
+
+case "$1" in
+ start|"")
+ # Clean /tmp, /var/lock, /var/run
+ clean_all
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: mountnfs-bootclean.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: mountnfs
+# Required-Start: $local_fs
+# Required-Stop:
+# Should-Start: $network $portmap nfs-common udev-mtab
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Wait for network file systems to be mounted
+# Description: Network file systems are mounted by
+# /etc/network/if-up.d/mountnfs in the background
+# when interfaces are brought up; this script waits
+# for them to be mounted before carrying on.
+### END INIT INFO
+
+. /lib/init/vars.sh
+. /lib/init/mount-functions.sh
+. /lib/lsb/init-functions
+
+do_wait_async_mount() {
+ # Read through fstab line by line. If it is NFS, set the flag
+ # for mounting NFS file systems. If any NFS partition is found
+ # then wait around for it.
+
+ waitnfs=
+ for file in "$(eval ls $(fstab_files))"; do
+ if [ -f "$file" ]; then
+ while read DEV MTPT FSTYPE OPTS REST; do
+ case "$DEV" in
+ ""|\#*)
+ continue
+ ;;
+ esac
+ case "$OPTS" in
+ noauto|*,noauto|noauto,*|*,noauto,*)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs|nfs4|smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs|ceph)
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ case "$MTPT" in
+ /usr/local|/usr/local/*)
+ ;;
+ /usr|/usr/*)
+ waitnfs="$waitnfs $MTPT"
+ ;;
+ /var|/var/*)
+ waitnfs="$waitnfs $MTPT"
+ ;;
+ esac
+ done < "$file"
+ fi
+ done
+
+ # Wait for each path, the timeout is for all of them as that's
+ # really the maximum time we have to wait anyway
+ TIMEOUT=900
+ for mountpt in $waitnfs; do
+ log_action_begin_msg "Waiting for $mountpt"
+
+ while ! mountpoint -q $mountpt; do
+ sleep 0.1
+
+ TIMEOUT=$(( $TIMEOUT - 1 ))
+ if [ $TIMEOUT -le 0 ]; then
+ log_action_end_msg 1
+ break
+ fi
+ done
+
+ if [ $TIMEOUT -gt 0 ]; then
+ log_action_end_msg 0
+ fi
+ done
+}
+
+case "$1" in
+ start)
+ # Using 'no !=' instead of 'yes =' to make sure async nfs
+ # mounting is the default even without a value in
+ # /etc/default/rcS
+ if [ no != "$ASYNCMOUNTNFS" ] ; then
+ do_wait_async_mount
+ else
+ FROMINITD=yes /etc/network/if-up.d/mountnfs
+ fi
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/bash
+#
+### BEGIN INIT INFO
+# Provides: mysql
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $network $named $time
+# Should-Stop: $network $named $time
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start and stop the mysql database server daemon
+# Description: Controls the main MariaDB database server daemon "mysqld"
+# and its wrapper script "mysqld_safe".
+### END INIT INFO
+#
+set -e
+set -u
+${DEBIAN_SCRIPT_DEBUG:+ set -v -x}
+
+test -x /usr/sbin/mysqld || exit 0
+
+. /lib/lsb/init-functions
+
+SELF=$(cd $(dirname $0); pwd -P)/$(basename $0)
+CONF=/etc/mysql/my.cnf
+MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
+
+# priority can be overriden and "-s" adds output to stderr
+ERR_LOGGER="logger -p daemon.err -t /etc/init.d/mysql -i"
+
+# Safeguard (relative paths, core dumps..)
+cd /
+umask 077
+
+# mysqladmin likes to read /root/.my.cnf. This is usually not what I want
+# as many admins e.g. only store a password without a username there and
+# so break my scripts.
+export HOME=/etc/mysql/
+
+## Fetch a particular option from mysql's invocation.
+#
+# Usage: void mysqld_get_param option
+mysqld_get_param() {
+ /usr/sbin/mysqld --print-defaults \
+ | tr " " "\n" \
+ | grep -- "--$1" \
+ | tail -n 1 \
+ | cut -d= -f2
+}
+
+## Do some sanity checks before even trying to start mysqld.
+sanity_checks() {
+ # check for config file
+ if [ ! -r /etc/mysql/my.cnf ]; then
+ log_warning_msg "$0: WARNING: /etc/mysql/my.cnf cannot be read. See README.Debian.gz"
+ echo "WARNING: /etc/mysql/my.cnf cannot be read. See README.Debian.gz" | $ERR_LOGGER
+ fi
+
+ # check for diskspace shortage
+ datadir=`mysqld_get_param datadir`
+ if LC_ALL=C BLOCKSIZE= df --portability $datadir/. | tail -n 1 | awk '{ exit ($4>4096) }'; then
+ log_failure_msg "$0: ERROR: The partition with $datadir is too full!"
+ echo "ERROR: The partition with $datadir is too full!" | $ERR_LOGGER
+ exit 1
+ fi
+}
+
+## Checks if there is a server running and if so if it is accessible.
+#
+# check_alive insists on a pingable server
+# check_dead also fails if there is a lost mysqld in the process list
+#
+# Usage: boolean mysqld_status [check_alive|check_dead] [warn|nowarn]
+mysqld_status () {
+ ping_output=`$MYADMIN ping 2>&1`; ping_alive=$(( ! $? ))
+
+ ps_alive=0
+ pidfile=`mysqld_get_param pid-file`
+ if [ -f "$pidfile" ] && ps `cat $pidfile` >/dev/null 2>&1; then ps_alive=1; fi
+
+ if [ "$1" = "check_alive" -a $ping_alive = 1 ] ||
+ [ "$1" = "check_dead" -a $ping_alive = 0 -a $ps_alive = 0 ]; then
+ return 0 # EXIT_SUCCESS
+ else
+ if [ "$2" = "warn" ]; then
+ echo -e "$ps_alive processes alive and '$MYADMIN ping' resulted in\n$ping_output\n" | $ERR_LOGGER -p daemon.debug
+ fi
+ return 1 # EXIT_FAILURE
+ fi
+}
+
+#
+# main()
+#
+
+case "${1:-''}" in
+
+ 'start')
+ sanity_checks;
+ # Start daemon
+ log_daemon_msg "Starting MariaDB database server" "mysqld"
+ if mysqld_status check_alive nowarn; then
+ log_progress_msg "already running"
+ log_end_msg 0
+ else
+ # Could be removed during boot
+ test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld
+
+ # Start MariaDB!
+ /usr/bin/mysqld_safe "${@:2}" 2>&1 >/dev/null | $ERR_LOGGER &
+
+ # 6s was reported in #352070 to be too few when using ndbcluster
+ for i in $(seq 1 "${MYSQLD_STARTUP_TIMEOUT:-30}"); do
+ sleep 1
+ if mysqld_status check_alive nowarn ; then break; fi
+ log_progress_msg "."
+ done
+ if mysqld_status check_alive warn; then
+ log_end_msg 0
+ # Now start mysqlcheck or whatever the admin wants.
+ output=$(/etc/mysql/debian-start)
+ if [ -n "$output" ]; then
+ log_action_msg "$output"
+ fi
+ else
+ log_end_msg 1
+ log_failure_msg "Please take a look at the syslog"
+ fi
+ fi
+ ;;
+
+ 'stop')
+ # * As a passwordless mysqladmin (e.g. via ~/.my.cnf) must be possible
+ # at least for cron, we can rely on it here, too. (although we have
+ # to specify it explicit as e.g. sudo environments points to the normal
+ # users home and not /root)
+ log_daemon_msg "Stopping MariaDB database server" "mysqld"
+ if ! mysqld_status check_dead nowarn; then
+ set +e
+ shutdown_out=`$MYADMIN shutdown 2>&1`; r=$?
+ set -e
+ if [ "$r" -ne 0 ]; then
+ log_end_msg 1
+ [ "$VERBOSE" != "no" ] && log_failure_msg "Error: $shutdown_out"
+ log_daemon_msg "Killing MariaDB database server by signal" "mysqld"
+ killall -15 mysqld
+ server_down=
+ for i in `seq 1 600`; do
+ sleep 1
+ if mysqld_status check_dead nowarn; then server_down=1; break; fi
+ done
+ if test -z "$server_down"; then killall -9 mysqld; fi
+ fi
+ fi
+
+ if ! mysqld_status check_dead warn; then
+ log_end_msg 1
+ log_failure_msg "Please stop MariaDB manually and read /usr/share/doc/mariadb-server-10.0/README.Debian.gz!"
+ exit -1
+ else
+ log_end_msg 0
+ fi
+ ;;
+
+ 'restart')
+ set +e; $SELF stop; set -e
+ shift
+ $SELF start "${@}"
+ ;;
+
+ 'reload'|'force-reload')
+ log_daemon_msg "Reloading MariaDB database server" "mysqld"
+ $MYADMIN reload
+ log_end_msg 0
+ ;;
+
+ 'status')
+ if mysqld_status check_alive nowarn; then
+ log_action_msg "$($MYADMIN version)"
+ else
+ log_action_msg "MariaDB is stopped."
+ exit 3
+ fi
+ ;;
+
+ *)
+ echo "Usage: $SELF start|stop|restart|reload|force-reload|status"
+ exit 1
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+
+# This file is part of netfilter-persistent
+# Copyright (C) 2014 Jonathan Wiltshire
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation, either version 3
+# of the License, or (at your option) any later version.
+
+### BEGIN INIT INFO
+# Provides: netfilter-persistent
+# Required-Start: mountkernfs $remote_fs
+# Required-Stop: $remote_fs
+# Default-Start: S
+# Default-Stop: 0 1 6
+# Short-Description: Load boot-time netfilter configuration
+# Description: Loads boot-time netfilter configuration
+### END INIT INFO
+
+. /lib/lsb/init-functions
+
+case "$1" in
+start|restart|reload|force-reload)
+ log_action_begin_msg "Loading netfilter rules"
+ /usr/sbin/netfilter-persistent start
+ log_action_end_msg $?
+ ;;
+save)
+ log_action_begin_msg "Saving netfilter rules"
+ /usr/sbin/netfilter-persistent save
+ log_action_end_msg $?
+ ;;
+stop)
+ log_action_begin_msg "Stopping netfilter rules"
+ /usr/sbin/netfilter-persistent stop
+ log_action_end_msg $?
+ ;;
+flush)
+ log_action_begin_msg "Flushing netfilter rules"
+ /usr/sbin/netfilter-persistent flush
+ log_action_end_msg $?
+ ;;
+*)
+ echo "Usage: $0 {start|restart|reload|force-reload|save|flush}" >&2
+ exit 1
+ ;;
+esac
+
+exit $rc
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: networking ifupdown
+# Required-Start: mountkernfs $local_fs urandom
+# Required-Stop: $local_fs
+# Default-Start: S
+# Default-Stop: 0 6
+# Short-Description: Raise network interfaces.
+# Description: Prepare /run/network directory, ifstate file and raise network interfaces, or take them down.
+### END INIT INFO
+
+PATH="/sbin:/bin"
+RUN_DIR="/run/network"
+IFSTATE="$RUN_DIR/ifstate"
+STATEDIR="$RUN_DIR/state"
+
+[ -x /sbin/ifup ] || exit 0
+[ -x /sbin/ifdown ] || exit 0
+
+. /lib/lsb/init-functions
+
+CONFIGURE_INTERFACES=yes
+EXCLUDE_INTERFACES=
+VERBOSE=no
+
+[ -f /etc/default/networking ] && . /etc/default/networking
+
+verbose=""
+[ "$VERBOSE" = yes ] && verbose=-v
+
+process_exclusions() {
+ set -- $EXCLUDE_INTERFACES
+ exclusions=""
+ for d
+ do
+ exclusions="-X $d $exclusions"
+ done
+ echo $exclusions
+}
+
+process_options() {
+ [ -e /etc/network/options ] || return 0
+ log_warning_msg "/etc/network/options still exists and it will be IGNORED! Please use /etc/sysctl.conf instead."
+}
+
+check_ifstate() {
+ if [ ! -d "$RUN_DIR" ] ; then
+ if ! mkdir -p "$RUN_DIR" ; then
+ log_failure_msg "can't create $RUN_DIR"
+ exit 1
+ fi
+ if ! chown root:netdev "$RUN_DIR" ; then
+ log_warning_msg "can't chown $RUN_DIR"
+ fi
+ fi
+ if [ ! -r "$IFSTATE" ] ; then
+ if ! :> "$IFSTATE" ; then
+ log_failure_msg "can't initialise $IFSTATE"
+ exit 1
+ fi
+ fi
+}
+
+check_network_file_systems() {
+ [ -e /proc/mounts ] || return 0
+
+ if [ -e /etc/iscsi/iscsi.initramfs ]; then
+ log_warning_msg "not deconfiguring network interfaces: iSCSI root is mounted."
+ exit 0
+ fi
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network devices still mounted."
+ exit 0
+ ;;
+ esac
+ case $FSTYPE in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|pvfs|pvfs2|fuse.httpfs|fuse.curlftpfs)
+ log_warning_msg "not deconfiguring network interfaces: network file systems still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/mounts
+}
+
+check_network_swap() {
+ [ -e /proc/swaps ] || return 0
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network swap still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/swaps
+}
+
+ifup_hotplug () {
+ if [ -d /sys/class/net ]
+ then
+ ifaces=$(for iface in $(ifquery --list --allow=hotplug)
+ do
+ link=${iface##:*}
+ link=${link##.*}
+ if [ -e "/sys/class/net/$link" ]
+ then
+ # link detection does not work unless we up the link
+ ip link set "$iface" up || true
+ if [ "$(cat /sys/class/net/$link/operstate)" = up ]
+ then
+ echo "$iface"
+ fi
+ fi
+ done)
+ if [ -n "$ifaces" ]
+ then
+ ifup $ifaces "$@" || true
+ fi
+ fi
+}
+
+case "$1" in
+start)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+ check_ifstate
+
+ if [ "$CONFIGURE_INTERFACES" = no ]
+ then
+ log_action_msg "Not configuring network interfaces, see /etc/default/networking"
+ exit 0
+ fi
+ set -f
+ exclusions=$(process_exclusions)
+ log_action_begin_msg "Configuring network interfaces"
+ if [ -x /sbin/udevadm ]; then
+ if [ -n "$(ifquery --list --exclude=lo)" ] || [ -n "$(ifquery --list --allow=hotplug)" ]; then
+ udevadm settle || true
+ fi
+ fi
+ if ifup -a $exclusions $verbose && ifup_hotplug $exclusions $verbose
+ then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+stop)
+ if init_is_upstart; then
+ exit 0
+ fi
+ check_network_file_systems
+ check_network_swap
+
+ log_action_begin_msg "Deconfiguring network interfaces"
+ if ifdown -a --exclude=lo $verbose; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+reload)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+
+ log_action_begin_msg "Reloading network interfaces configuration"
+ state=$(ifquery --state)
+ ifdown -a --exclude=lo $verbose || true
+ if ifup --exclude=lo $state $verbose ; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+force-reload|restart)
+ if init_is_upstart; then
+ exit 1
+ fi
+ process_options
+
+ log_warning_msg "Running $0 $1 is deprecated because it may not re-enable some interfaces"
+ log_action_begin_msg "Reconfiguring network interfaces"
+ ifdown -a --exclude=lo $verbose || true
+ set -f
+ exclusions=$(process_exclusions)
+ if ifup -a --exclude=lo $exclusions $verbose && ifup_hotplug $exclusions $verbose
+ then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+*)
+ echo "Usage: /etc/init.d/networking {start|stop|reload|restart|force-reload}"
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# vim: noet ts=8
--- /dev/null
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: nginx
+# Required-Start: $local_fs $remote_fs $network $syslog $named
+# Required-Stop: $local_fs $remote_fs $network $syslog $named
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: starts the nginx web server
+# Description: starts nginx using start-stop-daemon
+### END INIT INFO
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/nginx
+NAME=nginx
+DESC=nginx
+
+# Include nginx defaults if available
+if [ -r /etc/default/nginx ]; then
+ . /etc/default/nginx
+fi
+
+STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"
+
+test -x $DAEMON || exit 0
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+# Try to extract nginx pidfile
+PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
+if [ -z "$PID" ]
+then
+ PID=/run/nginx.pid
+fi
+
+# Check if the ULIMIT is set in /etc/default/nginx
+if [ -n "$ULIMIT" ]; then
+ # Set the ulimits
+ ulimit $ULIMIT
+fi
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
+ $DAEMON_OPTS 2>/dev/null \
+ || return 2
+}
+
+test_nginx_config() {
+ $DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
+ RETVAL="$?"
+
+ sleep 1
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
+ return 0
+}
+
+#
+# Rotate log files
+#
+do_rotate() {
+ start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
+ return 0
+}
+
+#
+# Online upgrade nginx executable
+#
+# "Upgrading Executable on the Fly"
+# http://nginx.org/en/docs/control.html
+#
+do_upgrade() {
+ # Return
+ # 0 if nginx has been successfully upgraded
+ # 1 if nginx is not running
+ # 2 if the pid files were not created on time
+ # 3 if the old master could not be killed
+ if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
+ # Wait for both old and new master to write their pid file
+ while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
+ cnt=`expr $cnt + 1`
+ if [ $cnt -gt 10 ]; then
+ return 2
+ fi
+ sleep 1
+ done
+ # Everything is ready, gracefully stop the old master
+ if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
+ return 0
+ else
+ return 3
+ fi
+ else
+ return 1
+ fi
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+
+ # Check configuration before stopping nginx
+ if ! test_nginx_config; then
+ log_end_msg 1 # Configuration error
+ exit 0
+ fi
+
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC configuration" "$NAME"
+
+ # Check configuration before reload nginx
+ #
+ # This is not entirely correct since the on-disk nginx binary
+ # may differ from the in-memory one, but that's not common.
+ # We prefer to check the configuration and return an error
+ # to the administrator.
+ if ! test_nginx_config; then
+ log_end_msg 1 # Configuration error
+ exit 0
+ fi
+
+ do_reload
+ log_end_msg $?
+ ;;
+ configtest|testconfig)
+ log_daemon_msg "Testing $DESC configuration"
+ test_nginx_config
+ log_end_msg $?
+ ;;
+ status)
+ status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ upgrade)
+ log_daemon_msg "Upgrading binary" "$NAME"
+ do_upgrade
+ log_end_msg 0
+ ;;
+ rotate)
+ log_daemon_msg "Re-opening $DESC log files" "$NAME"
+ do_rotate
+ log_end_msg $?
+ ;;
+ *)
+ echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: php-fpm php5-fpm
+# Required-Start: $remote_fs $network
+# Required-Stop: $remote_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: starts php5-fpm
+# Description: Starts The PHP FastCGI Process Manager Daemon
+### END INIT INFO
+
+# Author: Ondrej Sury <ondrej@debian.org>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="PHP5 FastCGI Process Manager"
+NAME=php5-fpm
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="--daemonize --fpm-config /etc/php5/fpm/php-fpm.conf"
+CONF_PIDFILE=$(sed -n 's/^pid\s*=\s*//p' /etc/php5/fpm/php-fpm.conf)
+PIDFILE=${CONF_PIDFILE:-/run/php5-fpm.pid}
+TIMEOUT=30
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# Don't run if we are running upstart
+if init_is_upstart; then
+ exit 1
+fi
+
+#
+# Function to check the correctness of the config file
+#
+do_check()
+{
+ /usr/lib/php5/php5-fpm-checkconf || return 1
+ return 0
+}
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS 2>/dev/null \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=QUIT/$TIMEOUT/TERM/5/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/TERM/5/KILL/5 --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal USR2 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_check $VERBOSE
+ case "$?" in
+ 0)
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ 1) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ check)
+ do_check yes
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ reopen-logs)
+ log_daemon_msg "Reopening $DESC logs" $NAME
+ if start-stop-daemon --stop --signal USR1 --oknodo --quiet \
+ --pidfile $PIDFILE --exec $DAEMON
+ then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh -e
+
+# Start or stop Postfix
+#
+# LaMont Jones <lamont@debian.org>
+# based on sendmail's init.d script
+
+### BEGIN INIT INFO
+# Provides: postfix mail-transport-agent
+# Required-Start: $local_fs $remote_fs $syslog $named $network $time
+# Required-Stop: $local_fs $remote_fs $syslog $named $network
+# Should-Start: postgresql mysql clamav-daemon postgrey spamassassin saslauthd dovecot
+# Should-Stop: postgresql mysql clamav-daemon postgrey spamassassin saslauthd dovecot
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Postfix Mail Transport Agent
+# Description: postfix is a Mail Transport agent
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/postfix
+NAME=Postfix
+TZ=
+unset TZ
+
+# Defaults - don't touch, edit /etc/default/postfix
+SYNC_CHROOT="y"
+
+test -f /etc/default/postfix && . /etc/default/postfix
+
+test -x $DAEMON && test -f /etc/postfix/main.cf || exit 0
+
+. /lib/lsb/init-functions
+#DISTRO=$(lsb_release -is 2>/dev/null || echo Debian)
+
+enabled_instances() {
+ postmulti -l -a | awk '($3=="y") { print $1}'
+}
+
+running() {
+ INSTANCE="$1"
+ if [ "X$INSTANCE" = X ]; then
+ POSTCONF="postconf"
+ else
+ POSTCONF="postmulti -i $INSTANCE -x postconf"
+ fi
+
+ queue=$($POSTCONF -h queue_directory 2>/dev/null || echo /var/spool/postfix)
+ if [ -f ${queue}/pid/master.pid ]; then
+ pid=$(sed 's/ //g' ${queue}/pid/master.pid)
+ # what directory does the executable live in. stupid prelink systems.
+ dir=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* -> //; s/\/[^\/]*$//')
+ if [ "X$dir" = "X/usr/lib/postfix" ]; then
+ echo y
+ fi
+ fi
+}
+
+configure_instance() {
+ INSTANCE="$1"
+ if [ "X$INSTANCE" = X ]; then
+ POSTCONF="postconf"
+ else
+ POSTCONF="postmulti -i $INSTANCE -x postconf"
+ fi
+
+
+ # if you set myorigin to 'ubuntu.com' or 'debian.org', it's wrong, and annoys the admins of
+ # those domains. See also sender_canonical_maps.
+
+ MYORIGIN=$($POSTCONF -h myorigin | tr 'A-Z' 'a-z')
+ if [ "X${MYORIGIN#/}" != "X${MYORIGIN}" ]; then
+ MYORIGIN=$(tr 'A-Z' 'a-z' < $MYORIGIN)
+ fi
+ if [ "X$MYORIGIN" = Xubuntu.com ] || [ "X$MYORIGIN" = Xdebian.org ]; then
+ log_failure_msg "Invalid \$myorigin ($MYORIGIN), refusing to start"
+ log_end_msg 1
+ exit 1
+ fi
+
+ config_dir=$($POSTCONF -h config_directory)
+ # see if anything is running chrooted.
+ NEED_CHROOT=$(awk '/^[0-9a-z]/ && ($5 ~ "[-yY]") { print "y"; exit}' ${config_dir}/master.cf)
+
+ if [ -n "$NEED_CHROOT" ] && [ -n "$SYNC_CHROOT" ]; then
+ # Make sure that the chroot environment is set up correctly.
+ oldumask=$(umask)
+ umask 022
+ queue_dir=$($POSTCONF -h queue_directory)
+ cd "$queue_dir"
+
+ # copy the CA path if specified
+ ca_path=$($POSTCONF -h smtp_tls_CApath)
+ case "$ca_path" in
+ '') :;; # no ca_path
+ $queue_dir/*) :;; # skip stuff already in chroot, (and to make vim syntax happy: */)
+ *)
+ if test -d "$ca_path"; then
+ dest_dir="$queue_dir/${ca_path#/}"
+ # strip any/all trailing /
+ while [ "${dest_dir%/}" != "${dest_dir}" ]; do
+ dest_dir="${dest_dir%/}"
+ done
+ new=0
+ if test -d "$dest_dir"; then
+ # write to a new directory ...
+ dest_dir="${dest_dir}.NEW"
+ new=1
+ fi
+ mkdir --parent ${dest_dir}
+ # handle files in subdirectories
+ (cd "$ca_path" && find . -name '*.pem' -print0 | cpio -0pdL --quiet "$dest_dir") 2>/dev/null ||
+ (log_failure_msg failure copying certificates; exit 1)
+ c_rehash "$dest_dir" >/dev/null 2>&1
+ if [ "$new" = 1 ]; then
+ # and replace the old directory
+ rm -rf "${dest_dir%.NEW}"
+ mv "$dest_dir" "${dest_dir%.NEW}"
+ fi
+ fi
+ ;;
+ esac
+
+ # if there is a CA file, copy it
+ ca_file=$($POSTCONF -h smtp_tls_CAfile)
+ case "$ca_file" in
+ $queue_dir/*) :;; # skip stuff already in chroot
+ '') # no ca_file
+ # or copy the bundle to preserve functionality
+ ca_bundle=/etc/ssl/certs/ca-certificates.crt
+ if [ -f $ca_bundle ]; then
+ mkdir --parent "$queue_dir/${ca_bundle%/*}"
+ cp -L "$ca_bundle" "$queue_dir/${ca_bundle%/*}"
+ fi
+ ;;
+ *)
+ if test -f "$ca_file"; then
+ dest_dir="$queue_dir/${ca_path#/}"
+ mkdir --parent "$dest_dir"
+ cp -L "$ca_file" "$dest_dir"
+ fi
+ ;;
+ esac
+
+ # if we're using unix:passwd.byname, then we need to add etc/passwd.
+ local_maps=$($POSTCONF -h local_recipient_maps)
+ if [ "X$local_maps" != "X${local_maps#*unix:passwd.byname}" ]; then
+ if [ "X$local_maps" = "X${local_maps#*proxy:unix:passwd.byname}" ]; then
+ sed 's/^\([^:]*\):[^:]*/\1:x/' /etc/passwd > etc/passwd
+ chmod a+r etc/passwd
+ fi
+ fi
+
+ FILES="etc/localtime etc/services etc/resolv.conf etc/hosts \
+ etc/host.conf etc/nsswitch.conf etc/nss_mdns.config"
+ for file in $FILES; do
+ [ -d ${file%/*} ] || mkdir -p ${file%/*}
+ if [ -f /${file} ]; then rm -f ${file} && cp /${file} ${file}; fi
+ if [ -f ${file} ]; then chmod a+rX ${file}; fi
+ done
+ # ldaps needs this. debian bug 572841
+ (echo /dev/random; echo /dev/urandom) | cpio -pdL --quiet . 2>/dev/null || true
+ rm -f usr/lib/zoneinfo/localtime
+ mkdir -p usr/lib/zoneinfo
+ ln -sf /etc/localtime usr/lib/zoneinfo/localtime
+
+ LIBLIST=$(for name in gcc_s nss resolv; do
+ for f in /lib/*/lib${name}*.so* /lib/lib${name}*.so*; do
+ if [ -f "$f" ]; then echo ${f#/}; fi;
+ done;
+ done)
+
+ if [ -n "$LIBLIST" ]; then
+ for f in $LIBLIST; do
+ rm -f "$f"
+ done
+ tar cf - -C / $LIBLIST 2>/dev/null |tar xf -
+ fi
+ umask $oldumask
+ fi
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting Postfix Mail Transport Agent" postfix
+ RET=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" = X ]; then
+ configure_instance $INSTANCE
+ CMD="/usr/sbin/postmulti -- -i $INSTANCE -x ${DAEMON}"
+ if ! start-stop-daemon --start --exec $CMD quiet-quick-start; then
+ RET=1
+ fi
+ fi
+ done
+ log_end_msg $RET
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping Postfix Mail Transport Agent" postfix
+ RET=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" != X ]; then
+ CMD="/usr/sbin/postmulti -i $INSTANCE -x ${DAEMON}"
+ if ! ${CMD} quiet-stop; then
+ RET=1
+ fi
+ fi
+ done
+ log_end_msg $RET
+ ;;
+
+ restart)
+ $0 stop
+ $0 start
+ ;;
+
+ force-reload|reload)
+ log_action_begin_msg "Reloading Postfix configuration"
+ if ${DAEMON} quiet-reload; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 1
+ fi
+ ;;
+
+ status)
+ ALL=1
+ ANY=0
+ # for all instances that are not already running, handle chroot setup if needed, and start
+ for INSTANCE in $(enabled_instances); do
+ RUNNING=$(running $INSTANCE)
+ if [ "X$RUNNING" != X ]; then
+ ANY=1
+ else
+ ALL=0
+ fi
+ done
+ # handle the case when postmulti returns *no* configured instances
+ if [ $ANY = 0 ]; then
+ ALL=0
+ fi
+ if [ $ALL = 1 ]; then
+ log_success_msg "postfix is running"
+ exit 0
+ elif [ $ANY = 1 ]; then
+ log_success_msg "some postfix instances are running"
+ exit 0
+ else
+ log_success_msg "postfix is not running"
+ exit 3
+ fi
+ ;;
+
+ flush|check|abort)
+ ${DAEMON} $1
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/postfix {start|stop|restart|reload|flush|check|abort|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+# /etc/init.d/procps: Set kernel variables from /etc/sysctl.conf
+#
+# written by Elrond <Elrond@Wunder-Nett.org>
+
+### BEGIN INIT INFO
+# Provides: procps
+# Required-Start: mountkernfs $local_fs
+# Required-Stop:
+# Should-Start: udev module-init-tools
+# X-Start-Before: $network
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Configure kernel parameters at boottime
+# Description: Loads kernel parameters that are specified in /etc/sysctl.conf
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+SYSCTL=/sbin/sysctl
+
+test -x $SYSCTL || exit 0
+
+. /lib/lsb/init-functions
+
+# Comment this out for sysctl to print every item changed
+QUIET_SYSCTL="-q"
+
+# Check for existance of the default file and exit if not there,
+# Closes #52839 for the boot-floppy people
+if [ -f /etc/default/rcS ] ; then
+ . /etc/default/rcS
+fi
+
+set -e
+
+case "$1" in
+ start|restart|force-reload|reload)
+ log_action_begin_msg "Setting kernel variables "
+ STATUS=0
+ $SYSCTL $QUIET_SYSCTL --system || STATUS=$?
+ log_action_end_msg $STATUS
+ ;;
+ stop)
+ ;;
+ status)
+ ;;
+ *)
+ echo "Usage: /etc/init.d/procps {start|stop|restart|reload|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+#
+# rc
+#
+# Starts/stops services on runlevel changes.
+#
+# Optimization: A start script is not run when the service was already
+# configured to run in the previous runlevel. A stop script is not run
+# when the the service was already configured not to run in the previous
+# runlevel.
+#
+# Authors:
+# Miquel van Smoorenburg <miquels@cistron.nl>
+# Bruce Perens <Bruce@Pixar.com>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+export PATH
+
+# Un-comment the following for interactive debugging. Do not un-comment
+# this for debugging a real boot process as no scripts will be executed.
+# debug=echo
+
+# Make sure the name survive changing the argument list
+scriptname="$0"
+
+umask 022
+
+on_exit() {
+ echo "error: '$scriptname' exited outside the expected code flow."
+}
+trap on_exit EXIT # Enable emergency handler
+
+# Ignore CTRL-C only in this shell, so we can interrupt subprocesses.
+trap ":" INT QUIT TSTP
+
+# Set onlcr to avoid staircase effect.
+stty onlcr 0>&1
+
+# Now find out what the current and what the previous runlevel are.
+
+runlevel=$RUNLEVEL
+# Get first argument. Set new runlevel to this argument.
+[ "$1" != "" ] && runlevel=$1
+if [ "$runlevel" = "" ]
+then
+ echo "Usage: $scriptname <runlevel>" >&2
+ exit 1
+fi
+previous=$PREVLEVEL
+[ "$previous" = "" ] && previous=N
+
+export runlevel previous
+
+if [ -f /etc/default/rcS ] ; then
+ . /etc/default/rcS
+fi
+export VERBOSE
+
+if [ -f /lib/lsb/init-functions ] ; then
+ . /lib/lsb/init-functions
+else
+ log_action_msg() { echo $@; }
+ log_failure_msg() { echo $@; }
+ log_warning_msg() { echo $@; }
+fi
+
+#
+# Check if we are able to use make like booting. It require the
+# insserv package to be enabled. Boot concurrency also requires
+# startpar to be installed.
+#
+CONCURRENCY=makefile
+test -s /etc/init.d/.depend.boot || CONCURRENCY="none"
+test -s /etc/init.d/.depend.start || CONCURRENCY="none"
+test -s /etc/init.d/.depend.stop || CONCURRENCY="none"
+if test -e /etc/init.d/.legacy-bootordering ; then
+ CONCURRENCY="none"
+fi
+if ! test -e /proc/stat; then
+ if [ "$(uname)" = "GNU/kFreeBSD" ] ; then
+ # startpar requires /proc/stat
+ mount -t linprocfs linprocfs /proc
+ fi
+fi
+if [ -x /lib/startpar/startpar ] ; then
+ STARTPAR=/lib/startpar/startpar
+else
+ STARTPAR=startpar
+fi
+$STARTPAR -v > /dev/null 2>&1 || CONCURRENCY="none"
+
+#
+# Start script or program.
+#
+case "$CONCURRENCY" in
+ makefile|startpar|shell) # startpar and shell are obsolete
+ CONCURRENCY=makefile
+ log_action_msg "Using makefile-style concurrent boot in runlevel $runlevel"
+ startup() {
+ eval "$($STARTPAR -p 4 -t 20 -T 3 -M $1 -P $previous -R $runlevel)"
+
+ if [ -n "$failed_service" ]
+ then
+ log_failure_msg "startpar: service(s) returned failure: $failed_service"
+ fi
+
+ if [ -n "$skipped_service_not_installed" ]
+ then
+ log_warning_msg "startpar: service(s) skipped, program is not installed: $skipped_service_not_installed"
+ fi
+
+ if [ -n "$skipped_service_not_configured" ]
+ then
+ log_warning_msg "startpar: service(s) skipped, program is not configured: $skipped_service_not_configured"
+ fi
+
+ unset failed_service skipped_service_not_installed skipped_service_not_configured
+ }
+ ;;
+ none|*)
+ startup() {
+ action=$1
+ shift
+ scripts="$@"
+ for script in $scripts ; do
+ $debug "$script" $action
+ done
+ }
+ ;;
+esac
+
+# Is there an rc directory for this new runlevel?
+if [ -d /etc/rc$runlevel.d ]
+then
+ case "$runlevel" in
+ 0|6)
+ ACTION=stop
+ ;;
+ S)
+ ACTION=start
+ ;;
+ *)
+ ACTION=start
+ ;;
+ esac
+
+ # First, run the KILL scripts.
+ if [ makefile = "$CONCURRENCY" ]
+ then
+ if [ "$ACTION" = "start" ] && [ "$previous" != N ]
+ then
+ startup stop
+ fi
+ elif [ "$previous" != N ]
+ then
+ # Run all scripts with the same level in parallel
+ CURLEVEL=""
+ for s in /etc/rc$runlevel.d/K*
+ do
+ # Extract order value from symlink
+ level=${s#/etc/rc$runlevel.d/K}
+ level=${level%%[a-zA-Z]*}
+ if [ "$level" = "$CURLEVEL" ]
+ then
+ continue
+ fi
+ CURLEVEL=$level
+ SCRIPTS=""
+ for i in /etc/rc$runlevel.d/K$level*
+ do
+ # Check if the script is there.
+ [ ! -f $i ] && continue
+
+ #
+ # Find stop script in previous runlevel but
+ # no start script there.
+ #
+ suffix=${i#/etc/rc$runlevel.d/K[0-9][0-9]}
+ previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix
+ previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix
+ #
+ # If there is a stop script in the previous level
+ # and _no_ start script there, we don't
+ # have to re-stop the service.
+ #
+ [ -f $previous_stop ] && [ ! -f $previous_start ] && continue
+
+ # Stop the service.
+ SCRIPTS="$SCRIPTS $i"
+ done
+ startup stop $SCRIPTS
+ done
+ fi
+
+ if [ makefile = "$CONCURRENCY" ]
+ then
+ if [ S = "$runlevel" ]
+ then
+ startup boot
+ else
+ startup $ACTION
+ fi
+ else
+ # Now run the START scripts for this runlevel.
+ # Run all scripts with the same level in parallel
+ CURLEVEL=""
+ for s in /etc/rc$runlevel.d/S*
+ do
+ # Extract order value from symlink
+ level=${s#/etc/rc$runlevel.d/S}
+ level=${level%%[a-zA-Z]*}
+ if [ "$level" = "$CURLEVEL" ]
+ then
+ continue
+ fi
+ CURLEVEL=$level
+ SCRIPTS=""
+ for i in /etc/rc$runlevel.d/S$level*
+ do
+ [ ! -f $i ] && continue
+
+ suffix=${i#/etc/rc$runlevel.d/S[0-9][0-9]}
+ if [ "$previous" != N ]
+ then
+ #
+ # Find start script in previous runlevel and
+ # stop script in this runlevel.
+ #
+ stop=/etc/rc$runlevel.d/K[0-9][0-9]$suffix
+ previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix
+ #
+ # If there is a start script in the previous level
+ # and _no_ stop script in this level, we don't
+ # have to re-start the service.
+ #
+ if [ start = "$ACTION" ] ; then
+ [ -f $previous_start ] && [ ! -f $stop ] && continue
+ else
+ # Workaround for the special
+ # handling of runlevels 0 and 6.
+ previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix
+ #
+ # If there is a stop script in the previous level
+ # and _no_ start script there, we don't
+ # have to re-stop the service.
+ #
+ [ -f $previous_stop ] && [ ! -f $previous_start ] && continue
+ fi
+
+ fi
+ SCRIPTS="$SCRIPTS $i"
+ done
+ startup $ACTION $SCRIPTS
+ done
+ fi
+fi
+
+trap - EXIT # Disable emergency handler
+
+exit 0
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rc.local
+# Required-Start: $all
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Run /etc/rc.local if it exist
+### END INIT INFO
+
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+do_start() {
+ if [ -x /etc/rc.local ]; then
+ [ "$VERBOSE" != no ] && log_begin_msg "Running local boot scripts (/etc/rc.local)"
+ /etc/rc.local
+ ES=$?
+ [ "$VERBOSE" != no ] && log_end_msg $ES
+ return $ES
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ exit 0
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+#
+# rcS
+#
+# Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order
+#
+
+exec /etc/init.d/rc S
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: reboot
+# Required-Start:
+# Required-Stop:
+# Default-Start:
+# Default-Stop: 6
+# Short-Description: Execute the reboot command.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ # Message should end with a newline since kFreeBSD may
+ # print more stuff (see #323749)
+ log_action_msg "Will now restart"
+ reboot -d -f -i
+}
+
+case "$1" in
+ start)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ status)
+ exit 0
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rmnologin
+# Required-Start: $remote_fs $all
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Remove /run/nologin at boot
+# Description: This script removes the /run/nologin file as the
+# last step in the boot process, if DELAYLOGIN=yes.
+# If DELAYLOGIN=no, /run/nologin was not created by
+# bootmisc earlier in the boot process.
+### END INIT INFO
+
+PATH=/sbin:/bin
+[ "$DELAYLOGIN" ] || DELAYLOGIN=yes
+. /lib/init/vars.sh
+
+do_start () {
+ #
+ # If login delaying is enabled then remove the flag file
+ #
+ case "$DELAYLOGIN" in
+ Y*|y*)
+ rm -f /run/nologin
+ ;;
+ esac
+}
+
+do_status () {
+ if [ ! -f /run/nologin ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ # No-op
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: rsyncd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $named autofs
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: fast remote file copy program daemon
+# Description: rsync is a program that allows files to be copied to and
+# from remote machines in much the same way as rcp.
+# This provides rsyncd daemon functionality.
+### END INIT INFO
+
+set -e
+
+# /etc/init.d/rsync: start and stop the rsync daemon
+
+DAEMON=/usr/bin/rsync
+RSYNC_ENABLE=false
+RSYNC_OPTS=''
+RSYNC_DEFAULTS_FILE=/etc/default/rsync
+RSYNC_CONFIG_FILE=/etc/rsyncd.conf
+RSYNC_PID_FILE=/var/run/rsync.pid
+RSYNC_NICE_PARM=''
+RSYNC_IONICE_PARM=''
+
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+if [ -s $RSYNC_DEFAULTS_FILE ]; then
+ . $RSYNC_DEFAULTS_FILE
+ case "x$RSYNC_ENABLE" in
+ xtrue|xfalse) ;;
+ xinetd) exit 0
+ ;;
+ *) log_failure_msg "Value of RSYNC_ENABLE in $RSYNC_DEFAULTS_FILE must be either 'true' or 'false';"
+ log_failure_msg "not starting rsync daemon."
+ exit 1
+ ;;
+ esac
+ case "x$RSYNC_NICE" in
+ x[0-9]|x1[0-9]) RSYNC_NICE_PARM="--nicelevel $RSYNC_NICE";;
+ x) ;;
+ *) log_warning_msg "Value of RSYNC_NICE in $RSYNC_DEFAULTS_FILE must be a value between 0 and 19 (inclusive);"
+ log_warning_msg "ignoring RSYNC_NICE now."
+ ;;
+ esac
+ case "x$RSYNC_IONICE" in
+ x-c[123]*) RSYNC_IONICE_PARM="$RSYNC_IONICE";;
+ x) ;;
+ *) log_warning_msg "Value of RSYNC_IONICE in $RSYNC_DEFAULTS_FILE must be -c1, -c2 or -c3;"
+ log_warning_msg "ignoring RSYNC_IONICE now."
+ ;;
+ esac
+fi
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+rsync_start() {
+ if [ ! -s "$RSYNC_CONFIG_FILE" ]; then
+ log_failure_msg "missing or empty config file $RSYNC_CONFIG_FILE"
+ log_end_msg 1
+ exit 0
+ fi
+ # See ionice(1)
+ if [ -n "$RSYNC_IONICE_PARM" ] && [ -x /usr/bin/ionice ] &&
+ /usr/bin/ionice "$RSYNC_IONICE_PARM" true 2>/dev/null; then
+ /usr/bin/ionice "$RSYNC_IONICE_PARM" -p$$ > /dev/null 2>&1
+ fi
+ if start-stop-daemon --start --quiet --background \
+ --pidfile $RSYNC_PID_FILE --make-pidfile \
+ $RSYNC_NICE_PARM --exec $DAEMON \
+ -- --no-detach --daemon --config "$RSYNC_CONFIG_FILE" $RSYNC_OPTS
+ then
+ rc=0
+ sleep 1
+ if ! kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ log_failure_msg "rsync daemon failed to start"
+ rc=1
+ fi
+ else
+ rc=1
+ fi
+ if [ $rc -eq 0 ]; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ rm -f $RSYNC_PID_FILE
+ fi
+} # rsync_start
+
+
+case "$1" in
+ start)
+ if "$RSYNC_ENABLE"; then
+ log_daemon_msg "Starting rsync daemon" "rsync"
+ if [ -s $RSYNC_PID_FILE ] && kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ log_progress_msg "apparently already running"
+ log_end_msg 0
+ exit 0
+ fi
+ rsync_start
+ else
+ if [ -s "$RSYNC_CONFIG_FILE" ]; then
+ [ "$VERBOSE" != no ] && log_warning_msg "rsync daemon not enabled in $RSYNC_DEFAULTS_FILE, not starting..."
+ fi
+ fi
+ ;;
+ stop)
+ log_daemon_msg "Stopping rsync daemon" "rsync"
+ start-stop-daemon --stop --quiet --oknodo --pidfile $RSYNC_PID_FILE
+ log_end_msg $?
+ rm -f $RSYNC_PID_FILE
+ ;;
+
+ reload|force-reload)
+ log_warning_msg "Reloading rsync daemon: not needed, as the daemon"
+ log_warning_msg "re-reads the config file whenever a client connects."
+ ;;
+
+ restart)
+ set +e
+ if $RSYNC_ENABLE; then
+ log_daemon_msg "Restarting rsync daemon" "rsync"
+ if [ -s $RSYNC_PID_FILE ] && kill -0 $(cat $RSYNC_PID_FILE) >/dev/null 2>&1; then
+ start-stop-daemon --stop --quiet --oknodo --pidfile $RSYNC_PID_FILE || true
+ sleep 1
+ else
+ log_warning_msg "rsync daemon not running, attempting to start."
+ rm -f $RSYNC_PID_FILE
+ fi
+ rsync_start
+ else
+ if [ -s "$RSYNC_CONFIG_FILE" ]; then
+ [ "$VERBOSE" != no ] && log_warning_msg "rsync daemon not enabled in $RSYNC_DEFAULTS_FILE, not starting..."
+ fi
+ fi
+ ;;
+
+ status)
+ status_of_proc -p $RSYNC_PID_FILE "$DAEMON" rsync
+ exit $? # notreached due to set -e
+ ;;
+ *)
+ echo "Usage: /etc/init.d/rsync {start|stop|reload|force-reload|restart|status}"
+ exit 1
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: rsyslog
+# Required-Start: $remote_fs $time
+# Required-Stop: umountnfs $time
+# X-Stop-After: sendsigs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: enhanced syslogd
+# Description: Rsyslog is an enhanced multi-threaded syslogd.
+# It is quite compatible to stock sysklogd and can be
+# used as a drop-in replacement.
+### END INIT INFO
+
+#
+# Author: Michael Biebl <biebl@debian.org>
+#
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="enhanced syslogd"
+NAME=rsyslog
+
+RSYSLOGD=rsyslogd
+DAEMON=/usr/sbin/rsyslogd
+PIDFILE=/var/run/rsyslogd.pid
+
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Define LSB log_* functions.
+. /lib/lsb/init-functions
+
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # other if daemon could not be started or a failure occured
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $RSYSLOGD_OPTIONS
+}
+
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # other if daemon could not be stopped or a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON
+}
+
+#
+# Tell rsyslogd to close all open files
+#
+do_rotate() {
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --exec $DAEMON
+}
+
+create_xconsole() {
+ XCONSOLE=/dev/xconsole
+ if [ "$(uname -s)" != "Linux" ]; then
+ XCONSOLE=/run/xconsole
+ ln -sf $XCONSOLE /dev/xconsole
+ fi
+ if [ ! -e $XCONSOLE ]; then
+ mknod -m 640 $XCONSOLE p
+ chown root:adm $XCONSOLE
+ [ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE
+ fi
+}
+
+sendsigs_omit() {
+ OMITDIR=/run/sendsigs.omit.d
+ mkdir -p $OMITDIR
+ ln -sf $PIDFILE $OMITDIR/rsyslog
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$RSYSLOGD"
+ create_xconsole
+ do_start
+ case "$?" in
+ 0) sendsigs_omit
+ log_end_msg 0 ;;
+ 1) log_progress_msg "already started"
+ log_end_msg 0 ;;
+ *) log_end_msg 1 ;;
+ esac
+
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$RSYSLOGD"
+ do_stop
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_progress_msg "already stopped"
+ log_end_msg 0 ;;
+ *) log_end_msg 1 ;;
+ esac
+
+ ;;
+ rotate)
+ log_daemon_msg "Closing open files" "$RSYSLOGD"
+ do_rotate
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $RSYSLOGD && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: salt-minion
+# Required-Start: $remote_fs $network
+# Required-Stop: $remote_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: salt minion control daemon
+# Description: This is a daemon that controls the salt minions
+### END INIT INFO
+
+# Author: Michael Prokop <mika@debian.org>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="salt minion control daemon"
+NAME=salt-minion
+DAEMON=/usr/bin/salt-minion
+DAEMON_ARGS="-d"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+. /lib/lsb/init-functions
+
+do_start() {
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ pid=$(pidofproc -p $PIDFILE $DAEMON)
+ if [ -n "$pid" ] ; then
+ return 1
+ fi
+
+ start-stop-daemon --start --quiet --background --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+do_stop() {
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload)
+ # not implemented
+ #;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: sendsigs
+# Required-Start:
+# Required-Stop: umountnfs
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Kill all remaining processes.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /lib/lsb/init-functions
+
+# Make it possible to see who the misbehaving processes are
+report_unkillable() {
+ if [ -x /usr/bin/pstree ] ; then
+ echo "Currently running processes (pstree):"
+ pstree
+ elif [ -x /bin/ps ] ; then
+ echo "Currently running processes (ps):"
+ ps -ef
+ fi
+}
+
+do_stop () {
+ OMITPIDS=
+
+ for omitfile in /run/sendsigs.omit; do
+ if [ -e $omitfile ]; then
+ for pid in $(cat $omitfile); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+ done
+
+ # Load sendsigs.omit.d/packagename files too, to make it
+ # possible for scripts that need to modify the list of pids at
+ # run time without race conditions.
+ for omitdir in /run/sendsigs.omit.d; do
+ if [ -d "${omitdir}" ]; then
+ for pidfile in "${omitdir}/"*; do
+ [ -f "$pidfile" ] || continue
+ for pid in $(cat $pidfile); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ done
+ fi
+ done
+
+ # Upstart jobs have their own "stop on" clauses that sends
+ # SIGTERM/SIGKILL just like this, so if they're still running,
+ # they're supposed to be
+ if [ -x /sbin/initctl ]; then
+ for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+
+ # Flush the kernel I/O buffer before we start to kill
+ # processes, to make sure the IO of already stopped services to
+ # not slow down the remaining processes to a point where they
+ # are accidentily killed with SIGKILL because they did not
+ # manage to shut down in time.
+ sync
+
+ # Kill all processes.
+ log_action_begin_msg "Asking all remaining processes to terminate"
+ killall5 -15 $OMITPIDS # SIGTERM
+ log_action_end_msg 0
+ alldead=""
+ for seq in 1 2 3 4 5 6 7 8 9 10; do
+ # use SIGCONT/signal 18 to check if there are
+ # processes left. No need to check the exit code
+ # value, because either killall5 work and it make
+ # sense to wait for processes to die, or it fail and
+ # there is nothing to wait for.
+
+ # did an upstart job start since we last polled initctl? check
+ # again on each loop and add any new jobs (e.g., plymouth) to
+ # the list. If we did miss one starting up, this beats waiting
+ # 10 seconds before shutting down.
+ if [ -x /sbin/initctl ]; then
+ for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do
+ OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid"
+ done
+ fi
+ if killall5 -18 $OMITPIDS ; then
+ :
+ else
+ alldead=1
+ break
+ fi
+
+ sleep 1
+ done
+ if [ -z "$alldead" ] ; then
+ report_unkillable
+ log_action_begin_msg "Killing all remaining processes"
+ killall5 -9 $OMITPIDS # SIGKILL
+ log_action_end_msg 1
+ else
+ log_action_begin_msg "All processes ended within $seq seconds"
+ log_action_end_msg 0
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: single
+# Required-Start: $local_fs $all killprocs
+# Required-Stop:
+# Default-Start: 1
+# Default-Stop:
+# Short-Description: executed by init(8) upon entering runlevel 1 (single).
+### END INIT INFO
+
+PATH=/sbin:/bin
+
+. /lib/lsb/init-functions
+
+do_start () {
+ log_action_msg "Will now switch to single-user mode"
+ exec init -t1 S
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|status)
+ # No-op
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+#!/bin/sh
+# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
+if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
+ set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
+fi
+### BEGIN INIT INFO
+# Provides: skeleton
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Example initscript
+# Description: This file should be used to construct scripts to be
+# placed in /etc/init.d. This example start a
+# single forking daemon capable of writing a pid
+# file. To get other behavoirs, implemend
+# do_start(), do_stop() or other functions to
+# override the defaults in /lib/init/init-d-script.
+### END INIT INFO
+
+# Author: Foo Bar <foobar@baz.org>
+#
+# Please remove the "Author" lines above and replace them
+# with your own name if you copy and modify this script.
+
+DESC="Description of the service"
+DAEMON=/usr/sbin/daemonexecutablename
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: spamassassin
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+### END INIT INFO
+
+# Spamd init script
+# June 2002
+# Duncan Findlay
+
+# Based on skeleton by Miquel van Smoorenburg and Ian Murdock
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/spamd
+NAME=spamd
+SNAME=spamassassin
+DESC="SpamAssassin Mail Filter Daemon"
+PIDFILE="/var/run/$NAME.pid"
+
+export TMPDIR=/tmp
+# Apparently people have trouble if this isn't explicitly set...
+
+# Defaults - don't touch, edit /etc/default/spamassassin
+ENABLED=0
+OPTIONS=""
+NICE=
+
+. /lib/lsb/init-functions
+
+test -f /etc/default/spamassassin && . /etc/default/spamassassin
+
+DOPTIONS="-d --pidfile=$PIDFILE"
+
+check_enabled() {
+ if [ "$ENABLED" = "0" ]; then
+ echo "$DESC: disabled, see /etc/default/spamassassin"
+ exit 0
+ fi
+}
+
+test -f $DAEMON || exit 0
+
+set -e
+
+case "$1" in
+ start)
+ check_enabled
+ echo -n "Starting $DESC: "
+ start-stop-daemon --start --pidfile $PIDFILE --name $DAEMON \
+ $NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS
+ echo "$NAME."
+ ;;
+
+ stop)
+ echo -n "Stopping $DESC: "
+ start-stop-daemon --stop --pidfile $PIDFILE --name $DAEMON --oknodo
+ echo "$NAME."
+ ;;
+
+ reload|force-reload)
+ check_enabled
+ echo -n "Reloading $DESC: "
+ start-stop-daemon --stop --pidfile $PIDFILE --signal HUP --name $DAEMON
+ echo "$NAME."
+ ;;
+
+ restart)
+ check_enabled
+ echo -n "Restarting $DESC: "
+ start-stop-daemon --stop --pidfile $PIDFILE --name $DAEMON \
+ --retry 5 --oknodo
+ start-stop-daemon --start --pidfile $PIDFILE --name $DAEMON \
+ $NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS
+
+ echo "$NAME."
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ N=/etc/init.d/$SNAME
+ echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: sshd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: OpenBSD Secure Shell server
+### END INIT INFO
+
+set -e
+
+# /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon
+
+test -x /usr/sbin/sshd || exit 0
+( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
+
+umask 022
+
+if test -f /etc/default/ssh; then
+ . /etc/default/ssh
+fi
+
+. /lib/lsb/init-functions
+
+if [ -n "$2" ]; then
+ SSHD_OPTS="$SSHD_OPTS $2"
+fi
+
+# Are we running from init?
+run_by_init() {
+ ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ]
+}
+
+check_for_upstart() {
+ if init_is_upstart; then
+ exit $1
+ fi
+}
+
+check_for_no_start() {
+ # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
+ if [ -e /etc/ssh/sshd_not_to_be_run ]; then
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 0 || true
+ fi
+ if ! run_by_init; then
+ log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" || true
+ fi
+ exit 0
+ fi
+}
+
+check_dev_null() {
+ if [ ! -c /dev/null ]; then
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 1 || true
+ fi
+ if ! run_by_init; then
+ log_action_msg "/dev/null is not a character device!" || true
+ fi
+ exit 1
+ fi
+}
+
+check_privsep_dir() {
+ # Create the PrivSep empty dir if necessary
+ if [ ! -d /var/run/sshd ]; then
+ mkdir /var/run/sshd
+ chmod 0755 /var/run/sshd
+ fi
+}
+
+check_config() {
+ if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then
+ /usr/sbin/sshd $SSHD_OPTS -t || exit 1
+ fi
+}
+
+export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
+
+case "$1" in
+ start)
+ check_for_upstart 1
+ check_privsep_dir
+ check_for_no_start
+ check_dev_null
+ log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" || true
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+ stop)
+ check_for_upstart 0
+ log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" || true
+ if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ reload|force-reload)
+ check_for_upstart 1
+ check_for_no_start
+ check_config
+ log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" || true
+ if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ restart)
+ check_for_upstart 1
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
+ start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+
+ try-restart)
+ check_for_upstart 1
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true
+ RET=0
+ start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid || RET="$?"
+ case $RET in
+ 0)
+ # old daemon stopped
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0 || true
+ else
+ log_end_msg 1 || true
+ fi
+ ;;
+ 1)
+ # daemon not running
+ log_progress_msg "(not running)" || true
+ log_end_msg 0 || true
+ ;;
+ *)
+ # failed to stop
+ log_progress_msg "(failed to stop)" || true
+ log_end_msg 1 || true
+ ;;
+ esac
+ ;;
+
+ status)
+ check_for_upstart 1
+ status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $?
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" || true
+ exit 1
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: sudo
+# Required-Start: $local_fs $remote_fs
+# Required-Stop:
+# X-Start-Before: rmnologin
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Provide limited super user privileges to specific users
+# Description: Provide limited super user privileges to specific users.
+### END INIT INFO
+
+. /lib/lsb/init-functions
+
+N=/etc/init.d/sudo
+
+set -e
+
+case "$1" in
+ start)
+ # make sure privileges don't persist across reboots
+ if [ -d /var/lib/sudo ]
+ then
+ find /var/lib/sudo -exec touch -d @0 '{}' \;
+ fi
+ ;;
+ stop|reload|restart|force-reload|status)
+ ;;
+ *)
+ echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: udev
+# Required-Start: mountkernfs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Start udevd, populate /dev and load drivers.
+### END INIT INFO
+
+# we need to unmount /dev/pts/ and remount it later over the devtmpfs
+unmount_devpts() {
+ if mountpoint -q /dev/pts/; then
+ umount -n -l /dev/pts/
+ fi
+
+ if mountpoint -q /dev/shm/; then
+ umount -n -l /dev/shm/
+ fi
+}
+
+# mount a devtmpfs over /dev, if somebody did not already do it
+mount_devtmpfs() {
+ if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
+ mount -n -o remount,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev
+ return
+ fi
+
+ if ! mount -n -o size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then
+ log_failure_msg "udev requires devtmpfs support, not started"
+ log_end_msg 1
+ fi
+
+ return 0
+}
+
+create_dev_makedev() {
+ if [ -e /sbin/MAKEDEV ]; then
+ ln -sf /sbin/MAKEDEV /dev/MAKEDEV
+ else
+ ln -sf /bin/true /dev/MAKEDEV
+ fi
+}
+
+# If the initramfs does not have /run, the initramfs udev database must
+# be migrated from /dev/.udev/ to /run/udev/.
+move_udev_database() {
+ [ -e "/dev/.udev/" ] || return 0
+ [ ! -e /run/udev/ ] || return 0
+ [ -e /run/ ] || return 0
+ mountpoint -q /run/ || return 0
+
+ mv /dev/.udev/ /run/udev/ || true
+}
+
+supported_kernel() {
+ case "$(uname -r)" in
+ 2.[012345].*|2.6.[0-9]|2.6.[0-9][!0-9]*) return 1 ;;
+ 2.6.[12][0-9]|2.6.[12][0-9][!0-9]*) return 1 ;;
+ 2.6.3[0-1]|2.6.3[0-1][!0-9]*) return 1 ;;
+ esac
+ return 0
+}
+
+# shell version of /usr/bin/tty
+my_tty() {
+ [ -x /bin/readlink ] || return 0
+ [ -e /proc/self/fd/0 ] || return 0
+ readlink --silent /proc/self/fd/0 || true
+}
+
+warn_if_interactive() {
+ if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then
+ return
+ fi
+
+ TTY=$(my_tty)
+ if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then
+ return
+ fi
+
+ printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n"
+ printf "has been run from an interactive shell.\n"
+ printf "It will probably not do what you expect, so this script will wait\n"
+ printf "60 seconds before continuing. Press ^C to stop it.\n"
+ printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n"
+ sleep 60
+}
+
+make_static_nodes() {
+ [ -e /lib/modules/$(uname -r)/modules.devname ] || return 0
+ [ -x /bin/kmod ] || return 0
+
+ /bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \
+ while read type name mode uid gid age arg; do
+ [ -e $name ] && continue
+ case "$type" in
+ c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;;
+ d|d!) mkdir $name ;;
+ *) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;;
+ esac
+
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $name
+ fi
+ done
+}
+
+
+##############################################################################
+
+[ -x /sbin/udevd ] || exit 0
+
+PATH="/sbin:/bin"
+
+# defaults
+tmpfs_size="10M"
+
+if [ -e /etc/udev/udev.conf ]; then
+ . /etc/udev/udev.conf
+fi
+
+. /lib/lsb/init-functions
+
+if ! supported_kernel; then
+ log_failure_msg "udev requires a kernel >= 2.6.32, not started"
+ log_end_msg 1
+fi
+
+if [ ! -e /proc/filesystems ]; then
+ log_failure_msg "udev requires a mounted procfs, not started"
+ log_end_msg 1
+fi
+
+if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
+ log_failure_msg "udev requires devtmpfs support, not started"
+ log_end_msg 1
+fi
+
+if [ ! -d /sys/class/ ]; then
+ log_failure_msg "udev requires a mounted sysfs, not started"
+ log_end_msg 1
+fi
+
+if ! ps --no-headers --format args ax | egrep -q '^\['; then
+ log_warning_msg "udev does not support containers, not started"
+ exit 0
+fi
+
+if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \
+ [ -e /sys/block -a ! -e /sys/class/block ]; then
+ log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected"
+ log_warning_msg "Booting will continue in 30 seconds but many things will be broken"
+ sleep 30
+fi
+
+# When modifying this script, do not forget that between the time that the
+# new /dev has been mounted and udevadm trigger has been run there will be
+# no /dev/null. This also means that you cannot use the "&" shell command.
+
+case "$1" in
+ start)
+ if init_is_upstart 2>/dev/null; then
+ exit 1
+ fi
+ if mountpoint -q /dev/; then
+ TMPFS_MOUNTED=1
+ elif [ -e "/dev/.udev/" ]; then
+ log_warning_msg ".udev/ already exists on the static /dev"
+ fi
+
+ if [ ! -e "/dev/.udev/" -a ! -e "/run/udev/" ]; then
+ warn_if_interactive
+ fi
+
+ if [ -w /sys/kernel/uevent_helper ]; then
+ echo > /sys/kernel/uevent_helper
+ fi
+
+ move_udev_database
+
+ if [ -z "$TMPFS_MOUNTED" ]; then
+ unmount_devpts
+ mount_devtmpfs
+ [ -d /proc/1 ] || mount -n /proc
+ fi
+
+ make_static_nodes
+
+ # clean up parts of the database created by the initramfs udev
+ udevadm info --cleanup-db
+
+ # set the SELinux context for devices created in the initramfs
+ [ -x /sbin/restorecon ] && /sbin/restorecon -R /dev
+
+ log_daemon_msg "Starting the hotplug events dispatcher" "udevd"
+ if udevd --daemon; then
+ log_end_msg $?
+ else
+ log_warning_msg $?
+ log_warning_msg "Waiting 15 seconds and trying to continue anyway"
+ sleep 15
+ fi
+
+ log_action_begin_msg "Synthesizing the initial hotplug events"
+ if udevadm trigger --action=add; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+
+ create_dev_makedev
+
+ # wait for the udevd childs to finish
+ log_action_begin_msg "Waiting for /dev to be fully populated"
+ if udevadm settle; then
+ log_action_end_msg 0
+ else
+ log_action_end_msg 0 'timeout'
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping the hotplug events dispatcher" "udevd"
+ if start-stop-daemon --stop --name udevd --user root --quiet --oknodo --retry 5; then
+ log_end_msg $?
+ else
+ log_end_msg $?
+ fi
+ ;;
+
+ restart)
+ if init_is_upstart 2>/dev/null; then
+ exit 1
+ fi
+ log_daemon_msg "Stopping the hotplug events dispatcher" "udevd"
+ if start-stop-daemon --stop --name udevd --user root --quiet --oknodo --retry 5; then
+ log_end_msg $?
+ else
+ log_end_msg $? || true
+ fi
+
+ log_daemon_msg "Starting the hotplug events dispatcher" "udevd"
+ if udevd --daemon; then
+ log_end_msg $?
+ else
+ log_end_msg $?
+ fi
+ ;;
+
+ reload|force-reload)
+ udevadm control --reload-rules
+ ;;
+
+ status)
+ status_of_proc /sbin/udevd udevd && exit 0 || exit $?
+ ;;
+
+ *)
+ echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides: udev-finish
+# Required-Start: udev $local_fs
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Copy rules generated while the root was ro
+### END INIT INFO
+
+PATH="/sbin:/bin"
+
+. /lib/lsb/init-functions
+
+case "$1" in
+ start) ;;
+ stop|restart|force-reload) exit 0 ;;
+ *) echo "Usage: $0 {start|stop|restart|force-reload}" >&2; exit 1 ;;
+esac
+
+exec /lib/udev/udev-finish
+
--- /dev/null
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: ulogd2 ulogd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Starts ulogd2
+# Description: Starts the netfilter userspace log daemon
+### END INIT INFO
+
+# Author: Chris Boot <debian@bootc.net>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="netfilter userspace log daemon"
+NAME=ulogd
+DAEMON=/usr/sbin/$NAME
+DAEMON_USER=ulog
+PIDDIR=/run/ulog
+PIDFILE=$PIDDIR/$NAME.pid
+DAEMON_ARGS="--daemon --uid $DAEMON_USER --pidfile $PIDFILE"
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Make sure our /run directory exists
+ if [ ! -d $PIDDIR ]; then
+ mkdir $PIDDIR
+ chown $DAEMON_USER: $PIDDIR
+ fi
+
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
+ --test > /dev/null || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
+ --pidfile $PIDFILE --name $NAME
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE \
+ --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ do_start; RET=$?
+ case $RET in
+ 0|1) log_end_msg 0; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop; RET=$?
+ case $RET in
+ 0|1) log_end_msg 0; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME"
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload; RET=$?
+ log_end_msg $RET
+ exit $RET
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop; RET=$?
+ case $RET in
+ 0|1)
+ do_start; RET=$?
+ case $RET in
+ 0) log_end_msg 0; exit 0 ;;
+ 1) log_end_msg 1; exit 1 ;; # Old process is still running
+ *) log_end_msg 1; exit 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1; exit 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountfs
+# Required-Start:
+# Required-Stop: umountroot
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Turn off swap and unmount all local file systems.
+# Description:
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+umask 022
+
+do_stop () {
+ PROTECTED_MOUNTS="$(sed -n ':a;/^[^ ]* \/ /!{H;n;ba};{H;s/.*//;x;s/\n//;p}' /proc/mounts)"
+ WEAK_MTPTS="" # be gentle, don't use force
+ REG_MTPTS=""
+ TMPFS_MTPTS=""
+ while read -r DEV MTPT FSTYPE REST
+ do
+ echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV $MTPT " && continue
+ case "$MTPT" in
+ /|/proc|/dev|/.dev|/dev/pts|/dev/shm|/dev/.static/dev|/proc/*|/sys|/sys/*|/run|/run/*|/dev/vcs)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ proc|procfs|linprocfs|sysfs|usbfs|usbdevfs|devpts)
+ continue
+ ;;
+ tmpfs)
+ TMPFS_MTPTS="$MTPT $TMPFS_MTPTS"
+ ;;
+ *)
+ if echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV "; then
+ WEAK_MTPTS="$MTPT $WEAK_MTPTS"
+ else
+ REG_MTPTS="$MTPT $REG_MTPTS"
+ fi
+ ;;
+ esac
+ done < /proc/mounts
+
+ #
+ # Make sure tmpfs file systems are umounted before turning off
+ # swap, to avoid running out of memory if the tmpfs filesystems
+ # use a lot of space.
+ #
+ if [ "$TMPFS_MTPTS" ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting temporary filesystems"
+ fstab-decode umount $TMPFS_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount temporary filesystems"
+ fstab-decode umount -v $TMPFS_MTPTS
+ log_end_msg $?
+ fi
+ fi
+
+ #
+ # Deactivate swap
+ #
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Deactivating swap"
+ swapoff -a >/dev/null
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now deactivate swap"
+ swapoff -a -v
+ log_end_msg $?
+ fi
+
+ #
+ # Unmount local filesystems
+ #
+ if [ "$WEAK_MTPTS" ]; then
+ # Do not use -f umount option for WEAK_MTPTS
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting weak filesystems"
+ fstab-decode umount -r -d $WEAK_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount weak filesystems"
+ fstab-decode umount -v -r -d $WEAK_MTPTS
+ log_end_msg $?
+ fi
+ fi
+ if [ "$REG_MTPTS" ]
+ then
+ if [ "$VERBOSE" = no ]
+ then
+ log_action_begin_msg "Unmounting local filesystems"
+ fstab-decode umount -f -r -d $REG_MTPTS
+ log_action_end_msg $?
+ else
+ log_daemon_msg "Will now unmount local filesystems"
+ fstab-decode umount -f -v -r -d $REG_MTPTS
+ log_end_msg $?
+ fi
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountnfs
+# Required-Start:
+# Required-Stop: umountfs
+# Should-Stop: $network $portmap nfs-common
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Unmount all network filesystems except the root fs.
+# Description: Also unmounts all virtual filesystems (proc,
+# devpts, usbfs, sysfs) that are not mounted at the
+# top level.
+### END INIT INFO
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+KERNEL="$(uname -s)"
+RELEASE="$(uname -r)"
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+case "${KERNEL}:${RELEASE}" in
+ Linux:[01].*|Linux:2.[01].*)
+ FLAGS=""
+ ;;
+ Linux:2.[23].*|Linux:2.4.?|Linux:2.4.?-*|Linux:2.4.10|Linux:2.4.10-*)
+ FLAGS="-f"
+ ;;
+ *)
+ FLAGS="-f -l"
+ ;;
+esac
+
+do_stop () {
+ # Write a reboot record to /var/log/wtmp before unmounting
+ halt -w
+
+ # Remove bootclean flag files (precaution against symlink attacks)
+ rm -f /tmp/.clean /run/.clean /run/lock/.clean
+
+ #
+ # Make list of points to unmount in reverse order of their creation
+ #
+
+ DIRS=""
+ while read -r DEV MTPT FSTYPE OPTS REST
+ do
+ case "$MTPT" in
+ /|/proc|/dev|/dev/pts|/dev/shm|/proc/*|/sys|/run|/run/*)
+ continue
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|ceph)
+ DIRS="$MTPT $DIRS"
+ ;;
+ proc|procfs|linprocfs|devpts|usbfs|usbdevfs|sysfs)
+ DIRS="$MTPT $DIRS"
+ ;;
+ esac
+ case "$OPTS" in
+ _netdev|*,_netdev|_netdev,*|*,_netdev,*)
+ DIRS="$MTPT $DIRS"
+ ;;
+ esac
+ done < /etc/mtab
+
+ if [ "$DIRS" ]
+ then
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Unmounting remote and non-toplevel virtual filesystems"
+ fstab-decode umount $FLAGS $DIRS
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ fi
+
+ # emit unmounted-remote-filesystems hook point so any upstart jobs
+ # that support remote filesystems can be stopped
+ if [ -x /sbin/initctl ]; then
+ initctl --quiet emit unmounted-remote-filesystems 2>/dev/null || true
+ fi
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop|"")
+ do_stop
+ ;;
+ *)
+ echo "Usage: umountnfs.sh [start|stop]" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: umountroot
+# Required-Start:
+# Required-Stop:
+# Should-Stop: halt reboot kexec
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Mount the root filesystem read-only.
+### END INIT INFO
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+do_stop () {
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Mounting root filesystem read-only"
+ MOUNT_FORCE_OPT=
+ [ "$(uname -s)" = "GNU/kFreeBSD" ] && MOUNT_FORCE_OPT=-f
+ # This:
+ # mount -n -o remount,ro /
+ # will act on a bind mount of / if there is one.
+ # See #339023 and the comment in checkroot.sh
+ mount $MOUNT_FORCE_OPT -n -o remount,ro -t dummytype dummydev / 2>/dev/null \
+ || mount $MOUNT_FORCE_OPT -n -o remount,ro dummydev / 2>/dev/null \
+ || mount $MOUNT_FORCE_OPT -n -o remount,ro /
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+}
+
+case "$1" in
+ start|status)
+ # No-op
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ echo "Usage: $0 start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: urandom
+# Required-Start: $local_fs $time
+# Required-Stop: $local_fs
+# Default-Start: S
+# Default-Stop: 0 6
+# Short-Description: Save and restore random seed between restarts.
+# Description: This script saves the random seed between restarts.
+# It is called from the boot, halt and reboot scripts.
+### END INIT INFO
+
+## Assumption 1: We assume $SAVEDFILE is a file (or a symlink
+## to a file) that resides on a non-volatile medium that persists
+## across reboots.
+## Case 1a: Ideally, it is readable and writeable. Its is unshared,
+## i.e. its contents are unique to this machine. It is protected so
+## that its contents are not known to attackers.
+## Case 1b: Less than ideally, it is read-only. Its contents are
+## unique to this machine and not known to attackers.
+SAVEDFILE=/var/lib/urandom/random-seed
+
+[ -c /dev/urandom ] || exit 0
+
+PATH=/sbin:/bin
+if ! POOLBYTES=$((
+ ($(cat /proc/sys/kernel/random/poolsize 2>/dev/null) + 7) / 8
+)) ; then
+ POOLBYTES=512
+fi
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+
+do_status () {
+ if [ -f $SAVEDFILE ] ; then
+ return 0
+ else
+ return 4
+ fi
+}
+
+case "$1" in
+ start|"")
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator"
+ # Seed the RNG with date and time.
+ # This is helpful in the less-than-ideal case where $SAVEDFILE
+ # is read-only.
+ # The value of this is greatly reduced if $SAVEDFILE is missing,
+ # or its contents are shared machine-to-machine or known to
+ # attackers (since they might well know at what time this
+ # machine booted up).
+ (
+ date +%s.%N
+
+ # Load and then save $POOLBYTES bytes,
+ # which is the size of the entropy pool
+ if [ -f "$SAVEDFILE" ]
+ then
+ cat "$SAVEDFILE"
+ fi
+ # Redirect output of subshell (not individual commands)
+ # to cope with a misfeature in the FreeBSD (not Linux)
+ # /dev/random, where every superuser write/close causes
+ # an explicit reseed of the yarrow.
+ ) >/dev/urandom
+
+ # Write a new seed into $SAVEDFILE because re-using a seed
+ # compromises security. Each time we re-seed, we want the
+ # seed to be as different as possible.
+ # Write it now, in case the machine crashes without doing
+ # an orderly shutdown.
+ # The write will fail if $SAVEDFILE is read-only, but it
+ # doesn't hurt to try.
+ umask 077
+ dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
+ ES=$?
+ umask 022
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ ;;
+ stop)
+ # Carry a random seed from shut-down to start-up;
+ # Write it on shutdown, in case the one written at startup
+ # has been lost, snooped, or otherwise compromised.
+ # see documentation in linux/drivers/char/random.c
+ [ "$VERBOSE" = no ] || log_action_begin_msg "Saving random seed"
+ umask 077
+ dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
+ ES=$?
+ [ "$VERBOSE" = no ] || log_action_end_msg $ES
+ ;;
+ status)
+ do_status
+ exit $?
+ ;;
+ restart|reload|force-reload)
+ echo "Error: argument '$1' not supported" >&2
+ exit 3
+ ;;
+ *)
+ echo "Usage: urandom start|stop" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: uwsgi
+# Required-Start: $local_fs $remote_fs $network
+# Required-Stop: $local_fs $remote_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start/stop uWSGI server instance(s)
+# Description: This script manages uWSGI server instance(s).
+# You could control specific instance(s) by issuing:
+#
+# service uwsgi <command> <confname> <confname> ...
+#
+# You can issue to init.d script following commands:
+# * start | starts daemon
+# * stop | stops daemon
+# * reload | sends to daemon SIGHUP signal
+# * force-reload | sends to daemon SIGTERM signal
+# * restart | issues 'stop', then 'start' commands
+# * status | shows status of daemon instance
+#
+# 'status' command must be issued with exactly one
+# argument: '<confname>'.
+#
+# In init.d script output:
+# * . -- command was executed without problems or instance
+# is already in needed state
+# * ! -- command failed (or executed with some problems)
+# * ? -- configuration file for this instance isn't found
+# and this instance is ignored
+#
+# For more details see /usr/share/doc/uwsgi/README.Debian.
+### END INIT INFO
+
+# Author: Leonid Borisenko <leo.borisenko@gmail.com>
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="app server(s)"
+NAME="uwsgi"
+DAEMON="/usr/bin/uwsgi"
+SCRIPTNAME="/etc/init.d/${NAME}"
+
+UWSGI_CONFDIR="/etc/uwsgi"
+UWSGI_APPS_CONFDIR_SUFFIX="s-enabled"
+UWSGI_APPS_CONFDIR_GLOB="${UWSGI_CONFDIR}/app${UWSGI_APPS_CONFDIR_SUFFIX}"
+
+UWSGI_RUNDIR="/run/uwsgi"
+
+# Configuration namespace is used as name of runtime and log subdirectory.
+# uWSGI instances sharing the same app configuration directory also shares
+# the same runtime and log subdirectory.
+#
+# When init.d script cannot detect namespace for configuration file, default
+# namespace will be used.
+UWSGI_DEFAULT_CONFNAMESPACE=app
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Read configuration variable file if it is present
+[ -r "/etc/default/${NAME}" ] && . "/etc/default/${NAME}"
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# Define supplementary functions
+. /usr/share/uwsgi/init/snippets
+. /usr/share/uwsgi/init/do_command
+
+WHAT=$1
+shift
+case "$WHAT" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_command "$WHAT" "$@"
+ RETVAL="$?"
+ [ "$VERBOSE" != no ] && log_end_msg "$RETVAL"
+ ;;
+
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_command "$WHAT" "$@"
+ RETVAL="$?"
+ [ "$VERBOSE" != no ] && log_end_msg "$RETVAL"
+ ;;
+
+ status)
+ if [ -z "$1" ]; then
+ [ "$VERBOSE" != no ] && log_failure_msg "which one?"
+ else
+ PIDFILE="$(
+ find_specific_pidfile "$(relative_path_to_conffile_with_spec "$1")"
+ )"
+ status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" \
+ && exit 0 \
+ || exit $?
+ fi
+ ;;
+
+ reload)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Reloading $DESC" "$NAME"
+ do_command "$WHAT" "$@"
+ RETVAL="$?"
+ [ "$VERBOSE" != no ] && log_end_msg "$RETVAL"
+ ;;
+
+ force-reload)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Forced reloading $DESC" "$NAME"
+ do_command "$WHAT" "$@"
+ RETVAL="$?"
+ [ "$VERBOSE" != no ] && log_end_msg "$RETVAL"
+ ;;
+
+ restart)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME"
+ CURRENT_VERBOSE=$VERBOSE
+ VERBOSE=no
+ do_command stop "$@"
+ VERBOSE=$CURRENT_VERBOSE
+ case "$?" in
+ 0)
+ do_command start "$@"
+ RETVAL="$?"
+ [ "$VERBOSE" != no ] && log_end_msg "$RETVAL"
+ ;;
+ *)
+ # Failed to stop
+ [ "$VERBOSE" != no ] && log_end_msg 1
+ ;;
+ esac
+ ;;
+
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
+ exit 3
+ ;;
+esac
--- /dev/null
+# network-interface-container - woarkound for missing events in container
+#
+# This service emits missing net-device-added events for containers.
+# It's needed in cases where devices are created before the container
+# starts and so won't get a udev event.
+
+description "workaround for missing events in container"
+start on container
+
+emits net-device-added
+
+task
+script
+ case "$CONTAINER" in
+ lxc|lxc-libvirt|openvz)
+ initctl emit --no-wait net-device-added INTERFACE=lo || true
+ ;;
+ esac
+end script
--- /dev/null
+# network-interface-security - configure network device security
+#
+# This is a one-time start-up script to load AppArmor profiles needed
+# before the network comes up.
+
+description "configure network device security"
+
+# In order to avoid upstart bug LP: #447654, we cannot have an AND
+# statement here (with the ORs). An "and virtual-filesystems" is desired
+# here to make sure that the securityfs is mounted, but since each of the
+# ORed services already require virtual-filesystems be mounted, this is safe:
+start on (starting network-interface
+ or starting network-manager
+ or starting networking)
+stop on (stopped network-interface JOB=$JOB INTERFACE=$INTERFACE
+ or stopped network-manager JOB=$JOB
+ or stopped networking JOB=$JOB)
+
+# In order to handle the lack of upstart feature LP: #568860, we need to
+# run multiple times, for each of the above "starting" service instances, or
+# else another one might run while we're running, and not wait for us to
+# finish.
+instance $JOB${INTERFACE:+/}${INTERFACE:-}
+
+# Since we need these profiles to be loaded before any of the above services
+# begin running, this service must be a pre-start so that its pre-start
+# script finishes before the above services' start scripts begin.
+pre-start script
+ [ -f /run/network-interface-security ] && exit 0 # already ran
+ [ -d /rofs/etc/apparmor.d ] && exit 0 # do not load on liveCD
+ [ -d /sys/module/apparmor ] || exit 0 # do not load without AppArmor
+ [ -x /sbin/apparmor_parser ] || exit 0 # do not load without parser
+ for link in /etc/apparmor/init/network-interface-security/* ; do
+ [ -L $link ] && /sbin/apparmor_parser -r -W $link || true
+ done
+ > /run/network-interface-security
+end script
--- /dev/null
+# network-interface - configure network device
+#
+# This service causes network devices to be brought up or down as a result
+# of hardware being added or removed, including that which isn't ordinarily
+# removable.
+
+description "configure network device"
+
+emits net-device-up
+emits net-device-down
+emits static-network-up
+
+start on net-device-added
+stop on net-device-removed INTERFACE=$INTERFACE
+
+instance $INTERFACE
+export INTERFACE
+
+pre-start script
+ if [ "$INTERFACE" = lo ]; then
+ # bring this up even if /etc/network/interfaces is broken
+ ifconfig lo 127.0.0.1 up || true
+ initctl emit -n net-device-up \
+ IFACE=lo LOGICAL=lo ADDRFAM=inet METHOD=loopback || true
+ fi
+ mkdir -p /run/network
+ ifup --allow auto $INTERFACE
+ ifup --allow hotplug $INTERFACE
+end script
+
+post-stop script
+ ifdown --force --allow auto $INTERFACE
+ ifdown --force --allow hotplug $INTERFACE
+end script
--- /dev/null
+# networking - configure virtual network devices
+#
+# This task causes virtual network devices that do not have an associated
+# kernel object to be started on boot.
+
+description "configure virtual network devices"
+
+emits static-network-up
+emits net-device-up
+emits deconfiguring-networking
+
+start on (local-filesystems
+ and (stopped udevtrigger or container)) or runlevel [2345] or stopped networking RESULT=failed PROCESS=post-stop EXIT_STATUS=100
+stop on unmounted-remote-filesystems
+
+pre-start script
+ if [ "$UPSTART_EVENTS" = "stopped" ] && [ "$UPSTART_JOB" = "networking" ] && [ "$EXIT_STATUS" = "100" ]; then
+ exit 0
+ fi
+
+ mkdir -p /run/network
+ ifup -a
+end script
+
+post-stop script
+ if [ -z "$UPSTART_STOP_EVENTS" ]; then
+ echo "Stopping or restarting the networking job is not supported."
+ echo "Use ifdown & ifup to reconfigure desired interface."
+ exit 100
+ fi
+
+ log_warning_msg() {
+ echo $*
+ }
+
+ # These checks were taken from the Debian ifupdown.networking.init script
+ check_network_file_systems() {
+ [ -e /proc/mounts ] || return 0
+
+ if [ -e /etc/iscsi/iscsi.initramfs ]; then
+ log_warning_msg "not deconfiguring network interfaces: iSCSI root is mounted."
+ exit 0
+ fi
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network devices still mounted."
+ exit 0
+ ;;
+ esac
+ case $FSTYPE in
+ nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs|pvfs|pvfs2|fuse.httpfs|fuse.curlftpfs)
+ log_warning_msg "not deconfiguring network interfaces: network file systems still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/mounts
+ }
+
+ check_network_swap() {
+ [ -e /proc/swaps ] || return 0
+
+ while read DEV MTPT FSTYPE REST; do
+ case $DEV in
+ /dev/nbd*|/dev/nd[a-z]*|/dev/etherd/e*)
+ log_warning_msg "not deconfiguring network interfaces: network swap still mounted."
+ exit 0
+ ;;
+ esac
+ done < /proc/swaps
+ }
+
+ check_network_file_systems
+ check_network_swap
+
+ # Anything that manages network interfaces *MUST* wait for this event
+ initctl emit deconfiguring-networking
+ ifdown -a --exclude=lo
+end script
--- /dev/null
+# php5-fpm - The PHP FastCGI Process Manager
+
+description "The PHP FastCGI Process Manager"
+author "Ondřej Surý <ondrej@debian.org>"
+
+start on runlevel [2345]
+stop on runlevel [016]
+
+reload signal USR2
+
+pre-start exec /usr/lib/php5/php5-fpm-checkconf
+
+respawn
+exec /usr/sbin/php5-fpm --nodaemonize --fpm-config /etc/php5/fpm/php-fpm.conf
--- /dev/null
+description "Salt Minion"
+
+start on (net-device-up
+ and local-filesystems
+ and runlevel [2345])
+stop on runlevel [!2345]
+
+# The respawn in the minion is known to cause problems
+# because if the main minion process dies it has done
+# so most likely for a good reason. Uncomment these
+# two lines to enable respawn
+#respawn
+#respawn limit 10 5
+
+script
+ # Read configuration variable file if it is present
+ [ -f /etc/default/$UPSTART_JOB ] && . /etc/default/$UPSTART_JOB
+
+ # Activate the virtualenv if defined
+ [ -f $SALT_USE_VIRTUALENV/bin/activate ] && . $SALT_USE_VIRTUALENV/bin/activate
+
+ exec salt-minion
+end script
--- /dev/null
+# ssh - OpenBSD Secure Shell server
+#
+# The OpenSSH server provides secure shell access to the system.
+
+description "OpenSSH server"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+respawn limit 10 5
+umask 022
+
+env SSH_SIGSTOP=1
+expect stop
+
+# 'sshd -D' leaks stderr and confuses things in conjunction with 'console log'
+console none
+
+pre-start script
+ test -x /usr/sbin/sshd || { stop; exit 0; }
+ test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
+
+ mkdir -p -m0755 /var/run/sshd
+end script
+
+# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
+# 'exec' line here instead
+exec /usr/sbin/sshd -D
--- /dev/null
+# startpar-bridge - inject upstart start/stop events into startpar
+#
+# This job serves as a bridge to make startpar aware when an upstart job has
+# started or stopped, in order to make a soft transition between sysvinit
+# scripts and upstart jobs possible
+
+description "startpar bridge for notification of upstart job start/stop"
+author "Steve Langasek <steve.langasek@ubuntu.com>"
+
+start on started JOB!=startpar-bridge or stopped JOB!=startpar-bridge
+instance $JOB-$INSTANCE-$UPSTART_EVENTS
+
+task
+
+exec /lib/startpar/startpar-upstart-inject "$JOB" "$INSTANCE" "$UPSTART_EVENTS"
--- /dev/null
+# fallback-graphics - take actions to initiate fallback graphics
+#
+# if we have cold plugged everything and not yet seen a valid graphics
+# device,
+# shove a fallback framebuffer into the mix and hope for the best.
+
+description "load fallback graphics devices"
+
+# We only want this job to happen once per boot, hence 'startup and ...'.
+start on (startup and
+ (graphics-device-added PRIMARY_DEVICE_FOR_DISPLAY=1
+ or drm-device-added PRIMARY_DEVICE_FOR_DISPLAY=1
+ or stopped udevtrigger or container))
+
+task
+
+script
+ if [ "$PRIMARY_DEVICE_FOR_DISPLAY" = "" ]; then
+ modprobe -q -b vesafb
+ fi
+end script
--- /dev/null
+# udev-finish - save udev log and update rules
+#
+# While udev runs we not only create the log file of initial device
+# creation but udev rules may be generated, we need to copy both of
+# these out of /dev and onto the root filesystem.
+
+description "save udev log and update rules"
+
+start on (startup
+ and filesystem
+ and started udev
+ and stopped udevtrigger
+ and stopped udevmonitor)
+
+pre-start script
+ # Save udev log in /var/log/udev
+ if [ -e /dev/.udev.log ]
+ then
+ mv -f /dev/.udev.log /var/log/udev || :
+ fi
+
+ # Copy any rules generated while the root filesystem was read-only
+ /lib/udev/udev-finish
+end script
--- /dev/null
+# udev - device node and kernel event manager
+#
+# The udev daemon receives events from the kernel about changes in the
+# /sys filesystem and manages the /dev filesystem.
+
+description "device node and kernel event manager"
+
+start on virtual-filesystems
+stop on runlevel [06]
+
+expect fork
+respawn
+
+exec /lib/systemd/systemd-udevd --daemon
--- /dev/null
+# udevmonitor - log initial device creation
+#
+# The set of devices created in the "cold plug" pass is generally
+# useful for debugging, so we monitor this and create a log file
+# from that.
+
+description "log initial device creation"
+
+start on (startup
+ and starting udevtrigger)
+stop on stopped udevtrigger
+
+exec /sbin/udevadm monitor -e >/dev/.udev.log
--- /dev/null
+# udevtrigger - cold plug devices
+#
+# By the time udevd starts, we've already missed all of the events for
+# the devices populated in /sys. This task causes the kernel to resend
+# them.
+
+description "cold plug devices"
+
+start on (startup
+ and started udev
+ and not-container)
+
+task
+
+exec udevadm trigger --action=add
+post-stop exec udevadm settle
--- /dev/null
+# ulogd2 - Netfilter Userspace Logging Daemon
+#
+# ulogd is an advanced netfilter logging daemon.
+
+description "Netfilter Userspace Logging Daemon"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+expect fork
+respawn
+
+exec /usr/sbin/ulogd --daemon --uid ulog
--- /dev/null
+#
+# initramfs.conf
+# Configuration file for mkinitramfs(8). See initramfs.conf(5).
+#
+# Note that configuration options from this file can be overridden
+# by config files in the /etc/initramfs-tools/conf.d directory.
+
+#
+# MODULES: [ most | netboot | dep | list ]
+#
+# most - Add most filesystem and all harddrive drivers.
+#
+# dep - Try and guess which modules to load.
+#
+# netboot - Add the base modules, network modules, but skip block devices.
+#
+# list - Only include modules from the 'additional modules' list
+#
+
+MODULES=most
+
+#
+# BUSYBOX: [ y | n ]
+#
+# Use busybox if available.
+#
+
+BUSYBOX=y
+
+#
+# KEYMAP: [ y | n ]
+#
+# Load a keymap during the initramfs stage.
+#
+
+KEYMAP=n
+
+#
+# COMPRESS: [ gzip | bzip2 | lzma | lzop | xz ]
+#
+
+COMPRESS=gzip
+
+#
+# NFS Section of the config.
+#
+
+#
+# DEVICE: ...
+#
+# Specify a specific network interface, like eth0
+# Overridden by optional ip= bootarg
+#
+
+DEVICE=
+
+#
+# NFSROOT: [ auto | HOST:MOUNT ]
+#
+
+NFSROOT=auto
+
--- /dev/null
+# List of modules that you want to include in your initramfs.
+# They will be loaded at boot time in the order below.
+#
+# Syntax: module_name [args ...]
+#
+# You must run update-initramfs(8) to effect this change.
+#
+# Examples:
+#
+# raid1
+# sd_mod
--- /dev/null
+#
+# Configuration file for update-initramfs(8)
+#
+
+#
+# update_initramfs [ yes | all | no ]
+#
+# Default is yes
+# If set to all update-initramfs will update all initramfs
+# If set to no disables any update to initramfs beside kernel upgrade
+
+update_initramfs=yes
+
+#
+# backup_initramfs [ yes | no ]
+#
+# Default is no
+# If set to no leaves no .bak backup files.
+
+backup_initramfs=no
--- /dev/null
+# /etc/inputrc - global inputrc for libreadline
+# See readline(3readline) and `info rluserman' for more information.
+
+# Be 8 bit clean.
+set input-meta on
+set output-meta on
+
+# To allow the use of 8bit-characters like the german umlauts, uncomment
+# the line below. However this makes the meta key not work as a meta key,
+# which is annoying to those which don't need to type in 8-bit characters.
+
+# set convert-meta off
+
+# try to enable the application keypad when it is called. Some systems
+# need this to enable the arrow keys.
+# set enable-keypad on
+
+# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
+
+# do not bell on tab-completion
+# set bell-style none
+# set bell-style visible
+
+# some defaults / modifications for the emacs mode
+$if mode=emacs
+
+# allow the use of the Home/End keys
+"\e[1~": beginning-of-line
+"\e[4~": end-of-line
+
+# allow the use of the Delete/Insert keys
+"\e[3~": delete-char
+"\e[2~": quoted-insert
+
+# mappings for "page up" and "page down" to step to the beginning/end
+# of the history
+# "\e[5~": beginning-of-history
+# "\e[6~": end-of-history
+
+# alternate mappings for "page up" and "page down" to search the history
+"\e[5~": history-search-backward
+"\e[6~": history-search-forward
+
+# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
+"\e[1;5C": forward-word
+"\e[1;5D": backward-word
+"\e[5C": forward-word
+"\e[5D": backward-word
+"\e\e[C": forward-word
+"\e\e[D": backward-word
+
+$if term=rxvt
+"\e[7~": beginning-of-line
+"\e[8~": end-of-line
+"\eOc": forward-word
+"\eOd": backward-word
+$endif
+
+# for non RH/Debian xterm, can't hurt for RH/Debian xterm
+# "\eOH": beginning-of-line
+# "\eOF": end-of-line
+
+# for freebsd console
+# "\e[H": beginning-of-line
+# "\e[F": end-of-line
+
+$endif
--- /dev/null
+#
+# All local filesystems are mounted (done during boot phase)
+#
+$local_fs +mountall +mountall-bootclean +mountoverflowtmp +umountfs
+
+#
+# Low level networking (ethernet card)
+#
+$network +networking +ifupdown
+
+#
+# Named is operational
+#
+$named +named +dnsmasq +lwresd +bind9 +unbound $network
+
+#
+# All remote filesystems are mounted (note in some cases /usr may
+# be remote. Most applications that care will probably require
+# both $local_fs and $remote_fs)
+#
+$remote_fs $local_fs +mountnfs +mountnfs-bootclean +umountnfs +sendsigs
+
+#
+# System logger is operational
+#
+$syslog +rsyslog +sysklogd +syslog-ng +dsyslog +inetutils-syslogd
+
+#
+# The system time has been set correctly
+#
+$time +hwclock
+
+#
+# Services which need to be interactive
+#
+<interactive> glibc udev console-screen keymap keyboard-setup console-setup cryptdisks cryptdisks-early checkfs-loop
--- /dev/null
+$mail-transport-agent postfix
--- /dev/null
+# lookup table for ematch kinds
+1 cmp
+2 nbyte
+3 u32
+4 meta
+7 canid
+8 ipset
--- /dev/null
+# device group names
+0 default
--- /dev/null
+0x00 default
+0x10 lowdelay
+0x08 throughput
+0x04 reliability
+# This value overlap with ECT, do not use it!
+0x02 mincost
+# These values seems do not want to die, Cisco likes them by a strange reason.
+0x20 priority
+0x40 immediate
+0x60 flash
+0x80 flash-override
+0xa0 critical
+0xc0 internet
+0xe0 network
+# Newer RFC2597 values
+0x28 AF11
+0x30 AF12
+0x38 AF13
+0x48 AF21
+0x50 AF22
+0x58 AF23
+0x68 AF31
+0x70 AF32
+0x78 AF33
+0x88 AF41
+0x90 AF42
+0x98 AF43
--- /dev/null
+#
+# Reserved protocols.
+#
+0 unspec
+1 redirect
+2 kernel
+3 boot
+4 static
+8 gated
+9 ra
+10 mrt
+11 zebra
+12 bird
+13 dnrouted
+14 xorp
+15 ntk
+16 dhcp
+
+#
+# Used by me for gated
+#
+254 gated/aggr
+253 gated/bgp
+252 gated/ospf
+251 gated/ospfase
+250 gated/rip
+249 gated/static
+248 gated/conn
+247 gated/inet
+246 gated/default
--- /dev/null
+#
+# reserved values
+#
+0 cosmos
+#
+# local
+#
+#1 inr.ac
+#2 inr.ruhep
+#3 freenet
+#4 radio-msu
+#5 russia
+#6 internet
--- /dev/null
+#
+# reserved values
+#
+0 global
+255 nowhere
+254 host
+253 link
+#
+# pseudo-reserved
+#
+200 site
--- /dev/null
+#
+# reserved values
+#
+255 local
+254 main
+253 default
+0 unspec
+#
+# local
+#
+#1 inr.ruhep
--- /dev/null
+# Generated by iptables-save v1.4.21 on Thu Jul 21 20:45:09 2016
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [66:12517]
+:fail2ban-dovecot - [0:0]
+:fail2ban-postfix - [0:0]
+:fail2ban-roundcube - [0:0]
+:fail2ban-sshd - [0:0]
+:fail2ban-sshd-ddos - [0:0]
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j fail2ban-postfix
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j fail2ban-dovecot
+-A INPUT -p tcp -m multiport --dports 80,443,25,587,110,995,143,993,4190 -j fail2ban-roundcube
+-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-sshd-ddos
+-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-sshd
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -p udp -m udp --dport 68 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT
+-A INPUT -j NFLOG --nflog-prefix "INPUT Reject " --nflog-threshold 1
+-A INPUT -j REJECT --reject-with icmp-port-unreachable
+-A fail2ban-dovecot -j RETURN
+-A fail2ban-postfix -j RETURN
+-A fail2ban-roundcube -j RETURN
+-A fail2ban-sshd -j RETURN
+-A fail2ban-sshd-ddos -j RETURN
+COMMIT
+# Completed on Thu Jul 21 20:45:09 2016
--- /dev/null
+# Generated by ip6tables-save v1.4.21 on Thu Jul 21 20:45:09 2016
+*filter
+:INPUT DROP [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [9295:795073]
+-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED -j ACCEPT
+-A INPUT -p ipv6-icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 25,465,587 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
+-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT
+-A INPUT -j NFLOG --nflog-prefix "IPv6 INPUT Reject " --nflog-threshold 1
+-A INPUT -j REJECT --reject-with icmp6-port-unreachable
+COMMIT
+# Completed on Thu Jul 21 20:45:09 2016
--- /dev/null
+0.9.5-1 # Get professional upgrade support from iRedMail Team: http://www.iredmail.org/support.html
--- /dev/null
+#
+# Open-iSCSI default configuration.
+# Could be located at /etc/iscsi/iscsid.conf or ~/.iscsid.conf
+#
+# Note: To set any of these values for a specific node/session run
+# the iscsiadm --mode node --op command for the value. See the README
+# and man page for iscsiadm for details on the --op command.
+#
+
+######################
+# iscsid daemon config
+######################
+# If you want iscsid to start the first time a iscsi tool
+# needs to access it, instead of starting it when the init
+# scripts run, set the iscsid startup command here. This
+# should normally only need to be done by distro package
+# maintainers.
+#
+# Default for Fedora and RHEL. (uncomment to activate).
+# iscsid.startup = /etc/rc.d/init.d/iscsid force-start
+#
+# Default for upstream open-iscsi scripts (uncomment to activate).
+iscsid.startup = /usr/sbin/iscsid
+
+
+#############################
+# NIC/HBA and driver settings
+#############################
+# open-iscsi can create a session and bind it to a NIC/HBA.
+# To set this up see the example iface config file.
+
+#*****************
+# Startup settings
+#*****************
+
+# To request that the iscsi initd scripts startup a session set to "automatic".
+# node.startup = automatic
+#
+# To manually startup the session set to "manual". The default is manual.
+node.startup = manual
+
+# For "automatic" startup nodes, setting this to "Yes" will try logins on each
+# available iface until one succeeds, and then stop. The default "No" will try
+# logins on all availble ifaces simultaneously.
+node.leading_login = No
+
+# *************
+# CHAP Settings
+# *************
+
+# To enable CHAP authentication set node.session.auth.authmethod
+# to CHAP. The default is None.
+#node.session.auth.authmethod = CHAP
+
+# To set a CHAP username and password for initiator
+# authentication by the target(s), uncomment the following lines:
+#node.session.auth.username = username
+#node.session.auth.password = password
+
+# To set a CHAP username and password for target(s)
+# authentication by the initiator, uncomment the following lines:
+#node.session.auth.username_in = username_in
+#node.session.auth.password_in = password_in
+
+# To enable CHAP authentication for a discovery session to the target
+# set discovery.sendtargets.auth.authmethod to CHAP. The default is None.
+#discovery.sendtargets.auth.authmethod = CHAP
+
+# To set a discovery session CHAP username and password for the initiator
+# authentication by the target(s), uncomment the following lines:
+#discovery.sendtargets.auth.username = username
+#discovery.sendtargets.auth.password = password
+
+# To set a discovery session CHAP username and password for target(s)
+# authentication by the initiator, uncomment the following lines:
+#discovery.sendtargets.auth.username_in = username_in
+#discovery.sendtargets.auth.password_in = password_in
+
+# ********
+# Timeouts
+# ********
+#
+# See the iSCSI REAME's Advanced Configuration section for tips
+# on setting timeouts when using multipath or doing root over iSCSI.
+#
+# To specify the length of time to wait for session re-establishment
+# before failing SCSI commands back to the application when running
+# the Linux SCSI Layer error handler, edit the line.
+# The value is in seconds and the default is 120 seconds.
+# Special values:
+# - If the value is 0, IO will be failed immediately.
+# - If the value is less than 0, IO will remain queued until the session
+# is logged back in, or until the user runs the logout command.
+node.session.timeo.replacement_timeout = 120
+
+# To specify the time to wait for login to complete, edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.conn[0].timeo.login_timeout = 15
+
+# To specify the time to wait for logout to complete, edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.conn[0].timeo.logout_timeout = 15
+
+# Time interval to wait for on connection before sending a ping.
+node.conn[0].timeo.noop_out_interval = 5
+
+# To specify the time to wait for a Nop-out response before failing
+# the connection, edit this line. Failing the connection will
+# cause IO to be failed back to the SCSI layer. If using dm-multipath
+# this will cause the IO to be failed to the multipath layer.
+node.conn[0].timeo.noop_out_timeout = 5
+
+# To specify the time to wait for abort response before
+# failing the operation and trying a logical unit reset edit the line.
+# The value is in seconds and the default is 15 seconds.
+node.session.err_timeo.abort_timeout = 15
+
+# To specify the time to wait for a logical unit response
+# before failing the operation and trying session re-establishment
+# edit the line.
+# The value is in seconds and the default is 30 seconds.
+node.session.err_timeo.lu_reset_timeout = 30
+
+# To specify the time to wait for a target response
+# before failing the operation and trying session re-establishment
+# edit the line.
+# The value is in seconds and the default is 30 seconds.
+node.session.err_timeo.tgt_reset_timeout = 30
+
+
+#******
+# Retry
+#******
+
+# To specify the number of times iscsid should retry a login
+# if the login attempt fails due to the node.conn[0].timeo.login_timeout
+# expiring modify the following line. Note that if the login fails
+# quickly (before node.conn[0].timeo.login_timeout fires) because the network
+# layer or the target returns an error, iscsid may retry the login more than
+# node.session.initial_login_retry_max times.
+#
+# This retry count along with node.conn[0].timeo.login_timeout
+# determines the maximum amount of time iscsid will try to
+# establish the initial login. node.session.initial_login_retry_max is
+# multiplied by the node.conn[0].timeo.login_timeout to determine the
+# maximum amount.
+#
+# The default node.session.initial_login_retry_max is 8 and
+# node.conn[0].timeo.login_timeout is 15 so we have:
+#
+# node.conn[0].timeo.login_timeout * node.session.initial_login_retry_max =
+# 120 seconds
+#
+# Valid values are any integer value. This only
+# affects the initial login. Setting it to a high value can slow
+# down the iscsi service startup. Setting it to a low value can
+# cause a session to not get logged into, if there are distuptions
+# during startup or if the network is not ready at that time.
+node.session.initial_login_retry_max = 8
+
+################################
+# session and device queue depth
+################################
+
+# To control how many commands the session will queue set
+# node.session.cmds_max to an integer between 2 and 2048 that is also
+# a power of 2. The default is 128.
+node.session.cmds_max = 128
+
+# To control the device's queue depth set node.session.queue_depth
+# to a value between 1 and 1024. The default is 32.
+node.session.queue_depth = 32
+
+##################################
+# MISC SYSTEM PERFORMANCE SETTINGS
+##################################
+
+# For software iscsi (iscsi_tcp) and iser (ib_iser) each session
+# has a thread used to transmit or queue data to the hardware. For
+# cxgb3i you will get a thread per host.
+#
+# Setting the thread's priority to a lower value can lead to higher throughput
+# and lower latencies. The lowest value is -20. Setting the priority to
+# a higher value, can lead to reduced IO performance, but if you are seeing
+# the iscsi or scsi threads dominate the use of the CPU then you may want
+# to set this value higher.
+#
+# Note: For cxgb3i you must set all sessions to the same value, or the
+# behavior is not defined.
+#
+# The default value is -20. The setting must be between -20 and 20.
+node.session.xmit_thread_priority = -20
+
+
+#***************
+# iSCSI settings
+#***************
+
+# To enable R2T flow control (i.e., the initiator must wait for an R2T
+# command before sending any data), uncomment the following line:
+#
+#node.session.iscsi.InitialR2T = Yes
+#
+# To disable R2T flow control (i.e., the initiator has an implied
+# initial R2T of "FirstBurstLength" at offset 0), uncomment the following line:
+#
+# The defaults is No.
+node.session.iscsi.InitialR2T = No
+
+#
+# To disable immediate data (i.e., the initiator does not send
+# unsolicited data with the iSCSI command PDU), uncomment the following line:
+#
+#node.session.iscsi.ImmediateData = No
+#
+# To enable immediate data (i.e., the initiator sends unsolicited data
+# with the iSCSI command packet), uncomment the following line:
+#
+# The default is Yes
+node.session.iscsi.ImmediateData = Yes
+
+# To specify the maximum number of unsolicited data bytes the initiator
+# can send in an iSCSI PDU to a target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 262144
+node.session.iscsi.FirstBurstLength = 262144
+
+# To specify the maximum SCSI payload that the initiator will negotiate
+# with the target for, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the defauls it 16776192
+node.session.iscsi.MaxBurstLength = 16776192
+
+# To specify the maximum number of data bytes the initiator can receive
+# in an iSCSI PDU from a target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 262144
+node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
+
+# To specify the maximum number of data bytes the initiator will send
+# in an iSCSI PDU to the target, edit the following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1).
+# Zero is a special case. If set to zero, the initiator will use
+# the target's MaxRecvDataSegmentLength for the MaxXmitDataSegmentLength.
+# The default is 0.
+node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
+
+# To specify the maximum number of data bytes the initiator can receive
+# in an iSCSI PDU from a target during a discovery session, edit the
+# following line.
+#
+# The value is the number of bytes in the range of 512 to (2^24-1) and
+# the default is 32768
+#
+discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
+
+# To allow the targets to control the setting of the digest checking,
+# with the initiator requesting a preference of enabling the checking, uncomment# one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = CRC32C,None
+#node.conn[0].iscsi.DataDigest = CRC32C,None
+#
+# To allow the targets to control the setting of the digest checking,
+# with the initiator requesting a preference of disabling the checking,
+# uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = None,CRC32C
+#node.conn[0].iscsi.DataDigest = None,CRC32C
+#
+# To enable CRC32C digest checking for the header and/or data part of
+# iSCSI PDUs, uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = CRC32C
+#node.conn[0].iscsi.DataDigest = CRC32C
+#
+# To disable digest checking for the header and/or data part of
+# iSCSI PDUs, uncomment one or both of the following lines:
+#node.conn[0].iscsi.HeaderDigest = None
+#node.conn[0].iscsi.DataDigest = None
+#
+# The default is to never use DataDigests or HeaderDigests.
+#
+
+# For multipath configurations, you may want more than one session to be
+# created on each iface record. If node.session.nr_sessions is greater
+# than 1, performing a 'login' for that node will ensure that the
+# appropriate number of sessions is created.
+node.session.nr_sessions = 1
+
+#************
+# Workarounds
+#************
+
+# Some targets like IET prefer after an initiator has sent a task
+# management function like an ABORT TASK or LOGICAL UNIT RESET, that
+# it does not respond to PDUs like R2Ts. To enable this behavior uncomment
+# the following line (The default behavior is Yes):
+node.session.iscsi.FastAbort = Yes
+
+# Some targets like Equalogic prefer that after an initiator has sent
+# a task management function like an ABORT TASK or LOGICAL UNIT RESET, that
+# it continue to respond to R2Ts. To enable this uncomment this line
+# node.session.iscsi.FastAbort = No
--- /dev/null
+Debian GNU/Linux 8 \n \l
+
--- /dev/null
+Debian GNU/Linux 8
--- /dev/null
+#
+# This files tells the 'kbd' package:
+#
+# - whether to load a specific font and boot (and maybe a screen-font map,
+# but you should avoid that if possible).
+# - whether to setup an Application-Charset Map other than the default CP437.
+# - whether to do screen saver/DPMS settings
+# - whether to change the keyboard rate/delay or the state of the
+# keyboard indicators
+# - whether to show a clock
+#
+# You can also specify per-VC settings by suffixing variable names as in
+# the examples below. This only works on framebuffer devices.
+#
+# For consistency with the configuration file of console-tools the
+# following variables and their _vcN versions are also supported:
+# SCREEN_FONT, SCREEN_FONT_MAP and APP_CHARSET_MAP.
+#
+#
+# Example:
+#
+#CONSOLE_FONT=iso01.f16
+#CONSOLE_FONT_vc2=LatArCyrHeb-16
+#
+#CONSOLE_MAP=iso05
+#CONSOLE_MAP_vc2=user
+#
+# Set the following - more euro-friendly default than kernel font.
+#CONSOLE_FONT=latarcyrheb-sun16.psf
+
+# Forget this one unless you _know_ it is necessary for your font:
+#FONT_MAP=iso01
+
+# **** screen saver/DPMS settings: all VCs ****
+# These settings are commented by default to avoid the chance of damage to
+# very old monitors that don't support DPMS signalling.
+
+# screen blanking timeout. monitor remains on, but the screen is cleared to
+# range: 0-60 min (0==never) kernels I've looked at default to 10 minutes.
+# (see linux/drivers/char/console.c)
+BLANK_TIME=0
+
+# blanking method (VESA DPMS mode to use after BLANK_TIME, before powerdown):
+# on: the default, no DPMS signalling. near instant powerup, no power saving
+# vsync: DPMS Standby mode. nearly instant recovery, uses 110/120W (17" screen)
+# hsync: DPMS Suspend mode. typically 3s recovery, uses 15/120W (17" screen)
+# powerdown,off: DPMS Off mode, typ. 10s recovery, uses 5/120W (17" screen)
+
+# Those values are for my 17" Mag, but some monitors do suspend the same as
+# standby. xset dpms force {off|standby|suspend|on} is useful for this, if X
+# supports DPMS on your video card. Set X's DPMS screensaver with xset dpms
+# or use option power_saver in XF86Config
+#
+# DPMS set by default to on, because hsync can cause problems on certain
+# hardware, such as Armada E500 laptops
+BLANK_DPMS=off
+
+# Powerdown time. The console will go to DPMS Off mode POWERDOWN_TIME
+# minutes _after_ blanking. (POWERDOWN_TIME + BLANK_TIME after the last input)
+POWERDOWN_TIME=30
+
+# rate and delay can get only specific values, consult kbdrate(1) for help
+#KEYBOARD_RATE="30"
+#KEYBOARD_DELAY="250"
+
+# Turn on numlock by default
+#LEDS=+num
+
+# Display a clock in the right upper corner of the console by running vcstime
+#DO_VCSTIME=yes
--- /dev/null
+# This sed script is run across the dumpkeys output to remap keys on the console
+
+# This turns caps lock into control
+#s/keycode 58 = Caps_Lock/keycode 58 = Control/;
+
--- /dev/null
+# Kernel image management overrides
+# See kernel-img.conf(5) for details
+do_symlinks = yes
+do_bootloader = no
+do_initrd = yes
+link_in_boot = no
--- /dev/null
+#!/bin/sh
+set -e
+
+# Author: Steve Langasek <steve.langasek@canonical.com>
+#
+# Mark as not-for-autoremoval those kernel packages that are:
+# - the currently booted version
+# - the kernel version we've been called for
+# - the latest kernel version (determined using rules copied from the grub
+# package for deciding which kernel to boot)
+# - the second-latest kernel version, if the booted kernel version is
+# already the latest and this script is called for that same version,
+# to ensure a fallback remains available in the event the newly-installed
+# kernel at this ABI fails to boot
+# In the common case, this results in exactly two kernels saved, but it can
+# result in three kernels being saved. It's better to err on the side of
+# saving too many kernels than saving too few.
+#
+# We generate this list and save it to /etc/apt/apt.conf.d instead of marking
+# packages in the database because this runs from a postinst script, and apt
+# will overwrite the db when it exits.
+
+
+eval $(apt-config shell APT_CONF_D Dir::Etc::parts/d)
+test -n "${APT_CONF_D}" || APT_CONF_D="/etc/apt/apt.conf.d"
+config_file=${APT_CONF_D}/01autoremove-kernels
+
+eval $(apt-config shell DPKG Dir::bin::dpkg/f)
+test -n "$DPKG" || DPKG="/usr/bin/dpkg"
+
+installed_version="$1"
+running_version="$(uname -r)"
+
+
+version_test_gt ()
+{
+ local version_test_gt_sedexp="s/[._-]\(pre\|rc\|test\|git\|old\|trunk\)/~\1/g"
+ local version_a="`echo "$1" | sed -e "$version_test_gt_sedexp"`"
+ local version_b="`echo "$2" | sed -e "$version_test_gt_sedexp"`"
+ $DPKG --compare-versions "$version_a" gt "$version_b"
+ return "$?"
+}
+
+list="$(${DPKG} -l | awk '/^ii[ ]+(linux|kfreebsd|gnumach)-image-[0-9]+\./ && $2 !~ /-dbg$/ { print $2 }' | sed -e 's#\(linux\|kfreebsd\|gnumach\)-image-##')"
+
+latest_version=""
+previous_version=""
+for i in $list; do
+ if version_test_gt "$i" "$latest_version"; then
+ previous_version="$latest_version"
+ latest_version="$i"
+ elif version_test_gt "$i" "$previous_version"; then
+ previous_version="$i"
+ fi
+done
+
+if [ "$latest_version" != "$installed_version" ] \
+ || [ "$latest_version" != "$running_version" ] \
+ || [ "$installed_version" != "$running_version" ]
+then
+ # We have at least two kernels that we have reason to think the
+ # user wants, so don't save the second-newest version.
+ previous_version=
+fi
+
+kernels="$(echo "$latest_version
+$installed_version
+$running_version
+$previous_version" | sort -u | sed -e 's#\.#\\.#g' )"
+
+generateconfig() {
+ cat <<EOF
+// DO NOT EDIT! File autogenerated by $0
+APT::NeverAutoRemove
+{
+EOF
+ apt-config dump --no-empty --format '%v%n' 'APT::VersionedKernelPackages' | while read package; do
+ for kernel in $kernels; do
+ echo " \"^${package}-${kernel}$\";"
+ done
+ done
+ echo '};'
+}
+generateconfig > "${config_file}.dpkg-new"
+mv "${config_file}.dpkg-new" "$config_file"
--- /dev/null
+#!/bin/sh -e
+
+version="$1"
+bootopt=""
+
+[ -x /usr/sbin/update-initramfs ] || exit 0
+
+# passing the kernel version is required
+if [ -z "${version}" ]; then
+ echo >&2 "W: initramfs-tools: ${DPKG_MAINTSCRIPT_PACKAGE:-kernel package} did not pass a version number"
+ exit 2
+fi
+
+# exit if kernel does not need an initramfs
+if [ "$INITRD" = 'No' ]; then
+ exit 0
+fi
+
+# absolute file name of kernel image may be passed as a second argument;
+# create the initrd in the same directory
+if [ -n "$2" ]; then
+ bootdir=$(dirname "$2")
+ bootopt="-b ${bootdir}"
+fi
+
+# avoid running multiple times
+if [ -n "$DEB_MAINT_PARAMS" ]; then
+ eval set -- "$DEB_MAINT_PARAMS"
+ if [ -z "$1" ] || [ "$1" != "configure" ]; then
+ exit 0
+ fi
+fi
+
+# we're good - create initramfs. update runs do_bootloader
+INITRAMFS_TOOLS_KERNEL_HOOK=1 update-initramfs -c -t -k "${version}" ${bootopt} >&2
--- /dev/null
+#! /bin/sh
+set -e
+
+which update-grub >/dev/null 2>&1 || exit 0
+
+if type running-in-container >/dev/null 2>&1 && \
+ running-in-container >/dev/null; then
+ exit 0
+fi
+
+set -- $DEB_MAINT_PARAMS
+mode="${1#\'}"
+mode="${mode%\'}"
+case $0:$mode in
+ # Only run on postinst configure and postrm remove, to avoid wasting
+ # time by calling update-grub multiple times on upgrade and removal.
+ # Also run if we have no DEB_MAINT_PARAMS, in order to work with old
+ # kernel packages.
+ */postinst.d/*:|*/postinst.d/*:configure|*/postrm.d/*:|*/postrm.d/*:remove)
+ if [ -e /boot/grub/grub.cfg ]; then
+ exec update-grub
+ fi
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+version="$1"
+bootopt=""
+
+[ -x /usr/sbin/update-initramfs ] || exit 0
+
+# passing the kernel version is required
+if [ -z "${version}" ]; then
+ echo >&2 "W: initramfs-tools: ${DPKG_MAINTSCRIPT_PACKAGE:-kernel package} did not pass a version number"
+ exit 0
+fi
+
+# exit if custom kernel does not need an initramfs
+if [ "$INITRD" = 'No' ]; then
+ exit 0
+fi
+
+# absolute file name of kernel image may be passed as a second argument;
+# create the initrd in the same directory
+if [ -n "$2" ]; then
+ bootdir=$(dirname "$2")
+ bootopt="-b ${bootdir}"
+fi
+
+# avoid running multiple times
+if [ -n "$DEB_MAINT_PARAMS" ]; then
+ eval set -- "$DEB_MAINT_PARAMS"
+ if [ -z "$1" ] || [ "$1" != "remove" ]; then
+ exit 0
+ fi
+fi
+
+# delete initramfs
+INITRAMFS_TOOLS_KERNEL_HOOK=1 update-initramfs -d -t -k "${version}" ${bootopt} >&2
--- /dev/null
+#! /bin/sh
+set -e
+
+which update-grub >/dev/null 2>&1 || exit 0
+
+if type running-in-container >/dev/null 2>&1 && \
+ running-in-container >/dev/null; then
+ exit 0
+fi
+
+set -- $DEB_MAINT_PARAMS
+mode="${1#\'}"
+mode="${mode%\'}"
+case $0:$mode in
+ # Only run on postinst configure and postrm remove, to avoid wasting
+ # time by calling update-grub multiple times on upgrade and removal.
+ # Also run if we have no DEB_MAINT_PARAMS, in order to work with old
+ # kernel packages.
+ */postinst.d/*:|*/postinst.d/*:configure|*/postrm.d/*:|*/postrm.d/*:remove)
+ if [ -e /boot/grub/grub.cfg ]; then
+ exec update-grub
+ fi
+ ;;
+esac
+
+exit 0
--- /dev/null
+include /etc/ld.so.conf.d/*.conf
+
--- /dev/null
+# libc default configuration
+/usr/local/lib
--- /dev/null
+# Multiarch support
+/lib/x86_64-linux-gnu
+/usr/lib/x86_64-linux-gnu
--- /dev/null
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE dc=example,dc=com
+#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT 12
+#TIMELIMIT 15
+#DEREF never
+
+# TLS certificates (needed for GnuTLS)
+TLS_CACERT /etc/ssl/certs/ca-certificates.crt
+
--- /dev/null
+#--------------------------------------------------------------------------
+# LDAP Schema for amavisd-new Jacques Supcik, PhD
+#----------------------------- IP-Plus Internet Services
+# Release 1.2.2 Swisscom Enterprise Solutions Ltd
+# 30 May 2004 3050 Bern - Switzerland
+#--------------------------------------------------------------------------
+# Copyright (c) 2004 Jacques Supcik, Swisscom Enterprise Solutions Ltd.
+# Permission is granted to copy, distribute and/or modify this document
+# under the terms of the GNU Free Documentation License, Version 1.2
+# or any later version published by the Free Software Foundation;
+# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
+# A copy of the license is included in the section entitled "GNU
+# Free Documentation License".
+#--------------------------------------------------------------------------
+# Changes made to LDAP Schema to make it import and play nicely with
+# Novell NDS - Michael Tracey, SONOPRESS USA, LLC April 07 2005
+# ( uncomment each dn:, changetype:, add:, add X-NDS-NAME attribute, replace
+# "attributetype" by "attributetypes:" and "objectclasse" by "objectclasses:"
+# (plural,colon), and unwrap each attributetypes: and objectclasses: )
+#--------------------------------------------------------------------------
+# 1.3.6.1.4.1.15312 Jozef Stefan Institute's OID
+# 1.3.6.1.4.1.15312.2 amavisd-new
+# 1.3.6.1.4.1.15312.2.2 amavisd-new LDAP Elements
+# 1.3.6.1.4.1.15312.2.2.1 AttributeTypes
+# 1.3.6.1.4.1.15312.2.2.2 ObjectClasses
+# 1.3.6.1.4.1.15312.2.2.3 Syntax Definitions
+#--------------------------------------------------------------------------
+
+# Attribute Types
+#-----------------
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.1
+ NAME 'amavisVirusLover'
+ DESC 'Virus Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.2
+ NAME 'amavisBannedFilesLover'
+ DESC 'Banned Files Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.3
+ NAME 'amavisBypassVirusChecks'
+ DESC 'Bypass Virus Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.4
+ NAME 'amavisBypassSpamChecks'
+ DESC 'Bypass Spam Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.5
+ NAME 'amavisSpamTagLevel'
+ DESC 'Spam Tag Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.6
+ NAME 'amavisSpamTag2Level'
+ DESC 'Spam Tag2 Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.7
+ NAME 'amavisSpamKillLevel'
+ DESC 'Spam Kill Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.8
+ NAME 'amavisSpamModifiesSubj'
+ DESC 'Modifies Subject on spam - no longer in use since 2.7.0'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.9
+ NAME 'amavisWhitelistSender'
+ DESC 'White List Sender'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.10
+ NAME 'amavisBlacklistSender'
+ DESC 'Black List Sender'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.11
+ NAME 'amavisSpamQuarantineTo'
+ DESC 'Spam Quarantine to'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.12
+ NAME 'amavisSpamLover'
+ DESC 'Spam Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.13
+ NAME 'amavisBadHeaderLover'
+ DESC 'Bad Header Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.14
+ NAME 'amavisBypassBannedChecks'
+ DESC 'Bypass Banned Files Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.15
+ NAME 'amavisBypassHeaderChecks'
+ DESC 'Bypass Header Check'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.16
+ NAME 'amavisVirusQuarantineTo'
+ DESC 'Virus quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.17
+ NAME 'amavisBannedQuarantineTo'
+ DESC 'Banned Files quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.18
+ NAME 'amavisBadHeaderQuarantineTo'
+ DESC 'Bad Header quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.19
+ NAME 'amavisLocal'
+ DESC 'Is user considered local'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.20
+ NAME 'amavisMessageSizeLimit'
+ DESC 'Message size limit'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.21
+ NAME 'amavisWarnVirusRecip'
+ DESC 'Notify virus recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.22
+ NAME 'amavisWarnBannedRecip'
+ DESC 'Notify banned file recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.23
+ NAME 'amavisWarnBadHeaderRecip'
+ DESC 'Notify bad header recipients'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.24
+ NAME 'amavisVirusAdmin'
+ DESC 'Virus admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.25
+ NAME 'amavisNewVirusAdmin'
+ DESC 'New virus admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.26
+ NAME 'amavisSpamAdmin'
+ DESC 'Spam admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.27
+ NAME 'amavisBannedAdmin'
+ DESC 'Banned file admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.28
+ NAME 'amavisBadHeaderAdmin'
+ DESC 'Bad header admin'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.29
+ NAME 'amavisBannedRuleNames'
+ DESC 'Banned rule names'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.30
+ NAME 'amavisSpamDsnCutoffLevel'
+ DESC 'Spam DSN Cutoff Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.31
+ NAME 'amavisSpamQuarantineCutoffLevel'
+ DESC 'Spam Quarantine Cutoff Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.32
+ NAME 'amavisSpamSubjectTag'
+ DESC 'Spam Subject Tag'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.33
+ NAME 'amavisSpamSubjectTag2'
+ DESC 'Spam Subject Tag2'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.34
+ NAME 'amavisArchiveQuarantineTo'
+ DESC 'Archive quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.35
+ NAME 'amavisAddrExtensionVirus'
+ DESC 'Address Extension for Virus'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.36
+ NAME 'amavisAddrExtensionSpam'
+ DESC 'Address Extension for Spam'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.37
+ NAME 'amavisAddrExtensionBanned'
+ DESC 'Address Extension for Banned'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.38
+ NAME 'amavisAddrExtensionBadHeader'
+ DESC 'Address Extension for Bad Header'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+# NEW since 2.7.0:
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.39
+ NAME 'amavisSpamTag3Level'
+ DESC 'Spam Tag3 Level'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.40
+ NAME 'amavisSpamSubjectTag3'
+ DESC 'Spam Subject Tag3'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.41
+ NAME 'amavisUncheckedQuarantineTo'
+ DESC 'Virus quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.42
+ NAME 'amavisCleanQuarantineTo'
+ DESC 'Clean quarantine location'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.43
+ NAME 'amavisUncheckedLover'
+ DESC 'Unchecked Files Lover'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.44
+ NAME 'amavisForwardMethod'
+ DESC 'Forward / next hop destination'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.45
+ NAME 'amavisSaUserConf'
+ DESC 'SpamAssassin user preferences configuration filename'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.46
+ NAME 'amavisSaUserName'
+ DESC 'SpamAssassin username (for Bayes and AWL lookups)'
+ EQUALITY caseExactIA5Match
+ SUBSTR caseExactSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+#dn: cn=schema
+#changetype: modify
+#add: attributetypes
+attributetype ( 1.3.6.1.4.1.15312.2.2.1.47
+ NAME 'amavisDisclaimerOptions'
+ DESC 'Altermime disclaimer map data'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
+ SINGLE-VALUE )
+
+
+# Classes
+#---------
+
+# amavisAccount
+# This class is an auxiliary class, this mean that the class will be added
+# to a structural class. Usually, the structural class is the class that
+# represent the mail account itself (e.g. an inetOrgPerson)
+
+#dn: cn=schema
+#changetype: modify
+#add: objectclasses
+objectclass ( 1.3.6.1.4.1.15312.2.2.2.1
+ NAME 'amavisAccount' AUXILIARY
+ DESC 'Amavisd Account'
+ SUP top
+ MAY ( amavisVirusLover $ amavisBypassVirusChecks $
+ amavisSpamLover $ amavisBypassSpamChecks $
+ amavisBannedFilesLover $ amavisBypassBannedChecks $
+ amavisBadHeaderLover $ amavisBypassHeaderChecks $
+ amavisSpamTagLevel $ amavisSpamTag2Level $ amavisSpamKillLevel $
+ amavisWhitelistSender $ amavisBlacklistSender $
+ amavisSpamQuarantineTo $ amavisVirusQuarantineTo $
+ amavisBannedQuarantineTo $ amavisBadHeaderQuarantineTo $
+ amavisArchiveQuarantineTo $
+ amavisSpamModifiesSubj $ amavisLocal $ amavisMessageSizeLimit $
+ amavisWarnVirusRecip $ amavisWarnBannedRecip $
+ amavisWarnBadHeaderRecip $ amavisVirusAdmin $ amavisNewVirusAdmin $
+ amavisSpamAdmin $ amavisBannedAdmin $ amavisBadHeaderAdmin $
+ amavisBannedRuleNames $
+ amavisSpamDsnCutoffLevel $ amavisSpamQuarantineCutoffLevel $
+ amavisSpamSubjectTag $ amavisSpamSubjectTag2 $
+ amavisAddrExtensionVirus $ amavisAddrExtensionSpam $
+ amavisAddrExtensionBanned $ amavisAddrExtensionBadHeader $
+ amavisSpamTag3Level $ amavisSpamSubjectTag3 $
+ amavisUncheckedQuarantineTo $ amavisCleanQuarantineTo $
+ amavisUncheckedLover $ amavisForwardMethod $
+ amavisSaUserConf $ amavisSaUserName $ amavisDisclaimerOptions $
+ cn $ description ) )
+
+#--------------------------------------------------------------------------
+#
+# GNU Free Documentation License
+# Version 1.2, November 2002
+#
+#
+# Copyright (C) 2000,2001,2002 Free Software Foundation, Inc.
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# Everyone is permitted to copy and distribute verbatim copies
+# of this license document, but changing it is not allowed.
+#
+#
+# 0. PREAMBLE
+#
+# The purpose of this License is to make a manual, textbook, or other
+# functional and useful document "free" in the sense of freedom: to
+# assure everyone the effective freedom to copy and redistribute it,
+# with or without modifying it, either commercially or noncommercially.
+# Secondarily, this License preserves for the author and publisher a way
+# to get credit for their work, while not being considered responsible
+# for modifications made by others.
+#
+# This License is a kind of "copyleft", which means that derivative
+# works of the document must themselves be free in the same sense. It
+# complements the GNU General Public License, which is a copyleft
+# license designed for free software.
+#
+# We have designed this License in order to use it for manuals for free
+# software, because free software needs free documentation: a free
+# program should come with manuals providing the same freedoms that the
+# software does. But this License is not limited to software manuals;
+# it can be used for any textual work, regardless of subject matter or
+# whether it is published as a printed book. We recommend this License
+# principally for works whose purpose is instruction or reference.
+#
+#
+# 1. APPLICABILITY AND DEFINITIONS
+#
+# This License applies to any manual or other work, in any medium, that
+# contains a notice placed by the copyright holder saying it can be
+# distributed under the terms of this License. Such a notice grants a
+# world-wide, royalty-free license, unlimited in duration, to use that
+# work under the conditions stated herein. The "Document", below,
+# refers to any such manual or work. Any member of the public is a
+# licensee, and is addressed as "you". You accept the license if you
+# copy, modify or distribute the work in a way requiring permission
+# under copyright law.
+#
+# A "Modified Version" of the Document means any work containing the
+# Document or a portion of it, either copied verbatim, or with
+# modifications and/or translated into another language.
+#
+# A "Secondary Section" is a named appendix or a front-matter section of
+# the Document that deals exclusively with the relationship of the
+# publishers or authors of the Document to the Document's overall subject
+# (or to related matters) and contains nothing that could fall directly
+# within that overall subject. (Thus, if the Document is in part a
+# textbook of mathematics, a Secondary Section may not explain any
+# mathematics.) The relationship could be a matter of historical
+# connection with the subject or with related matters, or of legal,
+# commercial, philosophical, ethical or political position regarding
+# them.
+#
+# The "Invariant Sections" are certain Secondary Sections whose titles
+# are designated, as being those of Invariant Sections, in the notice
+# that says that the Document is released under this License. If a
+# section does not fit the above definition of Secondary then it is not
+# allowed to be designated as Invariant. The Document may contain zero
+# Invariant Sections. If the Document does not identify any Invariant
+# Sections then there are none.
+#
+# The "Cover Texts" are certain short passages of text that are listed,
+# as Front-Cover Texts or Back-Cover Texts, in the notice that says that
+# the Document is released under this License. A Front-Cover Text may
+# be at most 5 words, and a Back-Cover Text may be at most 25 words.
+#
+# A "Transparent" copy of the Document means a machine-readable copy,
+# represented in a format whose specification is available to the
+# general public, that is suitable for revising the document
+# straightforwardly with generic text editors or (for images composed of
+# pixels) generic paint programs or (for drawings) some widely available
+# drawing editor, and that is suitable for input to text formatters or
+# for automatic translation to a variety of formats suitable for input
+# to text formatters. A copy made in an otherwise Transparent file
+# format whose markup, or absence of markup, has been arranged to thwart
+# or discourage subsequent modification by readers is not Transparent.
+# An image format is not Transparent if used for any substantial amount
+# of text. A copy that is not "Transparent" is called "Opaque".
+#
+# Examples of suitable formats for Transparent copies include plain
+# ASCII without markup, Texinfo input format, LaTeX input format, SGML
+# or XML using a publicly available DTD, and standard-conforming simple
+# HTML, PostScript or PDF designed for human modification. Examples of
+# transparent image formats include PNG, XCF and JPG. Opaque formats
+# include proprietary formats that can be read and edited only by
+# proprietary word processors, SGML or XML for which the DTD and/or
+# processing tools are not generally available, and the
+# machine-generated HTML, PostScript or PDF produced by some word
+# processors for output purposes only.
+#
+# The "Title Page" means, for a printed book, the title page itself,
+# plus such following pages as are needed to hold, legibly, the material
+# this License requires to appear in the title page. For works in
+# formats which do not have any title page as such, "Title Page" means
+# the text near the most prominent appearance of the work's title,
+# preceding the beginning of the body of the text.
+#
+# A section "Entitled XYZ" means a named subunit of the Document whose
+# title either is precisely XYZ or contains XYZ in parentheses following
+# text that translates XYZ in another language. (Here XYZ stands for a
+# specific section name mentioned below, such as "Acknowledgements",
+# "Dedications", "Endorsements", or "History".) To "Preserve the Title"
+# of such a section when you modify the Document means that it remains a
+# section "Entitled XYZ" according to this definition.
+#
+# The Document may include Warranty Disclaimers next to the notice which
+# states that this License applies to the Document. These Warranty
+# Disclaimers are considered to be included by reference in this
+# License, but only as regards disclaiming warranties: any other
+# implication that these Warranty Disclaimers may have is void and has
+# no effect on the meaning of this License.
+#
+#
+# 2. VERBATIM COPYING
+#
+# You may copy and distribute the Document in any medium, either
+# commercially or noncommercially, provided that this License, the
+# copyright notices, and the license notice saying this License applies
+# to the Document are reproduced in all copies, and that you add no other
+# conditions whatsoever to those of this License. You may not use
+# technical measures to obstruct or control the reading or further
+# copying of the copies you make or distribute. However, you may accept
+# compensation in exchange for copies. If you distribute a large enough
+# number of copies you must also follow the conditions in section 3.
+#
+# You may also lend copies, under the same conditions stated above, and
+# you may publicly display copies.
+#
+#
+# 3. COPYING IN QUANTITY
+#
+# If you publish printed copies (or copies in media that commonly have
+# printed covers) of the Document, numbering more than 100, and the
+# Document's license notice requires Cover Texts, you must enclose the
+# copies in covers that carry, clearly and legibly, all these Cover
+# Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
+# the back cover. Both covers must also clearly and legibly identify
+# you as the publisher of these copies. The front cover must present
+# the full title with all words of the title equally prominent and
+# visible. You may add other material on the covers in addition.
+# Copying with changes limited to the covers, as long as they preserve
+# the title of the Document and satisfy these conditions, can be treated
+# as verbatim copying in other respects.
+#
+# If the required texts for either cover are too voluminous to fit
+# legibly, you should put the first ones listed (as many as fit
+# reasonably) on the actual cover, and continue the rest onto adjacent
+# pages.
+#
+# If you publish or distribute Opaque copies of the Document numbering
+# more than 100, you must either include a machine-readable Transparent
+# copy along with each Opaque copy, or state in or with each Opaque copy
+# a computer-network location from which the general network-using
+# public has access to download using public-standard network protocols
+# a complete Transparent copy of the Document, free of added material.
+# If you use the latter option, you must take reasonably prudent steps,
+# when you begin distribution of Opaque copies in quantity, to ensure
+# that this Transparent copy will remain thus accessible at the stated
+# location until at least one year after the last time you distribute an
+# Opaque copy (directly or through your agents or retailers) of that
+# edition to the public.
+#
+# It is requested, but not required, that you contact the authors of the
+# Document well before redistributing any large number of copies, to give
+# them a chance to provide you with an updated version of the Document.
+#
+#
+# 4. MODIFICATIONS
+#
+# You may copy and distribute a Modified Version of the Document under
+# the conditions of sections 2 and 3 above, provided that you release
+# the Modified Version under precisely this License, with the Modified
+# Version filling the role of the Document, thus licensing distribution
+# and modification of the Modified Version to whoever possesses a copy
+# of it. In addition, you must do these things in the Modified Version:
+#
+# A. Use in the Title Page (and on the covers, if any) a title distinct
+# from that of the Document, and from those of previous versions
+# (which should, if there were any, be listed in the History section
+# of the Document). You may use the same title as a previous version
+# if the original publisher of that version gives permission.
+# B. List on the Title Page, as authors, one or more persons or entities
+# responsible for authorship of the modifications in the Modified
+# Version, together with at least five of the principal authors of the
+# Document (all of its principal authors, if it has fewer than five),
+# unless they release you from this requirement.
+# C. State on the Title page the name of the publisher of the
+# Modified Version, as the publisher.
+# D. Preserve all the copyright notices of the Document.
+# E. Add an appropriate copyright notice for your modifications
+# adjacent to the other copyright notices.
+# F. Include, immediately after the copyright notices, a license notice
+# giving the public permission to use the Modified Version under the
+# terms of this License, in the form shown in the Addendum below.
+# G. Preserve in that license notice the full lists of Invariant Sections
+# and required Cover Texts given in the Document's license notice.
+# H. Include an unaltered copy of this License.
+# I. Preserve the section Entitled "History", Preserve its Title, and add
+# to it an item stating at least the title, year, new authors, and
+# publisher of the Modified Version as given on the Title Page. If
+# there is no section Entitled "History" in the Document, create one
+# stating the title, year, authors, and publisher of the Document as
+# given on its Title Page, then add an item describing the Modified
+# Version as stated in the previous sentence.
+# J. Preserve the network location, if any, given in the Document for
+# public access to a Transparent copy of the Document, and likewise
+# the network locations given in the Document for previous versions
+# it was based on. These may be placed in the "History" section.
+# You may omit a network location for a work that was published at
+# least four years before the Document itself, or if the original
+# publisher of the version it refers to gives permission.
+# K. For any section Entitled "Acknowledgements" or "Dedications",
+# Preserve the Title of the section, and preserve in the section all
+# the substance and tone of each of the contributor acknowledgements
+# and/or dedications given therein.
+# L. Preserve all the Invariant Sections of the Document,
+# unaltered in their text and in their titles. Section numbers
+# or the equivalent are not considered part of the section titles.
+# M. Delete any section Entitled "Endorsements". Such a section
+# may not be included in the Modified Version.
+# N. Do not retitle any existing section to be Entitled "Endorsements"
+# or to conflict in title with any Invariant Section.
+# O. Preserve any Warranty Disclaimers.
+#
+# If the Modified Version includes new front-matter sections or
+# appendices that qualify as Secondary Sections and contain no material
+# copied from the Document, you may at your option designate some or all
+# of these sections as invariant. To do this, add their titles to the
+# list of Invariant Sections in the Modified Version's license notice.
+# These titles must be distinct from any other section titles.
+#
+# You may add a section Entitled "Endorsements", provided it contains
+# nothing but endorsements of your Modified Version by various
+# parties--for example, statements of peer review or that the text has
+# been approved by an organization as the authoritative definition of a
+# standard.
+#
+# You may add a passage of up to five words as a Front-Cover Text, and a
+# passage of up to 25 words as a Back-Cover Text, to the end of the list
+# of Cover Texts in the Modified Version. Only one passage of
+# Front-Cover Text and one of Back-Cover Text may be added by (or
+# through arrangements made by) any one entity. If the Document already
+# includes a cover text for the same cover, previously added by you or
+# by arrangement made by the same entity you are acting on behalf of,
+# you may not add another; but you may replace the old one, on explicit
+# permission from the previous publisher that added the old one.
+#
+# The author(s) and publisher(s) of the Document do not by this License
+# give permission to use their names for publicity for or to assert or
+# imply endorsement of any Modified Version.
+#
+#
+# 5. COMBINING DOCUMENTS
+#
+# You may combine the Document with other documents released under this
+# License, under the terms defined in section 4 above for modified
+# versions, provided that you include in the combination all of the
+# Invariant Sections of all of the original documents, unmodified, and
+# list them all as Invariant Sections of your combined work in its
+# license notice, and that you preserve all their Warranty Disclaimers.
+#
+# The combined work need only contain one copy of this License, and
+# multiple identical Invariant Sections may be replaced with a single
+# copy. If there are multiple Invariant Sections with the same name but
+# different contents, make the title of each such section unique by
+# adding at the end of it, in parentheses, the name of the original
+# author or publisher of that section if known, or else a unique number.
+# Make the same adjustment to the section titles in the list of
+# Invariant Sections in the license notice of the combined work.
+#
+# In the combination, you must combine any sections Entitled "History"
+# in the various original documents, forming one section Entitled
+# "History"; likewise combine any sections Entitled "Acknowledgements",
+# and any sections Entitled "Dedications". You must delete all sections
+# Entitled "Endorsements".
+#
+#
+# 6. COLLECTIONS OF DOCUMENTS
+#
+# You may make a collection consisting of the Document and other documents
+# released under this License, and replace the individual copies of this
+# License in the various documents with a single copy that is included in
+# the collection, provided that you follow the rules of this License for
+# verbatim copying of each of the documents in all other respects.
+#
+# You may extract a single document from such a collection, and distribute
+# it individually under this License, provided you insert a copy of this
+# License into the extracted document, and follow this License in all
+# other respects regarding verbatim copying of that document.
+#
+#
+# 7. AGGREGATION WITH INDEPENDENT WORKS
+#
+# A compilation of the Document or its derivatives with other separate
+# and independent documents or works, in or on a volume of a storage or
+# distribution medium, is called an "aggregate" if the copyright
+# resulting from the compilation is not used to limit the legal rights
+# of the compilation's users beyond what the individual works permit.
+# When the Document is included in an aggregate, this License does not
+# apply to the other works in the aggregate which are not themselves
+# derivative works of the Document.
+#
+# If the Cover Text requirement of section 3 is applicable to these
+# copies of the Document, then if the Document is less than one half of
+# the entire aggregate, the Document's Cover Texts may be placed on
+# covers that bracket the Document within the aggregate, or the
+# electronic equivalent of covers if the Document is in electronic form.
+# Otherwise they must appear on printed covers that bracket the whole
+# aggregate.
+#
+#
+# 8. TRANSLATION
+#
+# Translation is considered a kind of modification, so you may
+# distribute translations of the Document under the terms of section 4.
+# Replacing Invariant Sections with translations requires special
+# permission from their copyright holders, but you may include
+# translations of some or all Invariant Sections in addition to the
+# original versions of these Invariant Sections. You may include a
+# translation of this License, and all the license notices in the
+# Document, and any Warranty Disclaimers, provided that you also include
+# the original English version of this License and the original versions
+# of those notices and disclaimers. In case of a disagreement between
+# the translation and the original version of this License or a notice
+# or disclaimer, the original version will prevail.
+#
+# If a section in the Document is Entitled "Acknowledgements",
+# "Dedications", or "History", the requirement (section 4) to Preserve
+# its Title (section 1) will typically require changing the actual
+# title.
+#
+#
+# 9. TERMINATION
+#
+# You may not copy, modify, sublicense, or distribute the Document except
+# as expressly provided for under this License. Any other attempt to
+# copy, modify, sublicense or distribute the Document is void, and will
+# automatically terminate your rights under this License. However,
+# parties who have received copies, or rights, from you under this
+# License will not have their licenses terminated so long as such
+# parties remain in full compliance.
+#
+#
+# 10. FUTURE REVISIONS OF THIS LICENSE
+#
+# The Free Software Foundation may publish new, revised versions
+# of the GNU Free Documentation License from time to time. Such new
+# versions will be similar in spirit to the present version, but may
+# differ in detail to address new problems or concerns. See
+# http://www.gnu.org/copyleft/.
+#
+# Each version of the License is given a distinguishing version number.
+# If the Document specifies that a particular numbered version of this
+# License "or any later version" applies to it, you have the option of
+# following the terms and conditions either of that specified version or
+# of any later version that has been published (not as a draft) by the
+# Free Software Foundation. If the Document does not specify a version
+# number of this License, you may choose any version ever published (not
+# as a draft) by the Free Software Foundation.
--- /dev/null
+## some useful aliases
+alias dir ls
+alias less more
+alias zless zmore
+alias bzless bzmore
+alias reconnect "close; cache flush; cd ."
+alias edit "eval -f \"get $0 -o ~/.lftp/edit.tmp.$$ && shell \\\"cp -p ~/.lftp/edit.tmp.$$ ~/.lftp/edit.tmp.$$.orig && $EDITOR ~/.lftp/edit.tmp.$$ && test ~/.lftp/edit.tmp.$$ -nt ~/.lftp/edit.tmp.$$.orig\\\" && put ~/.lftp/edit.tmp.$$ -o $0; shell rm -f ~/.lftp/edit.tmp.$$*\""
+
+## make prompt look better
+set prompt "lftp \S\? \u\@\h:\w> "
+## some may prefer colors (contributed by Matthew <mwormald@optusnet.com.au>)
+#set prompt "\[\e[1;30m\][\[\e[0;34m\]f\[\e[1m\]t\[\e[37m\]p\[\e[30m\]] \[\e[34m\]\u\[\e[0;34m\]\@\[\e[1m\]\h\[\e[1;30m\]:\[\e[1;34m\]\w\[\e[1;30m\]>\[\e[0m\] "
+## Uncomment the following two lines to make switch cls and ls, making
+## cls the default.
+#alias ls command cls
+#alias hostls command ls
+
+## default protocol selection
+#set default-protocol/ftp.* ftp
+#set default-protocol/www.* http
+#set default-protocol/localhost file
+
+## this makes lftp faster but doesn't work with some sites/routers
+#set ftp:sync-mode off
+
+## synchronous mode for broken servers and/or routers
+set sync-mode/ftp.idsoftware.com on
+set sync-mode/ftp.microsoft.com on
+set sync-mode/sunsolve.sun.com on
+## extended regex to match first server message for automatic sync-mode.
+set auto-sync-mode "icrosoft FTP Service|MadGoat|MikroTik"
+
+## if default ftp passive mode does not work, try this:
+# set ftp:passive-mode off
+
+## Set this to follow http redirections
+set xfer:max-redirections 10
+
+## Proxy can help to pass a firewall
+## Environment variables ftp_proxy, http_proxy and no_proxy are used to
+## initialize the below variables automatically. You can set them here too.
+##
+## ftp:proxy must communicate with client over ftp protocol, squid won't do.
+## This can be e.g. TIS-FWTK or rftpd. User and password are optional.
+# set ftp:proxy ftp://[user:pass@]your_ftp_proxy:port
+## ...but squid still can be used to access ftp servers, using hftp protocol:
+# set ftp:proxy http://your.squid.address:port
+## ...if squid allows CONNECT to arbitrary ports, then you can use CONNECT
+## instead of hftp:
+# set ftp:use-hftp no
+##
+## no proxy for host
+# set ftp:proxy/local_host ""
+## or domain
+# set ftp:proxy/*.domain.com ...
+##
+## http:proxy must communicate with client over http protocol, e.g. squid.
+## Default port is 3128.
+# set http:proxy your_http_proxy[:port]
+## hftp:proxy must also be an http proxy. It is used for FTP over HTTP access.
+# set hftp:proxy your_http_proxy[:port]
+##
+## net:no-proxy disables proxy usage for list of domains.
+# set net:no-proxy .domain.com,.otherdom.net
+
+## If you don't have direct ftp access, this setting can be useful to select
+## hftp instead of ftp automatically.
+# set ftp:proxy http://your.http.proxy:port
+
+## This can be used for automatic saving of configuration
+# set at-exit "set > ~/.lftp/settings"
+# source ~/.lftp/settings
+
+## and this is for remembring last site
+## (combine with previous rule if you want)
+# set at-exit "bo a last"
+# open last
+
+## Terminal strings to set titlebars for terminals that don't
+## properly specify tsl and fsl capabilities.
+## Use cmd:set-term-status to enable this.
+set cmd:term-status/*screen* "\e_\T\e\\"
+set cmd:term-status/*xterm* "\e[11;0]\e]2;\T\007\e[11]"
+set cmd:term-status/*rxvt* "\e[11;0]\e]2;\T\007\e[11]"
+# set cmd:set-term-status on
+
+## If you don't like advertising lftp or servers hate it, set this:
+# set ftp:anon-pass "mozilla@"
+# set ftp:client ""
+# set http:user-agent "Mozilla/4.7 [en] (WinNT; I)"
+
+# try inet6 before inet
+set dns:order "inet6 inet"
+
--- /dev/null
+# This is the configuration file for libaudit tunables.
+# It is currently only used for the failure_action tunable.
+
+# failure_action can be: log, ignore, terminate
+failure_action = ignore
+
+
--- /dev/null
+###############################################################################
+#
+# ClassID <-> Name Translation Table
+#
+# This file can be used to assign names to classids for easier reference
+# in all libnl tools.
+#
+# Format:
+# <MAJ:> <NAME> # qdisc definition
+# <MAJ:MIN> <NAME> # class deifnition
+# <NAME:MIN> <NAME> # class definition referencing an
+# existing qdisc definition.
+#
+# Example:
+# 1: top # top -> 1:0
+# top:1 interactive # interactive -> 1:1
+# top:2 www # www -> 1:2
+# top:3 bulk # bulk -> 1:3
+# 2:1 test_class # test_class -> 2:1
+#
+# Illegal Example:
+# 30:1 classD
+# classD:2 invalidClass # classD refers to a class, not a qdisc
+#
+###############################################################################
+
+# <CLASSID> <NAME>
+
+# Reserved default classids
+0:0 none
+ffff:ffff root
+ffff:fff1 ingress
+
+#
+# List your classid definitions here:
+#
+
+
+
+###############################################################################
+# List of auto-generated classids
+#
+# DO NOT ADD CLASSID DEFINITIONS BELOW THIS LINE
+#
+# <CLASSID> <NAME>
--- /dev/null
+#
+# Location definitions for packet matching
+#
+
+# name alignment offset mask shift
+ip.version u8 net+0 0xF0 4
+ip.hdrlen u8 net+0 0x0F
+ip.diffserv u8 net+1
+ip.length u16 net+2
+ip.id u16 net+4
+ip.flag.res u8 net+6 0xff 7
+ip.df u8 net+6 0x40 6
+ip.mf u8 net+6 0x20 5
+ip.offset u16 net+6 0x1FFF
+ip.ttl u8 net+8
+ip.proto u8 net+9
+ip.chksum u16 net+10
+ip.src u32 net+12
+ip.dst u32 net+16
+
+# if ip.ihl > 5
+ip.opts u32 net+20
+
+
+#
+# IP version 6
+#
+# name alignment offset mask shift
+ip6.version u8 net+0 0xF0 4
+ip6.tc u16 net+0 0xFF0 4
+ip6.flowlabel u32 net+0 0xFFFFF
+ip6.length u16 net+4
+ip6.nexthdr u8 net+6
+ip6.hoplimit u8 net+7
+ip6.src 16 net+8
+ip6.dst 16 net+24
+
+#
+# Transmission Control Protocol (TCP)
+#
+# name alignment offset mask shift
+tcp.sport u16 tcp+0
+tcp.dport u16 tcp+2
+tcp.seq u32 tcp+4
+tcp.ack u32 tcp+8
+
+# Data offset (4 bits)
+tcp.off u8 tcp+12 0xF0 4
+
+# Reserved [0 0 0] (3 bits)
+tcp.reserved u8 tcp+12 0x04 1
+
+# ECN [N C E] (3 bits)
+tcp.ecn u16 tcp+12 0x01C00 6
+
+# Individual TCP flags (0|1) (6 bits in total)
+tcp.flag.urg u8 tcp+13 0x20 5
+tcp.flag.ack u8 tcp+13 0x10 4
+tcp.flag.psh u8 tcp+13 0x08 3
+tcp.flag.rst u8 tcp+13 0x04 2
+tpc.flag.syn u8 tcp+13 0x02 1
+tcp.flag.fin u8 tcp+13 0x01
+
+tcp.win u16 tcp+14
+tcp.csum u16 tcp+16
+tcp.urg u16 tcp+18
+tcp.opts u32 tcp+20
+
+#
+# User Datagram Protocol (UDP)
+#
+# name alignment offset mask shift
+udp.sport u16 tcp+0
+udp.dport u16 tcp+2
+udp.length u16 tcp+4
+udp.csum u16 tcp+6
--- /dev/null
+# Locale name alias data base.
+# Copyright (C) 1996-2014 Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+# The format of this file is the same as for the corresponding file of
+# the X Window System, which normally can be found in
+# /usr/lib/X11/locale/locale.alias
+# A single line contains two fields: an alias and a substitution value.
+# All entries are case independent.
+
+# Note: This file is obsolete and is kept around for the time being for
+# backward compatibility. Nobody should rely on the names defined here.
+# Locales should always be specified by their full name.
+
+bokmal nb_NO.ISO-8859-1
+bokmål nb_NO.ISO-8859-1
+catalan ca_ES.ISO-8859-1
+croatian hr_HR.ISO-8859-2
+czech cs_CZ.ISO-8859-2
+danish da_DK.ISO-8859-1
+dansk da_DK.ISO-8859-1
+deutsch de_DE.ISO-8859-1
+dutch nl_NL.ISO-8859-1
+eesti et_EE.ISO-8859-15
+estonian et_EE.ISO-8859-15
+finnish fi_FI.ISO-8859-1
+français fr_FR.ISO-8859-1
+french fr_FR.ISO-8859-1
+galego gl_ES.ISO-8859-1
+galician gl_ES.ISO-8859-1
+german de_DE.ISO-8859-1
+greek el_GR.ISO-8859-7
+hebrew he_IL.ISO-8859-8
+hrvatski hr_HR.ISO-8859-2
+hungarian hu_HU.ISO-8859-2
+icelandic is_IS.ISO-8859-1
+italian it_IT.ISO-8859-1
+japanese ja_JP.eucJP
+japanese.euc ja_JP.eucJP
+ja_JP ja_JP.eucJP
+ja_JP.ujis ja_JP.eucJP
+japanese.sjis ja_JP.SJIS
+korean ko_KR.eucKR
+korean.euc ko_KR.eucKR
+ko_KR ko_KR.eucKR
+lithuanian lt_LT.ISO-8859-13
+no_NO nb_NO.ISO-8859-1
+no_NO.ISO-8859-1 nb_NO.ISO-8859-1
+norwegian nb_NO.ISO-8859-1
+nynorsk nn_NO.ISO-8859-1
+polish pl_PL.ISO-8859-2
+portuguese pt_PT.ISO-8859-1
+romanian ro_RO.ISO-8859-2
+russian ru_RU.KOI8-R
+slovak sk_SK.ISO-8859-2
+slovene sl_SI.ISO-8859-2
+slovenian sl_SI.ISO-8859-2
+spanish es_ES.ISO-8859-1
+swedish sv_SE.ISO-8859-1
+thai th_TH.TIS-620
+turkish tr_TR.ISO-8859-9
--- /dev/null
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+de_AT.UTF-8 UTF-8
+
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+de_BE.UTF-8 UTF-8
+
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+de_CH.UTF-8 UTF-8
+
+# de_DE ISO-8859-1
+de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+de_LU.UTF-8 UTF-8
+
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+en_AU.UTF-8 UTF-8
+
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+en_CA.UTF-8 UTF-8
+
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+en_GB.UTF-8 UTF-8
+
+# en_HK ISO-8859-1
+en_HK.UTF-8 UTF-8
+
+# en_IE ISO-8859-1
+en_IE.UTF-8 UTF-8
+
+# en_IE@euro ISO-8859-15
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+en_NZ.UTF-8 UTF-8
+
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+en_ZA.UTF-8 UTF-8
+
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo ISO-8859-3
+# eo.UTF-8 UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# iw_IL ISO-8859-8
+# iw_IL.UTF-8 UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AN UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
+# en_US.UTF-8 UTF-8
+# de_DE.UTF-8 UTF-8
--- /dev/null
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+de_AT.UTF-8 UTF-8
+
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+de_BE.UTF-8 UTF-8
+
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+de_CH.UTF-8 UTF-8
+
+# de_DE ISO-8859-1
+de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+de_LU.UTF-8 UTF-8
+
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+en_AU.UTF-8 UTF-8
+
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+en_CA.UTF-8 UTF-8
+
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+en_GB.UTF-8 UTF-8
+
+# en_HK ISO-8859-1
+en_HK.UTF-8 UTF-8
+
+# en_IE ISO-8859-1
+en_IE.UTF-8 UTF-8
+
+# en_IE@euro ISO-8859-15
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+en_NZ.UTF-8 UTF-8
+
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo ISO-8859-3
+# eo.UTF-8 UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# iw_IL ISO-8859-8
+# iw_IL.UTF-8 UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AN UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
+# en_US.UTF-8 UTF-8
+# de_DE.UTF-8 UTF-8
--- /dev/null
+/usr/share/zoneinfo/Europe/Berlin
\ No newline at end of file
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: SelfCheck: Database status OK\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: Reading databases from .*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: Database correctly reloaded \([0-9]+ signatures\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: SIGHUP caught: re-opening log file\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: No stats for Database check - forcing reload$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: SelfCheck: Database modification detected\. Forcing reload\.$
--- /dev/null
+/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$
+/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$
+/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$
+mysqld\[[0-9]+\]: $
+mysqld\[[0-9]+\]: Version: .* socket: '/var/run/mysqld/mysqld.sock' port: 3306$
+mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$
+mysqld_safe\[[0-9]+\]: started$
+usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$
+usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ clamd\[[0-9]+\]: .* (FOUND|OK)$
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: ClamAV update process started at .*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Received signal: (wake up|re-opening log file)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: (daily|main)\.c(l|v)d (is up to date|updated) \(version: [0-9]+, sigs: [0-9]+, f-level: [0-9]+, builder: \w+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Clamd successfully notified about the update\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: --------------------------------------$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Database updated \([0-9]+ signatures\) from .* \(IP: [0-9.]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ freshclam\[[0-9]+\]: Downloading daily-[0-9]+.cdiff \[100%\] ?$
--- /dev/null
+/etc/init.d/mysql\[[0-9]+\]: [0-9]+ processes alive and '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$
+/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$
+/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$
+/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$
+mysqld\[[0-9]+\]: ?$
+mysqld\[[0-9]+\]: .*InnoDB: Shutdown completed
+mysqld\[[0-9]+\]: .*InnoDB: Started;
+mysqld\[[0-9]+\]: .*InnoDB: Starting shutdown\.\.\.$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Normal shutdown$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: ready for connections\.$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Shutdown complete$
+mysqld\[[0-9]+\]: /usr/sbin/mysqld: ready for connections\.$
+mysqld\[[0-9]+\]: .*/usr/sbin/mysqld: Shutdown Complete$
+mysqld\[[0-9]+\]: Version: .* socket
+mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$
+mysqld_safe\[[0-9]+\]: ?$
+mysqld_safe\[[0-9]+\]: able to use the new GRANT command!$
+mysqld_safe\[[0-9]+\]: ended$
+mysqld_safe\[[0-9]+\]: http://www.mysql.com$
+mysqld_safe\[[0-9]+\]: NOTE: If you are upgrading from a MySQL <= 3.22.10 you should run$
+mysqld_safe\[[0-9]+\]: PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !$
+mysqld_safe\[[0-9]+\]: Please report any problems with the /usr/bin/mysqlbug script!$
+mysqld_safe\[[0-9]+\]: See the manual for more instructions.$
+mysqld_safe\[[0-9]+\]: started$
+mysqld_safe\[[0-9]+\]: Support MySQL by buying support/licenses at https://order.mysql.com$
+mysqld_safe\[[0-9]+\]: The latest information about MySQL is available on the web at$
+mysqld_safe\[[0-9]+\]: the /usr/bin/mysql_fix_privilege_tables. Otherwise you will not be$
+mysqld_safe\[[0-9]+\]: To do so, start the server, then issue the following commands:$
+mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root -h app109 password 'new-password'$
+mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root password 'new-password'$
+usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$
+usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$
--- /dev/null
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: imklog [0-9.]+, log source = /proc/kmsg started.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: Kernel logging \(proc\) stopped.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] start$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] exiting on signal [0-9]+.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="[0-9.]+" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] rsyslogd was HUPed$
--- /dev/null
+/etc/init.d/mysql\[[0-9]+\]: [0-9]+ processes alive and '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$
+/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$
+/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$
+/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$
+mysqld\[[0-9]+\]: ?$
+mysqld\[[0-9]+\]: .*InnoDB: Shutdown completed
+mysqld\[[0-9]+\]: .*InnoDB: Started;
+mysqld\[[0-9]+\]: .*InnoDB: Starting shutdown\.\.\.$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Normal shutdown$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: ready for connections\.$
+mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Shutdown complete$
+mysqld\[[0-9]+\]: /usr/sbin/mysqld: ready for connections\.$
+mysqld\[[0-9]+\]: .*/usr/sbin/mysqld: Shutdown Complete$
+mysqld\[[0-9]+\]: Version: .* socket
+mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$
+mysqld_safe\[[0-9]+\]: ?$
+mysqld_safe\[[0-9]+\]: able to use the new GRANT command!$
+mysqld_safe\[[0-9]+\]: ended$
+mysqld_safe\[[0-9]+\]: http://www.mysql.com$
+mysqld_safe\[[0-9]+\]: NOTE: If you are upgrading from a MySQL <= 3.22.10 you should run$
+mysqld_safe\[[0-9]+\]: PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !$
+mysqld_safe\[[0-9]+\]: Please report any problems with the /usr/bin/mysqlbug script!$
+mysqld_safe\[[0-9]+\]: See the manual for more instructions.$
+mysqld_safe\[[0-9]+\]: started$
+mysqld_safe\[[0-9]+\]: Support MySQL by buying support/licenses at https://order.mysql.com$
+mysqld_safe\[[0-9]+\]: The latest information about MySQL is available on the web at$
+mysqld_safe\[[0-9]+\]: the /usr/bin/mysql_fix_privilege_tables. Otherwise you will not be$
+mysqld_safe\[[0-9]+\]: To do so, start the server, then issue the following commands:$
+mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root -h app109 password 'new-password'$
+mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root password 'new-password'$
+usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$
+usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$
--- /dev/null
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed. All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux. --marekm
+
+# REQUIRED for useradd/userdel/usermod
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
+# MAIL_DIR takes precedence.
+#
+# Essentially:
+# - MAIL_DIR defines the location of users mail spool files
+# (for mbox use) by appending the username to MAIL_DIR as defined
+# below.
+# - MAIL_FILE defines the location of the users mail spool files as the
+# fully-qualified filename obtained by prepending the user home
+# directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+# which is, starting from shadow 4.0.12-1 in Debian, entirely the
+# job of the pam_mail PAM modules
+# See default PAM configuration files provided for
+# login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR /var/mail
+#MAIL_FILE .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable.
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB yes
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE /var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100 tty01".
+#
+#TTYTYPE_FILE /etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE /var/log/btmp
+
+#
+# If defined, the command name to display when running "su -". For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su". If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+
+TTYGROUP tty
+TTYPERM 0600
+
+#
+# Login configuration initializations:
+#
+# ERASECHAR Terminal ERASE character ('\010' = backspace).
+# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+# UMASK Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
+# for private user groups, i. e. the uid is the same as gid, and username is
+# the same as the primary group name: for these, the user permissions will be
+# used as group permissions, e. g. 022 will become 002.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR 0177
+KILLCHAR 025
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+#SYS_UID_MIN 100
+#SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+#SYS_GID_MIN 100
+#SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT 60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone). If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+#
+CHFN_RESTRICT rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user´s group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names. Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE /etc/consoles
+#CONSOLE console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting). Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm. Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+# #
+# These options are now handled by PAM. Please #
+# edit the appropriate file in /etc/pam.d/ to #
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+# #
+# These options are no more handled by shadow. #
+# #
+# Shadow utilities will display a warning if they #
+# still appear. #
+# #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
--- /dev/null
+# see "man logrotate" for details
+# rotate log files weekly
+weekly
+
+# keep 4 weeks worth of backlogs
+rotate 99
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+compress
+delaycompress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own wtmp, or btmp -- we'll rotate them here
+/var/log/wtmp {
+ missingok
+ monthly
+ create 0664 root utmp
+ rotate 12
+ size 4M
+}
+
+/var/log/btmp {
+ missingok
+ monthly
+ create 0660 root utmp
+ rotate 12
+ size 4M
+}
+
+# system-specific logs may be configured here
--- /dev/null
+/var/log/apt/term.log {
+ rotate 12
+ monthly
+ compress
+ missingok
+ notifempty
+}
+
+/var/log/apt/history.log {
+ rotate 12
+ monthly
+ compress
+ missingok
+ notifempty
+}
+
--- /dev/null
+/var/log/aptitude {
+ rotate 6
+ monthly
+ compress
+ missingok
+ notifempty
+}
--- /dev/null
+/var/log/chrony/*.log {
+ weekly
+ rotate 7
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ sharedscripts
+ create 644
+ postrotate
+ /usr/bin/chronyc -a cyclelogs > /dev/null 2>&1 || true
+ endscript
+}
--- /dev/null
+/var/log/clamav/clamav.log {
+ rotate 12
+ weekly
+ compress
+ delaycompress
+ create 640 clamav adm
+ postrotate
+ if [ -d /run/systemd/system ]; then
+ systemctl -q is-active clamav-daemon && systemctl kill --signal=SIGHUP clamav-daemon || true
+ else
+ /etc/init.d/clamav-daemon reload-log > /dev/null || true
+ fi
+ endscript
+ }
--- /dev/null
+/var/log/clamav/freshclam.log {
+ rotate 12
+ weekly
+ compress
+ delaycompress
+ missingok
+ create 640 clamav adm
+ postrotate
+ if [ -d /run/systemd/system ]; then
+ systemctl -q is-active clamav-freshclam && systemctl kill --signal=SIGHUP clamav-freshclam || true
+ else
+ /etc/init.d/clamav-freshclam reload-log > /dev/null || true
+ fi
+ endscript
+ }
--- /dev/null
+/var/log/dovecot.log
+/var/log/dovecot-sieve.log
+/var/log/dovecot-lmtp.log {
+ compress
+ daily
+ rotate 20
+ dateext
+ olddir /var/log/.old
+ delaycompress
+ size 4M
+ create 0600 vmail vmail
+ missingok
+
+ # Use bzip2 for compress.
+ #compresscmd bzip2
+ #uncompresscmd bunzip2
+ #compressoptions -9
+ #compressext .bz2
+
+ sharedscripts
+ postrotate
+ doveadm log reopen
+ endscript
+}
+
+# vim: ts=4 filetype=conf et
--- /dev/null
+/var/log/dpkg.log {
+ monthly
+ rotate 12
+ compress
+ delaycompress
+ missingok
+ notifempty
+ create 644 root root
+}
+/var/log/alternatives.log {
+ monthly
+ rotate 12
+ compress
+ delaycompress
+ missingok
+ notifempty
+ create 644 root root
+}
--- /dev/null
+/var/log/fail2ban.log {
+
+ weekly
+ rotate 4
+ dateext
+ size 2M
+ compress
+
+ delaycompress
+ olddir /var/log/.old
+ missingok
+ postrotate
+ fail2ban-client flushlogs 1>/dev/null
+ endscript
+
+ # If fail2ban runs as non-root it still needs to have write access
+ # to logfiles.
+ # create 640 fail2ban adm
+ create 640 root adm
+}
+
+# vim: ts=4 filetype=conf et
--- /dev/null
+/var/log/mail/*.log {
+ daily
+ rotate 20
+ olddir /var/log/mail/.old
+ missingok
+ size 4096K
+ dateext
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+# vim: ts=4 filetype=conf
--- /dev/null
+# - I put everything in one block and added sharedscripts, so that mysql gets
+# flush-logs'd only once.
+# Else the binary logs would automatically increase by n times every day.
+# - The error log is obsolete, messages go to syslog now.
+/var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log /var/log/mysql/error.log {
+ daily
+ rotate 7
+ size 1M
+ missingok
+ create 640 mysql adm
+ dateext
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ test -x /usr/bin/mysqladmin || exit 0
+ if [ -f `my_print_defaults --mysqld | grep -oP "pid-file=\K[^$]+"` ]; then
+ # If this fails, check debian.conf!
+ mysqladmin --defaults-file=/etc/mysql/debian.cnf flush-logs
+ fi
+ endscript
+}
+
+# vim: ts=4 filetype=conf noet
--- /dev/null
+/var/log/nginx/*.log {
+ weekly
+ missingok
+ rotate 52
+ dateext
+ size 4M
+ compress
+ delaycompress
+ notifempty
+ create 0640 www-data adm
+ sharedscripts
+ prerotate
+ if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+ run-parts /etc/logrotate.d/httpd-prerotate; \
+ fi \
+ endscript
+ postrotate
+ invoke-rc.d nginx rotate >/dev/null 2>&1
+ endscript
+}
+
+# vim: ts=4 filetype=conf noet
--- /dev/null
+/var/log/php5-fpm.log {
+ rotate 12
+ weekly
+ missingok
+ notifempty
+ dateext
+ compress
+ delaycompress
+ size 4M
+ olddir /var/log/.old
+ postrotate
+ /usr/lib/php5/php5-fpm-reopenlogs
+ endscript
+}
+
+# vim: ts=4 filetype=conf noet
--- /dev/null
+/var/log/syslog /var/log/messages {
+ rotate 7
+ daily
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ olddir /var/log/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+/var/log/all.log
+/var/log/mail.info
+/var/log/mail.warn
+/var/log/mail.err
+/var/log/mail.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/auth.log
+/var/log/user.log
+/var/log/lpr.log
+/var/log/cron.log
+/var/log/debug
+/var/log/debug.log
+{
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ dateext
+ size 4M
+ olddir /var/log/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+/var/log/syslog.d/*.log {
+ rotate 10
+ weekly
+ missingok
+ notifempty
+ size 4M
+ delaycompress
+ dateext
+ compress
+ olddir /var/log/syslog.d/.old
+ sharedscripts
+ postrotate
+ invoke-rc.d rsyslog rotate > /dev/null
+ endscript
+}
+
+# vim: ts=4 filetype=conf et
--- /dev/null
+/var/log/salt/master {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
+
+/var/log/salt/minion {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
+
+/var/log/salt/key {
+ weekly
+ missingok
+ rotate 7
+ compress
+ notifempty
+}
--- /dev/null
+/var/log/ulog/*.log /var/log/ulog/*.pcap {
+ daily
+ rotate 20
+ missingok
+ dateext
+ compress
+ delaycompress
+ sharedscripts
+ create 640 ulog adm
+ size 1M
+ sharedscripts
+ postrotate
+ invoke-rc.d ulogd2 reload > /dev/null
+ endscript
+}
+
+# vim: ts=4 filetype=conf et
--- /dev/null
+"/var/log/uwsgi/*.log" "/var/log/uwsgi/*/*.log" {
+ copytruncate
+ dateext
+ size 128K
+ daily
+ rotate 10
+ compress
+ delaycompress
+ missingok
+ notifempty
+}
--- /dev/null
+##########################################################################
+# $Id: cron.conf 149 2013-06-18 22:18:12Z mtremaine $
+##########################################################################
+
+# What actual file? Defaults to LogPath if not absolute path....
+#Solaris is /var/cron/log -mgt
+LogFile = syslog.d/cron.log
+LogFile = syslog.d/.old/cron.log-*[0-9]
+
+# If the archives are searched, here is one or more line
+# (optionally containing wildcards) that tell where they are...
+Archive = syslog.d/.old/cron.*.gz
+Archive = syslog.d/.old/cron-*.gz
+
+# Expand the repeats (actually just removes them now)
+*ExpandRepeats
+
+# Keep only the lines in the proper date range...
+*ApplyStdDate
+
+# vi: shiftwidth=3 tabstop=3 et
--- /dev/null
+###########################################################################
+# $Id: daemon.conf 149 2013-06-18 22:18:12Z mtremaine $
+###########################################################################
+
+# daemon log file for debian-based systems
+
+LogFile = syslog.d/daemon.log
+LogFile = syslog.d/.old/daemon.log-*[0-9]
+Archive = syslog.d/.old/daemon.log.*.gz
+Archive = syslog.d/.old/daemon.log-*.gz
+
+*ExpandRepeats
+*ApplyStdDate
+
+###########################################################################
+# Please send all comments, suggestions, bug reports,
+# etc, to logwatch-devel@lists.sourceforge.net
+###########################################################################
--- /dev/null
+###########################################################################
+# $Id: fail2ban.conf 149 2013-06-18 22:18:12Z mtremaine $
+###########################################################################
+# $Log: fail2ban.conf,v $
+# Revision 1.2 2006/12/15 04:53:39 bjorn
+# Now using ApplyEuroDate, by Willi Mann.
+#
+# Revision 1.1 2006/05/30 19:04:26 bjorn
+# Added fail2ban service, written by Yaroslav Halchenko.
+#
+###########################################################################
+
+# You can put comments anywhere you want to. They are effective for the
+# rest of the line.
+
+# this is in the format of <name> = <value>. Whitespace at the beginning
+# and end of the lines is removed. Whitespace before and after the = sign
+# is removed. Everything is case *insensitive*.
+
+# Yes = True = On = 1
+# No = False = Off = 0
+
+
+*ApplyEuroDate
+
+
+LogFile = fail2ban.log
+LogFile = .old/fail2ban.log-*[0-9]
+
+Archive = .old/fail2ban.*.gz
+Archive = .old/fail2ban-*.gz
+
--- /dev/null
+##########################################################################
+# $Id: maillog.conf,v 1.14 2007/10/01 16:55:18 mike Exp $
+##########################################################################
+
+# What actual file? Defaults to LogPath if not absolute path....
+LogFile = syslog.d/mail.log
+LogFile = syslog.d/.old/mail.log-*[0-9]
+
+
+# If the archives are searched, here is one or more line
+# (optionally containing wildcards) that tell where they are...
+#If you use a "-" in naming add that as well -mgt
+Archive = syslog.d/.old/mail.*.gz
+Archive = syslog.d/.old/mail-*.gz
+
+
+# Expand the repeats (actually just removes them now)
+*ExpandRepeats
+
+# Keep only the lines in the proper date range...
+*ApplyStdDate
+
+# vi: shiftwidth=3 tabstop=3 et
--- /dev/null
+##########################################################################
+# $Id: secure.conf 149 2013-06-18 22:18:12Z mtremaine $
+##########################################################################
+
+# What actual file? Defaults to LogPath if not absolute path....
+LogFile = syslog.d/auth.log
+LogFile = syslog.d/authpriv.log
+LogFile = syslog.d/.old/auth.log-*[0-9]
+LogFile = syslog.d/.old/authpriv.log-*[0-9]
+
+# If the archives are searched, here is one or more line
+# (optionally containing wildcards) that tell where they are...
+#If you use a "-" in naming add that as well -mgt
+Archive = syslog.d/.old/auth.*.gz
+Archive = syslog.d/.old/auth-*.gz
+Archive = syslog.d/.old/authpriv.*.gz
+Archive = syslog.d/.old/authpriv-*.gz
+
+
+# Expand the repeats (actually just removes them now)
+*ExpandRepeats
+
+# Keep only the lines in the proper date range...
+*ApplyStdDate
+
+# vi: shiftwidth=3 tabstop=3 et
--- /dev/null
+###########################################################################
+# $Id: syslog.conf 149 2013-06-18 22:18:12Z mtremaine $
+###########################################################################
+
+# Syslog file for debian-based systems
+
+Logfile =
+Archive =
+LogFile = syslog
+LogFile = .old/syslog-*[0-9]
+Archive = .old/syslog.*.gz
+Archive = .old/syslog-*.gz
+*ExpandRepeats
+#Comma separated list works best -mgt
+*RemoveService = talkd,telnetd,inetd,nfsd,/sbin/mingetty
+*applystddate
+# *ApplyStdDate
+
+# vi: shiftwidth=3 tabstop=3 et
--- /dev/null
+# Generated by LVM2 version 2.02.111(2) (2014-09-01): Tue Jul 19 21:27:51 2016
+
+contents = "Text Format Volume Group"
+version = 1
+
+description = "Created *after* executing 'vgcfgbackup'"
+
+creation_host = "sarah" # Linux sarah 3.16.0-1-grml-amd64 #1 SMP Debian 3.16.7-1+grml.1 (2014-11-05) x86_64
+creation_time = 1468963671 # Tue Jul 19 21:27:51 2016
+
+vg00 {
+ id = "irx33Y-GSrg-rHwt-nmCA-mesQ-On0K-9XmbDd"
+ seqno = 6
+ format = "lvm2" # informational
+ status = ["RESIZEABLE", "READ", "WRITE"]
+ flags = []
+ extent_size = 8192 # 4 Megabytes
+ max_lv = 0
+ max_pv = 0
+ metadata_copies = 0
+
+ physical_volumes {
+
+ pv0 {
+ id = "kHumpo-enqD-kC1Z-cJfm-yosJ-PNuc-rR0mpn"
+ device = "/dev/vdb1" # Hint only
+
+ status = ["ALLOCATABLE"]
+ flags = []
+ dev_size = 419428352 # 199.999 Gigabytes
+ pe_start = 2048
+ pe_count = 51199 # 199.996 Gigabytes
+ }
+ }
+
+ logical_volumes {
+
+ var {
+ id = "dg21ca-bWws-e0j4-nI0d-aB4C-I2BV-cSk4ZG"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "sarah"
+ creation_time = 1468962293 # 2016-07-19 21:04:53 +0000
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 5120 # 20 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 0
+ ]
+ }
+ }
+
+ tmp {
+ id = "QIOqXe-ALZE-ABEc-z0vy-lj6b-EKmA-ctsLzi"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "sarah"
+ creation_time = 1468962310 # 2016-07-19 21:05:10 +0000
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 1024 # 4 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 5120
+ ]
+ }
+ }
+
+ opt {
+ id = "VeeAZ1-iha0-Hf69-7KEO-7Kk9-FOMi-HzqOV7"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "sarah"
+ creation_time = 1468962317 # 2016-07-19 21:05:17 +0000
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 1024 # 4 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 6144
+ ]
+ }
+ }
+
+ home {
+ id = "VfYOw0-VwUa-DcSY-aDcJ-UrTV-p7h9-DmS3xP"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "sarah"
+ creation_time = 1468962331 # 2016-07-19 21:05:31 +0000
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 25600 # 100 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 7168
+ ]
+ }
+ }
+
+ swap {
+ id = "4PkO1V-UlhK-HHVg-Lu0B-cVuw-2h2w-Qe3Y6N"
+ status = ["READ", "WRITE", "VISIBLE"]
+ flags = []
+ creation_host = "sarah"
+ creation_time = 1468962347 # 2016-07-19 21:05:47 +0000
+ segment_count = 1
+
+ segment1 {
+ start_extent = 0
+ extent_count = 1024 # 4 Gigabytes
+
+ type = "striped"
+ stripe_count = 1 # linear
+
+ stripes = [
+ "pv0", 32768
+ ]
+ }
+ }
+ }
+}
--- /dev/null
+# This is an example configuration file for the LVM2 system.
+# It contains the default settings that would be used if there was no
+# /etc/lvm/lvm.conf file.
+#
+# Refer to 'man lvm.conf' for further information including the file layout.
+#
+# To put this file in a different directory and override /etc/lvm set
+# the environment variable LVM_SYSTEM_DIR before running the tools.
+#
+# N.B. Take care that each setting only appears once if uncommenting
+# example settings in this file.
+
+# This section allows you to set the way the configuration settings are handled.
+config {
+
+ # If enabled, any LVM2 configuration mismatch is reported.
+ # This implies checking that the configuration key is understood
+ # by LVM2 and that the value of the key is of a proper type.
+ # If disabled, any configuration mismatch is ignored and default
+ # value is used instead without any warning (a message about the
+ # configuration key not being found is issued in verbose mode only).
+ checks = 1
+
+ # If enabled, any configuration mismatch aborts the LVM2 process.
+ abort_on_errors = 0
+
+ # Directory where LVM looks for configuration profiles.
+ profile_dir = "/etc/lvm/profile"
+}
+
+# This section allows you to configure which block devices should
+# be used by the LVM system.
+devices {
+
+ # Where do you want your volume groups to appear ?
+ dir = "/dev"
+
+ # An array of directories that contain the device nodes you wish
+ # to use with LVM2.
+ scan = [ "/dev" ]
+
+ # If set, the cache of block device nodes with all associated symlinks
+ # will be constructed out of the existing udev database content.
+ # This avoids using and opening any inapplicable non-block devices or
+ # subdirectories found in the device directory. This setting is applied
+ # to udev-managed device directory only, other directories will be scanned
+ # fully. LVM2 needs to be compiled with udev support for this setting to
+ # take effect. N.B. Any device node or symlink not managed by udev in
+ # udev directory will be ignored with this setting on.
+ obtain_device_list_from_udev = 1
+
+ # If several entries in the scanned directories correspond to the
+ # same block device and the tools need to display a name for device,
+ # all the pathnames are matched against each item in the following
+ # list of regular expressions in turn and the first match is used.
+
+ # By default no preferred names are defined.
+ # preferred_names = [ ]
+
+ # Try to avoid using undescriptive /dev/dm-N names, if present.
+ # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ]
+
+ # In case no prefererred name matches or if preferred_names are not
+ # defined at all, builtin rules are used to determine the preference.
+ #
+ # The first builtin rule checks path prefixes and it gives preference
+ # based on this ordering (where "dev" depends on devices/dev setting):
+ # /dev/mapper > /dev/disk > /dev/dm-* > /dev/block
+ #
+ # If the ordering above cannot be applied, the path with fewer slashes
+ # gets preference then.
+ #
+ # If the number of slashes is the same, a symlink gets preference.
+ #
+ # Finally, if all the rules mentioned above are not applicable,
+ # lexicographical order is used over paths and the smallest one
+ # of all gets preference.
+
+
+ # A filter that tells LVM2 to only use a restricted set of devices.
+ # The filter consists of an array of regular expressions. These
+ # expressions can be delimited by a character of your choice, and
+ # prefixed with either an 'a' (for accept) or 'r' (for reject).
+ # The first expression found to match a device name determines if
+ # the device will be accepted or rejected (ignored). Devices that
+ # don't match any patterns are accepted.
+
+ # Be careful if there there are symbolic links or multiple filesystem
+ # entries for the same device as each name is checked separately against
+ # the list of patterns. The effect is that if the first pattern in the
+ # list to match a name is an 'a' pattern for any of the names, the device
+ # is accepted; otherwise if the first pattern in the list to match a name
+ # is an 'r' pattern for any of the names it is rejected; otherwise it is
+ # accepted.
+
+ # Don't have more than one filter line active at once: only one gets used.
+
+ # Run vgscan after you change this parameter to ensure that
+ # the cache file gets regenerated (see below).
+ # If it doesn't do what you expect, check the output of 'vgscan -vvvv'.
+
+ # If lvmetad is used, then see "A note about device filtering while
+ # lvmetad is used" comment that is attached to global/use_lvmetad setting.
+
+ # By default we accept every block device:
+ # filter = [ "a/.*/" ]
+
+ # Exclude the cdrom drive
+ # filter = [ "r|/dev/cdrom|" ]
+
+ # When testing I like to work with just loopback devices:
+ # filter = [ "a/loop/", "r/.*/" ]
+
+ # Or maybe all loops and ide drives except hdc:
+ # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ]
+
+ # Use anchors if you want to be really specific
+ # filter = [ "a|^/dev/hda8$|", "r/.*/" ]
+
+ # Since "filter" is often overridden from command line, it is not suitable
+ # for system-wide device filtering (udev rules, lvmetad). To hide devices
+ # from LVM-specific udev processing and/or from lvmetad, you need to set
+ # global_filter. The syntax is the same as for normal "filter"
+ # above. Devices that fail the global_filter are not even opened by LVM.
+
+ # global_filter = []
+
+ # The results of the filtering are cached on disk to avoid
+ # rescanning dud devices (which can take a very long time).
+ # By default this cache is stored in the /etc/lvm/cache directory
+ # in a file called '.cache'.
+ # It is safe to delete the contents: the tools regenerate it.
+ # (The old setting 'cache' is still respected if neither of
+ # these new ones is present.)
+ # N.B. If obtain_device_list_from_udev is set to 1 the list of
+ # devices is instead obtained from udev and any existing .cache
+ # file is removed.
+ cache_dir = "/run/lvm"
+ cache_file_prefix = ""
+
+ # You can turn off writing this cache file by setting this to 0.
+ write_cache_state = 1
+
+ # Advanced settings.
+
+ # List of pairs of additional acceptable block device types found
+ # in /proc/devices with maximum (non-zero) number of partitions.
+ # types = [ "fd", 16 ]
+
+ # If sysfs is mounted (2.6 kernels) restrict device scanning to
+ # the block devices it believes are valid.
+ # 1 enables; 0 disables.
+ sysfs_scan = 1
+
+ # By default, LVM2 will ignore devices used as component paths
+ # of device-mapper multipath devices.
+ # 1 enables; 0 disables.
+ multipath_component_detection = 1
+
+ # By default, LVM2 will ignore devices used as components of
+ # software RAID (md) devices by looking for md superblocks.
+ # 1 enables; 0 disables.
+ md_component_detection = 1
+
+ # By default, if a PV is placed directly upon an md device, LVM2
+ # will align its data blocks with the md device's stripe-width.
+ # 1 enables; 0 disables.
+ md_chunk_alignment = 1
+
+ # Default alignment of the start of a data area in MB. If set to 0,
+ # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc.
+ # default_data_alignment = 1
+
+ # By default, the start of a PV's data area will be a multiple of
+ # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs.
+ # - minimum_io_size - the smallest request the device can perform
+ # w/o incurring a read-modify-write penalty (e.g. MD's chunk size)
+ # - optimal_io_size - the device's preferred unit of receiving I/O
+ # (e.g. MD's stripe width)
+ # minimum_io_size is used if optimal_io_size is undefined (0).
+ # If md_chunk_alignment is enabled, that detects the optimal_io_size.
+ # This setting takes precedence over md_chunk_alignment.
+ # 1 enables; 0 disables.
+ data_alignment_detection = 1
+
+ # Alignment (in KB) of start of data area when creating a new PV.
+ # md_chunk_alignment and data_alignment_detection are disabled if set.
+ # Set to 0 for the default alignment (see: data_alignment_default)
+ # or page size, if larger.
+ data_alignment = 0
+
+ # By default, the start of the PV's aligned data area will be shifted by
+ # the 'alignment_offset' exposed in sysfs. This offset is often 0 but
+ # may be non-zero; e.g.: certain 4KB sector drives that compensate for
+ # windows partitioning will have an alignment_offset of 3584 bytes
+ # (sector 7 is the lowest aligned logical block, the 4KB sectors start
+ # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary).
+ # But note that pvcreate --dataalignmentoffset will skip this detection.
+ # 1 enables; 0 disables.
+ data_alignment_offset_detection = 1
+
+ # If, while scanning the system for PVs, LVM2 encounters a device-mapper
+ # device that has its I/O suspended, it waits for it to become accessible.
+ # Set this to 1 to skip such devices. This should only be needed
+ # in recovery situations.
+ ignore_suspended_devices = 0
+
+ # ignore_lvm_mirrors: Introduced in version 2.02.104
+ # This setting determines whether logical volumes of "mirror" segment
+ # type are scanned for LVM labels. This affects the ability of
+ # mirrors to be used as physical volumes. If 'ignore_lvm_mirrors'
+ # is set to '1', it becomes impossible to create volume groups on top
+ # of mirror logical volumes - i.e. to stack volume groups on mirrors.
+ #
+ # Allowing mirror logical volumes to be scanned (setting the value to '0')
+ # can potentially cause LVM processes and I/O to the mirror to become
+ # blocked. This is due to the way that the "mirror" segment type handles
+ # failures. In order for the hang to manifest itself, an LVM command must
+ # be run just after a failure and before the automatic LVM repair process
+ # takes place OR there must be failures in multiple mirrors in the same
+ # volume group at the same time with write failures occurring moments
+ # before a scan of the mirror's labels.
+ #
+ # Note that these scanning limitations do not apply to the LVM RAID
+ # types, like "raid1". The RAID segment types handle failures in a
+ # different way and are not subject to possible process or I/O blocking.
+ #
+ # It is encouraged that users set 'ignore_lvm_mirrors' to 1 if they
+ # are using the "mirror" segment type. Users that require volume group
+ # stacking on mirrored logical volumes should consider using the "raid1"
+ # segment type. The "raid1" segment type is not available for
+ # active/active clustered volume groups.
+ #
+ # Set to 1 to disallow stacking and thereby avoid a possible deadlock.
+ ignore_lvm_mirrors = 1
+
+ # During each LVM operation errors received from each device are counted.
+ # If the counter of a particular device exceeds the limit set here, no
+ # further I/O is sent to that device for the remainder of the respective
+ # operation. Setting the parameter to 0 disables the counters altogether.
+ disable_after_error_count = 0
+
+ # Allow use of pvcreate --uuid without requiring --restorefile.
+ require_restorefile_with_uuid = 1
+
+ # Minimum size (in KB) of block devices which can be used as PVs.
+ # In a clustered environment all nodes must use the same value.
+ # Any value smaller than 512KB is ignored.
+
+ # Ignore devices smaller than 2MB such as floppy drives.
+ pv_min_size = 2048
+
+ # The original built-in setting was 512 up to and including version 2.02.84.
+ # pv_min_size = 512
+
+ # Issue discards to a logical volumes's underlying physical volume(s) when
+ # the logical volume is no longer using the physical volumes' space (e.g.
+ # lvremove, lvreduce, etc). Discards inform the storage that a region is
+ # no longer in use. Storage that supports discards advertise the protocol
+ # specific way discards should be issued by the kernel (TRIM, UNMAP, or
+ # WRITE SAME with UNMAP bit set). Not all storage will support or benefit
+ # from discards but SSDs and thinly provisioned LUNs generally do. If set
+ # to 1, discards will only be issued if both the storage and kernel provide
+ # support.
+ # 1 enables; 0 disables.
+ issue_discards = 0
+}
+
+# This section allows you to configure the way in which LVM selects
+# free space for its Logical Volumes.
+allocation {
+
+ # When searching for free space to extend an LV, the "cling"
+ # allocation policy will choose space on the same PVs as the last
+ # segment of the existing LV. If there is insufficient space and a
+ # list of tags is defined here, it will check whether any of them are
+ # attached to the PVs concerned and then seek to match those PV tags
+ # between existing extents and new extents.
+ # Use the special tag "@*" as a wildcard to match any PV tag.
+
+ # Example: LVs are mirrored between two sites within a single VG.
+ # PVs are tagged with either @site1 or @site2 to indicate where
+ # they are situated.
+
+ # cling_tag_list = [ "@site1", "@site2" ]
+ # cling_tag_list = [ "@*" ]
+
+ # Changes made in version 2.02.85 extended the reach of the 'cling'
+ # policies to detect more situations where data can be grouped
+ # onto the same disks. Set this to 0 to revert to the previous
+ # algorithm.
+ maximise_cling = 1
+
+ # Whether to use blkid library instead of native LVM2 code to detect
+ # any existing signatures while creating new Physical Volumes and
+ # Logical Volumes. LVM2 needs to be compiled with blkid wiping support
+ # for this setting to take effect.
+ #
+ # LVM2 native detection code is currently able to recognize these signatures:
+ # - MD device signature
+ # - swap signature
+ # - LUKS signature
+ # To see the list of signatures recognized by blkid, check the output
+ # of 'blkid -k' command. The blkid can recognize more signatures than
+ # LVM2 native detection code, but due to this higher number of signatures
+ # to be recognized, it can take more time to complete the signature scan.
+ use_blkid_wiping = 1
+
+ # Set to 1 to wipe any signatures found on newly-created Logical Volumes
+ # automatically in addition to zeroing of the first KB on the LV
+ # (controlled by the -Z/--zero y option).
+ # The command line option -W/--wipesignatures takes precedence over this
+ # setting.
+ # The default is to wipe signatures when zeroing.
+ #
+ wipe_signatures_when_zeroing_new_lvs = 1
+
+ # Set to 1 to guarantee that mirror logs will always be placed on
+ # different PVs from the mirror images. This was the default
+ # until version 2.02.85.
+ mirror_logs_require_separate_pvs = 0
+
+ # Set to 1 to guarantee that cache_pool metadata will always be
+ # placed on different PVs from the cache_pool data.
+ cache_pool_metadata_require_separate_pvs = 0
+
+ # Specify the minimal chunk size (in kiB) for cache pool volumes.
+ # Using a chunk_size that is too large can result in wasteful use of
+ # the cache, where small reads and writes can cause large sections of
+ # an LV to be mapped into the cache. However, choosing a chunk_size
+ # that is too small can result in more overhead trying to manage the
+ # numerous chunks that become mapped into the cache. The former is
+ # more of a problem than the latter in most cases, so we default to
+ # a value that is on the smaller end of the spectrum. Supported values
+ # range from 32(kiB) to 1048576 in multiples of 32.
+ # cache_pool_chunk_size = 64
+
+ # Set to 1 to guarantee that thin pool metadata will always
+ # be placed on different PVs from the pool data.
+ thin_pool_metadata_require_separate_pvs = 0
+
+ # Specify chunk size calculation policy for thin pool volumes.
+ # Possible options are:
+ # "generic" - if thin_pool_chunk_size is defined, use it.
+ # Otherwise, calculate the chunk size based on
+ # estimation and device hints exposed in sysfs:
+ # the minimum_io_size. The chunk size is always
+ # at least 64KiB.
+ #
+ # "performance" - if thin_pool_chunk_size is defined, use it.
+ # Otherwise, calculate the chunk size for
+ # performance based on device hints exposed in
+ # sysfs: the optimal_io_size. The chunk size is
+ # always at least 512KiB.
+ # thin_pool_chunk_size_policy = "generic"
+
+ # Specify the minimal chunk size (in KB) for thin pool volumes.
+ # Use of the larger chunk size may improve performance for plain
+ # thin volumes, however using them for snapshot volumes is less efficient,
+ # as it consumes more space and takes extra time for copying.
+ # When unset, lvm tries to estimate chunk size starting from 64KB
+ # Supported values are in range from 64 to 1048576.
+ # thin_pool_chunk_size = 64
+
+ # Specify discards behaviour of the thin pool volume.
+ # Select one of "ignore", "nopassdown", "passdown"
+ # thin_pool_discards = "passdown"
+
+ # Set to 0, to disable zeroing of thin pool data chunks before their
+ # first use.
+ # N.B. zeroing larger thin pool chunk size degrades performance.
+ # thin_pool_zero = 1
+}
+
+# This section that allows you to configure the nature of the
+# information that LVM2 reports.
+log {
+
+ # Controls the messages sent to stdout or stderr.
+ # There are three levels of verbosity, 3 being the most verbose.
+ verbose = 0
+
+ # Set to 1 to suppress all non-essential messages from stdout.
+ # This has the same effect as -qq.
+ # When this is set, the following commands still produce output:
+ # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay,
+ # pvs, version, vgcfgrestore -l, vgdisplay, vgs.
+ # Non-essential messages are shifted from log level 4 to log level 5
+ # for syslog and lvm2_log_fn purposes.
+ # Any 'yes' or 'no' questions not overridden by other arguments
+ # are suppressed and default to 'no'.
+ silent = 0
+
+ # Should we send log messages through syslog?
+ # 1 is yes; 0 is no.
+ syslog = 1
+
+ # Should we log error and debug messages to a file?
+ # By default there is no log file.
+ #file = "/var/log/lvm2.log"
+
+ # Should we overwrite the log file each time the program is run?
+ # By default we append.
+ overwrite = 0
+
+ # What level of log messages should we send to the log file and/or syslog?
+ # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive.
+ # 7 is the most verbose (LOG_DEBUG).
+ level = 0
+
+ # Format of output messages
+ # Whether or not (1 or 0) to indent messages according to their severity
+ indent = 1
+
+ # Whether or not (1 or 0) to display the command name on each line output
+ command_names = 0
+
+ # A prefix to use before the message text (but after the command name,
+ # if selected). Default is two spaces, so you can see/grep the severity
+ # of each message.
+ prefix = " "
+
+ # To make the messages look similar to the original LVM tools use:
+ # indent = 0
+ # command_names = 1
+ # prefix = " -- "
+
+ # Set this if you want log messages during activation.
+ # Don't use this in low memory situations (can deadlock).
+ # activation = 0
+
+ # Some debugging messages are assigned to a class and only appear
+ # in debug output if the class is listed here.
+ # Classes currently available:
+ # memory, devices, activation, allocation, lvmetad, metadata, cache,
+ # locking
+ # Use "all" to see everything.
+ debug_classes = [ "memory", "devices", "activation", "allocation",
+ "lvmetad", "metadata", "cache", "locking" ]
+}
+
+# Configuration of metadata backups and archiving. In LVM2 when we
+# talk about a 'backup' we mean making a copy of the metadata for the
+# *current* system. The 'archive' contains old metadata configurations.
+# Backups are stored in a human readable text format.
+backup {
+
+ # Should we maintain a backup of the current metadata configuration ?
+ # Use 1 for Yes; 0 for No.
+ # Think very hard before turning this off!
+ backup = 1
+
+ # Where shall we keep it ?
+ # Remember to back up this directory regularly!
+ backup_dir = "/etc/lvm/backup"
+
+ # Should we maintain an archive of old metadata configurations.
+ # Use 1 for Yes; 0 for No.
+ # On by default. Think very hard before turning this off.
+ archive = 1
+
+ # Where should archived files go ?
+ # Remember to back up this directory regularly!
+ archive_dir = "/etc/lvm/archive"
+
+ # What is the minimum number of archive files you wish to keep ?
+ retain_min = 10
+
+ # What is the minimum time you wish to keep an archive file for ?
+ retain_days = 30
+}
+
+# Settings for the running LVM2 in shell (readline) mode.
+shell {
+
+ # Number of lines of history to store in ~/.lvm_history
+ history_size = 100
+}
+
+
+# Miscellaneous global LVM2 settings
+global {
+ # The file creation mask for any files and directories created.
+ # Interpreted as octal if the first digit is zero.
+ umask = 077
+
+ # Allow other users to read the files
+ #umask = 022
+
+ # Enabling test mode means that no changes to the on disk metadata
+ # will be made. Equivalent to having the -t option on every
+ # command. Defaults to off.
+ test = 0
+
+ # Default value for --units argument
+ units = "h"
+
+ # Since version 2.02.54, the tools distinguish between powers of
+ # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g.
+ # KB, MB, GB).
+ # If you have scripts that depend on the old behaviour, set this to 0
+ # temporarily until you update them.
+ si_unit_consistency = 1
+
+ # Whether or not to display unit suffix for sizes. This setting has
+ # no effect if the units are in human-readable form (global/units="h")
+ # in which case the suffix is always displayed.
+ suffix = 1
+
+ # Whether or not to communicate with the kernel device-mapper.
+ # Set to 0 if you want to use the tools to manipulate LVM metadata
+ # without activating any logical volumes.
+ # If the device-mapper kernel driver is not present in your kernel
+ # setting this to 0 should suppress the error messages.
+ activation = 1
+
+ # If we can't communicate with device-mapper, should we try running
+ # the LVM1 tools?
+ # This option only applies to 2.4 kernels and is provided to help you
+ # switch between device-mapper kernels and LVM1 kernels.
+ # The LVM1 tools need to be installed with .lvm1 suffices
+ # e.g. vgscan.lvm1 and they will stop working after you start using
+ # the new lvm2 on-disk metadata format.
+ # The default value is set when the tools are built.
+ # fallback_to_lvm1 = 0
+
+ # The default metadata format that commands should use - "lvm1" or "lvm2".
+ # The command line override is -M1 or -M2.
+ # Defaults to "lvm2".
+ # format = "lvm2"
+
+ # Location of proc filesystem
+ proc = "/proc"
+
+ # Type of locking to use. Defaults to local file-based locking (1).
+ # Turn locking off by setting to 0 (dangerous: risks metadata corruption
+ # if LVM2 commands get run concurrently).
+ # Type 2 uses the external shared library locking_library.
+ # Type 3 uses built-in clustered locking.
+ # Type 4 uses read-only locking which forbids any operations that might
+ # change metadata.
+ # Type 5 offers dummy locking for tools that do not need any locks.
+ # You should not need to set this directly: the tools will select when
+ # to use it instead of the configured locking_type. Do not use lvmetad or
+ # the kernel device-mapper driver with this locking type.
+ # It is used by the --readonly option that offers read-only access to
+ # Volume Group metadata that cannot be locked safely because it belongs to
+ # an inaccessible domain and might be in use, for example a virtual machine
+ # image or a disk that is shared by a clustered machine.
+ #
+ # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
+ # supported in clustered environment. If use_lvmetad=1 and locking_type=3
+ # is set at the same time, LVM always issues a warning message about this
+ # and then it automatically disables lvmetad use.
+ locking_type = 1
+
+ # Set to 0 to fail when a lock request cannot be satisfied immediately.
+ wait_for_locks = 1
+
+ # If using external locking (type 2) and initialisation fails,
+ # with this set to 1 an attempt will be made to use the built-in
+ # clustered locking.
+ # If you are using a customised locking_library you should set this to 0.
+ fallback_to_clustered_locking = 1
+
+ # If an attempt to initialise type 2 or type 3 locking failed, perhaps
+ # because cluster components such as clvmd are not running, with this set
+ # to 1 an attempt will be made to use local file-based locking (type 1).
+ # If this succeeds, only commands against local volume groups will proceed.
+ # Volume Groups marked as clustered will be ignored.
+ fallback_to_local_locking = 1
+
+ # Local non-LV directory that holds file-based locks while commands are
+ # in progress. A directory like /tmp that may get wiped on reboot is OK.
+ locking_dir = "/run/lock/lvm"
+
+ # Whenever there are competing read-only and read-write access requests for
+ # a volume group's metadata, instead of always granting the read-only
+ # requests immediately, delay them to allow the read-write requests to be
+ # serviced. Without this setting, write access may be stalled by a high
+ # volume of read-only requests.
+ # NB. This option only affects locking_type = 1 viz. local file-based
+ # locking.
+ prioritise_write_locks = 1
+
+ # Other entries can go here to allow you to load shared libraries
+ # e.g. if support for LVM1 metadata was compiled as a shared library use
+ # format_libraries = "liblvm2format1.so"
+ # Full pathnames can be given.
+
+ # Search this directory first for shared libraries.
+ # library_dir = "/lib/lvm2"
+
+ # The external locking library to load if locking_type is set to 2.
+ # locking_library = "liblvm2clusterlock.so"
+
+ # Treat any internal errors as fatal errors, aborting the process that
+ # encountered the internal error. Please only enable for debugging.
+ abort_on_internal_errors = 0
+
+ # Check whether CRC is matching when parsed VG is used multiple times.
+ # This is useful to catch unexpected internal cached volume group
+ # structure modification. Please only enable for debugging.
+ detect_internal_vg_cache_corruption = 0
+
+ # If set to 1, no operations that change on-disk metadata will be permitted.
+ # Additionally, read-only commands that encounter metadata in need of repair
+ # will still be allowed to proceed exactly as if the repair had been
+ # performed (except for the unchanged vg_seqno).
+ # Inappropriate use could mess up your system, so seek advice first!
+ metadata_read_only = 0
+
+ # 'mirror_segtype_default' defines which segtype will be used when the
+ # shorthand '-m' option is used for mirroring. The possible options are:
+ #
+ # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is
+ # characterized by a flexible log solution (core, disk, mirrored)
+ # and by the necessity to block I/O while reconfiguring in the
+ # event of a failure.
+ #
+ # There is an inherent race in the dmeventd failure handling
+ # logic with snapshots of devices using this type of RAID1 that
+ # in the worst case could cause a deadlock.
+ # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10
+ #
+ # "raid1" - This implementation leverages MD's RAID1 personality through
+ # device-mapper. It is characterized by a lack of log options.
+ # (A log is always allocated for every device and they are placed
+ # on the same device as the image - no separate devices are
+ # required.) This mirror implementation does not require I/O
+ # to be blocked in the kernel in the event of a failure.
+ # This mirror implementation is not cluster-aware and cannot be
+ # used in a shared (active/active) fashion in a cluster.
+ #
+ # Specify the '--type <mirror|raid1>' option to override this default
+ # setting.
+ mirror_segtype_default = "raid1"
+
+ # 'raid10_segtype_default' determines the segment types used by default
+ # when the '--stripes/-i' and '--mirrors/-m' arguments are both specified
+ # during the creation of a logical volume.
+ # Possible settings include:
+ #
+ # "raid10" - This implementation leverages MD's RAID10 personality through
+ # device-mapper.
+ #
+ # "mirror" - LVM will layer the 'mirror' and 'stripe' segment types. It
+ # will do this by creating a mirror on top of striped sub-LVs;
+ # effectively creating a RAID 0+1 array. This is suboptimal
+ # in terms of providing redundancy and performance. Changing to
+ # this setting is not advised.
+ # Specify the '--type <raid10|mirror>' option to override this default
+ # setting.
+ raid10_segtype_default = "raid10"
+
+ # The default format for displaying LV names in lvdisplay was changed
+ # in version 2.02.89 to show the LV name and path separately.
+ # Previously this was always shown as /dev/vgname/lvname even when that
+ # was never a valid path in the /dev filesystem.
+ # Set to 1 to reinstate the previous format.
+ #
+ # lvdisplay_shows_full_device_path = 0
+
+ # Whether to use (trust) a running instance of lvmetad. If this is set to
+ # 0, all commands fall back to the usual scanning mechanisms. When set to 1
+ # *and* when lvmetad is running (automatically instantiated by making use of
+ # systemd's socket-based service activation or run as an initscripts service
+ # or run manually), the volume group metadata and PV state flags are obtained
+ # from the lvmetad instance and no scanning is done by the individual
+ # commands. In a setup with lvmetad, lvmetad udev rules *must* be set up for
+ # LVM to work correctly. Without proper udev rules, all changes in block
+ # device configuration will be *ignored* until a manual 'pvscan --cache'
+ # is performed. These rules are installed by default.
+ #
+ # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped
+ # before changing use_lvmetad to 1 and started again afterwards.
+ #
+ # If using lvmetad, the volume activation is also switched to automatic
+ # event-based mode. In this mode, the volumes are activated based on
+ # incoming udev events that automatically inform lvmetad about new PVs
+ # that appear in the system. Once the VG is complete (all the PVs are
+ # present), it is auto-activated. The activation/auto_activation_volume_list
+ # setting controls which volumes are auto-activated (all by default).
+ #
+ # A note about device filtering while lvmetad is used:
+ # When lvmetad is updated (either automatically based on udev events
+ # or directly by pvscan --cache <device> call), the devices/filter
+ # is ignored and all devices are scanned by default. The lvmetad always
+ # keeps unfiltered information which is then provided to LVM commands
+ # and then each LVM command does the filtering based on devices/filter
+ # setting itself.
+ # To prevent scanning devices completely, even when using lvmetad,
+ # the devices/global_filter must be used.
+ # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
+ # supported in clustered environment. If use_lvmetad=1 and locking_type=3
+ # is set at the same time, LVM always issues a warning message about this
+ # and then it automatically disables lvmetad use.
+ use_lvmetad = 0
+
+ # Full path of the utility called to check that a thin metadata device
+ # is in a state that allows it to be used.
+ # Each time a thin pool needs to be activated or after it is deactivated
+ # this utility is executed. The activation will only proceed if the utility
+ # has an exit status of 0.
+ # Set to "" to skip this check. (Not recommended.)
+ # The thin tools are available as part of the device-mapper-persistent-data
+ # package from https://github.com/jthornber/thin-provisioning-tools.
+ #
+ # thin_check_executable = "/usr/sbin/thin_check"
+
+ # Array of string options passed with thin_check command. By default,
+ # option "-q" is for quiet output.
+ # With thin_check version 2.1 or newer you can add "--ignore-non-fatal-errors"
+ # to let it pass through ignorable errors and fix them later.
+ # With thin_check version 3.2 or newer you should add
+ # "--clear-needs-check-flag".
+ #
+ # thin_check_options = [ "-q", "--clear-needs-check-flag" ]
+
+ # Full path of the utility called to repair a thin metadata device
+ # is in a state that allows it to be used.
+ # Each time a thin pool needs repair this utility is executed.
+ # See thin_check_executable how to obtain binaries.
+ #
+ # thin_repair_executable = "/usr/sbin/thin_repair"
+
+ # Array of extra string options passed with thin_repair command.
+ # thin_repair_options = [ "" ]
+
+ # Full path of the utility called to dump thin metadata content.
+ # See thin_check_executable how to obtain binaries.
+ #
+ # thin_dump_executable = "/usr/sbin/thin_dump"
+
+ # If set, given features are not used by thin driver.
+ # This can be helpful not just for testing, but i.e. allows to avoid
+ # using problematic implementation of some thin feature.
+ # Features:
+ # block_size
+ # discards
+ # discards_non_power_2
+ # external_origin
+ # metadata_resize
+ # external_origin_extend
+ #
+ # thin_disabled_features = [ "discards", "block_size" ]
+
+ # Full path of the utility called to check that a cache metadata device
+ # is in a state that allows it to be used.
+ # Each time a cached LV needs to be used or after it is deactivated
+ # this utility is executed. The activation will only proceed if the utility
+ # has an exit status of 0.
+ # Set to "" to skip this check. (Not recommended.)
+ # The cache tools are available as part of the device-mapper-persistent-data
+ # package from https://github.com/jthornber/thin-provisioning-tools.
+ #
+ # cache_check_executable = "/usr/sbin/cache_check"
+
+ # Array of string options passed with cache_check command. By default,
+ # option "-q" is for quiet output.
+ #
+ # cache_check_options = [ "-q" ]
+
+ # Full path of the utility called to repair a cache metadata device.
+ # Each time a cache metadata needs repair this utility is executed.
+ # See cache_check_executable how to obtain binaries.
+ #
+ # cache_repair_executable = "/usr/sbin/cache_repair"
+
+ # Array of extra string options passed with cache_repair command.
+ # cache_repair_options = [ "" ]
+
+ # Full path of the utility called to dump cache metadata content.
+ # See cache_check_executable how to obtain binaries.
+ #
+ # cache_dump_executable = "/usr/sbin/cache_dump"
+}
+
+activation {
+ # Set to 1 to perform internal checks on the operations issued to
+ # libdevmapper. Useful for debugging problems with activation.
+ # Some of the checks may be expensive, so it's best to use this
+ # only when there seems to be a problem.
+ checks = 0
+
+ # Set to 0 to disable udev synchronisation (if compiled into the binaries).
+ # Processes will not wait for notification from udev.
+ # They will continue irrespective of any possible udev processing
+ # in the background. You should only use this if udev is not running
+ # or has rules that ignore the devices LVM2 creates.
+ # The command line argument --nodevsync takes precedence over this setting.
+ # If set to 1 when udev is not running, and there are LVM2 processes
+ # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up.
+ udev_sync = 1
+
+ # Set to 0 to disable the udev rules installed by LVM2 (if built with
+ # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks
+ # for active logical volumes directly itself.
+ # N.B. Manual intervention may be required if this setting is changed
+ # while any logical volumes are active.
+ udev_rules = 1
+
+ # Set to 1 for LVM2 to verify operations performed by udev. This turns on
+ # additional checks (and if necessary, repairs) on entries in the device
+ # directory after udev has completed processing its events.
+ # Useful for diagnosing problems with LVM2/udev interactions.
+ verify_udev_operations = 0
+
+ # If set to 1 and if deactivation of an LV fails, perhaps because
+ # a process run from a quick udev rule temporarily opened the device,
+ # retry the operation for a few seconds before failing.
+ retry_deactivation = 1
+
+ # How to fill in missing stripes if activating an incomplete volume.
+ # Using "error" will make inaccessible parts of the device return
+ # I/O errors on access. You can instead use a device path, in which
+ # case, that device will be used to in place of missing stripes.
+ # But note that using anything other than "error" with mirrored
+ # or snapshotted volumes is likely to result in data corruption.
+ missing_stripe_filler = "error"
+
+ # The linear target is an optimised version of the striped target
+ # that only handles a single stripe. Set this to 0 to disable this
+ # optimisation and always use the striped target.
+ use_linear_target = 1
+
+ # How much stack (in KB) to reserve for use while devices suspended
+ # Prior to version 2.02.89 this used to be set to 256KB
+ reserved_stack = 64
+
+ # How much memory (in KB) to reserve for use while devices suspended
+ reserved_memory = 8192
+
+ # Nice value used while devices suspended
+ process_priority = -18
+
+ # If volume_list is defined, each LV is only activated if there is a
+ # match against the list.
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # If any host tags exist but volume_list is not defined, a default
+ # single-entry list containing "@*" is assumed.
+ #
+ # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # If auto_activation_volume_list is defined, each LV that is to be
+ # activated with the autoactivation option (--activate ay/-a ay) is
+ # first checked against the list. There are two scenarios in which
+ # the autoactivation option is used:
+ #
+ # - automatic activation of volumes based on incoming PVs. If all the
+ # PVs making up a VG are present in the system, the autoactivation
+ # is triggered. This requires lvmetad (global/use_lvmetad=1) and udev
+ # to be running. In this case, "pvscan --cache -aay" is called
+ # automatically without any user intervention while processing
+ # udev events. Please, make sure you define auto_activation_volume_list
+ # properly so only the volumes you want and expect are autoactivated.
+ #
+ # - direct activation on command line with the autoactivation option.
+ # In this case, the user calls "vgchange --activate ay/-a ay" or
+ # "lvchange --activate ay/-a ay" directly.
+ #
+ # By default, the auto_activation_volume_list is not defined and all
+ # volumes will be activated either automatically or by using --activate ay/-a ay.
+ #
+ # N.B. The "activation/volume_list" is still honoured in all cases so even
+ # if the VG/LV passes the auto_activation_volume_list, it still needs to
+ # pass the volume_list for it to be activated in the end.
+
+ # If auto_activation_volume_list is defined but empty, no volumes will be
+ # activated automatically and --activate ay/-a ay will do nothing.
+ #
+ # auto_activation_volume_list = []
+
+ # If auto_activation_volume_list is defined and it's not empty, only matching
+ # volumes will be activated either automatically or by using --activate ay/-a ay.
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # If read_only_volume_list is defined, each LV that is to be activated
+ # is checked against the list, and if it matches, it as activated
+ # in read-only mode. (This overrides '--permission rw' stored in the
+ # metadata.)
+ #
+ # "vgname" and "vgname/lvname" are matched exactly.
+ # "@tag" matches any tag set in the LV or VG.
+ # "@*" matches if any tag defined on the host is also set in the LV or VG
+ #
+ # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
+
+ # Each LV can have an 'activation skip' flag stored persistently against it.
+ # During activation, this flag is used to decide whether such an LV is skipped.
+ # The 'activation skip' flag can be set during LV creation and by default it
+ # is automatically set for thin snapshot LVs. The 'auto_set_activation_skip'
+ # enables or disables this automatic setting of the flag while LVs are created.
+ # auto_set_activation_skip = 1
+
+ # For RAID or 'mirror' segment types, 'raid_region_size' is the
+ # size (in KiB) of each:
+ # - synchronization operation when initializing
+ # - each copy operation when performing a 'pvmove' (using 'mirror' segtype)
+ # This setting has replaced 'mirror_region_size' since version 2.02.99
+ raid_region_size = 512
+
+ # Setting to use when there is no readahead value stored in the metadata.
+ #
+ # "none" - Disable readahead.
+ # "auto" - Use default value chosen by kernel.
+ readahead = "auto"
+
+ # 'raid_fault_policy' defines how a device failure in a RAID logical
+ # volume is handled. This includes logical volumes that have the following
+ # segment types: raid1, raid4, raid5*, and raid6*.
+ #
+ # In the event of a failure, the following policies will determine what
+ # actions are performed during the automated response to failures (when
+ # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is
+ # called manually with the options '--repair' and '--use-policies'.
+ #
+ # "warn" - Use the system log to warn the user that a device in the RAID
+ # logical volume has failed. It is left to the user to run
+ # 'lvconvert --repair' manually to remove or replace the failed
+ # device. As long as the number of failed devices does not
+ # exceed the redundancy of the logical volume (1 device for
+ # raid4/5, 2 for raid6, etc) the logical volume will remain
+ # usable.
+ #
+ # "allocate" - Attempt to use any extra physical volumes in the volume
+ # group as spares and replace faulty devices.
+ #
+ raid_fault_policy = "warn"
+
+ # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define
+ # how a device failure affecting a mirror (of "mirror" segment type) is
+ # handled. A mirror is composed of mirror images (copies) and a log.
+ # A disk log ensures that a mirror does not need to be re-synced
+ # (all copies made the same) every time a machine reboots or crashes.
+ #
+ # In the event of a failure, the specified policy will be used to determine
+ # what happens. This applies to automatic repairs (when the mirror is being
+ # monitored by dmeventd) and to manual lvconvert --repair when
+ # --use-policies is given.
+ #
+ # "remove" - Simply remove the faulty device and run without it. If
+ # the log device fails, the mirror would convert to using
+ # an in-memory log. This means the mirror will not
+ # remember its sync status across crashes/reboots and
+ # the entire mirror will be re-synced. If a
+ # mirror image fails, the mirror will convert to a
+ # non-mirrored device if there is only one remaining good
+ # copy.
+ #
+ # "allocate" - Remove the faulty device and try to allocate space on
+ # a new device to be a replacement for the failed device.
+ # Using this policy for the log is fast and maintains the
+ # ability to remember sync state through crashes/reboots.
+ # Using this policy for a mirror device is slow, as it
+ # requires the mirror to resynchronize the devices, but it
+ # will preserve the mirror characteristic of the device.
+ # This policy acts like "remove" if no suitable device and
+ # space can be allocated for the replacement.
+ #
+ # "allocate_anywhere" - Not yet implemented. Useful to place the log device
+ # temporarily on same physical volume as one of the mirror
+ # images. This policy is not recommended for mirror devices
+ # since it would break the redundant nature of the mirror. This
+ # policy acts like "remove" if no suitable device and space can
+ # be allocated for the replacement.
+
+ mirror_log_fault_policy = "allocate"
+ mirror_image_fault_policy = "remove"
+
+ # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define
+ # how to handle automatic snapshot extension. The former defines when the
+ # snapshot should be extended: when its space usage exceeds this many
+ # percent. The latter defines how much extra space should be allocated for
+ # the snapshot, in percent of its current size.
+ #
+ # For example, if you set snapshot_autoextend_threshold to 70 and
+ # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage,
+ # it will be extended by another 20%. For a 1G snapshot, using up 700M will
+ # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will
+ # be extended to 1.44G, and so on.
+ #
+ # Setting snapshot_autoextend_threshold to 100 disables automatic
+ # extensions. The minimum value is 50 (A setting below 50 will be treated
+ # as 50).
+
+ snapshot_autoextend_threshold = 100
+ snapshot_autoextend_percent = 20
+
+ # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define
+ # how to handle automatic pool extension. The former defines when the
+ # pool should be extended: when its space usage exceeds this many
+ # percent. The latter defines how much extra space should be allocated for
+ # the pool, in percent of its current size.
+ #
+ # For example, if you set thin_pool_autoextend_threshold to 70 and
+ # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage,
+ # it will be extended by another 20%. For a 1G pool, using up 700M will
+ # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will
+ # be extended to 1.44G, and so on.
+ #
+ # Setting thin_pool_autoextend_threshold to 100 disables automatic
+ # extensions. The minimum value is 50 (A setting below 50 will be treated
+ # as 50).
+
+ thin_pool_autoextend_threshold = 100
+ thin_pool_autoextend_percent = 20
+
+ # While activating devices, I/O to devices being (re)configured is
+ # suspended, and as a precaution against deadlocks, LVM2 needs to pin
+ # any memory it is using so it is not paged out. Groups of pages that
+ # are known not to be accessed during activation need not be pinned
+ # into memory. Each string listed in this setting is compared against
+ # each line in /proc/self/maps, and the pages corresponding to any
+ # lines that match are not pinned. On some systems locale-archive was
+ # found to make up over 80% of the memory used by the process.
+ # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ]
+
+ # Set to 1 to revert to the default behaviour prior to version 2.02.62
+ # which used mlockall() to pin the whole process's memory while activating
+ # devices.
+ use_mlockall = 0
+
+ # Monitoring is enabled by default when activating logical volumes.
+ # Set to 0 to disable monitoring or use the --ignoremonitoring option.
+ monitoring = 1
+
+ # When pvmove or lvconvert must wait for the kernel to finish
+ # synchronising or merging data, they check and report progress
+ # at intervals of this number of seconds. The default is 15 seconds.
+ # If this is set to 0 and there is only one thing to wait for, there
+ # are no progress reports, but the process is awoken immediately the
+ # operation is complete.
+ polling_interval = 15
+
+ # 'activation_mode' determines how Logical Volumes are activated if
+ # any devices are missing. Possible settings are:
+ #
+ # "complete" - Only allow activation of an LV if all of the Physical
+ # Volumes it uses are present. Other PVs in the Volume
+ # Group may be missing.
+ #
+ # "degraded" - Like "complete", but additionally RAID Logical Volumes of
+ # segment type raid1, raid4, raid5, radid6 and raid10 will
+ # be activated if there is no data loss, i.e. they have
+ # sufficient redundancy to present the entire addressable
+ # range of the Logical Volume.
+ #
+ # "partial" - Allows the activation of any Logical Volume even if
+ # a missing or failed PV could cause data loss with a
+ # portion of the Logical Volume inaccessible.
+ # This setting should not normally be used, but may
+ # sometimes assist with data recovery.
+ #
+ # This setting was introduced in LVM version 2.02.108. It corresponds
+ # with the '--activationmode' option for lvchange and vgchange.
+ activation_mode = "degraded"
+}
+
+# Report settings.
+#
+# report {
+ # Align columns on report output.
+ # aligned=1
+
+ # When buffered reporting is used, the report's content is appended
+ # incrementally to include each object being reported until the report
+ # is flushed to output which normally happens at the end of command
+ # execution. Otherwise, if buffering is not used, each object is
+ # reported as soon as its processing is finished.
+ # buffered=1
+
+ # Show headings for columns on report.
+ # headings=1
+
+ # A separator to use on report after each field.
+ # separator=" "
+
+ # A separator to use for list items when reported.
+ # list_item_separator=","
+
+ # Use a field name prefix for each field reported.
+ # prefixes=0
+
+ # Quote field values when using field name prefixes.
+ # quoted=1
+
+ # Output each column as a row. If set, this also implies report/prefixes=1.
+ # colums_as_rows=0
+
+ # Use binary values "0" or "1" instead of descriptive literal values for
+ # columns that have exactly two valid values to report (not counting the
+ # "unknown" value which denotes that the value could not be determined).
+ #
+ # binary_values_as_numeric = 0
+
+ # Comma separated list of columns to sort by when reporting 'lvm devtypes' command.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_sort="devtype_name"
+
+ # Comma separated list of columns to report for 'lvm devtypes' command.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_cols="devtype_name,devtype_max_partitions,devtype_description"
+
+ # Comma separated list of columns to report for 'lvm devtypes' command in verbose mode.
+ # See 'lvm devtypes -o help' for the list of possible fields.
+ # devtypes_cols_verbose="devtype_name,devtype_max_partitions,devtype_description"
+
+ # Comma separated list of columns to sort by when reporting 'lvs' command.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_sort="vg_name,lv_name"
+
+ # Comma separated list of columns to report for 'lvs' command.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_cols="lv_name,vg_name,lv_attr,lv_size,pool_lv,origin,data_percent,metadata_percent,move_pv,mirror_log,copy_percent,convert_lv"
+
+ # Comma separated list of columns to report for 'lvs' command in verbose mode.
+ # See 'lvs -o help' for the list of possible fields.
+ # lvs_cols_verbose="lv_name,vg_name,seg_count,lv_attr,lv_size,lv_major,lv_minor,lv_kernel_major,lv_kernel_minor,pool_lv,origin,data_percent,metadata_percent,move_pv,copy_percent,mirror_log,convert
+
+ # Comma separated list of columns to sort by when reporting 'vgs' command.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_sort="vg_name"
+
+ # Comma separated list of columns to report for 'vgs' command.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_cols="vg_name,pv_count,lv_count,snap_count,vg_attr,vg_size,vg_free"
+
+ # Comma separated list of columns to report for 'vgs' command in verbose mode.
+ # See 'vgs -o help' for the list of possible fields.
+ # vgs_cols_verbose="vg_name,vg_attr,vg_extent_size,pv_count,lv_count,snap_count,vg_size,vg_free,vg_uuid,vg_profile"
+
+ # Comma separated list of columns to sort by when reporting 'pvs' command.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_sort="pv_name"
+
+ # Comma separated list of columns to report for 'pvs' command.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free"
+
+ # Comma separated list of columns to report for 'pvs' command in verbose mode.
+ # See 'pvs -o help' for the list of possible fields.
+ # pvs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,dev_size,pv_uuid"
+
+ # Comma separated list of columns to sort by when reporting 'lvs --segments' command.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_sort="vg_name,lv_name,seg_start"
+
+ # Comma separated list of columns to report for 'lvs --segments' command.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_cols="lv_name,vg_name,lv_attr,stripes,segtype,seg_size"
+
+ # Comma separated list of columns to report for 'lvs --segments' command in verbose mode.
+ # See 'lvs --segments -o help' for the list of possible fields.
+ # segs_cols_verbose="lv_name,vg_name,lv_attr,seg_start,seg_size,stripes,segtype,stripesize,chunksize"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_sort="pv_name,pvseg_start"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size"
+
+ # Comma separated list of columns to sort by when reporting 'pvs --segments' command in verbose mode.
+ # See 'pvs --segments -o help' for the list of possible fields.
+ # pvsegs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size,lv_name,seg_start_pe,segtype,seg_pe_ranges"
+#}
+
+####################
+# Advanced section #
+####################
+
+# Metadata settings
+#
+# metadata {
+ # Default number of copies of metadata to hold on each PV. 0, 1 or 2.
+ # You might want to override it from the command line with 0
+ # when running pvcreate on new PVs which are to be added to large VGs.
+
+ # pvmetadatacopies = 1
+
+ # Default number of copies of metadata to maintain for each VG.
+ # If set to a non-zero value, LVM automatically chooses which of
+ # the available metadata areas to use to achieve the requested
+ # number of copies of the VG metadata. If you set a value larger
+ # than the the total number of metadata areas available then
+ # metadata is stored in them all.
+ # The default value of 0 ("unmanaged") disables this automatic
+ # management and allows you to control which metadata areas
+ # are used at the individual PV level using 'pvchange
+ # --metadataignore y/n'.
+
+ # vgmetadatacopies = 0
+
+ # Approximate default size of on-disk metadata areas in sectors.
+ # You should increase this if you have large volume groups or
+ # you want to retain a large on-disk history of your metadata changes.
+
+ # pvmetadatasize = 255
+
+ # List of directories holding live copies of text format metadata.
+ # These directories must not be on logical volumes!
+ # It's possible to use LVM2 with a couple of directories here,
+ # preferably on different (non-LV) filesystems, and with no other
+ # on-disk metadata (pvmetadatacopies = 0). Or this can be in
+ # addition to on-disk metadata areas.
+ # The feature was originally added to simplify testing and is not
+ # supported under low memory situations - the machine could lock up.
+ #
+ # Never edit any files in these directories by hand unless you
+ # you are absolutely sure you know what you are doing! Use
+ # the supplied toolset to make changes (e.g. vgcfgrestore).
+
+ # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ]
+#}
+
+# Event daemon
+#
+dmeventd {
+ # mirror_library is the library used when monitoring a mirror device.
+ #
+ # "libdevmapper-event-lvm2mirror.so" attempts to recover from
+ # failures. It removes failed devices from a volume group and
+ # reconfigures a mirror as necessary. If no mirror library is
+ # provided, mirrors are not monitored through dmeventd.
+
+ mirror_library = "libdevmapper-event-lvm2mirror.so"
+
+ # snapshot_library is the library used when monitoring a snapshot device.
+ #
+ # "libdevmapper-event-lvm2snapshot.so" monitors the filling of
+ # snapshots and emits a warning through syslog when the use of
+ # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and
+ # 95% of the snapshot is filled.
+
+ snapshot_library = "libdevmapper-event-lvm2snapshot.so"
+
+ # thin_library is the library used when monitoring a thin device.
+ #
+ # "libdevmapper-event-lvm2thin.so" monitors the filling of
+ # pool and emits a warning through syslog when the use of
+ # the pool exceeds 80%. The warning is repeated when 85%, 90% and
+ # 95% of the pool is filled.
+
+ thin_library = "libdevmapper-event-lvm2thin.so"
+
+ # Full path of the dmeventd binary.
+ #
+ # executable = "/sbin/dmeventd"
+}
--- /dev/null
+cad1358d5a2d4cf7915dd78a2071b53d
--- /dev/null
+# Magic local data for file(1) command.
+# Insert here your local magic data. Format is described in magic(5).
+
--- /dev/null
+# Magic local data for file(1) command.
+# Insert here your local magic data. Format is described in magic(5).
+
--- /dev/null
+../spamassassin
\ No newline at end of file
--- /dev/null
+###############################################################################
+#
+# MIME media types and programs that process those types
+#
+# Much of this file is generated automatically by the program "update-mime".
+# Please see the "update-mime" man page for more information.
+#
+# Users can add their own rules if they wish by creating a ".mailcap"
+# file in their home directory. Entries included there will take
+# precedence over those listed here.
+#
+###############################################################################
+
+
+###############################################################################
+#
+# User section follows: Any entries included in this section will take
+# precedence over those created by "update-mime". DO NOT CHANGE the
+# "User Section Begins" and "User Section Ends" lines, or anything outside
+# of this section!
+#
+
+# ----- User Section Begins ----- #
+# ----- User Section Ends ----- #
+
+###############################################################################
+
+text/plain; less '%s'; needsterminal
+application/x-troff-man; /usr/bin/man -X100 -l '%s'; test=test -n "$DISPLAY" -a -e /usr/bin/gxditview; description=Man page
+text/troff; /usr/bin/man -X100 -l '%s'; test=test -n "$DISPLAY" -a -e /usr/bin/gxditview; description=Man page
+application/x-troff-man; /usr/bin/man -l '%s'; needsterminal; description=Man page
+text/troff; /usr/bin/man -l '%s'; needsterminal; description=Man page
+text/html; /usr/bin/sensible-browser %s; description=HTML Text; nametemplate=%s.html
+application/x-troff-man; /usr/bin/nroff -mandoc -Tutf8; copiousoutput; print=/usr/bin/nroff -mandoc -Tutf8 | print text/plain:-
+text/plain; more %s; needsterminal
+text/plain; vim %s; needsterminal
+text/plain; view %s; edit=vim %s; compose=vim %s; test=test -x /usr/bin/vim; needsterminal
+application/zip; unzip -l %s; nametemplate=%s.zip; copiousoutput
+text/plain; view %s; edit=vi %s; compose=vi %s; needsterminal
+application/x-troff-man; /usr/bin/man -Tascii -l '%s' | col -b; copiousoutput; description=Man page
+text/troff; /usr/bin/man -Tascii -l '%s' | col -b; copiousoutput; description=Man page
+text/*; less '%s'; needsterminal
+text/*; view %s; edit=vim %s; compose=vim %s; test=test -x /usr/bin/vim; needsterminal
+application/x-tar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+application/x-gtar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+application/x-ustar; /bin/tar tvf '%s'; print=/bin/tar tvf - | print text/plain:-; copiousoutput
+text/*; more %s; needsterminal
+text/*; view %s; edit=vi %s; compose=vi %s; needsterminal
+application/vnd.debian.binary-package; /usr/lib/mime/debian-view %s; needsterminal; description=Debian GNU/Linux Package; nametemplate=%s.deb
--- /dev/null
+###############################################################################
+#
+# Mailcap.order: This file allows a system-wide override of MIME program
+# preferences. See the mailcap.order(5) man page for more information.
+#
+# After modifying this file, be sure to run /usr/sbin/update-mime (as root)
+# to propagate the changes into the /etc/mailcap file.
+#
+################################################################################
+
--- /dev/null
+sarah.uhu-banane.de
--- /dev/null
+# manpath.config
+#
+# This file is used by the man-db package to configure the man and cat paths.
+# It is also used to provide a manpath for those without one by examining
+# their PATH environment variable. For details see the manpath(5) man page.
+#
+# Lines beginning with `#' are comments and are ignored. Any combination of
+# tabs or spaces may be used as `whitespace' separators.
+#
+# There are three mappings allowed in this file:
+# --------------------------------------------------------
+# MANDATORY_MANPATH manpath_element
+# MANPATH_MAP path_element manpath_element
+# MANDB_MAP global_manpath [relative_catpath]
+#---------------------------------------------------------
+# every automatically generated MANPATH includes these fields
+#
+#MANDATORY_MANPATH /usr/src/pvm3/man
+#
+MANDATORY_MANPATH /usr/man
+MANDATORY_MANPATH /usr/share/man
+MANDATORY_MANPATH /usr/local/share/man
+#---------------------------------------------------------
+# set up PATH to MANPATH mapping
+# ie. what man tree holds man pages for what binary directory.
+#
+# *PATH* -> *MANPATH*
+#
+MANPATH_MAP /bin /usr/share/man
+MANPATH_MAP /usr/bin /usr/share/man
+MANPATH_MAP /sbin /usr/share/man
+MANPATH_MAP /usr/sbin /usr/share/man
+MANPATH_MAP /usr/local/bin /usr/local/man
+MANPATH_MAP /usr/local/bin /usr/local/share/man
+MANPATH_MAP /usr/local/sbin /usr/local/man
+MANPATH_MAP /usr/local/sbin /usr/local/share/man
+MANPATH_MAP /usr/X11R6/bin /usr/X11R6/man
+MANPATH_MAP /usr/bin/X11 /usr/X11R6/man
+MANPATH_MAP /usr/games /usr/share/man
+MANPATH_MAP /opt/bin /opt/man
+MANPATH_MAP /opt/sbin /opt/man
+#---------------------------------------------------------
+# For a manpath element to be treated as a system manpath (as most of those
+# above should normally be), it must be mentioned below. Each line may have
+# an optional extra string indicating the catpath associated with the
+# manpath. If no catpath string is used, the catpath will default to the
+# given manpath.
+#
+# You *must* provide all system manpaths, including manpaths for alternate
+# operating systems, locale specific manpaths, and combinations of both, if
+# they exist, otherwise the permissions of the user running man/mandb will
+# be used to manipulate the manual pages. Also, mandb will not initialise
+# the database cache for any manpaths not mentioned below unless explicitly
+# requested to do so.
+#
+# In a per-user configuration file, this directive only controls the
+# location of catpaths and the creation of database caches; it has no effect
+# on privileges.
+#
+# Any manpaths that are subdirectories of other manpaths must be mentioned
+# *before* the containing manpath. E.g. /usr/man/preformat must be listed
+# before /usr/man.
+#
+# *MANPATH* -> *CATPATH*
+#
+MANDB_MAP /usr/man /var/cache/man/fsstnd
+MANDB_MAP /usr/share/man /var/cache/man
+MANDB_MAP /usr/local/man /var/cache/man/oldlocal
+MANDB_MAP /usr/local/share/man /var/cache/man/local
+MANDB_MAP /usr/X11R6/man /var/cache/man/X11R6
+MANDB_MAP /opt/man /var/cache/man/opt
+#
+#---------------------------------------------------------
+# Program definitions. These are commented out by default as the value
+# of the definition is already the default. To change: uncomment a
+# definition and modify it.
+#
+#DEFINE pager pager -s
+#DEFINE cat cat
+#DEFINE tr tr '\255\267\264\327' '\055\157\047\170'
+#DEFINE grep grep
+#DEFINE troff groff -mandoc
+#DEFINE nroff nroff -mandoc
+#DEFINE eqn eqn
+#DEFINE neqn neqn
+#DEFINE tbl tbl
+#DEFINE col col
+#DEFINE vgrind vgrind
+#DEFINE refer refer
+#DEFINE grap grap
+#DEFINE pic pic -S
+#
+#DEFINE compressor gzip -c7
+#---------------------------------------------------------
+# Misc definitions: same as program definitions above.
+#
+#DEFINE whatis_grep_flags -i
+#DEFINE apropos_grep_flags -iEw
+#DEFINE apropos_regex_grep_flags -iE
+#---------------------------------------------------------
+# Section names. Manual sections will be searched in the order listed here;
+# the default is 1, n, l, 8, 3, 0, 2, 5, 4, 9, 6, 7. Multiple SECTION
+# directives may be given for clarity, and will be concatenated together in
+# the expected way.
+# If a particular extension is not in this list (say, 1mh), it will be
+# displayed with the rest of the section it belongs to. The effect of this
+# is that you only need to explicitly list extensions if you want to force a
+# particular order. Sections with extensions should usually be adjacent to
+# their main section (e.g. "1 1mh 8 ...").
+#
+SECTION 1 n l 8 3 2 3posix 3pm 3perl 5 4 9 6 7
+#
+#---------------------------------------------------------
+# Range of terminal widths permitted when displaying cat pages. If the
+# terminal falls outside this range, cat pages will not be created (if
+# missing) or displayed.
+#
+#MINCATWIDTH 80
+#MAXCATWIDTH 80
+#
+# If CATWIDTH is set to a non-zero number, cat pages will always be
+# formatted for a terminal of the given width, regardless of the width of
+# the terminal actually being used. This should generally be within the
+# range set by MINCATWIDTH and MAXCATWIDTH.
+#
+#CATWIDTH 0
+#
+#---------------------------------------------------------
+# Flags.
+# NOCACHE keeps man from creating cat pages.
+#NOCACHE
--- /dev/null
+###############################################################################
+#
+# MIME media types and the extensions that represent them.
+#
+# The format of this file is a media type on the left and zero or more
+# filename extensions on the right. Programs using this file will map
+# files ending with those extensions to the associated type.
+#
+# This file is part of the "mime-support" package. Please report a bug using
+# the "reportbug" command of the "reportbug" package if you would like new
+# types or extensions to be added.
+#
+# The reason that all types are managed by the mime-support package instead
+# allowing individual packages to install types in much the same way as they
+# add entries in to the mailcap file is so these types can be referenced by
+# other programs (such as a web server) even if the specific support package
+# for that type is not installed.
+#
+# Users can add their own types if they wish by creating a ".mime.types"
+# file in their home directory. Definitions included there will take
+# precedence over those listed here.
+#
+###############################################################################
+
+
+application/activemessage
+application/andrew-inset ez
+application/annodex anx
+application/applefile
+application/atom+xml atom
+application/atomcat+xml atomcat
+application/atomicmail
+application/atomserv+xml atomsrv
+application/batch-SMTP
+application/bbolin lin
+application/beep+xml
+application/cals-1840
+application/commonground
+application/cu-seeme cu
+application/cybercash
+application/davmount+xml davmount
+application/dca-rft
+application/dec-dx
+application/dicom dcm
+application/docbook+xml
+application/dsptype tsp
+application/dvcs
+application/ecmascript es
+application/edi-consent
+application/edi-x12
+application/edifact
+application/eshop
+application/font-sfnt otf ttf
+application/font-tdpfr pfr
+application/font-woff woff
+application/futuresplash spl
+application/ghostview
+application/gzip gz
+application/hta hta
+application/http
+application/hyperstudio
+application/iges
+application/index
+application/index.cmd
+application/index.obj
+application/index.response
+application/index.vnd
+application/iotp
+application/ipp
+application/isup
+application/java-archive jar
+application/java-serialized-object ser
+application/java-vm class
+application/javascript js
+application/json json
+application/m3g m3g
+application/mac-binhex40 hqx
+application/mac-compactpro cpt
+application/macwriteii
+application/marc
+application/mathematica nb nbp
+application/mbox mbox
+application/ms-tnef
+application/msaccess mdb
+application/msword doc dot
+application/mxf mxf
+application/news-message-id
+application/news-transmission
+application/ocsp-request
+application/ocsp-response
+application/octet-stream bin
+application/oda oda
+application/oebps-package+xml opf
+application/ogg ogx
+application/onenote one onetoc2 onetmp onepkg
+application/parityfec
+application/pdf pdf
+application/pgp-encrypted pgp
+application/pgp-keys key
+application/pgp-signature sig
+application/pics-rules prf
+application/pkcs10
+application/pkcs7-mime
+application/pkcs7-signature
+application/pkix-cert
+application/pkix-crl
+application/pkixcmp
+application/postscript ps ai eps epsi epsf eps2 eps3
+application/prs.alvestrand.titrax-sheet
+application/prs.cww
+application/prs.nprend
+application/qsig
+application/rar rar
+application/rdf+xml rdf
+application/remote-printing
+application/riscos
+application/rtf rtf
+application/sdp
+application/set-payment
+application/set-payment-initiation
+application/set-registration
+application/set-registration-initiation
+application/sgml
+application/sgml-open-catalog
+application/sieve
+application/sla stl
+application/slate
+application/smil+xml smi smil
+application/timestamp-query
+application/timestamp-reply
+application/vemmi
+application/whoispp-query
+application/whoispp-response
+application/wita
+application/x400-bp
+application/xhtml+xml xhtml xht
+application/xml xml xsd
+application/xml-dtd
+application/xml-external-parsed-entity
+application/xslt+xml xsl xslt
+application/xspf+xml xspf
+application/zip zip
+application/vnd.3M.Post-it-Notes
+application/vnd.accpac.simply.aso
+application/vnd.accpac.simply.imp
+application/vnd.acucobol
+application/vnd.aether.imp
+application/vnd.android.package-archive apk
+application/vnd.anser-web-certificate-issue-initiation
+application/vnd.anser-web-funds-transfer-initiation
+application/vnd.audiograph
+application/vnd.bmi
+application/vnd.businessobjects
+application/vnd.canon-cpdl
+application/vnd.canon-lips
+application/vnd.cinderella cdy
+application/vnd.claymore
+application/vnd.commerce-battelle
+application/vnd.commonspace
+application/vnd.comsocaller
+application/vnd.contact.cmsg
+application/vnd.cosmocaller
+application/vnd.ctc-posml
+application/vnd.cups-postscript
+application/vnd.cups-raster
+application/vnd.cups-raw
+application/vnd.cybank
+application/vnd.debian.binary-package deb ddeb udeb
+application/vnd.dna
+application/vnd.dpgraph
+application/vnd.dxr
+application/vnd.ecdis-update
+application/vnd.ecowin.chart
+application/vnd.ecowin.filerequest
+application/vnd.ecowin.fileupdate
+application/vnd.ecowin.series
+application/vnd.ecowin.seriesrequest
+application/vnd.ecowin.seriesupdate
+application/vnd.enliven
+application/vnd.epson.esf
+application/vnd.epson.msf
+application/vnd.epson.quickanime
+application/vnd.epson.salt
+application/vnd.epson.ssf
+application/vnd.ericsson.quickcall
+application/vnd.eudora.data
+application/vnd.fdf
+application/vnd.ffsns
+application/vnd.flographit
+application/vnd.font-fontforge-sfd sfd
+application/vnd.framemaker
+application/vnd.fsc.weblaunch
+application/vnd.fujitsu.oasys
+application/vnd.fujitsu.oasys2
+application/vnd.fujitsu.oasys3
+application/vnd.fujitsu.oasysgp
+application/vnd.fujitsu.oasysprs
+application/vnd.fujixerox.ddd
+application/vnd.fujixerox.docuworks
+application/vnd.fujixerox.docuworks.binder
+application/vnd.fut-misnet
+application/vnd.google-earth.kml+xml kml
+application/vnd.google-earth.kmz kmz
+application/vnd.grafeq
+application/vnd.groove-account
+application/vnd.groove-identity-message
+application/vnd.groove-injector
+application/vnd.groove-tool-message
+application/vnd.groove-tool-template
+application/vnd.groove-vcard
+application/vnd.hhe.lesson-player
+application/vnd.hp-HPGL
+application/vnd.hp-PCL
+application/vnd.hp-PCLXL
+application/vnd.hp-hpid
+application/vnd.hp-hps
+application/vnd.httphone
+application/vnd.hzn-3d-crossword
+application/vnd.ibm.MiniPay
+application/vnd.ibm.afplinedata
+application/vnd.ibm.modcap
+application/vnd.informix-visionary
+application/vnd.intercon.formnet
+application/vnd.intertrust.digibox
+application/vnd.intertrust.nncp
+application/vnd.intu.qbo
+application/vnd.intu.qfx
+application/vnd.irepository.package+xml
+application/vnd.is-xpr
+application/vnd.japannet-directory-service
+application/vnd.japannet-jpnstore-wakeup
+application/vnd.japannet-payment-wakeup
+application/vnd.japannet-registration
+application/vnd.japannet-registration-wakeup
+application/vnd.japannet-setstore-wakeup
+application/vnd.japannet-verification
+application/vnd.japannet-verification-wakeup
+application/vnd.koan
+application/vnd.lotus-1-2-3
+application/vnd.lotus-approach
+application/vnd.lotus-freelance
+application/vnd.lotus-notes
+application/vnd.lotus-organizer
+application/vnd.lotus-screencam
+application/vnd.lotus-wordpro
+application/vnd.mcd
+application/vnd.mediastation.cdkey
+application/vnd.meridian-slingshot
+application/vnd.mif
+application/vnd.minisoft-hp3000-save
+application/vnd.mitsubishi.misty-guard.trustweb
+application/vnd.mobius.daf
+application/vnd.mobius.dis
+application/vnd.mobius.msl
+application/vnd.mobius.plc
+application/vnd.mobius.txf
+application/vnd.motorola.flexsuite
+application/vnd.motorola.flexsuite.adsi
+application/vnd.motorola.flexsuite.fis
+application/vnd.motorola.flexsuite.gotap
+application/vnd.motorola.flexsuite.kmr
+application/vnd.motorola.flexsuite.ttc
+application/vnd.motorola.flexsuite.wem
+application/vnd.mozilla.xul+xml xul
+application/vnd.ms-artgalry
+application/vnd.ms-asf
+application/vnd.ms-excel xls xlb xlt
+application/vnd.ms-excel.addin.macroEnabled.12 xlam
+application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
+application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
+application/vnd.ms-excel.template.macroEnabled.12 xltm
+application/vnd.ms-fontobject eot
+application/vnd.ms-lrm
+application/vnd.ms-officetheme thmx
+application/vnd.ms-pki.seccat cat
+#application/vnd.ms-pki.stl stl
+application/vnd.ms-powerpoint ppt pps
+application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
+application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
+application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm
+application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
+application/vnd.ms-powerpoint.template.macroEnabled.12 potm
+application/vnd.ms-project
+application/vnd.ms-tnef
+application/vnd.ms-word.document.macroEnabled.12 docm
+application/vnd.ms-word.template.macroEnabled.12 dotm
+application/vnd.ms-works
+application/vnd.mseq
+application/vnd.msign
+application/vnd.music-niff
+application/vnd.musician
+application/vnd.netfpx
+application/vnd.noblenet-directory
+application/vnd.noblenet-sealer
+application/vnd.noblenet-web
+application/vnd.novadigm.EDM
+application/vnd.novadigm.EDX
+application/vnd.novadigm.EXT
+application/vnd.oasis.opendocument.chart odc
+application/vnd.oasis.opendocument.database odb
+application/vnd.oasis.opendocument.formula odf
+application/vnd.oasis.opendocument.graphics odg
+application/vnd.oasis.opendocument.graphics-template otg
+application/vnd.oasis.opendocument.image odi
+application/vnd.oasis.opendocument.presentation odp
+application/vnd.oasis.opendocument.presentation-template otp
+application/vnd.oasis.opendocument.spreadsheet ods
+application/vnd.oasis.opendocument.spreadsheet-template ots
+application/vnd.oasis.opendocument.text odt
+application/vnd.oasis.opendocument.text-master odm
+application/vnd.oasis.opendocument.text-template ott
+application/vnd.oasis.opendocument.text-web oth
+application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
+application/vnd.openxmlformats-officedocument.presentationml.slide sldx
+application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
+application/vnd.openxmlformats-officedocument.presentationml.template potx
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
+application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
+application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
+application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
+application/vnd.osa.netdeploy
+application/vnd.palm
+application/vnd.pg.format
+application/vnd.pg.osasli
+application/vnd.powerbuilder6
+application/vnd.powerbuilder6-s
+application/vnd.powerbuilder7
+application/vnd.powerbuilder7-s
+application/vnd.powerbuilder75
+application/vnd.powerbuilder75-s
+application/vnd.previewsystems.box
+application/vnd.publishare-delta-tree
+application/vnd.pvi.ptid1
+application/vnd.pwg-xhtml-print+xml
+application/vnd.rapid
+application/vnd.rim.cod cod
+application/vnd.s3sms
+application/vnd.seemail
+application/vnd.shana.informed.formdata
+application/vnd.shana.informed.formtemplate
+application/vnd.shana.informed.interchange
+application/vnd.shana.informed.package
+application/vnd.smaf mmf
+application/vnd.sss-cod
+application/vnd.sss-dtf
+application/vnd.sss-ntf
+application/vnd.stardivision.calc sdc
+application/vnd.stardivision.chart sds
+application/vnd.stardivision.draw sda
+application/vnd.stardivision.impress sdd
+application/vnd.stardivision.math sdf
+application/vnd.stardivision.writer sdw
+application/vnd.stardivision.writer-global sgl
+application/vnd.street-stream
+application/vnd.sun.xml.calc sxc
+application/vnd.sun.xml.calc.template stc
+application/vnd.sun.xml.draw sxd
+application/vnd.sun.xml.draw.template std
+application/vnd.sun.xml.impress sxi
+application/vnd.sun.xml.impress.template sti
+application/vnd.sun.xml.math sxm
+application/vnd.sun.xml.writer sxw
+application/vnd.sun.xml.writer.global sxg
+application/vnd.sun.xml.writer.template stw
+application/vnd.svd
+application/vnd.swiftview-ics
+application/vnd.symbian.install sis
+application/vnd.tcpdump.pcap cap pcap
+application/vnd.triscape.mxs
+application/vnd.trueapp
+application/vnd.truedoc
+application/vnd.tve-trigger
+application/vnd.ufdl
+application/vnd.uplanet.alert
+application/vnd.uplanet.alert-wbxml
+application/vnd.uplanet.bearer-choice
+application/vnd.uplanet.bearer-choice-wbxml
+application/vnd.uplanet.cacheop
+application/vnd.uplanet.cacheop-wbxml
+application/vnd.uplanet.channel
+application/vnd.uplanet.channel-wbxml
+application/vnd.uplanet.list
+application/vnd.uplanet.list-wbxml
+application/vnd.uplanet.listcmd
+application/vnd.uplanet.listcmd-wbxml
+application/vnd.uplanet.signal
+application/vnd.vcx
+application/vnd.vectorworks
+application/vnd.vidsoft.vidconference
+application/vnd.visio vsd vst vsw vss
+application/vnd.vividence.scriptfile
+application/vnd.wap.sic
+application/vnd.wap.slc
+application/vnd.wap.wbxml wbxml
+application/vnd.wap.wmlc wmlc
+application/vnd.wap.wmlscriptc wmlsc
+application/vnd.webturbo
+application/vnd.wordperfect wpd
+application/vnd.wordperfect5.1 wp5
+application/vnd.wrq-hp3000-labelled
+application/vnd.wt.stf
+application/vnd.xara
+application/vnd.xfdl
+application/vnd.yellowriver-custom-menu
+application/zlib
+application/x-123 wk
+application/x-7z-compressed 7z
+application/x-abiword abw
+application/x-apple-diskimage dmg
+application/x-bcpio bcpio
+application/x-bittorrent torrent
+application/x-cab cab
+application/x-cbr cbr
+application/x-cbz cbz
+application/x-cdf cdf cda
+application/x-cdlink vcd
+application/x-chess-pgn pgn
+application/x-comsol mph
+application/x-core
+application/x-cpio cpio
+application/x-csh csh
+application/x-debian-package deb udeb
+application/x-director dcr dir dxr
+application/x-dms dms
+application/x-doom wad
+application/x-dvi dvi
+application/x-executable
+application/x-font pfa pfb gsf
+application/x-font-pcf pcf pcf.Z
+application/x-freemind mm
+application/x-futuresplash spl
+application/x-ganttproject gan
+application/x-gnumeric gnumeric
+application/x-go-sgf sgf
+application/x-graphing-calculator gcf
+application/x-gtar gtar
+application/x-gtar-compressed tgz taz
+application/x-hdf hdf
+#application/x-httpd-eruby rhtml
+#application/x-httpd-php phtml pht php
+#application/x-httpd-php-source phps
+#application/x-httpd-php3 php3
+#application/x-httpd-php3-preprocessed php3p
+#application/x-httpd-php4 php4
+#application/x-httpd-php5 php5
+application/x-hwp hwp
+application/x-ica ica
+application/x-info info
+application/x-internet-signup ins isp
+application/x-iphone iii
+application/x-iso9660-image iso
+application/x-jam jam
+application/x-java-applet
+application/x-java-bean
+application/x-java-jnlp-file jnlp
+application/x-jmol jmz
+application/x-kchart chrt
+application/x-kdelnk
+application/x-killustrator kil
+application/x-koan skp skd skt skm
+application/x-kpresenter kpr kpt
+application/x-kspread ksp
+application/x-kword kwd kwt
+application/x-latex latex
+application/x-lha lha
+application/x-lyx lyx
+application/x-lzh lzh
+application/x-lzx lzx
+application/x-maker frm maker frame fm fb book fbdoc
+application/x-mif mif
+application/x-mpegURL m3u8
+application/x-ms-wmd wmd
+application/x-ms-wmz wmz
+application/x-msdos-program com exe bat dll
+application/x-msi msi
+application/x-netcdf nc
+application/x-ns-proxy-autoconfig pac
+application/x-nwc nwc
+application/x-object o
+application/x-oz-application oza
+application/x-pkcs7-certreqresp p7r
+application/x-pkcs7-crl crl
+application/x-python-code pyc pyo
+application/x-qgis qgs shp shx
+application/x-quicktimeplayer qtl
+application/x-rdp rdp
+application/x-redhat-package-manager rpm
+application/x-rss+xml rss
+application/x-ruby rb
+application/x-rx
+application/x-scilab sci sce
+application/x-scilab-xcos xcos
+application/x-sh sh
+application/x-shar shar
+application/x-shellscript
+application/x-shockwave-flash swf swfl
+application/x-silverlight scr
+application/x-sql sql
+application/x-stuffit sit sitx
+application/x-sv4cpio sv4cpio
+application/x-sv4crc sv4crc
+application/x-tar tar
+application/x-tcl tcl
+application/x-tex-gf gf
+application/x-tex-pk pk
+application/x-texinfo texinfo texi
+application/x-trash ~ % bak old sik
+application/x-troff t tr roff
+application/x-troff-man man
+application/x-troff-me me
+application/x-troff-ms ms
+application/x-ustar ustar
+application/x-videolan
+application/x-wais-source src
+application/x-wingz wz
+application/x-x509-ca-cert crt
+application/x-xcf xcf
+application/x-xfig fig
+application/x-xpinstall xpi
+application/x-xz xz
+
+audio/32kadpcm
+audio/3gpp
+audio/amr amr
+audio/amr-wb awb
+audio/annodex axa
+audio/basic au snd
+audio/csound csd orc sco
+audio/flac flac
+audio/g.722.1
+audio/l16
+audio/midi mid midi kar
+audio/mp4a-latm
+audio/mpa-robust
+audio/mpeg mpga mpega mp2 mp3 m4a
+audio/mpegurl m3u
+audio/ogg oga ogg opus spx
+audio/parityfec
+audio/prs.sid sid
+audio/telephone-event
+audio/tone
+audio/vnd.cisco.nse
+audio/vnd.cns.anp1
+audio/vnd.cns.inf1
+audio/vnd.digital-winds
+audio/vnd.everad.plj
+audio/vnd.lucent.voice
+audio/vnd.nortel.vbk
+audio/vnd.nuera.ecelp4800
+audio/vnd.nuera.ecelp7470
+audio/vnd.nuera.ecelp9600
+audio/vnd.octel.sbc
+audio/vnd.qcelp
+audio/vnd.rhetorex.32kadpcm
+audio/vnd.vmx.cvsd
+audio/x-aiff aif aiff aifc
+audio/x-gsm gsm
+audio/x-mpegurl m3u
+audio/x-ms-wma wma
+audio/x-ms-wax wax
+audio/x-pn-realaudio-plugin
+audio/x-pn-realaudio ra rm ram
+audio/x-realaudio ra
+audio/x-scpls pls
+audio/x-sd2 sd2
+audio/x-wav wav
+
+chemical/x-alchemy alc
+chemical/x-cache cac cache
+chemical/x-cache-csf csf
+chemical/x-cactvs-binary cbin cascii ctab
+chemical/x-cdx cdx
+chemical/x-cerius cer
+chemical/x-chem3d c3d
+chemical/x-chemdraw chm
+chemical/x-cif cif
+chemical/x-cmdf cmdf
+chemical/x-cml cml
+chemical/x-compass cpa
+chemical/x-crossfire bsd
+chemical/x-csml csml csm
+chemical/x-ctx ctx
+chemical/x-cxf cxf cef
+#chemical/x-daylight-smiles smi
+chemical/x-embl-dl-nucleotide emb embl
+chemical/x-galactic-spc spc
+chemical/x-gamess-input inp gam gamin
+chemical/x-gaussian-checkpoint fch fchk
+chemical/x-gaussian-cube cub
+chemical/x-gaussian-input gau gjc gjf
+chemical/x-gaussian-log gal
+chemical/x-gcg8-sequence gcg
+chemical/x-genbank gen
+chemical/x-hin hin
+chemical/x-isostar istr ist
+chemical/x-jcamp-dx jdx dx
+chemical/x-kinemage kin
+chemical/x-macmolecule mcm
+chemical/x-macromodel-input mmd mmod
+chemical/x-mdl-molfile mol
+chemical/x-mdl-rdfile rd
+chemical/x-mdl-rxnfile rxn
+chemical/x-mdl-sdfile sd sdf
+chemical/x-mdl-tgf tgf
+#chemical/x-mif mif
+chemical/x-mmcif mcif
+chemical/x-mol2 mol2
+chemical/x-molconn-Z b
+chemical/x-mopac-graph gpt
+chemical/x-mopac-input mop mopcrt mpc zmt
+chemical/x-mopac-out moo
+chemical/x-mopac-vib mvb
+chemical/x-ncbi-asn1 asn
+chemical/x-ncbi-asn1-ascii prt ent
+chemical/x-ncbi-asn1-binary val aso
+chemical/x-ncbi-asn1-spec asn
+chemical/x-pdb pdb ent
+chemical/x-rosdal ros
+chemical/x-swissprot sw
+chemical/x-vamas-iso14976 vms
+chemical/x-vmd vmd
+chemical/x-xtel xtel
+chemical/x-xyz xyz
+
+image/cgm
+image/g3fax
+image/gif gif
+image/ief ief
+image/jp2 jp2 jpg2
+image/jpeg jpeg jpg jpe
+image/jpm jpm
+image/jpx jpx jpf
+image/naplps
+image/pcx pcx
+image/png png
+image/prs.btif
+image/prs.pti
+image/svg+xml svg svgz
+image/tiff tiff tif
+image/vnd.cns.inf2
+image/vnd.djvu djvu djv
+image/vnd.dwg
+image/vnd.dxf
+image/vnd.fastbidsheet
+image/vnd.fpx
+image/vnd.fst
+image/vnd.fujixerox.edmics-mmr
+image/vnd.fujixerox.edmics-rlc
+image/vnd.microsoft.icon ico
+image/vnd.mix
+image/vnd.net-fpx
+image/vnd.svf
+image/vnd.wap.wbmp wbmp
+image/vnd.xiff
+image/x-canon-cr2 cr2
+image/x-canon-crw crw
+image/x-cmu-raster ras
+image/x-coreldraw cdr
+image/x-coreldrawpattern pat
+image/x-coreldrawtemplate cdt
+image/x-corelphotopaint cpt
+image/x-epson-erf erf
+image/x-icon
+image/x-jg art
+image/x-jng jng
+image/x-ms-bmp bmp
+image/x-nikon-nef nef
+image/x-olympus-orf orf
+image/x-photoshop psd
+image/x-portable-anymap pnm
+image/x-portable-bitmap pbm
+image/x-portable-graymap pgm
+image/x-portable-pixmap ppm
+image/x-rgb rgb
+image/x-xbitmap xbm
+image/x-xpixmap xpm
+image/x-xwindowdump xwd
+
+inode/chardevice
+inode/blockdevice
+inode/directory-locked
+inode/directory
+inode/fifo
+inode/socket
+
+message/delivery-status
+message/disposition-notification
+message/external-body
+message/http
+message/s-http
+message/news
+message/partial
+message/rfc822 eml
+
+model/iges igs iges
+model/mesh msh mesh silo
+model/vnd.dwf
+model/vnd.flatland.3dml
+model/vnd.gdl
+model/vnd.gs-gdl
+model/vnd.gtw
+model/vnd.mts
+model/vnd.vtu
+model/vrml wrl vrml
+model/x3d+vrml x3dv
+model/x3d+xml x3d
+model/x3d+binary x3db
+
+multipart/alternative
+multipart/appledouble
+multipart/byteranges
+multipart/digest
+multipart/encrypted
+multipart/form-data
+multipart/header-set
+multipart/mixed
+multipart/parallel
+multipart/related
+multipart/report
+multipart/signed
+multipart/voice-message
+
+text/cache-manifest appcache
+text/calendar ics icz
+text/css css
+text/csv csv
+text/directory
+text/english
+text/enriched
+text/h323 323
+text/html html htm shtml
+text/iuls uls
+text/mathml mml
+text/parityfec
+text/plain asc txt text pot brf srt
+text/prs.lines.tag
+text/rfc822-headers
+text/richtext rtx
+text/rtf
+text/scriptlet sct wsc
+text/t140
+text/texmacs tm
+text/tab-separated-values tsv
+text/turtle ttl
+text/uri-list
+text/vcard vcf vcard
+text/vnd.abc
+text/vnd.curl
+text/vnd.debian.copyright
+text/vnd.DMClientScript
+text/vnd.flatland.3dml
+text/vnd.fly
+text/vnd.fmi.flexstor
+text/vnd.in3d.3dml
+text/vnd.in3d.spot
+text/vnd.IPTC.NewsML
+text/vnd.IPTC.NITF
+text/vnd.latex-z
+text/vnd.motorola.reflex
+text/vnd.ms-mediapackage
+text/vnd.sun.j2me.app-descriptor jad
+text/vnd.wap.si
+text/vnd.wap.sl
+text/vnd.wap.wml wml
+text/vnd.wap.wmlscript wmls
+text/x-bibtex bib
+text/x-boo boo
+text/x-c++hdr h++ hpp hxx hh
+text/x-c++src c++ cpp cxx cc
+text/x-chdr h
+text/x-component htc
+text/x-crontab
+text/x-csh csh
+text/x-csrc c
+text/x-dsrc d
+text/x-diff diff patch
+text/x-haskell hs
+text/x-java java
+text/x-lilypond ly
+text/x-literate-haskell lhs
+text/x-makefile
+text/x-moc moc
+text/x-pascal p pas
+text/x-pcs-gcd gcd
+text/x-perl pl pm
+text/x-python py
+text/x-scala scala
+text/x-server-parsed-html
+text/x-setext etx
+text/x-sfv sfv
+text/x-sh sh
+text/x-tcl tcl tk
+text/x-tex tex ltx sty cls
+text/x-vcalendar vcs
+
+video/3gpp 3gp
+video/annodex axv
+video/dl dl
+video/dv dif dv
+video/fli fli
+video/gl gl
+video/mpeg mpeg mpg mpe
+video/MP2T ts
+video/mp4 mp4
+video/quicktime qt mov
+video/mp4v-es
+video/ogg ogv
+video/parityfec
+video/pointer
+video/webm webm
+video/vnd.fvt
+video/vnd.motorola.video
+video/vnd.motorola.videop
+video/vnd.mpegurl mxu
+video/vnd.mts
+video/vnd.nokia.interleaved-multimedia
+video/vnd.vivo
+video/x-flv flv
+video/x-la-asf lsf lsx
+video/x-mng mng
+video/x-ms-asf asf asx
+video/x-ms-wm wm
+video/x-ms-wmv wmv
+video/x-ms-wmx wmx
+video/x-ms-wvx wvx
+video/x-msvideo avi
+video/x-sgi-movie movie
+video/x-matroska mpv mkv
+
+x-conference/x-cooltalk ice
+
+x-epoc/x-sisx-app sisx
+x-world/x-vrml vrm vrml wrl
--- /dev/null
+[defaults]
+ base_features = sparse_super,filetype,resize_inode,dir_index,ext_attr
+ default_mntopts = acl,user_xattr
+ enable_periodic_fsck = 0
+ blocksize = 4096
+ inode_size = 256
+ inode_ratio = 16384
+
+[fs_types]
+ ext3 = {
+ features = has_journal
+ }
+ ext4 = {
+ features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize
+ auto_64-bit_support = 1
+ inode_size = 256
+ }
+ ext4dev = {
+ features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize
+ inode_size = 256
+ options = test_fs=1
+ }
+ small = {
+ blocksize = 1024
+ inode_size = 128
+ inode_ratio = 4096
+ }
+ floppy = {
+ blocksize = 1024
+ inode_size = 128
+ inode_ratio = 8192
+ }
+ big = {
+ inode_ratio = 32768
+ }
+ huge = {
+ inode_ratio = 65536
+ }
+ news = {
+ inode_ratio = 4096
+ }
+ largefile = {
+ inode_ratio = 1048576
+ blocksize = -1
+ }
+ largefile4 = {
+ inode_ratio = 4194304
+ blocksize = -1
+ }
+ hurd = {
+ blocksize = 4096
+ inode_size = 128
+ }
--- /dev/null
+# This file blacklists most old-style PCI framebuffer drivers.
+
+blacklist arkfb
+blacklist aty128fb
+blacklist atyfb
+blacklist radeonfb
+blacklist cirrusfb
+blacklist cyber2000fb
+blacklist kyrofb
+blacklist matroxfb_base
+blacklist mb862xxfb
+blacklist neofb
+blacklist pm2fb
+blacklist pm3fb
+blacklist s3fb
+blacklist savagefb
+blacklist sisfb
+blacklist tdfxfb
+blacklist tridentfb
+blacklist vt8623fb
--- /dev/null
+# /etc/modules: kernel modules to load at boot time.
+#
+# This file contains the names of kernel modules that should be loaded
+# at boot time, one per line. Lines beginning with "#" are ignored.
+
--- /dev/null
+../modules
\ No newline at end of file
--- /dev/null
+ ____ _
+/ ___| __ _ _ __ __ _| |__
+\___ \ / _` | '__/ _` | '_ \
+ ___) | (_| | | | (_| | | | |
+|____/ \__,_|_| \__,_|_| |_|
+
--- /dev/null
+# MariaDB-specific config file.
+# Read by /etc/mysql/my.cnf
+
+[client]
+# Default is Latin1, if you need UTF-8 set this (also in server section)
+#default-character-set = utf8
+
+[mysqld]
+#
+# * Character sets
+#
+# Default is Latin1, if you need UTF-8 set all this (also in client section)
+#
+#character-set-server = utf8
+#collation-server = utf8_general_ci
+#character_set_server = utf8
+#collation_server = utf8_general_ci
--- /dev/null
+[mysqld_safe]
+skip_log_error
+syslog
--- /dev/null
+[mariadb]
+# See https://mariadb.com/kb/en/how-to-enable-tokudb-in-mariadb/
+# for instructions how to enable TokuDB
+#
+# See https://mariadb.com/kb/en/tokudb-differences/ for differences
+# between TokuDB in MariaDB and TokuDB from http://www.tokutek.com/
+
+#plugin-load-add=ha_tokudb.so
+
--- /dev/null
+#!/bin/bash
+#
+# This script is executed by "/etc/init.d/mysql" on every (re)start.
+#
+# Changes to this file will be preserved when updating the Debian package.
+#
+
+source /usr/share/mysql/debian-start.inc.sh
+
+MYSQL="/usr/bin/mysql --defaults-file=/etc/mysql/debian.cnf"
+MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
+MYUPGRADE="/usr/bin/mysql_upgrade --defaults-extra-file=/etc/mysql/debian.cnf"
+MYCHECK="/usr/bin/mysqlcheck --defaults-file=/etc/mysql/debian.cnf"
+MYCHECK_SUBJECT="WARNING: mysqlcheck has found corrupt tables"
+MYCHECK_PARAMS="--all-databases --fast --silent"
+MYCHECK_RCPT="root"
+
+## Checking for corrupt, not cleanly closed and upgrade needing tables.
+
+# The following commands should be run when the server is up but in background
+# where they do not block the server start and in one shell instance so that
+# they run sequentially. They are supposed not to echo anything to stdout.
+# If you want to disable the check for crashed tables comment
+# "check_for_crashed_tables" out.
+# (There may be no output to stdout inside the background process!)
+
+# Need to ignore SIGHUP, as otherwise a SIGHUP can sometimes abort the upgrade
+# process in the middle.
+trap "" SIGHUP
+(
+ upgrade_system_tables_if_necessary;
+ check_root_accounts;
+ check_for_crashed_tables;
+) >&2 &
+
+exit 0
--- /dev/null
+# Automatically generated for Debian scripts. DO NOT TOUCH!
+[client]
+host = localhost
+user = debian-sys-maint
+password = PHn6bQHdrn1c0wPa
+socket = /var/run/mysqld/mysqld.sock
+[mysql_upgrade]
+host = localhost
+user = debian-sys-maint
+password = PHn6bQHdrn1c0wPa
+socket = /var/run/mysqld/mysqld.sock
+basedir = /usr
--- /dev/null
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+#
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+[client]
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+# This was formally known as [safe_mysqld]. Both versions are currently parsed.
+[mysqld_safe]
+socket = /var/run/mysqld/mysqld.sock
+nice = 0
+
+[mysqld]
+innodb_file_per_table
+#
+# * Basic Settings
+#
+user = mysql
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+port = 3306
+basedir = /usr
+datadir = /var/lib/mysql
+tmpdir = /tmp
+lc-messages-dir = /usr/share/mysql
+skip-external-locking
+#
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address = 127.0.0.1
+#
+# * Fine Tuning
+#
+key_buffer = 16M
+max_allowed_packet = 16M
+thread_stack = 192K
+thread_cache_size = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+myisam-recover = BACKUP
+#max_connections = 100
+#table_cache = 64
+#thread_concurrency = 10
+#
+# * Query Cache Configuration
+#
+query_cache_limit = 1M
+query_cache_size = 16M
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file = /var/log/mysql/mysql.log
+#general_log = 1
+#
+# Error log - should be very few entries.
+#
+log_error = /var/log/mysql/error.log
+#
+# Here you can see queries with especially long duration
+#slow_query_log_file = /var/log/mysql/mysql-slow.log
+#slow_query_log = 1
+#long_query_time = 2
+#log_queries_not_using_indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+# other settings you may need to change.
+#server-id = 1
+#log_bin = /var/log/mysql/mysql-bin.log
+expire_logs_days = 10
+max_binlog_size = 100M
+#binlog_do_db = include_database_name
+#binlog_ignore_db = include_database_name
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
+
+
+
+[mysqldump]
+quick
+quote-names
+max_allowed_packet = 16M
+
+[mysql]
+#no-auto-rehash # faster start of mysql but no tab completition
+
+[isamchk]
+key_buffer = 16M
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+# The files must end with '.cnf', otherwise they'll be ignored.
+#
+!includedir /etc/mysql/conf.d/
--- /dev/null
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+#
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+[client]
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+# This was formally known as [safe_mysqld]. Both versions are currently parsed.
+[mysqld_safe]
+socket = /var/run/mysqld/mysqld.sock
+nice = 0
+
+[mysqld]
+#
+# * Basic Settings
+#
+user = mysql
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+port = 3306
+basedir = /usr
+datadir = /var/lib/mysql
+tmpdir = /tmp
+lc-messages-dir = /usr/share/mysql
+skip-external-locking
+#
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address = 127.0.0.1
+#
+# * Fine Tuning
+#
+key_buffer = 16M
+max_allowed_packet = 16M
+thread_stack = 192K
+thread_cache_size = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+myisam-recover = BACKUP
+#max_connections = 100
+#table_cache = 64
+#thread_concurrency = 10
+#
+# * Query Cache Configuration
+#
+query_cache_limit = 1M
+query_cache_size = 16M
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file = /var/log/mysql/mysql.log
+#general_log = 1
+#
+# Error log - should be very few entries.
+#
+log_error = /var/log/mysql/error.log
+#
+# Here you can see queries with especially long duration
+#slow_query_log_file = /var/log/mysql/mysql-slow.log
+#slow_query_log = 1
+#long_query_time = 2
+#log_queries_not_using_indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+# other settings you may need to change.
+#server-id = 1
+#log_bin = /var/log/mysql/mysql-bin.log
+expire_logs_days = 10
+max_binlog_size = 100M
+#binlog_do_db = include_database_name
+#binlog_ignore_db = include_database_name
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
+
+
+
+[mysqldump]
+quick
+quote-names
+max_allowed_packet = 16M
+
+[mysql]
+#no-auto-rehash # faster start of mysql but no tab completition
+
+[isamchk]
+key_buffer = 16M
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+# The files must end with '.cnf', otherwise they'll be ignored.
+#
+!includedir /etc/mysql/conf.d/
--- /dev/null
+# This is the configuration file for Heirloom mailx (formerly
+# known under the name "nail".
+# See mailx(1) for further options.
+# This file is not overwritten when 'make install' is run in
+# the mailx build process again.
+
+# Sccsid @(#)nail.rc 2.11 (gritter) 8/2/08
+
+# Do not forward to mbox by default since this is likely to be
+# irritating for most users today.
+set hold
+
+# Append rather than prepend when writing to mbox automatically.
+# This has no effect unless 'hold' is unset again.
+set append
+
+# Ask for a message subject.
+set ask
+
+# Assume a CRT-like terminal and invoke a pager.
+set crt
+
+# Messages may be terminated by a dot.
+set dot
+
+# Do not remove empty mail folders in the spool directory.
+# This may be relevant for privacy since other users could
+# otherwise create them with different permissions.
+set keep
+
+# Do not remove empty private mail folders.
+set emptybox
+
+# Quote the original message in replies by "> " as usual on the Internet.
+set indentprefix="> "
+
+# Automatically quote the text of the message that is responded to.
+set quote
+
+# Outgoing messages are sent in ISO-8859-1 if all their characters are
+# representable in it, otherwise in UTF-8.
+set sendcharsets=iso-8859-1,utf-8
+
+# Display sender's real names in header summaries.
+set showname
+
+# Display the recipients of messages sent by the user himself in
+# header summaries.
+set showto
+
+# Automatically check for new messages at each prompt, but avoid polling
+# of IMAP servers or maildir folders.
+set newmail=nopoll
+
+# If threaded mode is activated, automatically collapse thread.
+set autocollapse
+
+# Mark messages that have been answered.
+set markanswered
+
+# Hide some header fields which are uninteresting for most human readers.
+ignore received in-reply-to message-id references
+ignore mime-version content-transfer-encoding
+
+# Only include selected header fields when forwarding messages.
+fwdretain subject date from to
--- /dev/null
+## Sample initialization file for GNU nano.
+##
+## Please note that you must have configured nano with --enable-nanorc
+## for this file to be read! Also note that this file should not be in
+## DOS or Mac format, and that characters specially interpreted by the
+## shell should not be escaped here.
+##
+## To make sure a value is disabled, use "unset <option>".
+##
+## For the options that take parameters, the default value is given.
+## Other options are unset by default.
+##
+## Quotes inside string parameters don't have to be escaped with
+## backslashes. The last double quote in the string will be treated as
+## its end. For example, for the "brackets" option, ""')>]}" will match
+## ", ', ), >, ], and }.
+
+## Use auto-indentation.
+# set autoindent
+
+## Backup files to filename~.
+# set backup
+
+## The directory to put unique backup files in.
+# set backupdir ""
+
+## Do backwards searches by default.
+# set backwards
+
+## Use bold text instead of reverse video text.
+# set boldtext
+
+## The characters treated as closing brackets when justifying
+## paragraphs. They cannot contain blank characters. Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set brackets ""')>]}"
+
+## Do case sensitive searches by default.
+# set casesensitive
+
+## Constantly display the cursor position in the statusbar. Note that
+## this overrides "quickblank".
+# set const
+
+## Use cut to end of line by default.
+# set cut
+
+## Set the line length for wrapping text and justifying paragraphs.
+## If fill is 0 or less, the line length will be the screen width less
+## this number.
+##
+# set fill -8
+
+## Enable ~/.nano_history for saving and reading search/replace strings.
+set historylog
+
+## The opening and closing brackets that can be found by bracket
+## searches. They cannot contain blank characters. The former set must
+## come before the latter set, and both must be in the same order.
+##
+# set matchbrackets "(<[{)>]}"
+
+## Use the blank line below the titlebar as extra editing space.
+# set morespace
+
+## Enable mouse support, if available for your system. When enabled,
+## mouse clicks can be used to place the cursor, set the mark (with a
+## double click), and execute shortcuts. The mouse will work in the X
+## Window System, and on the console when gpm is running.
+##
+# set mouse
+
+## Allow multiple file buffers (inserting a file will put it into a
+## separate buffer). You must have configured with --enable-multibuffer
+## for this to work.
+##
+# set multibuffer
+
+## Don't convert files from DOS/Mac format.
+# set noconvert
+
+## Don't follow symlinks when writing files.
+# set nofollow
+
+## Don't display the helpful shortcut lists at the bottom of the screen.
+# set nohelp
+
+## Don't add newlines to the ends of files.
+# set nonewlines
+
+## Don't wrap text at all.
+set nowrap
+
+## Set operating directory. nano will not read or write files outside
+## this directory and its subdirectories. Also, the current directory
+## is changed to here, so any files are inserted from this dir. A blank
+## string means the operating directory feature is turned off.
+##
+# set operatingdir ""
+
+## Preserve the XON and XOFF keys (^Q and ^S).
+# set preserve
+
+## The characters treated as closing punctuation when justifying
+## paragraphs. They cannot contain blank characters. Only closing
+## punctuation, optionally followed by closing brackets, can end
+## sentences.
+##
+# set punct "!.?"
+
+## Do quick statusbar blanking. Statusbar messages will disappear after
+## 1 keystroke instead of 26. Note that "const" overrides this.
+##
+# set quickblank
+
+## The email-quote string, used to justify email-quoted paragraphs.
+## This is an extended regular expression if your system supports them,
+## otherwise a literal string. Default:
+# set quotestr "^([ ]*[#:>\|}])+"
+## if you have extended regular expression support, otherwise:
+# set quotestr "> "
+
+## Fix Backspace/Delete confusion problem.
+# set rebinddelete
+
+## Fix numeric keypad key confusion problem.
+# set rebindkeypad
+
+## Do extended regular expression searches by default.
+# set regexp
+
+## Make the Home key smarter. When Home is pressed anywhere but at the
+## very beginning of non-whitespace characters on a line, the cursor
+## will jump to that beginning (either forwards or backwards). If the
+## cursor is already at that position, it will jump to the true
+## beginning of the line.
+# set smarthome
+
+## Use smooth scrolling as the default.
+# set smooth
+
+## Use this spelling checker instead of the internal one. This option
+## does not properly have a default value.
+##
+# set speller "aspell -x -c"
+
+## Allow nano to be suspended.
+set suspend
+
+## Use this tab size instead of the default; it must be greater than 0.
+# set tabsize 8
+
+## Convert typed tabs to spaces.
+# set tabstospaces
+
+## Save automatically on exit, don't prompt.
+# set tempfile
+
+## Disallow file modification. Why would you want this in an rcfile? ;)
+# set view
+
+## The two single-column characters used to display the first characters
+## of tabs and spaces. 187 in ISO 8859-1 (0000BB in Unicode) and 183 in
+## ISO-8859-1 (0000B7 in Unicode) seem to be good values for these.
+# set whitespace " "
+
+## Detect word boundaries more accurately by treating punctuation
+## characters as parts of words.
+# set wordbounds
+
+## Enable the new (EXPERIMENTAL) generic undo code, not just for line cuts
+# set undo
+
+## Enable soft line wrapping (AKA full line display)
+# set softwrap
+
+
+## Color setup
+##
+## Format:
+##
+## syntax "short description" ["filename regex" ...]
+##
+## The "none" syntax is reserved; specifying it on the command line is
+## the same as not having a syntax at all. The "default" syntax is
+## special: it takes no filename regexes, and applies to files that
+## don't match any other syntax's filename regexes.
+##
+## color foreground,background "regex" ["regex"...]
+## or
+## icolor foreground,background "regex" ["regex"...]
+##
+## "color" will do case sensitive matches, while "icolor" will do case
+## insensitive matches.
+##
+## Valid colors: white, black, red, blue, green, yellow, magenta, cyan.
+## For foreground colors, you may use the prefix "bright" to get a
+## stronger highlight.
+##
+## To use multi-line regexes, use the start="regex" end="regex"
+## [start="regex" end="regex"...] format.
+##
+## If your system supports transparency, not specifying a background
+## color will use a transparent color. If you don't want this, be sure
+## to set the background color to black or white.
+##
+## If you wish, you may put your syntaxes in separate files. You can
+## make use of such files (which can only include "syntax", "color", and
+## "icolor" commands) as follows:
+##
+## include "/path/to/syntax_file.nanorc"
+##
+## Unless otherwise noted, the name of the syntax file (without the
+## ".nanorc" extension) should be the same as the "short description"
+## name inside that file. These names are kept fairly short to make
+## them easier to remember and faster to type using nano's -Y option.
+##
+## All regexes should be extended regular expressions.
+
+## Key bindings
+## Please see nanorc(5) for more details on this
+##
+## Here are some samples to get you going
+##
+# bind M-W nowrap main
+# bind M-A casesens search
+# bind ^S research main
+
+## Set this if your backspace key sends delete most of the time (2.1.3+)
+# bind kdel backspace all
+
+
+## Nanorc files
+include "/usr/share/nano/nanorc.nanorc"
+
+## C/C++
+include "/usr/share/nano/c.nanorc"
+
+## Cascading Style Sheets
+include "/usr/share/nano/css.nanorc"
+
+## Debian files
+include "/usr/share/nano/debian.nanorc"
+
+## Gentoo files
+include "/usr/share/nano/gentoo.nanorc"
+
+## HTML
+include "/usr/share/nano/html.nanorc"
+
+## PHP
+include "/usr/share/nano/php.nanorc"
+
+## TCL
+include "/usr/share/nano/tcl.nanorc"
+
+## TeX
+include "/usr/share/nano/tex.nanorc"
+
+## Quoted emails (under e.g. mutt)
+include "/usr/share/nano/mutt.nanorc"
+
+## Patch files
+include "/usr/share/nano/patch.nanorc"
+
+## Manpages
+include "/usr/share/nano/man.nanorc"
+
+## Groff
+include "/usr/share/nano/groff.nanorc"
+
+## Perl
+include "/usr/share/nano/perl.nanorc"
+
+## Python
+include "/usr/share/nano/python.nanorc"
+
+## Ruby
+include "/usr/share/nano/ruby.nanorc"
+
+## Java
+include "/usr/share/nano/java.nanorc"
+
+## AWK
+include "/usr/share/nano/awk.nanorc"
+
+## Assembler
+include "/usr/share/nano/asm.nanorc"
+
+## Bourne shell scripts
+include "/usr/share/nano/sh.nanorc"
+
+## POV-Ray
+include "/usr/share/nano/pov.nanorc"
+
+## XML-type files
+include "/usr/share/nano/xml.nanorc"
--- /dev/null
+#!/bin/sh
+# 2004-01-25, Thomas Lamy <thomas.lamy@in-online.net>
+# From Magnus Ekdahl's <magnus@debian.org> clamav-freshclam-handledaemon(8)
+
+set -e
+
+[ -e /var/lib/clamav/interface ] || exit 0
+
+INIT=/etc/init.d/clamav-freshclam
+CLAMAV_CONF_FILE=/etc/clamav/clamd.conf
+FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf
+
+INTERNETIFACE=`cat /var/lib/clamav/interface`
+
+if grep -q freshclam /proc/*/stat 2>/dev/null; then
+ IS_RUNNING=true
+else
+ IS_RUNNING=false
+fi
+
+# $IFACE is set by ifup/down, $PPP_IFACE by pppd
+[ -n "$PPP_IFACE" ] && IFACE=$PPP_IFACE
+
+# This is sloppy - woody's pppd exports variables, while sid's passes them as
+# arguments and exports them.
+
+if [ "$1" = "$IFACE" ]; then # We're called by sid's pppd
+ shift 6 # and we already know the interface
+fi # Dump the arguments passed.
+
+if [ -z "$1" ]; then
+ case $(dirname "$0") in
+ */if-up.d|*/ip-up.d)
+ # Short circuit and exit early if freshclam is already running
+ [ "$IS_RUNNING" = 'true' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=start
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ */if-down.d|*/ip-down.d)
+ # Short circuit and exit early if freshclam is not already running
+ [ "$IS_RUNNING" = 'false' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=stop
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ *)
+ FMODE=skip
+ ;;
+ esac
+else
+ FMODE="$1"
+fi
+
+case "$FMODE" in
+ start|stop)
+ IFACE="$IFACE" $INIT $FMODE
+ ;;
+ skip)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|skip}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#!/bin/sh -e
+
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# start or reload Postfix as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+
+if [ -e /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+fi
+
+if ! init_is_upstart; then
+ exit 0
+fi
+
+# Let's ignore meta entries (ifdown -a)
+if [ "$ADDRFAM" = "meta" ]; then
+ exit 0
+fi
+
+initctl emit -n net-device-down \
+ "IFACE=$IFACE" \
+ "LOGICAL=$LOGICAL" \
+ "ADDRFAM=$ADDRFAM" \
+ "METHOD=$METHOD"
--- /dev/null
+#!/bin/sh
+# 2004-01-25, Thomas Lamy <thomas.lamy@in-online.net>
+# From Magnus Ekdahl's <magnus@debian.org> clamav-freshclam-handledaemon(8)
+
+set -e
+
+[ -e /var/lib/clamav/interface ] || exit 0
+
+INIT=/etc/init.d/clamav-freshclam
+CLAMAV_CONF_FILE=/etc/clamav/clamd.conf
+FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf
+
+INTERNETIFACE=`cat /var/lib/clamav/interface`
+
+if grep -q freshclam /proc/*/stat 2>/dev/null; then
+ IS_RUNNING=true
+else
+ IS_RUNNING=false
+fi
+
+# $IFACE is set by ifup/down, $PPP_IFACE by pppd
+[ -n "$PPP_IFACE" ] && IFACE=$PPP_IFACE
+
+# This is sloppy - woody's pppd exports variables, while sid's passes them as
+# arguments and exports them.
+
+if [ "$1" = "$IFACE" ]; then # We're called by sid's pppd
+ shift 6 # and we already know the interface
+fi # Dump the arguments passed.
+
+if [ -z "$1" ]; then
+ case $(dirname "$0") in
+ */if-up.d|*/ip-up.d)
+ # Short circuit and exit early if freshclam is already running
+ [ "$IS_RUNNING" = 'true' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=start
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ */if-down.d|*/ip-down.d)
+ # Short circuit and exit early if freshclam is not already running
+ [ "$IS_RUNNING" = 'false' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=stop
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ *)
+ FMODE=skip
+ ;;
+ esac
+else
+ FMODE="$1"
+fi
+
+case "$FMODE" in
+ start|stop)
+ IFACE="$IFACE" $INIT $FMODE
+ ;;
+ skip)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|skip}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#! /bin/sh
+# Description: Now that TCP/IP is configured, mount the NFS file
+# systems in /etc/fstab if needed. If possible,
+# start the portmapper before mounting (this is needed for
+# Linux 2.1.x and up).
+#
+# Also mounts SMB filesystems now, so the name of
+# this script is getting increasingly inaccurate.
+
+# Skip the mountnfs hook when being triggered by the networking SysV init
+# script and instead use the systemd built-in mechanisms to mount remote
+# file systems.
+# This avoids a deadlock caused by the rpcbind SysV init script depending
+# on $network and the $network LSB facility being provided by the networking
+# SysV init script.
+if [ -d /run/systemd/system ]; then
+ systemctl list-jobs | grep -q network.target && exit 0
+fi
+
+PATH=/sbin:/bin
+. /lib/init/vars.sh
+
+. /lib/lsb/init-functions
+. /lib/init/mount-functions.sh
+
+set_env() {
+ # Read through fstab line by line. If it is NFS, set the flag
+ # for mounting NFS file systems. If any NFS partition is found
+ # and it not mounted with the nolock option, we start the
+ # portmapper.
+ #
+ # If any sec={krb5,krb5i,krb5p} option is given, or any of the
+ # file systems are nfs4, we'll need to start rpc.gssd and/or
+ # rpc.idmapd too; we'll leave that to nfs-common.
+
+ start_nfs=no
+ NETFS=""
+ NETDEV=""
+ for file in "$(eval ls $(fstab_files))"; do
+ if [ -f "$file" ]; then
+ while read DEV MTPT FSTYPE OPTS REST; do
+ case "$DEV" in
+ ""|\#*)
+ continue
+ ;;
+ esac
+ case "$OPTS" in
+ noauto|*,noauto|noauto,*|*,noauto,*)
+ continue
+ ;;
+ _netdev|*,_netdev|_netdev,*|*,_netdev,*)
+ NETDEV=yes
+ ;;
+ esac
+ case "$FSTYPE" in
+ nfs)
+ # NFS filsystems normally
+ # require statd and
+ # portmap. However, if nolock
+ # is set, portmap and statd
+ # are not required for this
+ # file system.
+ case "$OPTS" in
+ nolock|*,nolock|nolock,*|*,nolock,*)
+ # no action
+ ;;
+ *)
+ start_nfs=yes
+ ;;
+ esac
+
+ # However, Kerberos requires
+ # gssd, so start nfs-common
+ # anyway.
+ case "$OPTS" in
+ sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
+ start_nfs=yes
+ ;;
+ esac
+ ;;
+ nfs4)
+ # NFSv4 requires idmapd, so
+ # start nfs-common no matter
+ # what the options are.
+ start_nfs=yes
+ ;;
+ smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs|ceph)
+ ;;
+ *)
+ FSTYPE=
+ ;;
+ esac
+ if [ "$FSTYPE" ]; then
+ case "$NETFS" in
+ $FSTYPE|*,$FSTYPE|$FSTYPE,*|*,$FSTYPE,*)
+ ;;
+ *)
+ NETFS="$NETFS${NETFS:+,}$FSTYPE"
+ ;;
+ esac
+ fi
+ done < "$file"
+ fi
+ done
+}
+
+do_start() {
+ #
+ # Initialize nfs-common (which starts rpc.statd, rpc.gssd
+ # and/or rpc.idmapd, and loads the right kernel modules if
+ # applicable) if we use Kerberos and/or NFSv4 mounts.
+ #
+ if [ "$start_nfs" = yes ] && [ -x /etc/init.d/nfs-common ]
+ then
+ [ -x /etc/init.d/portmap ] && /etc/init.d/portmap start
+ [ -x /etc/init.d/rpcbind ] && /etc/init.d/rpcbind start
+ /etc/init.d/nfs-common start
+ fi
+
+ pre_mountall
+ if [ "$NETFS" ]
+ then
+ mount -a -t$NETFS
+ fi
+ if [ "$NETDEV" ]; then
+ mount -a -O _netdev
+ fi
+ post_mountall
+}
+
+exit_unless_last_interface() {
+ ifaces="$(ifquery --list)"
+ for i in $ifaces ; do
+ if [ "$i" = "lo" ]; then
+ continue
+ fi
+ if ! ifquery --state $i >/dev/null ; then
+ msg="if-up.d/mountnfs[$IFACE]: waiting for interface $i before doing NFS mounts"
+ log_warning_msg "$msg"
+ exit 0
+ fi
+ done
+}
+
+# Using 'no !=' instead of 'yes =' to make sure async nfs mounting is
+# the default even without a value in /etc/default/rcS
+set_env
+# Exit imediately and do not claim to wait for the last interface if
+# no network file systems are listed in /etc/fstab.
+if [ "$start_nfs" = "no" ] && [ ! "$NETFS" ] && [ ! "$NETDEV" ]; then
+ exit 0
+fi
+
+if [ no != "$ASYNCMOUNTNFS" ]; then
+ # Not for loopback!
+ [ "$IFACE" != "lo" ] || exit 0
+
+ [ "$ADDRFAM" = "inet" ] || [ "$ADDRFAM" = "inet6" ] || exit 0
+
+ # Lock around this otherwise insanity may occur
+ mkdir /var/run/network 2>/dev/null || true
+
+ # Wait until all auto interfaces are up before attemting to mount
+ # network file systems.
+ exit_unless_last_interface
+
+ if mkdir /var/run/network/mountnfs 2>/dev/null ; then
+ :
+ else
+ msg="if-up.d/mountnfs[$IFACE]: lock /var/run/network/mountnfs exist, not mounting"
+ log_failure_msg "$msg"
+ # Log if /usr/ is mounted
+ [ -x /usr/bin/logger ] && /usr/bin/logger -t "if-up.d/mountnfs[$IFACE]" "$msg"
+ exit 0
+ fi
+
+ on_exit() {
+ # Clean up lock when script exits, even if it is interrupted
+ rmdir /var/run/network/mountnfs 2>/dev/null || exit 0
+ }
+ trap on_exit EXIT # Enable emergency handler
+ do_start
+elif [ yes = "$FROMINITD" ] ; then
+ do_start
+fi
--- /dev/null
+#! /bin/sh
+# Reload the OpenSSH server when an interface comes up, to allow it to start
+# listening on new addresses.
+
+set -e
+
+# Don't bother to restart sshd when lo is configured.
+if [ "$IFACE" = lo ]; then
+ exit 0
+fi
+
+# Only run from ifup.
+if [ "$MODE" != start ]; then
+ exit 0
+fi
+
+# OpenSSH only cares about inet and inet6. Get ye gone, strange people
+# still using ipx.
+if [ "$ADDRFAM" != inet ] && [ "$ADDRFAM" != inet6 ]; then
+ exit 0
+fi
+
+# Is /usr mounted?
+if [ ! -e /usr/sbin/sshd ]; then
+ exit 0
+fi
+
+if [ ! -f /var/run/sshd.pid ] || \
+ [ "$(ps -p "$(cat /var/run/sshd.pid)" -o comm=)" != sshd ]; then
+ exit 0
+fi
+
+# We'd like to use 'reload' here, but it has some problems; see #502444. On
+# the other hand, repeated restarts of ssh make systemd unhappy
+# (#756547/#757822), so use reload in that case.
+if [ -d /run/systemd/system ]; then
+ action=reload
+else
+ action=restart
+fi
+invoke-rc.d ssh $action >/dev/null 2>&1 || true
+
+exit 0
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# don't bother to restart postfix when lo is configured.
+if [ "$IFACE" = "lo" ]; then
+ exit 0
+fi
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+# start or reload Postfix as needed
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -n "$RUNNING" ]; then
+ if [ -x /usr/sbin/sendmail ]; then
+ /usr/sbin/sendmail -q >/dev/null 2>&1
+ fi
+fi
--- /dev/null
+#!/bin/sh -e
+MARK_DEV_PREFIX="/run/network/ifup."
+MARK_STATIC_NETWORK_EMITTED="/run/network/static-network-up-emitted"
+
+if [ -e /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+fi
+
+if ! init_is_upstart; then
+ exit 0
+fi
+
+# Let's ignore meta entries (ifup -a)
+if [ "$ADDRFAM" = "meta" ]; then
+ exit 0
+fi
+
+# lo emission handled by /etc/init/network-interface.conf
+if [ "$IFACE" != lo ]; then
+ initctl emit -n net-device-up \
+ "IFACE=$IFACE" \
+ "LOGICAL=$LOGICAL" \
+ "ADDRFAM=$ADDRFAM" \
+ "METHOD=$METHOD"
+fi
+
+get_auto_interfaces() {
+ # write to stdout a list of interfaces configured as 'auto' in interfaces(5)
+ local found=""
+ # stderr redirected as it outputs things like:
+ # Ignoring unknown interface eth0=eth0.
+ found=$(ifquery --list --allow auto 2>/dev/null) || return
+ set -- ${found}
+ echo "$@"
+}
+
+all_interfaces_up() {
+ # return true if all interfaces listed in /etc/network/interfaces as 'auto'
+ # are up. if no interfaces are found there, then "all [given] were up"
+ local prefix="$1" iface=""
+ for iface in $(get_auto_interfaces); do
+ # if cur interface does is not up, then all have not been brought up
+ [ -f "${prefix}${iface}" ] || return 1
+ done
+ return 0
+}
+
+# touch our own "marker" indicating that this interface has been brought up.
+: > "${MARK_DEV_PREFIX}$IFACE"
+
+if all_interfaces_up "${MARK_DEV_PREFIX}" &&
+ mkdir "${MARK_STATIC_NETWORK_EMITTED}" 2>/dev/null; then
+ initctl emit --no-wait static-network-up
+fi
--- /dev/null
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug eth0
+iface eth0 inet dhcp
+
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+iface eth1 inet6 static
+ address 2001:6f8:1db7::5
+ netmask 64
+ gateway 2001:6f8:1db7::2
+
+#allow-hotplug eth2
+#iface eth2 inet dhcp
+
+#allow-hotplug eth3
+#iface eth3 inet dhcp
+
+#allow-hotplug eth4
+#iface eth4 inet dhcp
+
+#allow-hotplug eth5
+#iface eth5 inet dhcp
--- /dev/null
+default 0.0.0.0
+loopback 127.0.0.0
+link-local 169.254.0.0
+
--- /dev/null
+# HTTP
+server {
+ # Listen on ipv4
+ listen 80;
+ # Listen on ipv6.
+ # Note: this setting listens on both ipv4 and ipv6 with Nginx release
+ # shipped in some Linux/BSD distributions.
+ #listen [::]:80;
+ server_name _;
+
+ root /var/www;
+ index index.php index.html;
+
+ location / {
+ root /var/www;
+ }
+
+ include /etc/nginx/templates/php-catchall.tmpl;
+ include /etc/nginx/templates/redirect_to_https.tmpl;
+ include /etc/nginx/templates/misc.tmpl;
+}
+
+# HTTPS
+server {
+ listen 443;
+ server_name _;
+
+ ssl on;
+ ssl_certificate /etc/ssl/certs/iRedMail.crt;
+ ssl_certificate_key /etc/ssl/private/iRedMail.key;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+ # Fix 'The Logjam Attack'.
+ ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
+ ssl_prefer_server_ciphers on;
+ ssl_dhparam /etc/ssl/dh2048_param.pem;
+
+ index index.php index.html;
+
+ location / {
+ root /var/www;
+ }
+
+ # HTTP Strict Transport Security (HSTS)
+ #include /etc/nginx/templates/hsts.tmpl;
+
+ # Web applications.
+ include /etc/nginx/templates/roundcube.tmpl;
+ include /etc/nginx/templates/iredadmin.tmpl;
+ include /etc/nginx/templates/sogo.tmpl;
+
+ # PHP applications. WARNING: php-catchall.tmpl should be loaded after
+ # other php web applications.
+ include /etc/nginx/templates/php-catchall.tmpl;
+
+ include /etc/nginx/templates/misc.tmpl;
+}
--- /dev/null
+
+fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+fastcgi_param QUERY_STRING $query_string;
+fastcgi_param REQUEST_METHOD $request_method;
+fastcgi_param CONTENT_TYPE $content_type;
+fastcgi_param CONTENT_LENGTH $content_length;
+
+fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+fastcgi_param REQUEST_URI $request_uri;
+fastcgi_param DOCUMENT_URI $document_uri;
+fastcgi_param DOCUMENT_ROOT $document_root;
+fastcgi_param SERVER_PROTOCOL $server_protocol;
+fastcgi_param HTTPS $https if_not_empty;
+
+fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+fastcgi_param REMOTE_ADDR $remote_addr;
+fastcgi_param REMOTE_PORT $remote_port;
+fastcgi_param SERVER_ADDR $server_addr;
+fastcgi_param SERVER_PORT $server_port;
+fastcgi_param SERVER_NAME $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param REDIRECT_STATUS 200;
--- /dev/null
+
+fastcgi_param QUERY_STRING $query_string;
+fastcgi_param REQUEST_METHOD $request_method;
+fastcgi_param CONTENT_TYPE $content_type;
+fastcgi_param CONTENT_LENGTH $content_length;
+
+fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+fastcgi_param REQUEST_URI $request_uri;
+fastcgi_param DOCUMENT_URI $document_uri;
+fastcgi_param DOCUMENT_ROOT $document_root;
+fastcgi_param SERVER_PROTOCOL $server_protocol;
+fastcgi_param HTTPS $https if_not_empty;
+
+fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+fastcgi_param REMOTE_ADDR $remote_addr;
+fastcgi_param REMOTE_PORT $remote_port;
+fastcgi_param SERVER_ADDR $server_addr;
+fastcgi_param SERVER_PORT $server_port;
+fastcgi_param SERVER_NAME $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param REDIRECT_STATUS 200;
--- /dev/null
+
+# This map is not a full koi8-r <> utf8 map: it does not contain
+# box-drawing and some other characters. Besides this map contains
+# several koi8-u and Byelorussian letters which are not in koi8-r.
+# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
+# map instead.
+
+charset_map koi8-r utf-8 {
+
+ 80 E282AC ; # euro
+
+ 95 E280A2 ; # bullet
+
+ 9A C2A0 ; #
+
+ 9E C2B7 ; # ·
+
+ A3 D191 ; # small yo
+ A4 D194 ; # small Ukrainian ye
+
+ A6 D196 ; # small Ukrainian i
+ A7 D197 ; # small Ukrainian yi
+
+ AD D291 ; # small Ukrainian soft g
+ AE D19E ; # small Byelorussian short u
+
+ B0 C2B0 ; # °
+
+ B3 D081 ; # capital YO
+ B4 D084 ; # capital Ukrainian YE
+
+ B6 D086 ; # capital Ukrainian I
+ B7 D087 ; # capital Ukrainian YI
+
+ B9 E28496 ; # numero sign
+
+ BD D290 ; # capital Ukrainian soft G
+ BE D18E ; # capital Byelorussian short U
+
+ BF C2A9 ; # (C)
+
+ C0 D18E ; # small yu
+ C1 D0B0 ; # small a
+ C2 D0B1 ; # small b
+ C3 D186 ; # small ts
+ C4 D0B4 ; # small d
+ C5 D0B5 ; # small ye
+ C6 D184 ; # small f
+ C7 D0B3 ; # small g
+ C8 D185 ; # small kh
+ C9 D0B8 ; # small i
+ CA D0B9 ; # small j
+ CB D0BA ; # small k
+ CC D0BB ; # small l
+ CD D0BC ; # small m
+ CE D0BD ; # small n
+ CF D0BE ; # small o
+
+ D0 D0BF ; # small p
+ D1 D18F ; # small ya
+ D2 D180 ; # small r
+ D3 D181 ; # small s
+ D4 D182 ; # small t
+ D5 D183 ; # small u
+ D6 D0B6 ; # small zh
+ D7 D0B2 ; # small v
+ D8 D18C ; # small soft sign
+ D9 D18B ; # small y
+ DA D0B7 ; # small z
+ DB D188 ; # small sh
+ DC D18D ; # small e
+ DD D189 ; # small shch
+ DE D187 ; # small ch
+ DF D18A ; # small hard sign
+
+ E0 D0AE ; # capital YU
+ E1 D090 ; # capital A
+ E2 D091 ; # capital B
+ E3 D0A6 ; # capital TS
+ E4 D094 ; # capital D
+ E5 D095 ; # capital YE
+ E6 D0A4 ; # capital F
+ E7 D093 ; # capital G
+ E8 D0A5 ; # capital KH
+ E9 D098 ; # capital I
+ EA D099 ; # capital J
+ EB D09A ; # capital K
+ EC D09B ; # capital L
+ ED D09C ; # capital M
+ EE D09D ; # capital N
+ EF D09E ; # capital O
+
+ F0 D09F ; # capital P
+ F1 D0AF ; # capital YA
+ F2 D0A0 ; # capital R
+ F3 D0A1 ; # capital S
+ F4 D0A2 ; # capital T
+ F5 D0A3 ; # capital U
+ F6 D096 ; # capital ZH
+ F7 D092 ; # capital V
+ F8 D0AC ; # capital soft sign
+ F9 D0AB ; # capital Y
+ FA D097 ; # capital Z
+ FB D0A8 ; # capital SH
+ FC D0AD ; # capital E
+ FD D0A9 ; # capital SHCH
+ FE D0A7 ; # capital CH
+ FF D0AA ; # capital hard sign
+}
--- /dev/null
+
+charset_map koi8-r windows-1251 {
+
+ 80 88 ; # euro
+
+ 95 95 ; # bullet
+
+ 9A A0 ; #
+
+ 9E B7 ; # ·
+
+ A3 B8 ; # small yo
+ A4 BA ; # small Ukrainian ye
+
+ A6 B3 ; # small Ukrainian i
+ A7 BF ; # small Ukrainian yi
+
+ AD B4 ; # small Ukrainian soft g
+ AE A2 ; # small Byelorussian short u
+
+ B0 B0 ; # °
+
+ B3 A8 ; # capital YO
+ B4 AA ; # capital Ukrainian YE
+
+ B6 B2 ; # capital Ukrainian I
+ B7 AF ; # capital Ukrainian YI
+
+ B9 B9 ; # numero sign
+
+ BD A5 ; # capital Ukrainian soft G
+ BE A1 ; # capital Byelorussian short U
+
+ BF A9 ; # (C)
+
+ C0 FE ; # small yu
+ C1 E0 ; # small a
+ C2 E1 ; # small b
+ C3 F6 ; # small ts
+ C4 E4 ; # small d
+ C5 E5 ; # small ye
+ C6 F4 ; # small f
+ C7 E3 ; # small g
+ C8 F5 ; # small kh
+ C9 E8 ; # small i
+ CA E9 ; # small j
+ CB EA ; # small k
+ CC EB ; # small l
+ CD EC ; # small m
+ CE ED ; # small n
+ CF EE ; # small o
+
+ D0 EF ; # small p
+ D1 FF ; # small ya
+ D2 F0 ; # small r
+ D3 F1 ; # small s
+ D4 F2 ; # small t
+ D5 F3 ; # small u
+ D6 E6 ; # small zh
+ D7 E2 ; # small v
+ D8 FC ; # small soft sign
+ D9 FB ; # small y
+ DA E7 ; # small z
+ DB F8 ; # small sh
+ DC FD ; # small e
+ DD F9 ; # small shch
+ DE F7 ; # small ch
+ DF FA ; # small hard sign
+
+ E0 DE ; # capital YU
+ E1 C0 ; # capital A
+ E2 C1 ; # capital B
+ E3 D6 ; # capital TS
+ E4 C4 ; # capital D
+ E5 C5 ; # capital YE
+ E6 D4 ; # capital F
+ E7 C3 ; # capital G
+ E8 D5 ; # capital KH
+ E9 C8 ; # capital I
+ EA C9 ; # capital J
+ EB CA ; # capital K
+ EC CB ; # capital L
+ ED CC ; # capital M
+ EE CD ; # capital N
+ EF CE ; # capital O
+
+ F0 CF ; # capital P
+ F1 DF ; # capital YA
+ F2 D0 ; # capital R
+ F3 D1 ; # capital S
+ F4 D2 ; # capital T
+ F5 D3 ; # capital U
+ F6 C6 ; # capital ZH
+ F7 C2 ; # capital V
+ F8 DC ; # capital soft sign
+ F9 DB ; # capital Y
+ FA C7 ; # capital Z
+ FB D8 ; # capital SH
+ FC DD ; # capital E
+ FD D9 ; # capital SHCH
+ FE D7 ; # capital CH
+ FF DA ; # capital hard sign
+}
--- /dev/null
+
+types {
+ text/html html htm shtml;
+ text/css css;
+ text/xml xml;
+ image/gif gif;
+ image/jpeg jpeg jpg;
+ application/javascript js;
+ application/atom+xml atom;
+ application/rss+xml rss;
+
+ text/mathml mml;
+ text/plain txt;
+ text/vnd.sun.j2me.app-descriptor jad;
+ text/vnd.wap.wml wml;
+ text/x-component htc;
+
+ image/png png;
+ image/tiff tif tiff;
+ image/vnd.wap.wbmp wbmp;
+ image/x-icon ico;
+ image/x-jng jng;
+ image/x-ms-bmp bmp;
+ image/svg+xml svg svgz;
+ image/webp webp;
+
+ application/font-woff woff;
+ application/java-archive jar war ear;
+ application/json json;
+ application/mac-binhex40 hqx;
+ application/msword doc;
+ application/pdf pdf;
+ application/postscript ps eps ai;
+ application/rtf rtf;
+ application/vnd.apple.mpegurl m3u8;
+ application/vnd.ms-excel xls;
+ application/vnd.ms-fontobject eot;
+ application/vnd.ms-powerpoint ppt;
+ application/vnd.wap.wmlc wmlc;
+ application/vnd.google-earth.kml+xml kml;
+ application/vnd.google-earth.kmz kmz;
+ application/x-7z-compressed 7z;
+ application/x-cocoa cco;
+ application/x-java-archive-diff jardiff;
+ application/x-java-jnlp-file jnlp;
+ application/x-makeself run;
+ application/x-perl pl pm;
+ application/x-pilot prc pdb;
+ application/x-rar-compressed rar;
+ application/x-redhat-package-manager rpm;
+ application/x-sea sea;
+ application/x-shockwave-flash swf;
+ application/x-stuffit sit;
+ application/x-tcl tcl tk;
+ application/x-x509-ca-cert der pem crt;
+ application/x-xpinstall xpi;
+ application/xhtml+xml xhtml;
+ application/xspf+xml xspf;
+ application/zip zip;
+
+ application/octet-stream bin exe dll;
+ application/octet-stream deb;
+ application/octet-stream dmg;
+ application/octet-stream iso img;
+ application/octet-stream msi msp msm;
+
+ application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
+ application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
+ application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
+
+ audio/midi mid midi kar;
+ audio/mpeg mp3;
+ audio/ogg ogg;
+ audio/x-m4a m4a;
+ audio/x-realaudio ra;
+
+ video/3gpp 3gpp 3gp;
+ video/mp2t ts;
+ video/mp4 mp4;
+ video/mpeg mpeg mpg;
+ video/quicktime mov;
+ video/webm webm;
+ video/x-flv flv;
+ video/x-m4v m4v;
+ video/x-mng mng;
+ video/x-ms-asf asx asf;
+ video/x-ms-wmv wmv;
+ video/x-msvideo avi;
+}
--- /dev/null
+user www-data;
+worker_processes 1;
+pid /var/run/nginx.pid;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ # Hide Nginx version number
+ server_tokens off;
+
+ gzip on;
+ keepalive_timeout 600;
+ sendfile on;
+
+ client_max_body_size 12m;
+ types_hash_max_size 2048;
+
+ upstream php_workers {
+ server unix:/var/run/php-fpm.socket;
+ }
+
+ include /etc/nginx/conf.d/*.conf;
+}
--- /dev/null
+user www-data;
+worker_processes 4;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+ # server_tokens off;
+
+ # server_names_hash_bucket_size 64;
+ # server_name_in_redirect off;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+}
+
+
+#mail {
+# # See sample authentication script at:
+# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+# # auth_http localhost/auth.php;
+# # pop3_capabilities "TOP" "USER";
+# # imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+# server {
+# listen localhost:110;
+# protocol pop3;
+# proxy on;
+# }
+#
+# server {
+# listen localhost:143;
+# protocol imap;
+# proxy on;
+# }
+#}
--- /dev/null
+proxy_set_header Host $http_host;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;
--- /dev/null
+
+scgi_param REQUEST_METHOD $request_method;
+scgi_param REQUEST_URI $request_uri;
+scgi_param QUERY_STRING $query_string;
+scgi_param CONTENT_TYPE $content_type;
+
+scgi_param DOCUMENT_URI $document_uri;
+scgi_param DOCUMENT_ROOT $document_root;
+scgi_param SCGI 1;
+scgi_param SERVER_PROTOCOL $server_protocol;
+scgi_param HTTPS $https if_not_empty;
+
+scgi_param REMOTE_ADDR $remote_addr;
+scgi_param REMOTE_PORT $remote_port;
+scgi_param SERVER_PORT $server_port;
+scgi_param SERVER_NAME $server_name;
--- /dev/null
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+ listen 80 default_server;
+ listen [::]:80 default_server;
+
+ # SSL configuration
+ #
+ # listen 443 ssl default_server;
+ # listen [::]:443 ssl default_server;
+ #
+ # Self signed certs generated by the ssl-cert package
+ # Don't use them in a production server!
+ #
+ # include snippets/snakeoil.conf;
+
+ root /var/www/html;
+
+ # Add index.php to the list if you are using PHP
+ index index.html index.htm index.nginx-debian.html;
+
+ server_name _;
+
+ location / {
+ # First attempt to serve request as file, then
+ # as directory, then fall back to displaying a 404.
+ try_files $uri $uri/ =404;
+ }
+
+ # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+ #
+ #location ~ \.php$ {
+ # include snippets/fastcgi-php.conf;
+ #
+ # # With php5-cgi alone:
+ # fastcgi_pass 127.0.0.1:9000;
+ # # With php5-fpm:
+ # fastcgi_pass unix:/var/run/php5-fpm.sock;
+ #}
+
+ # deny access to .htaccess files, if Apache's document root
+ # concurs with nginx's one
+ #
+ #location ~ /\.ht {
+ # deny all;
+ #}
+}
+
+
+# Virtual Host configuration for example.com
+#
+# You can move that to a different file under sites-available/ and symlink that
+# to sites-enabled/ to enable it.
+#
+#server {
+# listen 80;
+# listen [::]:80;
+#
+# server_name example.com;
+#
+# root /var/www/example.com;
+# index index.html;
+#
+# location / {
+# try_files $uri $uri/ =404;
+# }
+#}
--- /dev/null
+/etc/nginx/sites-available/default
\ No newline at end of file
--- /dev/null
+# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+# Check that the PHP script exists before passing it
+try_files $fastcgi_script_name =404;
+
+# Bypass the fact that try_files resets $fastcgi_path_info
+# see: http://trac.nginx.org/nginx/ticket/321
+set $path_info $fastcgi_path_info;
+fastcgi_param PATH_INFO $path_info;
+
+fastcgi_index index.php;
+include fastcgi.conf;
--- /dev/null
+# Self signed certificates generated by the ssl-cert package
+# Don't use them in a production server!
+
+ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
--- /dev/null
+# Use HTTP Strict Transport Security to force client to use secure
+# connections only. References:
+#
+# * RFC Document (6797): HTTP Strict Transport Security (HSTS)
+# https://tools.ietf.org/html/rfc6797#section-6.1.2
+#
+# * Short tutorial from Mozilla:
+# https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
+#
+# WARNING: According to RFC document, HSTS will fail with self-signed SSL
+# certificate.
+# https://tools.ietf.org/html/rfc6797#page-27
+#
+# Syntax:
+#
+# Strict-Transport-Security: max-age=expireTime [; includeSubDomains] [; preload]
+add_header Strict-Transport-Security "max-age=63072000";
--- /dev/null
+# Settings for iRedAdmin.
+
+# static files under /iredadmin/static
+location ~ ^/iredadmin/static/(.*)\.(png|jpg|gif|css|js) {
+ alias /opt/www/iredadmin/static/$1.$2;
+}
+
+# Python scripts
+location ~ ^/iredadmin(.*) {
+ rewrite ^/iredadmin(/.*)$ $1 break;
+
+ include uwsgi_params;
+ uwsgi_pass unix:/var/run/uwsgi_iredadmin.socket;
+ uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
+ uwsgi_param UWSGI_SCRIPT iredadmin;
+ uwsgi_param SCRIPT_NAME /iredadmin;
+
+ # Access control
+ #allow 127.0.0.1;
+ #allow 192.168.1.10;
+ #allow 192.168.1.0/24;
+ #deny all;
+}
+
+# iRedAdmin: redirect /iredadmin to /iredadmin/
+location = /iredadmin {
+ rewrite ^ /iredadmin/;
+}
--- /dev/null
+# Deny all attempts to access hidden files such as .htaccess.
+location ~ /\. { deny all; }
+
+# Handling noisy messages
+location = ^/favicon.ico { access_log off; log_not_found off; }
+location = ^/robots.txt { log_not_found off; access_log off; allow all; }
--- /dev/null
+# Normal PHP scripts
+location ~ \.php$ {
+ include fastcgi_params;
+ fastcgi_pass php_workers;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+}
--- /dev/null
+# Redirect webmail/SOGo/iredadmin to HTTPS
+location ~ ^/mail { rewrite ^ https://$host$request_uri?; }
+location ~* ^/sogo { rewrite ^ https://$host/SOGo; }
+location ~ ^/iredadmin { rewrite ^ https://$host$request_uri?; }
--- /dev/null
+# Roundcube webmail
+location ~ ^/mail(.*)\.php$ {
+ include fastcgi_params;
+ fastcgi_pass php_workers;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /opt/www/roundcubemail$1.php;
+}
+
+location ~ ^/mail(.*) {
+ alias /opt/www/roundcubemail$1;
+ index index.php;
+}
+
+location ~ ^/mail/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { deny all; }
--- /dev/null
+# Settings for SOGo Groupware
+
+# SOGo
+location ~ ^/sogo { rewrite ^ https://$host/SOGo; }
+location ~ ^/SOGO { rewrite ^ https://$host/SOGo; }
+
+# For Mac OS X and iOS devices.
+rewrite ^/.well-known/caldav /SOGo/dav permanent;
+rewrite ^/.well-known/carddav /SOGo/dav permanent;
+rewrite ^/principals/ /SOGo/dav permanent;
+
+location ^~ /SOGo {
+ proxy_pass http://127.0.0.1:20000;
+ #proxy_redirect http://127.0.0.1:20000/SOGo/ /SOGo;
+
+ # forward user's IP address
+ #proxy_set_header X-Real-IP $remote_addr;
+ #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ #proxy_set_header Host $host;
+ proxy_set_header x-webobjects-server-protocol HTTP/1.0;
+ #proxy_set_header x-webobjects-remote-host 127.0.0.1;
+ #proxy_set_header x-webobjects-server-name $server_name;
+ proxy_set_header x-webobjects-server-url $scheme://$host;
+}
+
+location ^~ /Microsoft-Server-ActiveSync {
+ proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
+ proxy_redirect http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
+
+ proxy_connect_timeout 3540;
+ proxy_send_timeout 3540;
+ proxy_read_timeout 3540;
+}
+
+location ^~ /SOGo/Microsoft-Server-ActiveSync {
+ proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
+ proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
+
+ proxy_connect_timeout 3540;
+ proxy_send_timeout 3540;
+ proxy_read_timeout 3540;
+}
+
+location /SOGo.woa/WebServerResources/ {
+ alias /usr/lib/GNUstep/SOGo/WebServerResources/;
+}
+location /SOGo/WebServerResources/ {
+ alias /usr/lib/GNUstep/SOGo/WebServerResources/;
+}
+location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
+ alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
+}
--- /dev/null
+
+uwsgi_param QUERY_STRING $query_string;
+uwsgi_param REQUEST_METHOD $request_method;
+uwsgi_param CONTENT_TYPE $content_type;
+uwsgi_param CONTENT_LENGTH $content_length;
+
+uwsgi_param REQUEST_URI $request_uri;
+uwsgi_param PATH_INFO $document_uri;
+uwsgi_param DOCUMENT_ROOT $document_root;
+uwsgi_param SERVER_PROTOCOL $server_protocol;
+uwsgi_param HTTPS $https if_not_empty;
+
+uwsgi_param REMOTE_ADDR $remote_addr;
+uwsgi_param REMOTE_PORT $remote_port;
+uwsgi_param SERVER_PORT $server_port;
+uwsgi_param SERVER_NAME $server_name;
--- /dev/null
+# This map is not a full windows-1251 <> utf8 map: it does not
+# contain Serbian and Macedonian letters. If you need a full map,
+# use contrib/unicode2nginx/win-utf map instead.
+
+charset_map windows-1251 utf-8 {
+
+ 82 E2809A; # single low-9 quotation mark
+
+ 84 E2809E; # double low-9 quotation mark
+ 85 E280A6; # ellipsis
+ 86 E280A0; # dagger
+ 87 E280A1; # double dagger
+ 88 E282AC; # euro
+ 89 E280B0; # per mille
+
+ 91 E28098; # left single quotation mark
+ 92 E28099; # right single quotation mark
+ 93 E2809C; # left double quotation mark
+ 94 E2809D; # right double quotation mark
+ 95 E280A2; # bullet
+ 96 E28093; # en dash
+ 97 E28094; # em dash
+
+ 99 E284A2; # trade mark sign
+
+ A0 C2A0; #
+ A1 D18E; # capital Byelorussian short U
+ A2 D19E; # small Byelorussian short u
+
+ A4 C2A4; # currency sign
+ A5 D290; # capital Ukrainian soft G
+ A6 C2A6; # borken bar
+ A7 C2A7; # section sign
+ A8 D081; # capital YO
+ A9 C2A9; # (C)
+ AA D084; # capital Ukrainian YE
+ AB C2AB; # left-pointing double angle quotation mark
+ AC C2AC; # not sign
+ AD C2AD; # soft hypen
+ AE C2AE; # (R)
+ AF D087; # capital Ukrainian YI
+
+ B0 C2B0; # °
+ B1 C2B1; # plus-minus sign
+ B2 D086; # capital Ukrainian I
+ B3 D196; # small Ukrainian i
+ B4 D291; # small Ukrainian soft g
+ B5 C2B5; # micro sign
+ B6 C2B6; # pilcrow sign
+ B7 C2B7; # ·
+ B8 D191; # small yo
+ B9 E28496; # numero sign
+ BA D194; # small Ukrainian ye
+ BB C2BB; # right-pointing double angle quotation mark
+
+ BF D197; # small Ukrainian yi
+
+ C0 D090; # capital A
+ C1 D091; # capital B
+ C2 D092; # capital V
+ C3 D093; # capital G
+ C4 D094; # capital D
+ C5 D095; # capital YE
+ C6 D096; # capital ZH
+ C7 D097; # capital Z
+ C8 D098; # capital I
+ C9 D099; # capital J
+ CA D09A; # capital K
+ CB D09B; # capital L
+ CC D09C; # capital M
+ CD D09D; # capital N
+ CE D09E; # capital O
+ CF D09F; # capital P
+
+ D0 D0A0; # capital R
+ D1 D0A1; # capital S
+ D2 D0A2; # capital T
+ D3 D0A3; # capital U
+ D4 D0A4; # capital F
+ D5 D0A5; # capital KH
+ D6 D0A6; # capital TS
+ D7 D0A7; # capital CH
+ D8 D0A8; # capital SH
+ D9 D0A9; # capital SHCH
+ DA D0AA; # capital hard sign
+ DB D0AB; # capital Y
+ DC D0AC; # capital soft sign
+ DD D0AD; # capital E
+ DE D0AE; # capital YU
+ DF D0AF; # capital YA
+
+ E0 D0B0; # small a
+ E1 D0B1; # small b
+ E2 D0B2; # small v
+ E3 D0B3; # small g
+ E4 D0B4; # small d
+ E5 D0B5; # small ye
+ E6 D0B6; # small zh
+ E7 D0B7; # small z
+ E8 D0B8; # small i
+ E9 D0B9; # small j
+ EA D0BA; # small k
+ EB D0BB; # small l
+ EC D0BC; # small m
+ ED D0BD; # small n
+ EE D0BE; # small o
+ EF D0BF; # small p
+
+ F0 D180; # small r
+ F1 D181; # small s
+ F2 D182; # small t
+ F3 D183; # small u
+ F4 D184; # small f
+ F5 D185; # small kh
+ F6 D186; # small ts
+ F7 D187; # small ch
+ F8 D188; # small sh
+ F9 D189; # small shch
+ FA D18A; # small hard sign
+ FB D18B; # small y
+ FC D18C; # small soft sign
+ FD D18D; # small e
+ FE D18E; # small yu
+ FF D18F; # small ya
+}
--- /dev/null
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc-reference' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
+passwd: compat
+group: compat
+shadow: compat
+gshadow: files
+
+hosts: files dns
+networks: files
+
+protocols: db files
+services: db files
+ethers: db files
+rpc: db files
+
+netgroup: nis
--- /dev/null
+../usr/lib/os-release
\ No newline at end of file
--- /dev/null
+# ---------------------------------------------------------------------------#
+# /etc/pam.conf #
+# ---------------------------------------------------------------------------#
+#
+# NOTE
+# ----
+#
+# NOTE: Most program use a file under the /etc/pam.d/ directory to setup their
+# PAM service modules. This file is used only if that directory does not exist.
+# ---------------------------------------------------------------------------#
+
+# Format:
+# serv. module ctrl module [path] ...[args..] #
+# name type flag #
+
--- /dev/null
+#
+# The PAM configuration file for the at daemon
+#
+
+auth required pam_env.so
+@include common-auth
+@include common-account
+session required pam_loginuid.so
+@include common-session-noninteractive
+session required pam_limits.so
--- /dev/null
+#
+# The PAM configuration file for the Shadow `chfn' service
+#
+
+# This allows root to change user infomation without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- /dev/null
+# The PAM configuration file for the Shadow 'chpasswd' service
+#
+
+@include common-password
+
--- /dev/null
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth required pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth sufficient pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
--- /dev/null
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system. The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
+# here's the fallback if no module succeeds
+account requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth [success=1 default=ignore] pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords. The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords. Without this option,
+# the default is Unix crypt. Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password [success=1 default=ignore] pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+session optional pam_systemd.so
+# end of pam-auth-update config
--- /dev/null
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules. See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session [default=1] pam_permit.so
+# here's the fallback if no module succeeds
+session requisite pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session required pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session required pam_unix.so
+# end of pam-auth-update config
--- /dev/null
+# The PAM configuration file for the cron daemon
+
+@include common-auth
+
+# Sets the loginuid process attribute
+session required pam_loginuid.so
+
+# Read environment variables from pam_env's default files, /etc/environment
+# and /etc/security/pam_env.conf.
+session required pam_env.so
+
+# In addition, read system locale information
+session required pam_env.so envfile=/etc/default/locale
+
+@include common-account
+@include common-session-noninteractive
+
+# Sets up user limits, please define limits for cron tasks
+# through /etc/security/limits.conf
+session required pam_limits.so
+
--- /dev/null
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session
+
--- /dev/null
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth optional pam_faildelay.so delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth required pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth requisite pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth optional pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account required pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session optional pam_lastlog.so
+
+# Prints the message of the day upon succesful login.
+# (Replaces the `MOTD_FILE' option in login.defs)
+session optional pam_exec.so type=open_session stdout /bin/uname -snrvm
+session optional pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session optional pam_mail.so standard
+
+# Sets the loginuid process attribute
+session required pam_loginuid.so
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
--- /dev/null
+# The PAM configuration file for the Shadow 'newusers' service
+#
+
+@include common-password
+
--- /dev/null
+#
+# /etc/pam.d/other - specify the PAM fallback behaviour
+#
+# Note that this file is used for any unspecified service; for example
+#if /etc/pam.d/cron specifies no session modules but cron calls
+#pam_open_session, the session module out of /etc/pam.d/other is
+#used. If you really want nothing to happen then use pam_permit.so or
+#pam_deny.so as appropriate.
+
+# We fall back to the system default in /etc/pam.d/common-*
+#
+
+@include common-auth
+@include common-account
+@include common-password
+@include common-session
--- /dev/null
+#
+# The PAM configuration file for the Shadow `passwd' service
+#
+
+@include common-password
+
--- /dev/null
+#%PAM-1.0
+auth sufficient pam_rootok.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
--- /dev/null
+#%PAM-1.0
+auth include runuser
+session optional pam_keyinit.so force revoke
+-session optional pam_systemd.so
+session include runuser
--- /dev/null
+# PAM configuration for the Secure Shell service
+
+# Standard Un*x authentication.
+@include common-auth
+
+# Disallow non-root logins when /etc/nologin exists.
+account required pam_nologin.so
+
+# Uncomment and edit /etc/security/access.conf if you need to set complex
+# access limits that are hard to express in sshd_config.
+# account required pam_access.so
+
+# Standard Un*x authorization.
+@include common-account
+
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without this it is possible that a
+# module could execute code in the wrong domain.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# Set the loginuid process attribute.
+session required pam_loginuid.so
+
+# Create a new session keyring.
+session optional pam_keyinit.so force revoke
+
+# Standard Un*x session setup and teardown.
+@include common-session
+
+# Print the message of the day upon successful login.
+# This includes a dynamically generated part from /run/motd.dynamic
+# and a static (admin-editable) part from /etc/motd.
+session optional pam_motd.so motd=/run/motd.dynamic
+session optional pam_motd.so noupdate
+
+# Print the status of the user's mailbox upon successful login.
+session optional pam_mail.so standard noenv # [1]
+
+# Set up user limits from /etc/security/limits.conf.
+session required pam_limits.so
+
+# Read environment variables from /etc/environment and
+# /etc/security/pam_env.conf.
+session required pam_env.so # [1]
+# In Debian 4.0 (etch), locale-related environment variables were moved to
+# /etc/default/locale, so read that as well.
+session required pam_env.so user_readenv=1 envfile=/etc/default/locale
+
+# SELinux needs to intervene at login time to ensure that the process starts
+# in the proper default security context. Only sessions which are intended
+# to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+
+# Standard Un*x password updating.
+@include common-password
--- /dev/null
+#
+# The PAM configuration file for the Shadow `su' service
+#
+
+# This allows root to su without passwords (normal operation)
+auth sufficient pam_rootok.so
+
+# Uncomment this to force users to be a member of group root
+# before they can use `su'. You can also add "group=foo"
+# to the end of this line if you want to use a group other
+# than the default "root" (but this may have side effect of
+# denying "root" user, unless she's a member of "foo" or explicitly
+# permitted earlier by e.g. "sufficient pam_rootok.so").
+# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
+# auth required pam_wheel.so
+
+# Uncomment this if you want wheel members to be able to
+# su without a password.
+# auth sufficient pam_wheel.so trust
+
+# Uncomment this if you want members of a specific group to not
+# be allowed to use su at all.
+# auth required pam_wheel.so deny group=nosu
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on su usage.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account requisite pam_time.so
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+#
+# parsing /etc/environment needs "readenv=1"
+session required pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session required pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+#
+# "nopen" stands to avoid reporting new mail when su'ing to another user
+session optional pam_mail.so nopen
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session required pam_limits.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- /dev/null
+#%PAM-1.0
+
+@include common-auth
+@include common-account
+@include common-session-noninteractive
--- /dev/null
+#%PAM-1.0
+
+# Used by systemd when launching systemd user instances.
+
+@include common-account
+@include common-session-noninteractive
+auth required pam_deny.so
+password required pam_deny.so
+session optional pam_systemd.so
--- /dev/null
+root:x:0:0:root Sarah:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
+bin:x:2:2:bin:/bin:/usr/sbin/nologin
+sys:x:3:3:sys:/dev:/usr/sbin/nologin
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/usr/sbin/nologin
+man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
+lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
+mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
+news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
+uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
+proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
+list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
+irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
+nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
+systemd-timesync:x:100:103:systemd Time Synchronization,,,:/run/systemd:/bin/false
+systemd-network:x:101:104:systemd Network Management,,,:/run/systemd/netif:/bin/false
+systemd-resolve:x:102:105:systemd Resolver,,,:/run/systemd/resolve:/bin/false
+systemd-bus-proxy:x:103:106:systemd Bus Proxy,,,:/run/systemd:/bin/false
+sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
+messagebus:x:105:110::/var/run/dbus:/bin/false
+mysql:x:106:112:MySQL Server,,,:/var/lib/mysql:/bin/false
+postfix:x:107:114::/var/spool/postfix:/bin/false
+clamav:x:108:116::/var/lib/clamav:/bin/false
+dovecot:x:109:117:Dovecot mail server,,,:/usr/lib/dovecot:/bin/false
+dovenull:x:110:118:Dovecot login user,,,:/nonexistent:/bin/false
+amavis:x:111:119:AMaViS system user,,,:/var/lib/amavis:/bin/sh
+debian-spamd:x:112:120::/var/lib/spamassassin:/bin/sh
+vmail:x:2000:2000::/home/vmail:/usr/sbin/nologin
+iredadmin:x:2001:2001::/home/iredadmin:/usr/sbin/nologin
+iredapd:x:2002:2002::/home/iredapd:/usr/sbin/nologin
+ulog:x:113:121::/var/log/ulog:/bin/false
+frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash
--- /dev/null
+root:x:0:0:root Sarah:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
+bin:x:2:2:bin:/bin:/usr/sbin/nologin
+sys:x:3:3:sys:/dev:/usr/sbin/nologin
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/usr/sbin/nologin
+man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
+lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
+mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
+news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
+uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
+proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
+www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
+backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
+list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
+irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
+nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
+systemd-timesync:x:100:103:systemd Time Synchronization,,,:/run/systemd:/bin/false
+systemd-network:x:101:104:systemd Network Management,,,:/run/systemd/netif:/bin/false
+systemd-resolve:x:102:105:systemd Resolver,,,:/run/systemd/resolve:/bin/false
+systemd-bus-proxy:x:103:106:systemd Bus Proxy,,,:/run/systemd:/bin/false
+sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
+messagebus:x:105:110::/var/run/dbus:/bin/false
+mysql:x:106:112:MySQL Server,,,:/var/lib/mysql:/bin/false
+postfix:x:107:114::/var/spool/postfix:/bin/false
+clamav:x:108:116::/var/lib/clamav:/bin/false
+dovecot:x:109:117:Dovecot mail server,,,:/usr/lib/dovecot:/bin/false
+dovenull:x:110:118:Dovecot login user,,,:/nonexistent:/bin/false
+amavis:x:111:119:AMaViS system user,,,:/var/lib/amavis:/bin/sh
+debian-spamd:x:112:120::/var/lib/spamassassin:/bin/sh
+vmail:x:2000:2000::/home/vmail:/usr/sbin/nologin
+iredadmin:x:2001:2001::/home/iredadmin:/usr/sbin/nologin
+iredapd:x:2002:2002::/home/iredapd:/usr/sbin/nologin
+ulog:x:113:121::/var/log/ulog:/bin/false
--- /dev/null
+# Prior to perl 5.8.8-7, libnet was a seperate package with a debconf
+# configuration managed config in /etc/libnet.cfg which is used if
+# present. Remove the following line, or the old file before making
+# changes below.
+return do '/etc/libnet.cfg' if -f '/etc/libnet.cfg';
+
+{
+ nntp_hosts => [ qw {} ],
+ snpp_hosts => [ qw {} ],
+ pop3_hosts => [ qw {} ],
+ smtp_hosts => [ qw {} ],
+ ph_hosts => [ qw {} ],
+ daytime_hosts => [ qw {} ],
+ time_hosts => [ qw {} ],
+ inet_domain => undef,
+ ftp_firewall => qq {},
+ ftp_firewall_type => qq {},
+ ftp_ext_passive => 0,
+ ftp_int_passive => 0,
+ local_netmask => qq {},
+}
--- /dev/null
+../../mods-available/opcache.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/pdo.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/curl.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/gd.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/intl.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/json.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mcrypt.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mysql.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mysqli.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/pdo_mysql.ini
\ No newline at end of file
--- /dev/null
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; About php.ini ;
+;;;;;;;;;;;;;;;;;;;
+; PHP's initialization file, generally called php.ini, is responsible for
+; configuring many of the aspects of PHP's behavior.
+
+; PHP attempts to find and load this configuration from a number of locations.
+; The following is a summary of its search order:
+; 1. SAPI module specific location.
+; 2. The PHPRC environment variable. (As of PHP 5.2.0)
+; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
+; 4. Current working directory (except CLI)
+; 5. The web server's directory (for SAPI modules), or directory of PHP
+; (otherwise in Windows)
+; 6. The directory from the --with-config-file-path compile time option, or the
+; Windows directory (C:\windows or C:\winnt)
+; See the PHP docs for more specific information.
+; http://php.net/configuration.file
+
+; The syntax of the file is extremely simple. Whitespace and lines
+; beginning with a semicolon are silently ignored (as you probably guessed).
+; Section headers (e.g. [Foo]) are also silently ignored, even though
+; they might mean something in the future.
+
+; Directives following the section heading [PATH=/www/mysite] only
+; apply to PHP files in the /www/mysite directory. Directives
+; following the section heading [HOST=www.example.com] only apply to
+; PHP files served from www.example.com. Directives set in these
+; special sections cannot be overridden by user-defined INI files or
+; at runtime. Currently, [PATH=] and [HOST=] sections only work under
+; CGI/FastCGI.
+; http://php.net/ini.sections
+
+; Directives are specified using the following syntax:
+; directive = value
+; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
+; Directives are variables used to configure PHP or PHP extensions.
+; There is no name validation. If PHP can't find an expected
+; directive because it is not set or is mistyped, a default value will be used.
+
+; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
+; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
+; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
+; previously set variable or directive (e.g. ${foo})
+
+; Expressions in the INI file are limited to bitwise operators and parentheses:
+; | bitwise OR
+; ^ bitwise XOR
+; & bitwise AND
+; ~ bitwise NOT
+; ! boolean NOT
+
+; Boolean flags can be turned on using the values 1, On, True or Yes.
+; They can be turned off using the values 0, Off, False or No.
+
+; An empty string can be denoted by simply not writing anything after the equal
+; sign, or by using the None keyword:
+
+; foo = ; sets foo to an empty string
+; foo = None ; sets foo to an empty string
+; foo = "None" ; sets foo to the string 'None'
+
+; If you use constants in your value, and these constants belong to a
+; dynamically loaded extension (either a PHP extension or a Zend extension),
+; you may only use these constants *after* the line that loads the extension.
+
+;;;;;;;;;;;;;;;;;;;
+; About this file ;
+;;;;;;;;;;;;;;;;;;;
+; PHP comes packaged with two INI files. One that is recommended to be used
+; in production environments and one that is recommended to be used in
+; development environments.
+
+; php.ini-production contains settings which hold security, performance and
+; best practices at its core. But please be aware, these settings may break
+; compatibility with older or less security conscience applications. We
+; recommending using the production ini in production and testing environments.
+
+; php.ini-development is very similar to its production variant, except it is
+; much more verbose when it comes to errors. We recommend using the
+; development version only in development environments, as errors shown to
+; application users can inadvertently leak otherwise secure information.
+
+; This is php.ini-production INI file.
+
+;;;;;;;;;;;;;;;;;;;
+; Quick Reference ;
+;;;;;;;;;;;;;;;;;;;
+; The following are all the settings which are different in either the production
+; or development versions of the INIs with respect to PHP's default behavior.
+; Please see the actual settings later in the document for more details as to why
+; we recommend these changes in PHP's behavior.
+
+; display_errors
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+
+; display_startup_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; error_reporting
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; html_errors
+; Default Value: On
+; Development Value: On
+; Production value: On
+
+; log_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+
+; max_input_time
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+
+; output_buffering
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+
+; register_argc_argv
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; request_order
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+
+; session.gc_divisor
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+
+; session.hash_bits_per_character
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+
+; short_open_tag
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; track_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; url_rewriter.tags
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; variables_order
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS"
+
+;;;;;;;;;;;;;;;;;;;;
+; php.ini Options ;
+;;;;;;;;;;;;;;;;;;;;
+; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
+;user_ini.filename = ".user.ini"
+
+; To disable this feature set this option to empty value
+;user_ini.filename =
+
+; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
+;user_ini.cache_ttl = 300
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Enable the PHP scripting language engine under Apache.
+; http://php.net/engine
+engine = On
+
+; This directive determines whether or not PHP will recognize code between
+; <? and ?> tags as PHP source which should be processed as such. It is
+; generally recommended that <?php and ?> should be used and that this feature
+; should be disabled, as enabling it may result in issues when generating XML
+; documents, however this remains supported for backward compatibility reasons.
+; Note that this directive does not control the <?= shorthand tag, which can be
+; used regardless of this directive.
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/short-open-tag
+short_open_tag = Off
+
+; Allow ASP-style <% %> tags.
+; http://php.net/asp-tags
+asp_tags = Off
+
+; The number of significant digits displayed in floating point numbers.
+; http://php.net/precision
+precision = 14
+
+; Output buffering is a mechanism for controlling how much output data
+; (excluding headers and cookies) PHP should keep internally before pushing that
+; data to the client. If your application's output exceeds this setting, PHP
+; will send that data in chunks of roughly the size you specify.
+; Turning on this setting and managing its maximum buffer size can yield some
+; interesting side-effects depending on your application and web server.
+; You may be able to send headers and cookies after you've already sent output
+; through print or echo. You also may see performance benefits if your server is
+; emitting less packets due to buffered output versus PHP streaming the output
+; as it gets it. On production servers, 4096 bytes is a good setting for performance
+; reasons.
+; Note: Output buffering can also be controlled via Output Buffering Control
+; functions.
+; Possible Values:
+; On = Enabled and buffer is unlimited. (Use with caution)
+; Off = Disabled
+; Integer = Enables the buffer and sets its maximum size in bytes.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+; http://php.net/output-buffering
+output_buffering = 4096
+
+; You can redirect all of the output of your scripts to a function. For
+; example, if you set output_handler to "mb_output_handler", character
+; encoding will be transparently converted to the specified encoding.
+; Setting any output handler automatically turns on output buffering.
+; Note: People who wrote portable scripts should not depend on this ini
+; directive. Instead, explicitly set the output handler using ob_start().
+; Using this ini directive may cause problems unless you know what script
+; is doing.
+; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
+; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
+; Note: output_handler must be empty if this is set 'On' !!!!
+; Instead you must use zlib.output_handler.
+; http://php.net/output-handler
+;output_handler =
+
+; Transparent output compression using the zlib library
+; Valid values for this option are 'off', 'on', or a specific buffer size
+; to be used for compression (default is 4KB)
+; Note: Resulting chunk size may vary due to nature of compression. PHP
+; outputs chunks that are few hundreds bytes each as a result of
+; compression. If you prefer a larger chunk size for better
+; performance, enable output_buffering in addition.
+; Note: You need to use zlib.output_handler instead of the standard
+; output_handler, or otherwise the output will be corrupted.
+; http://php.net/zlib.output-compression
+zlib.output_compression = Off
+
+; http://php.net/zlib.output-compression-level
+;zlib.output_compression_level = -1
+
+; You cannot specify additional output handlers if zlib.output_compression
+; is activated here. This setting does the same as output_handler but in
+; a different order.
+; http://php.net/zlib.output-handler
+;zlib.output_handler =
+
+; Implicit flush tells PHP to tell the output layer to flush itself
+; automatically after every output block. This is equivalent to calling the
+; PHP function flush() after each and every call to print() or echo() and each
+; and every HTML block. Turning this option on has serious performance
+; implications and is generally recommended for debugging purposes only.
+; http://php.net/implicit-flush
+; Note: This directive is hardcoded to On for the CLI SAPI
+implicit_flush = Off
+
+; The unserialize callback function will be called (with the undefined class'
+; name as parameter), if the unserializer finds an undefined class
+; which should be instantiated. A warning appears if the specified function is
+; not defined, or if the function doesn't include/implement the missing class.
+; So only set this entry, if you really want to implement such a
+; callback-function.
+unserialize_callback_func =
+
+; When floats & doubles are serialized store serialize_precision significant
+; digits after the floating point. The default value ensures that when floats
+; are decoded with unserialize, the data will remain the same.
+serialize_precision = 17
+
+; open_basedir, if set, limits all file operations to the defined directory
+; and below. This directive makes most sense if used in a per-directory
+; or per-virtualhost web server configuration file.
+; http://php.net/open-basedir
+;open_basedir =
+
+; This directive allows you to disable certain functions for security reasons.
+; It receives a comma-delimited list of function names.
+; http://php.net/disable-functions
+disable_functions =
+
+; This directive allows you to disable certain classes for security reasons.
+; It receives a comma-delimited list of class names.
+; http://php.net/disable-classes
+disable_classes =
+
+; Colors for Syntax Highlighting mode. Anything that's acceptable in
+; <span style="color: ???????"> would work.
+; http://php.net/syntax-highlighting
+;highlight.string = #DD0000
+;highlight.comment = #FF9900
+;highlight.keyword = #007700
+;highlight.default = #0000BB
+;highlight.html = #000000
+
+; If enabled, the request will be allowed to complete even if the user aborts
+; the request. Consider enabling it if executing long requests, which may end up
+; being interrupted by the user or a browser timing out. PHP's default behavior
+; is to disable this feature.
+; http://php.net/ignore-user-abort
+;ignore_user_abort = On
+
+; Determines the size of the realpath cache to be used by PHP. This value should
+; be increased on systems where PHP opens many files to reflect the quantity of
+; the file operations performed.
+; http://php.net/realpath-cache-size
+;realpath_cache_size = 16k
+
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; http://php.net/realpath-cache-ttl
+;realpath_cache_ttl = 120
+
+; Enables or disables the circular reference collector.
+; http://php.net/zend.enable-gc
+zend.enable_gc = On
+
+; If enabled, scripts may be written in encodings that are incompatible with
+; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such
+; encodings. To use this feature, mbstring extension must be enabled.
+; Default: Off
+;zend.multibyte = Off
+
+; Allows to set the default encoding for the scripts. This value will be used
+; unless "declare(encoding=...)" directive appears at the top of the script.
+; Only affects if zend.multibyte is set.
+; Default: ""
+;zend.script_encoding =
+
+;;;;;;;;;;;;;;;;;
+; Miscellaneous ;
+;;;;;;;;;;;;;;;;;
+
+; Decides whether PHP may expose the fact that it is installed on the server
+; (e.g. by adding its signature to the Web server header). It is no security
+; threat in any way, but it makes it possible to determine whether you use PHP
+; on your server or not.
+; http://php.net/expose-php
+expose_php = On
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+
+; Maximum execution time of each script, in seconds
+; http://php.net/max-execution-time
+; Note: This directive is hardcoded to 0 for the CLI SAPI
+max_execution_time = 30
+
+; Maximum amount of time each script may spend parsing request data. It's a good
+; idea to limit this time on productions servers in order to eliminate unexpectedly
+; long running scripts.
+; Note: This directive is hardcoded to -1 for the CLI SAPI
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+; http://php.net/max-input-time
+max_input_time = 60
+
+; Maximum input variable nesting level
+; http://php.net/max-input-nesting-level
+;max_input_nesting_level = 64
+
+; How many GET/POST/COOKIE input variables may be accepted
+; max_input_vars = 1000
+
+; Maximum amount of memory a script may consume (128MB)
+; http://php.net/memory-limit
+memory_limit = -1
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; This directive informs PHP of which errors, warnings and notices you would like
+; it to take action for. The recommended way of setting values for this
+; directive is through the use of the error level constants and bitwise
+; operators. The error level constants are below here for convenience as well as
+; some common settings and their meanings.
+; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
+; those related to E_NOTICE and E_STRICT, which together cover best practices and
+; recommended coding standards in PHP. For performance reasons, this is the
+; recommend error reporting setting. Your production server shouldn't be wasting
+; resources complaining about best practices and coding standards. That's what
+; development servers and development settings are for.
+; Note: The php.ini-development file has this setting as E_ALL. This
+; means it pretty much reports everything which is exactly what you want during
+; development and early testing.
+;
+; Error Level Constants:
+; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0)
+; E_ERROR - fatal run-time errors
+; E_RECOVERABLE_ERROR - almost fatal run-time errors
+; E_WARNING - run-time warnings (non-fatal errors)
+; E_PARSE - compile-time parse errors
+; E_NOTICE - run-time notices (these are warnings which often result
+; from a bug in your code, but it's possible that it was
+; intentional (e.g., using an uninitialized variable and
+; relying on the fact it is automatically initialized to an
+; empty string)
+; E_STRICT - run-time notices, enable to have PHP suggest changes
+; to your code which will ensure the best interoperability
+; and forward compatibility of your code
+; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
+; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
+; initial startup
+; E_COMPILE_ERROR - fatal compile-time errors
+; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
+; E_USER_ERROR - user-generated error message
+; E_USER_WARNING - user-generated warning message
+; E_USER_NOTICE - user-generated notice message
+; E_DEPRECATED - warn about code that will not work in future versions
+; of PHP
+; E_USER_DEPRECATED - user-generated deprecation warnings
+;
+; Common Values:
+; E_ALL (Show all errors, warnings and notices including coding standards.)
+; E_ALL & ~E_NOTICE (Show all errors, except for notices)
+; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
+; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+; http://php.net/error-reporting
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; This directive controls whether or not and where PHP will output errors,
+; notices and warnings too. Error output is very useful during development, but
+; it could be very dangerous in production environments. Depending on the code
+; which is triggering the error, sensitive information could potentially leak
+; out of your application such as database usernames and passwords or worse.
+; For production environments, we recommend logging errors rather than
+; sending them to STDOUT.
+; Possible Values:
+; Off = Do not display any errors
+; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
+; On or stdout = Display errors to STDOUT
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-errors
+display_errors = Off
+
+; The display of errors which occur during PHP's startup sequence are handled
+; separately from display_errors. PHP's default behavior is to suppress those
+; errors from clients. Turning the display of startup errors on can be useful in
+; debugging configuration problems. We strongly recommend you
+; set this to 'off' for production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-startup-errors
+display_startup_errors = Off
+
+; Besides displaying errors, PHP can also log errors to locations such as a
+; server-specific log, STDERR, or a location specified by the error_log
+; directive found below. While errors should not be displayed on productions
+; servers they should still be monitored and logging is a great way to do that.
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+; http://php.net/log-errors
+log_errors = On
+
+; Set maximum length of log_errors. In error_log information about the source is
+; added. The default is 1024 and 0 allows to not apply any maximum length at all.
+; http://php.net/log-errors-max-len
+log_errors_max_len = 1024
+
+; Do not log repeated messages. Repeated errors must occur in same file on same
+; line unless ignore_repeated_source is set true.
+; http://php.net/ignore-repeated-errors
+ignore_repeated_errors = Off
+
+; Ignore source of message when ignoring repeated messages. When this setting
+; is On you will not log errors with repeated messages from different files or
+; source lines.
+; http://php.net/ignore-repeated-source
+ignore_repeated_source = Off
+
+; If this parameter is set to Off, then memory leaks will not be shown (on
+; stdout or in the log). This has only effect in a debug compile, and if
+; error reporting includes E_WARNING in the allowed list
+; http://php.net/report-memleaks
+report_memleaks = On
+
+; This setting is on by default.
+;report_zend_debug = 0
+
+; Store the last error/warning message in $php_errormsg (boolean). Setting this value
+; to On can assist in debugging and is appropriate for development servers. It should
+; however be disabled on production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/track-errors
+track_errors = Off
+
+; Turn off normal error reporting and emit XML-RPC error XML
+; http://php.net/xmlrpc-errors
+;xmlrpc_errors = 0
+
+; An XML-RPC faultCode
+;xmlrpc_error_number = 0
+
+; When PHP displays or logs an error, it has the capability of formatting the
+; error message as HTML for easier reading. This directive controls whether
+; the error message is formatted as HTML or not.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: On
+; Development Value: On
+; Production value: On
+; http://php.net/html-errors
+html_errors = On
+
+; If html_errors is set to On *and* docref_root is not empty, then PHP
+; produces clickable error messages that direct to a page describing the error
+; or function causing the error in detail.
+; You can download a copy of the PHP manual from http://php.net/docs
+; and change docref_root to the base URL of your local copy including the
+; leading '/'. You must also specify the file extension being used including
+; the dot. PHP's default behavior is to leave these settings empty, in which
+; case no links to documentation are generated.
+; Note: Never use this feature for production boxes.
+; http://php.net/docref-root
+; Examples
+;docref_root = "/phpmanual/"
+
+; http://php.net/docref-ext
+;docref_ext = .html
+
+; String to output before an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-prepend-string
+; Example:
+;error_prepend_string = "<span style='color: #ff0000'>"
+
+; String to output after an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-append-string
+; Example:
+;error_append_string = "</span>"
+
+; Log errors to specified file. PHP's default behavior is to leave this value
+; empty.
+; http://php.net/error-log
+; Example:
+;error_log = php_errors.log
+; Log errors to syslog (Event Log on Windows).
+;error_log = syslog
+
+;windows.show_crt_warning
+; Default value: 0
+; Development value: 0
+; Production value: 0
+
+;;;;;;;;;;;;;;;;;
+; Data Handling ;
+;;;;;;;;;;;;;;;;;
+
+; The separator used in PHP generated URLs to separate arguments.
+; PHP's default setting is "&".
+; http://php.net/arg-separator.output
+; Example:
+;arg_separator.output = "&"
+
+; List of separator(s) used by PHP to parse input URLs into variables.
+; PHP's default setting is "&".
+; NOTE: Every character in this directive is considered as separator!
+; http://php.net/arg-separator.input
+; Example:
+;arg_separator.input = ";&"
+
+; This directive determines which super global arrays are registered when PHP
+; starts up. G,P,C,E & S are abbreviations for the following respective super
+; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty
+; paid for the registration of these arrays and because ENV is not as commonly
+; used as the others, ENV is not recommended on productions servers. You
+; can still get access to the environment variables through getenv() should you
+; need to.
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS";
+; http://php.net/variables-order
+variables_order = "GPCS"
+
+; This directive determines which super global data (G,P & C) should be
+; registered into the super global array REQUEST. If so, it also determines
+; the order in which that data is registered. The values for this directive
+; are specified in the same manner as the variables_order directive,
+; EXCEPT one. Leaving this value empty will cause PHP to use the value set
+; in the variables_order directive. It does not mean it will leave the super
+; globals array REQUEST empty.
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+; http://php.net/request-order
+request_order = "GP"
+
+; This directive determines whether PHP registers $argv & $argc each time it
+; runs. $argv contains an array of all the arguments passed to PHP when a script
+; is invoked. $argc contains an integer representing the number of arguments
+; that were passed when the script was invoked. These arrays are extremely
+; useful when running scripts from the command line. When this directive is
+; enabled, registering these variables consumes CPU cycles and memory each time
+; a script is executed. For performance reasons, this feature should be disabled
+; on production servers.
+; Note: This directive is hardcoded to On for the CLI SAPI
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/register-argc-argv
+register_argc_argv = Off
+
+; When enabled, the ENV, REQUEST and SERVER variables are created when they're
+; first used (Just In Time) instead of when the script starts. If these
+; variables are not used within a script, having this directive on will result
+; in a performance gain. The PHP directive register_argc_argv must be disabled
+; for this directive to have any affect.
+; http://php.net/auto-globals-jit
+auto_globals_jit = On
+
+; Whether PHP will read the POST data.
+; This option is enabled by default.
+; Most likely, you won't want to disable this option globally. It causes $_POST
+; and $_FILES to always be empty; the only way you will be able to read the
+; POST data will be through the php://input stream wrapper. This can be useful
+; to proxy requests or to process the POST data in a memory efficient fashion.
+; http://php.net/enable-post-data-reading
+;enable_post_data_reading = Off
+
+; Maximum size of POST data that PHP will accept.
+; Its value may be 0 to disable the limit. It is ignored if POST data reading
+; is disabled through enable_post_data_reading.
+; http://php.net/post-max-size
+post_max_size = 8M
+
+; Automatically add files before PHP document.
+; http://php.net/auto-prepend-file
+auto_prepend_file =
+
+; Automatically add files after PHP document.
+; http://php.net/auto-append-file
+auto_append_file =
+
+; By default, PHP will output a media type using the Content-Type header. To
+; disable this, simply set it to be empty.
+;
+; PHP's built-in default media type is set to text/html.
+; http://php.net/default-mimetype
+default_mimetype = "text/html"
+
+; PHP's default character set is set to UTF-8.
+; http://php.net/default-charset
+default_charset = "UTF-8"
+
+; PHP internal character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/internal-encoding
+;internal_encoding =
+
+; PHP input character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/input-encoding
+;input_encoding =
+
+; PHP output character encoding is set to empty.
+; If empty, default_charset is used.
+; mbstring or iconv output handler is used.
+; See also output_buffer.
+; http://php.net/output-encoding
+;output_encoding =
+
+; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
+; to disable this feature and it will be removed in a future version.
+; If post reading is disabled through enable_post_data_reading,
+; $HTTP_RAW_POST_DATA is *NOT* populated.
+; http://php.net/always-populate-raw-post-data
+;always_populate_raw_post_data = -1
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; UNIX: "/path1:/path2"
+;include_path = ".:/usr/share/php"
+;
+; Windows: "\path1;\path2"
+;include_path = ".;c:\php\includes"
+;
+; PHP's default setting for include_path is ".;/path/to/php/pear"
+; http://php.net/include-path
+
+; The root of the PHP pages, used only if nonempty.
+; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
+; if you are running php as a CGI under any web server (other than IIS)
+; see documentation for security issues. The alternate is to use the
+; cgi.force_redirect configuration below
+; http://php.net/doc-root
+doc_root =
+
+; The directory under which PHP opens the script using /~username used only
+; if nonempty.
+; http://php.net/user-dir
+user_dir =
+
+; Directory in which the loadable extensions (modules) reside.
+; http://php.net/extension-dir
+; extension_dir = "./"
+; On windows:
+; extension_dir = "ext"
+
+; Directory where the temporary files should be placed.
+; Defaults to the system default (see sys_get_temp_dir)
+; sys_temp_dir = "/tmp"
+
+; Whether or not to enable the dl() function. The dl() function does NOT work
+; properly in multithreaded servers, such as IIS or Zeus, and is automatically
+; disabled on them.
+; http://php.net/enable-dl
+enable_dl = Off
+
+; cgi.force_redirect is necessary to provide security running PHP as a CGI under
+; most web servers. Left undefined, PHP turns this on by default. You can
+; turn it off here AT YOUR OWN RISK
+; **You CAN safely turn this off for IIS, in fact, you MUST.**
+; http://php.net/cgi.force-redirect
+;cgi.force_redirect = 1
+
+; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
+; every request. PHP's default behavior is to disable this feature.
+;cgi.nph = 1
+
+; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
+; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
+; will look for to know it is OK to continue execution. Setting this variable MAY
+; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
+; http://php.net/cgi.redirect-status-env
+;cgi.redirect_status_env =
+
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
+; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
+; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; http://php.net/cgi.fix-pathinfo
+;cgi.fix_pathinfo=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client. This allows IIS to define the
+; security context that the request runs under. mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS. Default is zero.
+; http://php.net/fastcgi.impersonate
+;fastcgi.impersonate = 1
+
+; Disable logging through FastCGI connection. PHP's default behavior is to enable
+; this feature.
+;fastcgi.logging = 0
+
+; cgi.rfc2616_headers configuration option tells PHP what type of headers to
+; use when sending HTTP response code. If set to 0, PHP sends Status: header that
+; is supported by Apache. When this option is set to 1, PHP will send
+; RFC2616 compliant header.
+; Default is zero.
+; http://php.net/cgi.rfc2616-headers
+;cgi.rfc2616_headers = 0
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+
+; Whether to allow HTTP file uploads.
+; http://php.net/file-uploads
+file_uploads = On
+
+; Temporary directory for HTTP uploaded files (will use system default if not
+; specified).
+; http://php.net/upload-tmp-dir
+;upload_tmp_dir =
+
+; Maximum allowed size for uploaded files.
+; http://php.net/upload-max-filesize
+upload_max_filesize = 2M
+
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+
+; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-fopen
+allow_url_fopen = On
+
+; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-include
+allow_url_include = Off
+
+; Define the anonymous ftp password (your email address). PHP's default setting
+; for this is empty.
+; http://php.net/from
+;from="john@doe.com"
+
+; Define the User-Agent string. PHP's default setting for this is empty.
+; http://php.net/user-agent
+;user_agent="PHP"
+
+; Default timeout for socket based streams (seconds)
+; http://php.net/default-socket-timeout
+default_socket_timeout = 60
+
+; If your scripts have to deal with files from Macintosh systems,
+; or you are running on a Mac and need to deal with files from
+; unix or win32 systems, setting this flag will cause PHP to
+; automatically detect the EOL character in those files so that
+; fgets() and file() will work regardless of the source of the file.
+; http://php.net/auto-detect-line-endings
+;auto_detect_line_endings = Off
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+; extension=modulename.extension
+;
+; For example, on Windows:
+;
+; extension=msql.dll
+;
+; ... or under UNIX:
+;
+; extension=msql.so
+;
+; ... or with a path:
+;
+; extension=/path/to/extension/msql.so
+;
+; If you only provide the name of the extension, PHP will look for it in its
+; default extension directory.
+;
+
+;;;;;;;;;;;;;;;;;;;
+; Module Settings ;
+;;;;;;;;;;;;;;;;;;;
+
+[CLI Server]
+; Whether the CLI web server uses ANSI color coding in its terminal output.
+cli_server.color = On
+
+[Date]
+; Defines the default timezone used by the date functions
+; http://php.net/date.timezone
+;date.timezone =
+
+; http://php.net/date.default-latitude
+;date.default_latitude = 31.7667
+
+; http://php.net/date.default-longitude
+;date.default_longitude = 35.2333
+
+; http://php.net/date.sunrise-zenith
+;date.sunrise_zenith = 90.583333
+
+; http://php.net/date.sunset-zenith
+;date.sunset_zenith = 90.583333
+
+[filter]
+; http://php.net/filter.default
+;filter.default = unsafe_raw
+
+; http://php.net/filter.default-flags
+;filter.default_flags =
+
+[iconv]
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; If empty, default_charset or input_encoding or iconv.input_encoding is used.
+; The precedence is: default_charset < intput_encoding < iconv.input_encoding
+;iconv.input_encoding =
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;iconv.internal_encoding =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; If empty, default_charset or output_encoding or iconv.output_encoding is used.
+; The precedence is: default_charset < output_encoding < iconv.output_encoding
+; To use an output encoding conversion, iconv's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+;iconv.output_encoding =
+
+[intl]
+;intl.default_locale =
+; This directive allows you to produce PHP errors when some error
+; happens within intl functions. The value is the level of the error produced.
+; Default is 0, which does not produce any errors.
+;intl.error_level = E_WARNING
+;intl.use_exceptions = 0
+
+[sqlite3]
+;sqlite3.extension_dir =
+
+[Pcre]
+;PCRE library backtracking limit.
+; http://php.net/pcre.backtrack-limit
+;pcre.backtrack_limit=100000
+
+;PCRE library recursion limit.
+;Please note that if you set this value to a high number you may consume all
+;the available process stack and eventually crash PHP (due to reaching the
+;stack size limit imposed by the Operating System).
+; http://php.net/pcre.recursion-limit
+;pcre.recursion_limit=100000
+
+[Pdo]
+; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
+; http://php.net/pdo-odbc.connection-pooling
+;pdo_odbc.connection_pooling=strict
+
+;pdo_odbc.db2_instance_name
+
+[Pdo_mysql]
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/pdo_mysql.cache_size
+pdo_mysql.cache_size = 2000
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/pdo_mysql.default-socket
+pdo_mysql.default_socket=
+
+[Phar]
+; http://php.net/phar.readonly
+;phar.readonly = On
+
+; http://php.net/phar.require-hash
+;phar.require_hash = On
+
+;phar.cache_list =
+
+[mail function]
+; For Win32 only.
+; http://php.net/smtp
+SMTP = localhost
+; http://php.net/smtp-port
+smtp_port = 25
+
+; For Win32 only.
+; http://php.net/sendmail-from
+;sendmail_from = me@example.com
+
+; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
+; http://php.net/sendmail-path
+;sendmail_path =
+
+; Force the addition of the specified parameters to be passed as extra parameters
+; to the sendmail binary. These parameters will always replace the value of
+; the 5th parameter to mail().
+;mail.force_extra_parameters =
+
+; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
+mail.add_x_header = On
+
+; The path to a log file that will log all mail() calls. Log entries include
+; the full path of the script, line number, To address and headers.
+;mail.log =
+; Log mail to syslog (Event Log on Windows).
+;mail.log = syslog
+
+[SQL]
+; http://php.net/sql.safe-mode
+sql.safe_mode = Off
+
+[ODBC]
+; http://php.net/odbc.default-db
+;odbc.default_db = Not yet implemented
+
+; http://php.net/odbc.default-user
+;odbc.default_user = Not yet implemented
+
+; http://php.net/odbc.default-pw
+;odbc.default_pw = Not yet implemented
+
+; Controls the ODBC cursor model.
+; Default: SQL_CURSOR_STATIC (default).
+;odbc.default_cursortype
+
+; Allow or prevent persistent links.
+; http://php.net/odbc.allow-persistent
+odbc.allow_persistent = On
+
+; Check that a connection is still valid before reuse.
+; http://php.net/odbc.check-persistent
+odbc.check_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/odbc.max-persistent
+odbc.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/odbc.max-links
+odbc.max_links = -1
+
+; Handling of LONG fields. Returns number of bytes to variables. 0 means
+; passthru.
+; http://php.net/odbc.defaultlrl
+odbc.defaultlrl = 4096
+
+; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
+; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
+; of odbc.defaultlrl and odbc.defaultbinmode
+; http://php.net/odbc.defaultbinmode
+odbc.defaultbinmode = 1
+
+;birdstep.max_links = -1
+
+[Interbase]
+; Allow or prevent persistent links.
+ibase.allow_persistent = 1
+
+; Maximum number of persistent links. -1 means no limit.
+ibase.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+ibase.max_links = -1
+
+; Default database name for ibase_connect().
+;ibase.default_db =
+
+; Default username for ibase_connect().
+;ibase.default_user =
+
+; Default password for ibase_connect().
+;ibase.default_password =
+
+; Default charset for ibase_connect().
+;ibase.default_charset =
+
+; Default timestamp format.
+ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
+
+; Default date format.
+ibase.dateformat = "%Y-%m-%d"
+
+; Default time format.
+ibase.timeformat = "%H:%M:%S"
+
+[MySQL]
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysql.allow_local_infile
+mysql.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysql.allow-persistent
+mysql.allow_persistent = On
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysql.cache_size
+mysql.cache_size = 2000
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysql.max-persistent
+mysql.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/mysql.max-links
+mysql.max_links = -1
+
+; Default port number for mysql_connect(). If unset, mysql_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysql.default-port
+mysql.default_port =
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysql.default-socket
+mysql.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-host
+mysql.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-user
+mysql.default_user =
+
+; Default password for mysql_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysql.default-password
+mysql.default_password =
+
+; Maximum time (in seconds) for connect timeout. -1 means no limit
+; http://php.net/mysql.connect-timeout
+mysql.connect_timeout = 60
+
+; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
+; SQL-Errors will be displayed.
+; http://php.net/mysql.trace-mode
+mysql.trace_mode = Off
+
+[MySQLi]
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysqli.max-persistent
+mysqli.max_persistent = -1
+
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysqli.allow_local_infile
+;mysqli.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysqli.allow-persistent
+mysqli.allow_persistent = On
+
+; Maximum number of links. -1 means no limit.
+; http://php.net/mysqli.max-links
+mysqli.max_links = -1
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysqli.cache_size
+mysqli.cache_size = 2000
+
+; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysqli.default-port
+mysqli.default_port = 3306
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysqli.default-socket
+mysqli.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-host
+mysqli.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-user
+mysqli.default_user =
+
+; Default password for mysqli_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysqli.default-pw
+mysqli.default_pw =
+
+; Allow or prevent reconnect
+mysqli.reconnect = Off
+
+[mysqlnd]
+; Enable / Disable collection of general statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_statistics
+mysqlnd.collect_statistics = On
+
+; Enable / Disable collection of memory usage statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_memory_statistics
+mysqlnd.collect_memory_statistics = Off
+
+; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
+; http://php.net/mysqlnd.net_cmd_buffer_size
+;mysqlnd.net_cmd_buffer_size = 2048
+
+; Size of a pre-allocated buffer used for reading data sent by the server in
+; bytes.
+; http://php.net/mysqlnd.net_read_buffer_size
+;mysqlnd.net_read_buffer_size = 32768
+
+[OCI8]
+
+; Connection: Enables privileged connections using external
+; credentials (OCI_SYSOPER, OCI_SYSDBA)
+; http://php.net/oci8.privileged-connect
+;oci8.privileged_connect = Off
+
+; Connection: The maximum number of persistent OCI8 connections per
+; process. Using -1 means no limit.
+; http://php.net/oci8.max-persistent
+;oci8.max_persistent = -1
+
+; Connection: The maximum number of seconds a process is allowed to
+; maintain an idle persistent connection. Using -1 means idle
+; persistent connections will be maintained forever.
+; http://php.net/oci8.persistent-timeout
+;oci8.persistent_timeout = -1
+
+; Connection: The number of seconds that must pass before issuing a
+; ping during oci_pconnect() to check the connection validity. When
+; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
+; pings completely.
+; http://php.net/oci8.ping-interval
+;oci8.ping_interval = 60
+
+; Connection: Set this to a user chosen connection class to be used
+; for all pooled server requests with Oracle 11g Database Resident
+; Connection Pooling (DRCP). To use DRCP, this value should be set to
+; the same string for all web servers running the same application,
+; the database pool must be configured, and the connection string must
+; specify to use a pooled server.
+;oci8.connection_class =
+
+; High Availability: Using On lets PHP receive Fast Application
+; Notification (FAN) events generated when a database node fails. The
+; database must also be configured to post FAN events.
+;oci8.events = Off
+
+; Tuning: This option enables statement caching, and specifies how
+; many statements to cache. Using 0 disables statement caching.
+; http://php.net/oci8.statement-cache-size
+;oci8.statement_cache_size = 20
+
+; Tuning: Enables statement prefetching and sets the default number of
+; rows that will be fetched automatically after statement execution.
+; http://php.net/oci8.default-prefetch
+;oci8.default_prefetch = 100
+
+; Compatibility. Using On means oci_close() will not close
+; oci_connect() and oci_new_connect() connections.
+; http://php.net/oci8.old-oci-close-semantics
+;oci8.old_oci_close_semantics = Off
+
+[PostgreSQL]
+; Allow or prevent persistent links.
+; http://php.net/pgsql.allow-persistent
+pgsql.allow_persistent = On
+
+; Detect broken persistent links always with pg_pconnect().
+; Auto reset feature requires a little overheads.
+; http://php.net/pgsql.auto-reset-persistent
+pgsql.auto_reset_persistent = Off
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/pgsql.max-persistent
+pgsql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+; http://php.net/pgsql.max-links
+pgsql.max_links = -1
+
+; Ignore PostgreSQL backends Notice message or not.
+; Notice message logging require a little overheads.
+; http://php.net/pgsql.ignore-notice
+pgsql.ignore_notice = 0
+
+; Log PostgreSQL backends Notice message or not.
+; Unless pgsql.ignore_notice=0, module cannot log notice message.
+; http://php.net/pgsql.log-notice
+pgsql.log_notice = 0
+
+[Sybase-CT]
+; Allow or prevent persistent links.
+; http://php.net/sybct.allow-persistent
+sybct.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/sybct.max-persistent
+sybct.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/sybct.max-links
+sybct.max_links = -1
+
+; Minimum server message severity to display.
+; http://php.net/sybct.min-server-severity
+sybct.min_server_severity = 10
+
+; Minimum client message severity to display.
+; http://php.net/sybct.min-client-severity
+sybct.min_client_severity = 10
+
+; Set per-context timeout
+; http://php.net/sybct.timeout
+;sybct.timeout=
+
+;sybct.packet_size
+
+; The maximum time in seconds to wait for a connection attempt to succeed before returning failure.
+; Default: one minute
+;sybct.login_timeout=
+
+; The name of the host you claim to be connecting from, for display by sp_who.
+; Default: none
+;sybct.hostname=
+
+; Allows you to define how often deadlocks are to be retried. -1 means "forever".
+; Default: 0
+;sybct.deadlock_retry_count=
+
+[bcmath]
+; Number of decimal digits for all bcmath functions.
+; http://php.net/bcmath.scale
+bcmath.scale = 0
+
+[browscap]
+; http://php.net/browscap
+;browscap = extra/browscap.ini
+
+[Session]
+; Handler used to store/retrieve data.
+; http://php.net/session.save-handler
+session.save_handler = files
+
+; Argument passed to save_handler. In the case of files, this is the path
+; where data files are stored. Note: Windows users have to change this
+; variable in order to use PHP's session functions.
+;
+; The path can be defined as:
+;
+; session.save_path = "N;/path"
+;
+; where N is an integer. Instead of storing all the session files in
+; /path, what this will do is use subdirectories N-levels deep, and
+; store the session data in those directories. This is useful if
+; your OS has problems with many files in one directory, and is
+; a more efficient layout for servers that handle many sessions.
+;
+; NOTE 1: PHP will not create this directory structure automatically.
+; You can use the script in the ext/session dir for that purpose.
+; NOTE 2: See the section on garbage collection below if you choose to
+; use subdirectories for session storage
+;
+; The file storage module creates files using mode 600 by default.
+; You can change that by using
+;
+; session.save_path = "N;MODE;/path"
+;
+; where MODE is the octal representation of the mode. Note that this
+; does not overwrite the process's umask.
+; http://php.net/session.save-path
+;session.save_path = "/var/lib/php5/sessions"
+
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
+; Whether to use cookies.
+; http://php.net/session.use-cookies
+session.use_cookies = 1
+
+; http://php.net/session.cookie-secure
+;session.cookie_secure =
+
+; This option forces PHP to fetch and use a cookie for storing and maintaining
+; the session id. We encourage this operation as it's very helpful in combating
+; session hijacking when not specifying and managing your own session id. It is
+; not the be-all and end-all of session hijacking defense, but it's a good start.
+; http://php.net/session.use-only-cookies
+session.use_only_cookies = 1
+
+; Name of the session (used as cookie name).
+; http://php.net/session.name
+session.name = PHPSESSID
+
+; Initialize session on request startup.
+; http://php.net/session.auto-start
+session.auto_start = 0
+
+; Lifetime in seconds of cookie or, if 0, until browser is restarted.
+; http://php.net/session.cookie-lifetime
+session.cookie_lifetime = 0
+
+; The path for which the cookie is valid.
+; http://php.net/session.cookie-path
+session.cookie_path = /
+
+; The domain for which the cookie is valid.
+; http://php.net/session.cookie-domain
+session.cookie_domain =
+
+; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
+; http://php.net/session.cookie-httponly
+session.cookie_httponly =
+
+; Handler used to serialize data. php is the standard serializer of PHP.
+; http://php.net/session.serialize-handler
+session.serialize_handler = php
+
+; Defines the probability that the 'garbage collection' process is started
+; on every session initialization. The probability is calculated by using
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator
+; and gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request.
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.gc-probability
+session.gc_probability = 0
+
+; Defines the probability that the 'garbage collection' process is started on every
+; session initialization. The probability is calculated by using the following equation:
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
+; session.gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request. Increasing this value to 1000 will give you
+; a 0.1% chance the gc will run on any give request. For high volume production servers,
+; this is a more efficient approach.
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+; http://php.net/session.gc-divisor
+session.gc_divisor = 1000
+
+; After this number of seconds, stored data will be seen as 'garbage' and
+; cleaned up by the garbage collection process.
+; http://php.net/session.gc-maxlifetime
+session.gc_maxlifetime = 1440
+
+; NOTE: If you are using the subdirectory option for storing session files
+; (see session.save_path above), then garbage collection does *not*
+; happen automatically. You will need to do your own garbage
+; collection through a shell script, cron entry, or some other method.
+; For example, the following script would is the equivalent of
+; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+; find /path/to/sessions -cmin +24 -type f | xargs rm
+
+; Check HTTP Referer to invalidate externally stored URLs containing ids.
+; HTTP_REFERER has to contain this substring for the session to be
+; considered as valid.
+; http://php.net/session.referer-check
+session.referer_check =
+
+; How many bytes to read from the file.
+; http://php.net/session.entropy-length
+;session.entropy_length = 32
+
+; Specified here to create the session id.
+; http://php.net/session.entropy-file
+; Defaults to /dev/urandom
+; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom
+; If neither are found at compile time, the default is no entropy file.
+; On windows, setting the entropy_length setting will activate the
+; Windows random source (using the CryptoAPI)
+;session.entropy_file = /dev/urandom
+
+; Set to {nocache,private,public,} to determine HTTP caching aspects
+; or leave this empty to avoid sending anti-caching headers.
+; http://php.net/session.cache-limiter
+session.cache_limiter = nocache
+
+; Document expires after n minutes.
+; http://php.net/session.cache-expire
+session.cache_expire = 180
+
+; trans sid support is disabled by default.
+; Use of trans sid may risk your users' security.
+; Use this option with caution.
+; - User may send URL contains active session ID
+; to other person via. email/irc/etc.
+; - URL that contains active session ID may be stored
+; in publicly accessible computer.
+; - User may access your site with the same session ID
+; always using URL stored in browser's history or bookmarks.
+; http://php.net/session.use-trans-sid
+session.use_trans_sid = 0
+
+; Select a hash function for use in generating session ids.
+; Possible Values
+; 0 (MD5 128 bits)
+; 1 (SHA-1 160 bits)
+; This option may also be set to the name of any hash function supported by
+; the hash extension. A list of available hashes is returned by the hash_algos()
+; function.
+; http://php.net/session.hash-function
+session.hash_function = 0
+
+; Define how many bits are stored in each character when converting
+; the binary hash data to something readable.
+; Possible values:
+; 4 (4 bits: 0-9, a-f)
+; 5 (5 bits: 0-9, a-v)
+; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+; http://php.net/session.hash-bits-per-character
+session.hash_bits_per_character = 5
+
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; form/fieldset are special; if you include them here, the rewriter will
+; add a hidden <input> field with the info which is otherwise appended
+; to URLs. If you want XHTML conformity, remove the form entry.
+; Note that all valid entries require a "=", even if no value follows.
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; http://php.net/url-rewriter.tags
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; Enable upload progress tracking in $_SESSION
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.enabled
+;session.upload_progress.enabled = On
+
+; Cleanup the progress information as soon as all POST data has been read
+; (i.e. upload completed).
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.cleanup
+;session.upload_progress.cleanup = On
+
+; A prefix used for the upload progress key in $_SESSION
+; Default Value: "upload_progress_"
+; Development Value: "upload_progress_"
+; Production Value: "upload_progress_"
+; http://php.net/session.upload-progress.prefix
+;session.upload_progress.prefix = "upload_progress_"
+
+; The index name (concatenated with the prefix) in $_SESSION
+; containing the upload progress information
+; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; http://php.net/session.upload-progress.name
+;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
+
+; How frequently the upload progress should be updated.
+; Given either in percentages (per-file), or in bytes
+; Default Value: "1%"
+; Development Value: "1%"
+; Production Value: "1%"
+; http://php.net/session.upload-progress.freq
+;session.upload_progress.freq = "1%"
+
+; The minimum delay between updates, in seconds
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.upload-progress.min-freq
+;session.upload_progress.min_freq = "1"
+
+[MSSQL]
+; Allow or prevent persistent links.
+mssql.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+mssql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+mssql.max_links = -1
+
+; Minimum error severity to display.
+mssql.min_error_severity = 10
+
+; Minimum message severity to display.
+mssql.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+mssql.compatibility_mode = Off
+
+; Connect timeout
+;mssql.connect_timeout = 5
+
+; Query timeout
+;mssql.timeout = 60
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textlimit = 4096
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textsize = 4096
+
+; Limits the number of records in each batch. 0 = all records in one batch.
+;mssql.batchsize = 0
+
+; Specify how datetime and datetim4 columns are returned
+; On => Returns data converted to SQL server settings
+; Off => Returns values as YYYY-MM-DD hh:mm:ss
+;mssql.datetimeconvert = On
+
+; Use NT authentication when connecting to the server
+mssql.secure_connection = Off
+
+; Specify max number of processes. -1 = library default
+; msdlib defaults to 25
+; FreeTDS defaults to 4096
+;mssql.max_procs = -1
+
+; Specify client character set.
+; If empty or not set the client charset from freetds.conf is used
+; This is only used when compiled with FreeTDS
+;mssql.charset = "ISO-8859-1"
+
+[Assertion]
+; Assert(expr); active by default.
+; http://php.net/assert.active
+;assert.active = On
+
+; Issue a PHP warning for each failed assertion.
+; http://php.net/assert.warning
+;assert.warning = On
+
+; Don't bail out by default.
+; http://php.net/assert.bail
+;assert.bail = Off
+
+; User-function to be called if an assertion fails.
+; http://php.net/assert.callback
+;assert.callback = 0
+
+; Eval the expression with current error_reporting(). Set to true if you want
+; error_reporting(0) around the eval().
+; http://php.net/assert.quiet-eval
+;assert.quiet_eval = 0
+
+[COM]
+; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
+; http://php.net/com.typelib-file
+;com.typelib_file =
+
+; allow Distributed-COM calls
+; http://php.net/com.allow-dcom
+;com.allow_dcom = true
+
+; autoregister constants of a components typlib on com_load()
+; http://php.net/com.autoregister-typelib
+;com.autoregister_typelib = true
+
+; register constants casesensitive
+; http://php.net/com.autoregister-casesensitive
+;com.autoregister_casesensitive = false
+
+; show warnings on duplicate constant registrations
+; http://php.net/com.autoregister-verbose
+;com.autoregister_verbose = true
+
+; The default character set code-page to use when passing strings to and from COM objects.
+; Default: system ANSI code page
+;com.code_page=
+
+[mbstring]
+; language for internal character representation.
+; This affects mb_send_mail() and mbstrig.detect_order.
+; http://php.net/mbstring.language
+;mbstring.language = Japanese
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; internal/script encoding.
+; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;mbstring.internal_encoding =
+
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; http input encoding.
+; mbstring.encoding_traslation = On is needed to use this setting.
+; If empty, default_charset or input_encoding or mbstring.input is used.
+; The precedence is: default_charset < intput_encoding < mbsting.http_input
+; http://php.net/mbstring.http-input
+;mbstring.http_input =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; http output encoding.
+; mb_output_handler must be registered as output buffer to function.
+; If empty, default_charset or output_encoding or mbstring.http_output is used.
+; The precedence is: default_charset < output_encoding < mbstring.http_output
+; To use an output encoding conversion, mbstring's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+; http://php.net/mbstring.http-output
+;mbstring.http_output =
+
+; enable automatic encoding translation according to
+; mbstring.internal_encoding setting. Input chars are
+; converted to internal encoding by setting this to On.
+; Note: Do _not_ use automatic encoding translation for
+; portable libs/applications.
+; http://php.net/mbstring.encoding-translation
+;mbstring.encoding_translation = Off
+
+; automatic encoding detection order.
+; "auto" detect order is changed according to mbstring.language
+; http://php.net/mbstring.detect-order
+;mbstring.detect_order = auto
+
+; substitute_character used when character cannot be converted
+; one from another
+; http://php.net/mbstring.substitute-character
+;mbstring.substitute_character = none
+
+; overload(replace) single byte functions by mbstring functions.
+; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
+; etc. Possible values are 0,1,2,4 or combination of them.
+; For example, 7 for overload everything.
+; 0: No overload
+; 1: Overload mail() function
+; 2: Overload str*() functions
+; 4: Overload ereg*() functions
+; http://php.net/mbstring.func-overload
+;mbstring.func_overload = 0
+
+; enable strict encoding detection.
+; Default: Off
+;mbstring.strict_detection = On
+
+; This directive specifies the regex pattern of content types for which mb_output_handler()
+; is activated.
+; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
+;mbstring.http_output_conv_mimetype=
+
+[gd]
+; Tell the jpeg decode to ignore warnings and try to create
+; a gd image. The warning will then be displayed as notices
+; disabled by default
+; http://php.net/gd.jpeg-ignore-warning
+;gd.jpeg_ignore_warning = 0
+
+[exif]
+; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
+; With mbstring support this will automatically be converted into the encoding
+; given by corresponding encode setting. When empty mbstring.internal_encoding
+; is used. For the decode settings you can distinguish between motorola and
+; intel byte order. A decode setting cannot be empty.
+; http://php.net/exif.encode-unicode
+;exif.encode_unicode = ISO-8859-15
+
+; http://php.net/exif.decode-unicode-motorola
+;exif.decode_unicode_motorola = UCS-2BE
+
+; http://php.net/exif.decode-unicode-intel
+;exif.decode_unicode_intel = UCS-2LE
+
+; http://php.net/exif.encode-jis
+;exif.encode_jis =
+
+; http://php.net/exif.decode-jis-motorola
+;exif.decode_jis_motorola = JIS
+
+; http://php.net/exif.decode-jis-intel
+;exif.decode_jis_intel = JIS
+
+[Tidy]
+; The path to a default tidy configuration file to use when using tidy
+; http://php.net/tidy.default-config
+;tidy.default_config = /usr/local/lib/php/default.tcfg
+
+; Should tidy clean and repair output automatically?
+; WARNING: Do not use this option if you are generating non-html content
+; such as dynamic images
+; http://php.net/tidy.clean-output
+tidy.clean_output = Off
+
+[soap]
+; Enables or disables WSDL caching feature.
+; http://php.net/soap.wsdl-cache-enabled
+soap.wsdl_cache_enabled=1
+
+; Sets the directory name where SOAP extension will put cache files.
+; http://php.net/soap.wsdl-cache-dir
+soap.wsdl_cache_dir="/tmp"
+
+; (time to live) Sets the number of second while cached file will be used
+; instead of original one.
+; http://php.net/soap.wsdl-cache-ttl
+soap.wsdl_cache_ttl=86400
+
+; Sets the size of the cache limit. (Max. number of WSDL files to cache)
+soap.wsdl_cache_limit = 5
+
+[sysvshm]
+; A default size of the shared memory segment
+;sysvshm.init_mem = 10000
+
+[ldap]
+; Sets the maximum number of open links or -1 for unlimited.
+ldap.max_links = -1
+
+[mcrypt]
+; For more information about mcrypt settings see http://php.net/mcrypt-module-open
+
+; Directory where to load mcrypt algorithms
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.algorithms_dir=
+
+; Directory where to load mcrypt modes
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.modes_dir=
+
+[dba]
+;dba.default_handler=
+
+[opcache]
+; Determines if Zend OPCache is enabled
+;opcache.enable=0
+
+; Determines if Zend OPCache is enabled for the CLI version of PHP
+;opcache.enable_cli=0
+
+; The OPcache shared memory storage size.
+;opcache.memory_consumption=64
+
+; The amount of memory for interned strings in Mbytes.
+;opcache.interned_strings_buffer=4
+
+; The maximum number of keys (scripts) in the OPcache hash table.
+; Only numbers between 200 and 100000 are allowed.
+;opcache.max_accelerated_files=2000
+
+; The maximum percentage of "wasted" memory until a restart is scheduled.
+;opcache.max_wasted_percentage=5
+
+; When this directive is enabled, the OPcache appends the current working
+; directory to the script key, thus eliminating possible collisions between
+; files with the same name (basename). Disabling the directive improves
+; performance, but may break existing applications.
+;opcache.use_cwd=1
+
+; When disabled, you must reset the OPcache manually or restart the
+; webserver for changes to the filesystem to take effect.
+;opcache.validate_timestamps=1
+
+; How often (in seconds) to check file timestamps for changes to the shared
+; memory storage allocation. ("1" means validate once per second, but only
+; once per request. "0" means always validate)
+;opcache.revalidate_freq=2
+
+; Enables or disables file search in include_path optimization
+;opcache.revalidate_path=0
+
+; If disabled, all PHPDoc comments are dropped from the code to reduce the
+; size of the optimized code.
+;opcache.save_comments=1
+
+; If disabled, PHPDoc comments are not loaded from SHM, so "Doc Comments"
+; may be always stored (save_comments=1), but not loaded by applications
+; that don't need them anyway.
+;opcache.load_comments=1
+
+; If enabled, a fast shutdown sequence is used for the accelerated code
+;opcache.fast_shutdown=0
+
+; Allow file existence override (file_exists, etc.) performance feature.
+;opcache.enable_file_override=0
+
+; A bitmask, where each bit enables or disables the appropriate OPcache
+; passes
+;opcache.optimization_level=0xffffffff
+
+;opcache.inherited_hack=1
+;opcache.dups_fix=0
+
+; The location of the OPcache blacklist file (wildcards allowed).
+; Each OPcache blacklist file is a text file that holds the names of files
+; that should not be accelerated. The file format is to add each filename
+; to a new line. The filename may be a full path or just a file prefix
+; (i.e., /var/www/x blacklists all the files and directories in /var/www
+; that start with 'x'). Line starting with a ; are ignored (comments).
+;opcache.blacklist_filename=
+
+; Allows exclusion of large files from being cached. By default all files
+; are cached.
+;opcache.max_file_size=0
+
+; Check the cache checksum each N requests.
+; The default value of "0" means that the checks are disabled.
+;opcache.consistency_checks=0
+
+; How long to wait (in seconds) for a scheduled restart to begin if the cache
+; is not being accessed.
+;opcache.force_restart_timeout=180
+
+; OPcache error_log file name. Empty string assumes "stderr".
+;opcache.error_log=
+
+; All OPcache errors go to the Web server log.
+; By default, only fatal errors (level 0) or errors (level 1) are logged.
+; You can also enable warnings (level 2), info messages (level 3) or
+; debug messages (level 4).
+;opcache.log_verbosity_level=1
+
+; Preferred Shared Memory back-end. Leave empty and let the system decide.
+;opcache.preferred_memory_model=
+
+; Protect the shared memory from unexpected writing during script execution.
+; Useful for internal debugging only.
+;opcache.protect_memory=0
+
+[curl]
+; A default value for the CURLOPT_CAINFO option. This is required to be an
+; absolute path.
+;curl.cainfo =
+
+[openssl]
+; The location of a Certificate Authority (CA) file on the local filesystem
+; to use when verifying the identity of SSL/TLS peers. Most users should
+; not specify a value for this directive as PHP will attempt to use the
+; OS-managed cert stores in its absence. If specified, this value may still
+; be overridden on a per-stream basis via the "cafile" SSL stream context
+; option.
+;openssl.cafile=
+
+; If openssl.cafile is not specified or if the CA file is not found, the
+; directory pointed to by openssl.capath is searched for a suitable
+; certificate. This value must be a correctly hashed certificate directory.
+; Most users should not specify a value for this directive as PHP will
+; attempt to use the OS-managed cert stores in its absence. If specified,
+; this value may still be overridden on a per-stream basis via the "capath"
+; SSL stream context option.
+;openssl.capath=
+
+; Local Variables:
+; tab-width: 4
+; End:
--- /dev/null
+../../mods-available/opcache.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/pdo.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/curl.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/gd.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/intl.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/json.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mcrypt.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mysql.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/mysqli.ini
\ No newline at end of file
--- /dev/null
+../../mods-available/pdo_mysql.ini
\ No newline at end of file
--- /dev/null
+;;;;;;;;;;;;;;;;;;;;;
+; FPM Configuration ;
+;;;;;;;;;;;;;;;;;;;;;
+
+; All relative paths in this configuration file are relative to PHP's install
+; prefix (/usr). This prefix can be dynamically changed by using the
+; '-p' argument from the command line.
+
+; Include one or more files. If glob(3) exists, it is used to include a bunch of
+; files from a glob(3) pattern. This directive can be used everywhere in the
+; file.
+; Relative path can also be used. They will be prefixed by:
+; - the global prefix if it's been set (-p argument)
+; - /usr otherwise
+;include=/etc/php5/fpm/*.conf
+
+;;;;;;;;;;;;;;;;;;
+; Global Options ;
+;;;;;;;;;;;;;;;;;;
+
+[global]
+; Pid file
+; Note: the default prefix is /var
+; Default Value: none
+pid = /run/php5-fpm.pid
+
+; Error log file
+; If it's set to "syslog", log is sent to syslogd instead of being written
+; in a local file.
+; Note: the default prefix is /var
+; Default Value: log/php-fpm.log
+error_log = /var/log/php5-fpm.log
+
+; syslog_facility is used to specify what type of program is logging the
+; message. This lets syslogd specify that messages from different facilities
+; will be handled differently.
+; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
+; Default Value: daemon
+;syslog.facility = daemon
+
+; syslog_ident is prepended to every message. If you have multiple FPM
+; instances running on the same server, you can change the default value
+; which must suit common needs.
+; Default Value: php-fpm
+;syslog.ident = php-fpm
+
+; Log level
+; Possible Values: alert, error, warning, notice, debug
+; Default Value: notice
+;log_level = notice
+
+; If this number of child processes exit with SIGSEGV or SIGBUS within the time
+; interval set by emergency_restart_interval then FPM will restart. A value
+; of '0' means 'Off'.
+; Default Value: 0
+;emergency_restart_threshold = 0
+
+; Interval of time used by emergency_restart_interval to determine when
+; a graceful restart will be initiated. This can be useful to work around
+; accidental corruptions in an accelerator's shared memory.
+; Available Units: s(econds), m(inutes), h(ours), or d(ays)
+; Default Unit: seconds
+; Default Value: 0
+;emergency_restart_interval = 0
+
+; Time limit for child processes to wait for a reaction on signals from master.
+; Available units: s(econds), m(inutes), h(ours), or d(ays)
+; Default Unit: seconds
+; Default Value: 0
+;process_control_timeout = 0
+
+; The maximum number of processes FPM will fork. This has been design to control
+; the global number of processes when using dynamic PM within a lot of pools.
+; Use it with caution.
+; Note: A value of 0 indicates no limit
+; Default Value: 0
+; process.max = 128
+
+; Specify the nice(2) priority to apply to the master process (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+; - The pool process will inherit the master process priority
+; unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
+; Default Value: yes
+;daemonize = yes
+
+; Set open file descriptor rlimit for the master process.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit for the master process.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Specify the event mechanism FPM will use. The following is available:
+; - select (any POSIX os)
+; - poll (any POSIX os)
+; - epoll (linux >= 2.5.44)
+; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
+; - /dev/poll (Solaris >= 7)
+; - port (Solaris >= 10)
+; Default Value: not set (auto detection)
+;events.mechanism = epoll
+
+; When FPM is build with systemd integration, specify the interval,
+; in second, between health report notification to systemd.
+; Set to 0 to disable.
+; Available Units: s(econds), m(inutes), h(ours)
+; Default Unit: seconds
+; Default value: 10
+;systemd_interval = 10
+
+;;;;;;;;;;;;;;;;;;;;
+; Pool Definitions ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Multiple pools of child processes may be started with different listening
+; ports and different management options. The name of the pool will be
+; used in logs and stats. There is no limitation on the number of pools which
+; FPM can handle. Your system will tell you anyway :)
+
+; To configure the pools it is recommended to have one .conf file per
+; pool in the following directory:
+include=/etc/php5/fpm/pool.d/*.conf
+
--- /dev/null
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; About php.ini ;
+;;;;;;;;;;;;;;;;;;;
+; PHP's initialization file, generally called php.ini, is responsible for
+; configuring many of the aspects of PHP's behavior.
+
+; PHP attempts to find and load this configuration from a number of locations.
+; The following is a summary of its search order:
+; 1. SAPI module specific location.
+; 2. The PHPRC environment variable. (As of PHP 5.2.0)
+; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
+; 4. Current working directory (except CLI)
+; 5. The web server's directory (for SAPI modules), or directory of PHP
+; (otherwise in Windows)
+; 6. The directory from the --with-config-file-path compile time option, or the
+; Windows directory (C:\windows or C:\winnt)
+; See the PHP docs for more specific information.
+; http://php.net/configuration.file
+
+; The syntax of the file is extremely simple. Whitespace and lines
+; beginning with a semicolon are silently ignored (as you probably guessed).
+; Section headers (e.g. [Foo]) are also silently ignored, even though
+; they might mean something in the future.
+
+; Directives following the section heading [PATH=/www/mysite] only
+; apply to PHP files in the /www/mysite directory. Directives
+; following the section heading [HOST=www.example.com] only apply to
+; PHP files served from www.example.com. Directives set in these
+; special sections cannot be overridden by user-defined INI files or
+; at runtime. Currently, [PATH=] and [HOST=] sections only work under
+; CGI/FastCGI.
+; http://php.net/ini.sections
+
+; Directives are specified using the following syntax:
+; directive = value
+; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
+; Directives are variables used to configure PHP or PHP extensions.
+; There is no name validation. If PHP can't find an expected
+; directive because it is not set or is mistyped, a default value will be used.
+
+; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
+; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
+; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
+; previously set variable or directive (e.g. ${foo})
+
+; Expressions in the INI file are limited to bitwise operators and parentheses:
+; | bitwise OR
+; ^ bitwise XOR
+; & bitwise AND
+; ~ bitwise NOT
+; ! boolean NOT
+
+; Boolean flags can be turned on using the values 1, On, True or Yes.
+; They can be turned off using the values 0, Off, False or No.
+
+; An empty string can be denoted by simply not writing anything after the equal
+; sign, or by using the None keyword:
+
+; foo = ; sets foo to an empty string
+; foo = None ; sets foo to an empty string
+; foo = "None" ; sets foo to the string 'None'
+
+; If you use constants in your value, and these constants belong to a
+; dynamically loaded extension (either a PHP extension or a Zend extension),
+; you may only use these constants *after* the line that loads the extension.
+
+;;;;;;;;;;;;;;;;;;;
+; About this file ;
+;;;;;;;;;;;;;;;;;;;
+; PHP comes packaged with two INI files. One that is recommended to be used
+; in production environments and one that is recommended to be used in
+; development environments.
+
+; php.ini-production contains settings which hold security, performance and
+; best practices at its core. But please be aware, these settings may break
+; compatibility with older or less security conscience applications. We
+; recommending using the production ini in production and testing environments.
+
+; php.ini-development is very similar to its production variant, except it is
+; much more verbose when it comes to errors. We recommend using the
+; development version only in development environments, as errors shown to
+; application users can inadvertently leak otherwise secure information.
+
+; This is php.ini-production INI file.
+
+;;;;;;;;;;;;;;;;;;;
+; Quick Reference ;
+;;;;;;;;;;;;;;;;;;;
+; The following are all the settings which are different in either the production
+; or development versions of the INIs with respect to PHP's default behavior.
+; Please see the actual settings later in the document for more details as to why
+; we recommend these changes in PHP's behavior.
+
+; display_errors
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+
+; display_startup_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; error_reporting
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; html_errors
+; Default Value: On
+; Development Value: On
+; Production value: On
+
+; log_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+
+; max_input_time
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+
+; output_buffering
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+
+; register_argc_argv
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; request_order
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+
+; session.gc_divisor
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+
+; session.hash_bits_per_character
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+
+; short_open_tag
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; track_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; url_rewriter.tags
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; variables_order
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS"
+
+;;;;;;;;;;;;;;;;;;;;
+; php.ini Options ;
+;;;;;;;;;;;;;;;;;;;;
+; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
+;user_ini.filename = ".user.ini"
+
+; To disable this feature set this option to empty value
+;user_ini.filename =
+
+; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
+;user_ini.cache_ttl = 300
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Enable the PHP scripting language engine under Apache.
+; http://php.net/engine
+engine = On
+
+; This directive determines whether or not PHP will recognize code between
+; <? and ?> tags as PHP source which should be processed as such. It is
+; generally recommended that <?php and ?> should be used and that this feature
+; should be disabled, as enabling it may result in issues when generating XML
+; documents, however this remains supported for backward compatibility reasons.
+; Note that this directive does not control the <?= shorthand tag, which can be
+; used regardless of this directive.
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/short-open-tag
+short_open_tag = Off
+
+; Allow ASP-style <% %> tags.
+; http://php.net/asp-tags
+asp_tags = Off
+
+; The number of significant digits displayed in floating point numbers.
+; http://php.net/precision
+precision = 14
+
+; Output buffering is a mechanism for controlling how much output data
+; (excluding headers and cookies) PHP should keep internally before pushing that
+; data to the client. If your application's output exceeds this setting, PHP
+; will send that data in chunks of roughly the size you specify.
+; Turning on this setting and managing its maximum buffer size can yield some
+; interesting side-effects depending on your application and web server.
+; You may be able to send headers and cookies after you've already sent output
+; through print or echo. You also may see performance benefits if your server is
+; emitting less packets due to buffered output versus PHP streaming the output
+; as it gets it. On production servers, 4096 bytes is a good setting for performance
+; reasons.
+; Note: Output buffering can also be controlled via Output Buffering Control
+; functions.
+; Possible Values:
+; On = Enabled and buffer is unlimited. (Use with caution)
+; Off = Disabled
+; Integer = Enables the buffer and sets its maximum size in bytes.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+; http://php.net/output-buffering
+output_buffering = 4096
+
+; You can redirect all of the output of your scripts to a function. For
+; example, if you set output_handler to "mb_output_handler", character
+; encoding will be transparently converted to the specified encoding.
+; Setting any output handler automatically turns on output buffering.
+; Note: People who wrote portable scripts should not depend on this ini
+; directive. Instead, explicitly set the output handler using ob_start().
+; Using this ini directive may cause problems unless you know what script
+; is doing.
+; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
+; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
+; Note: output_handler must be empty if this is set 'On' !!!!
+; Instead you must use zlib.output_handler.
+; http://php.net/output-handler
+;output_handler =
+
+; Transparent output compression using the zlib library
+; Valid values for this option are 'off', 'on', or a specific buffer size
+; to be used for compression (default is 4KB)
+; Note: Resulting chunk size may vary due to nature of compression. PHP
+; outputs chunks that are few hundreds bytes each as a result of
+; compression. If you prefer a larger chunk size for better
+; performance, enable output_buffering in addition.
+; Note: You need to use zlib.output_handler instead of the standard
+; output_handler, or otherwise the output will be corrupted.
+; http://php.net/zlib.output-compression
+zlib.output_compression = Off
+
+; http://php.net/zlib.output-compression-level
+;zlib.output_compression_level = -1
+
+; You cannot specify additional output handlers if zlib.output_compression
+; is activated here. This setting does the same as output_handler but in
+; a different order.
+; http://php.net/zlib.output-handler
+;zlib.output_handler =
+
+; Implicit flush tells PHP to tell the output layer to flush itself
+; automatically after every output block. This is equivalent to calling the
+; PHP function flush() after each and every call to print() or echo() and each
+; and every HTML block. Turning this option on has serious performance
+; implications and is generally recommended for debugging purposes only.
+; http://php.net/implicit-flush
+; Note: This directive is hardcoded to On for the CLI SAPI
+implicit_flush = Off
+
+; The unserialize callback function will be called (with the undefined class'
+; name as parameter), if the unserializer finds an undefined class
+; which should be instantiated. A warning appears if the specified function is
+; not defined, or if the function doesn't include/implement the missing class.
+; So only set this entry, if you really want to implement such a
+; callback-function.
+unserialize_callback_func =
+
+; When floats & doubles are serialized store serialize_precision significant
+; digits after the floating point. The default value ensures that when floats
+; are decoded with unserialize, the data will remain the same.
+serialize_precision = 17
+
+; open_basedir, if set, limits all file operations to the defined directory
+; and below. This directive makes most sense if used in a per-directory
+; or per-virtualhost web server configuration file.
+; http://php.net/open-basedir
+;open_basedir =
+
+; This directive allows you to disable certain functions for security reasons.
+; It receives a comma-delimited list of function names.
+; http://php.net/disable-functions
+disable_functions = apache_setenv,posix_uname,eval,pcntl_wexitstatus,posix_getpwuid,xmlrpc_entity_decode,pcntl_wifstopped,pcntl_wifexited,proc_close,pcntl_wifsignaled,phpAds_XmlRpc,pcntl_strerror,ftp_exec,pcntl_wtermsig,mysql_pconnect,php_uname,proc_nice,pcntl_sigtimedwait,posix_kill,pcntl_sigprocmask,fput,phpinfo,system,phpAds_remoteInfo,ftp_login,inject_code,posix_mkfifo,highlight_file,escapeshellcmd,show_source,pcntl_wifcontinued,fp,pcntl_alarm,pcntl_wait,ini_alter,exec,posix_setpgid,parse_ini_file,ftp_raw,curl_exec,pcntl_waitpid,pcntl_getpriority,ftp_connect,pcntl_signal_dispatch,escapeshellarg,pcntl_wstopsig,apache_child_terminate,ini_restore,ftp_put,passthru,proc_terminate,posix_setsid,pcntl_signal,pcntl_setpriority,proc_get_status,phpAds_xmlrpcEncode,proc_open,pcntl_exec,ftp_nb_fput,ftp_get,phpAds_xmlrpcDecode,pcntl_sigwaitinfo,shell_exec,pcntl_get_last_error,ftp_rawlist,curl_multi_exec,pcntl_fork,posix_setuid
+
+; This directive allows you to disable certain classes for security reasons.
+; It receives a comma-delimited list of class names.
+; http://php.net/disable-classes
+disable_classes =
+
+; Colors for Syntax Highlighting mode. Anything that's acceptable in
+; <span style="color: ???????"> would work.
+; http://php.net/syntax-highlighting
+;highlight.string = #DD0000
+;highlight.comment = #FF9900
+;highlight.keyword = #007700
+;highlight.default = #0000BB
+;highlight.html = #000000
+
+; If enabled, the request will be allowed to complete even if the user aborts
+; the request. Consider enabling it if executing long requests, which may end up
+; being interrupted by the user or a browser timing out. PHP's default behavior
+; is to disable this feature.
+; http://php.net/ignore-user-abort
+;ignore_user_abort = On
+
+; Determines the size of the realpath cache to be used by PHP. This value should
+; be increased on systems where PHP opens many files to reflect the quantity of
+; the file operations performed.
+; http://php.net/realpath-cache-size
+;realpath_cache_size = 16k
+
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; http://php.net/realpath-cache-ttl
+;realpath_cache_ttl = 120
+
+; Enables or disables the circular reference collector.
+; http://php.net/zend.enable-gc
+zend.enable_gc = On
+
+; If enabled, scripts may be written in encodings that are incompatible with
+; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such
+; encodings. To use this feature, mbstring extension must be enabled.
+; Default: Off
+;zend.multibyte = Off
+
+; Allows to set the default encoding for the scripts. This value will be used
+; unless "declare(encoding=...)" directive appears at the top of the script.
+; Only affects if zend.multibyte is set.
+; Default: ""
+;zend.script_encoding =
+
+;;;;;;;;;;;;;;;;;
+; Miscellaneous ;
+;;;;;;;;;;;;;;;;;
+
+; Decides whether PHP may expose the fact that it is installed on the server
+; (e.g. by adding its signature to the Web server header). It is no security
+; threat in any way, but it makes it possible to determine whether you use PHP
+; on your server or not.
+; http://php.net/expose-php
+expose_php = Off;
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+
+; Maximum execution time of each script, in seconds
+; http://php.net/max-execution-time
+; Note: This directive is hardcoded to 0 for the CLI SAPI
+max_execution_time = 30
+
+; Maximum amount of time each script may spend parsing request data. It's a good
+; idea to limit this time on productions servers in order to eliminate unexpectedly
+; long running scripts.
+; Note: This directive is hardcoded to -1 for the CLI SAPI
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+; http://php.net/max-input-time
+max_input_time = 60
+
+; Maximum input variable nesting level
+; http://php.net/max-input-nesting-level
+;max_input_nesting_level = 64
+
+; How many GET/POST/COOKIE input variables may be accepted
+; max_input_vars = 1000
+
+; Maximum amount of memory a script may consume (128MB)
+; http://php.net/memory-limit
+memory_limit = 256M;
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; This directive informs PHP of which errors, warnings and notices you would like
+; it to take action for. The recommended way of setting values for this
+; directive is through the use of the error level constants and bitwise
+; operators. The error level constants are below here for convenience as well as
+; some common settings and their meanings.
+; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
+; those related to E_NOTICE and E_STRICT, which together cover best practices and
+; recommended coding standards in PHP. For performance reasons, this is the
+; recommend error reporting setting. Your production server shouldn't be wasting
+; resources complaining about best practices and coding standards. That's what
+; development servers and development settings are for.
+; Note: The php.ini-development file has this setting as E_ALL. This
+; means it pretty much reports everything which is exactly what you want during
+; development and early testing.
+;
+; Error Level Constants:
+; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0)
+; E_ERROR - fatal run-time errors
+; E_RECOVERABLE_ERROR - almost fatal run-time errors
+; E_WARNING - run-time warnings (non-fatal errors)
+; E_PARSE - compile-time parse errors
+; E_NOTICE - run-time notices (these are warnings which often result
+; from a bug in your code, but it's possible that it was
+; intentional (e.g., using an uninitialized variable and
+; relying on the fact it is automatically initialized to an
+; empty string)
+; E_STRICT - run-time notices, enable to have PHP suggest changes
+; to your code which will ensure the best interoperability
+; and forward compatibility of your code
+; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
+; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
+; initial startup
+; E_COMPILE_ERROR - fatal compile-time errors
+; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
+; E_USER_ERROR - user-generated error message
+; E_USER_WARNING - user-generated warning message
+; E_USER_NOTICE - user-generated notice message
+; E_DEPRECATED - warn about code that will not work in future versions
+; of PHP
+; E_USER_DEPRECATED - user-generated deprecation warnings
+;
+; Common Values:
+; E_ALL (Show all errors, warnings and notices including coding standards.)
+; E_ALL & ~E_NOTICE (Show all errors, except for notices)
+; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
+; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+; http://php.net/error-reporting
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; This directive controls whether or not and where PHP will output errors,
+; notices and warnings too. Error output is very useful during development, but
+; it could be very dangerous in production environments. Depending on the code
+; which is triggering the error, sensitive information could potentially leak
+; out of your application such as database usernames and passwords or worse.
+; For production environments, we recommend logging errors rather than
+; sending them to STDOUT.
+; Possible Values:
+; Off = Do not display any errors
+; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
+; On or stdout = Display errors to STDOUT
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-errors
+display_errors = Off
+
+; The display of errors which occur during PHP's startup sequence are handled
+; separately from display_errors. PHP's default behavior is to suppress those
+; errors from clients. Turning the display of startup errors on can be useful in
+; debugging configuration problems. We strongly recommend you
+; set this to 'off' for production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-startup-errors
+display_startup_errors = Off
+
+; Besides displaying errors, PHP can also log errors to locations such as a
+; server-specific log, STDERR, or a location specified by the error_log
+; directive found below. While errors should not be displayed on productions
+; servers they should still be monitored and logging is a great way to do that.
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+; http://php.net/log-errors
+log_errors = On
+
+; Set maximum length of log_errors. In error_log information about the source is
+; added. The default is 1024 and 0 allows to not apply any maximum length at all.
+; http://php.net/log-errors-max-len
+log_errors_max_len = 1024
+
+; Do not log repeated messages. Repeated errors must occur in same file on same
+; line unless ignore_repeated_source is set true.
+; http://php.net/ignore-repeated-errors
+ignore_repeated_errors = Off
+
+; Ignore source of message when ignoring repeated messages. When this setting
+; is On you will not log errors with repeated messages from different files or
+; source lines.
+; http://php.net/ignore-repeated-source
+ignore_repeated_source = Off
+
+; If this parameter is set to Off, then memory leaks will not be shown (on
+; stdout or in the log). This has only effect in a debug compile, and if
+; error reporting includes E_WARNING in the allowed list
+; http://php.net/report-memleaks
+report_memleaks = On
+
+; This setting is on by default.
+;report_zend_debug = 0
+
+; Store the last error/warning message in $php_errormsg (boolean). Setting this value
+; to On can assist in debugging and is appropriate for development servers. It should
+; however be disabled on production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/track-errors
+track_errors = Off
+
+; Turn off normal error reporting and emit XML-RPC error XML
+; http://php.net/xmlrpc-errors
+;xmlrpc_errors = 0
+
+; An XML-RPC faultCode
+;xmlrpc_error_number = 0
+
+; When PHP displays or logs an error, it has the capability of formatting the
+; error message as HTML for easier reading. This directive controls whether
+; the error message is formatted as HTML or not.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: On
+; Development Value: On
+; Production value: On
+; http://php.net/html-errors
+html_errors = On
+
+; If html_errors is set to On *and* docref_root is not empty, then PHP
+; produces clickable error messages that direct to a page describing the error
+; or function causing the error in detail.
+; You can download a copy of the PHP manual from http://php.net/docs
+; and change docref_root to the base URL of your local copy including the
+; leading '/'. You must also specify the file extension being used including
+; the dot. PHP's default behavior is to leave these settings empty, in which
+; case no links to documentation are generated.
+; Note: Never use this feature for production boxes.
+; http://php.net/docref-root
+; Examples
+;docref_root = "/phpmanual/"
+
+; http://php.net/docref-ext
+;docref_ext = .html
+
+; String to output before an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-prepend-string
+; Example:
+;error_prepend_string = "<span style='color: #ff0000'>"
+
+; String to output after an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-append-string
+; Example:
+;error_append_string = "</span>"
+
+; Log errors to specified file. PHP's default behavior is to leave this value
+; empty.
+; http://php.net/error-log
+; Example:
+;error_log = php_errors.log
+; Log errors to syslog (Event Log on Windows).
+;error_log = syslog
+
+;windows.show_crt_warning
+; Default value: 0
+; Development value: 0
+; Production value: 0
+
+;;;;;;;;;;;;;;;;;
+; Data Handling ;
+;;;;;;;;;;;;;;;;;
+
+; The separator used in PHP generated URLs to separate arguments.
+; PHP's default setting is "&".
+; http://php.net/arg-separator.output
+; Example:
+;arg_separator.output = "&"
+
+; List of separator(s) used by PHP to parse input URLs into variables.
+; PHP's default setting is "&".
+; NOTE: Every character in this directive is considered as separator!
+; http://php.net/arg-separator.input
+; Example:
+;arg_separator.input = ";&"
+
+; This directive determines which super global arrays are registered when PHP
+; starts up. G,P,C,E & S are abbreviations for the following respective super
+; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty
+; paid for the registration of these arrays and because ENV is not as commonly
+; used as the others, ENV is not recommended on productions servers. You
+; can still get access to the environment variables through getenv() should you
+; need to.
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS";
+; http://php.net/variables-order
+variables_order = "GPCS"
+
+; This directive determines which super global data (G,P & C) should be
+; registered into the super global array REQUEST. If so, it also determines
+; the order in which that data is registered. The values for this directive
+; are specified in the same manner as the variables_order directive,
+; EXCEPT one. Leaving this value empty will cause PHP to use the value set
+; in the variables_order directive. It does not mean it will leave the super
+; globals array REQUEST empty.
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+; http://php.net/request-order
+request_order = "GP"
+
+; This directive determines whether PHP registers $argv & $argc each time it
+; runs. $argv contains an array of all the arguments passed to PHP when a script
+; is invoked. $argc contains an integer representing the number of arguments
+; that were passed when the script was invoked. These arrays are extremely
+; useful when running scripts from the command line. When this directive is
+; enabled, registering these variables consumes CPU cycles and memory each time
+; a script is executed. For performance reasons, this feature should be disabled
+; on production servers.
+; Note: This directive is hardcoded to On for the CLI SAPI
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/register-argc-argv
+register_argc_argv = Off
+
+; When enabled, the ENV, REQUEST and SERVER variables are created when they're
+; first used (Just In Time) instead of when the script starts. If these
+; variables are not used within a script, having this directive on will result
+; in a performance gain. The PHP directive register_argc_argv must be disabled
+; for this directive to have any affect.
+; http://php.net/auto-globals-jit
+auto_globals_jit = On
+
+; Whether PHP will read the POST data.
+; This option is enabled by default.
+; Most likely, you won't want to disable this option globally. It causes $_POST
+; and $_FILES to always be empty; the only way you will be able to read the
+; POST data will be through the php://input stream wrapper. This can be useful
+; to proxy requests or to process the POST data in a memory efficient fashion.
+; http://php.net/enable-post-data-reading
+;enable_post_data_reading = Off
+
+; Maximum size of POST data that PHP will accept.
+; Its value may be 0 to disable the limit. It is ignored if POST data reading
+; is disabled through enable_post_data_reading.
+; http://php.net/post-max-size
+post_max_size = 12M;
+
+; Automatically add files before PHP document.
+; http://php.net/auto-prepend-file
+auto_prepend_file =
+
+; Automatically add files after PHP document.
+; http://php.net/auto-append-file
+auto_append_file =
+
+; By default, PHP will output a media type using the Content-Type header. To
+; disable this, simply set it to be empty.
+;
+; PHP's built-in default media type is set to text/html.
+; http://php.net/default-mimetype
+default_mimetype = "text/html"
+
+; PHP's default character set is set to UTF-8.
+; http://php.net/default-charset
+default_charset = "UTF-8"
+
+; PHP internal character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/internal-encoding
+;internal_encoding =
+
+; PHP input character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/input-encoding
+;input_encoding =
+
+; PHP output character encoding is set to empty.
+; If empty, default_charset is used.
+; mbstring or iconv output handler is used.
+; See also output_buffer.
+; http://php.net/output-encoding
+;output_encoding =
+
+; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
+; to disable this feature and it will be removed in a future version.
+; If post reading is disabled through enable_post_data_reading,
+; $HTTP_RAW_POST_DATA is *NOT* populated.
+; http://php.net/always-populate-raw-post-data
+;always_populate_raw_post_data = -1
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; UNIX: "/path1:/path2"
+;include_path = ".:/usr/share/php"
+;
+; Windows: "\path1;\path2"
+;include_path = ".;c:\php\includes"
+;
+; PHP's default setting for include_path is ".;/path/to/php/pear"
+; http://php.net/include-path
+
+; The root of the PHP pages, used only if nonempty.
+; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
+; if you are running php as a CGI under any web server (other than IIS)
+; see documentation for security issues. The alternate is to use the
+; cgi.force_redirect configuration below
+; http://php.net/doc-root
+doc_root =
+
+; The directory under which PHP opens the script using /~username used only
+; if nonempty.
+; http://php.net/user-dir
+user_dir =
+
+; Directory in which the loadable extensions (modules) reside.
+; http://php.net/extension-dir
+; extension_dir = "./"
+; On windows:
+; extension_dir = "ext"
+
+; Directory where the temporary files should be placed.
+; Defaults to the system default (see sys_get_temp_dir)
+; sys_temp_dir = "/tmp"
+
+; Whether or not to enable the dl() function. The dl() function does NOT work
+; properly in multithreaded servers, such as IIS or Zeus, and is automatically
+; disabled on them.
+; http://php.net/enable-dl
+enable_dl = Off
+
+; cgi.force_redirect is necessary to provide security running PHP as a CGI under
+; most web servers. Left undefined, PHP turns this on by default. You can
+; turn it off here AT YOUR OWN RISK
+; **You CAN safely turn this off for IIS, in fact, you MUST.**
+; http://php.net/cgi.force-redirect
+;cgi.force_redirect = 1
+
+; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
+; every request. PHP's default behavior is to disable this feature.
+;cgi.nph = 1
+
+; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
+; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
+; will look for to know it is OK to continue execution. Setting this variable MAY
+; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
+; http://php.net/cgi.redirect-status-env
+;cgi.redirect_status_env =
+
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
+; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
+; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; http://php.net/cgi.fix-pathinfo
+;cgi.fix_pathinfo=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client. This allows IIS to define the
+; security context that the request runs under. mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS. Default is zero.
+; http://php.net/fastcgi.impersonate
+;fastcgi.impersonate = 1
+
+; Disable logging through FastCGI connection. PHP's default behavior is to enable
+; this feature.
+;fastcgi.logging = 0
+
+; cgi.rfc2616_headers configuration option tells PHP what type of headers to
+; use when sending HTTP response code. If set to 0, PHP sends Status: header that
+; is supported by Apache. When this option is set to 1, PHP will send
+; RFC2616 compliant header.
+; Default is zero.
+; http://php.net/cgi.rfc2616-headers
+;cgi.rfc2616_headers = 0
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+
+; Whether to allow HTTP file uploads.
+; http://php.net/file-uploads
+file_uploads = On
+
+; Temporary directory for HTTP uploaded files (will use system default if not
+; specified).
+; http://php.net/upload-tmp-dir
+;upload_tmp_dir =
+
+; Maximum allowed size for uploaded files.
+; http://php.net/upload-max-filesize
+upload_max_filesize = 10M;
+
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+
+; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-fopen
+allow_url_fopen = On
+
+; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-include
+allow_url_include = Off
+
+; Define the anonymous ftp password (your email address). PHP's default setting
+; for this is empty.
+; http://php.net/from
+;from="john@doe.com"
+
+; Define the User-Agent string. PHP's default setting for this is empty.
+; http://php.net/user-agent
+;user_agent="PHP"
+
+; Default timeout for socket based streams (seconds)
+; http://php.net/default-socket-timeout
+default_socket_timeout = 60
+
+; If your scripts have to deal with files from Macintosh systems,
+; or you are running on a Mac and need to deal with files from
+; unix or win32 systems, setting this flag will cause PHP to
+; automatically detect the EOL character in those files so that
+; fgets() and file() will work regardless of the source of the file.
+; http://php.net/auto-detect-line-endings
+;auto_detect_line_endings = Off
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+; extension=modulename.extension
+;
+; For example, on Windows:
+;
+; extension=msql.dll
+;
+; ... or under UNIX:
+;
+; extension=msql.so
+;
+; ... or with a path:
+;
+; extension=/path/to/extension/msql.so
+;
+; If you only provide the name of the extension, PHP will look for it in its
+; default extension directory.
+;
+
+;;;;;;;;;;;;;;;;;;;
+; Module Settings ;
+;;;;;;;;;;;;;;;;;;;
+
+[CLI Server]
+; Whether the CLI web server uses ANSI color coding in its terminal output.
+cli_server.color = On
+
+[Date]
+; Defines the default timezone used by the date functions
+; http://php.net/date.timezone
+date.timezone = GMT
+
+; http://php.net/date.default-latitude
+;date.default_latitude = 31.7667
+
+; http://php.net/date.default-longitude
+;date.default_longitude = 35.2333
+
+; http://php.net/date.sunrise-zenith
+;date.sunrise_zenith = 90.583333
+
+; http://php.net/date.sunset-zenith
+;date.sunset_zenith = 90.583333
+
+[filter]
+; http://php.net/filter.default
+;filter.default = unsafe_raw
+
+; http://php.net/filter.default-flags
+;filter.default_flags =
+
+[iconv]
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; If empty, default_charset or input_encoding or iconv.input_encoding is used.
+; The precedence is: default_charset < intput_encoding < iconv.input_encoding
+;iconv.input_encoding =
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;iconv.internal_encoding =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; If empty, default_charset or output_encoding or iconv.output_encoding is used.
+; The precedence is: default_charset < output_encoding < iconv.output_encoding
+; To use an output encoding conversion, iconv's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+;iconv.output_encoding =
+
+[intl]
+;intl.default_locale =
+; This directive allows you to produce PHP errors when some error
+; happens within intl functions. The value is the level of the error produced.
+; Default is 0, which does not produce any errors.
+;intl.error_level = E_WARNING
+;intl.use_exceptions = 0
+
+[sqlite3]
+;sqlite3.extension_dir =
+
+[Pcre]
+;PCRE library backtracking limit.
+; http://php.net/pcre.backtrack-limit
+;pcre.backtrack_limit=100000
+
+;PCRE library recursion limit.
+;Please note that if you set this value to a high number you may consume all
+;the available process stack and eventually crash PHP (due to reaching the
+;stack size limit imposed by the Operating System).
+; http://php.net/pcre.recursion-limit
+;pcre.recursion_limit=100000
+
+[Pdo]
+; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
+; http://php.net/pdo-odbc.connection-pooling
+;pdo_odbc.connection_pooling=strict
+
+;pdo_odbc.db2_instance_name
+
+[Pdo_mysql]
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/pdo_mysql.cache_size
+pdo_mysql.cache_size = 2000
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/pdo_mysql.default-socket
+pdo_mysql.default_socket=
+
+[Phar]
+; http://php.net/phar.readonly
+;phar.readonly = On
+
+; http://php.net/phar.require-hash
+;phar.require_hash = On
+
+;phar.cache_list =
+
+[mail function]
+; For Win32 only.
+; http://php.net/smtp
+SMTP = localhost
+; http://php.net/smtp-port
+smtp_port = 25
+
+; For Win32 only.
+; http://php.net/sendmail-from
+;sendmail_from = me@example.com
+
+; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
+; http://php.net/sendmail-path
+;sendmail_path =
+
+; Force the addition of the specified parameters to be passed as extra parameters
+; to the sendmail binary. These parameters will always replace the value of
+; the 5th parameter to mail().
+;mail.force_extra_parameters =
+
+; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
+mail.add_x_header = On
+
+; The path to a log file that will log all mail() calls. Log entries include
+; the full path of the script, line number, To address and headers.
+;mail.log =
+; Log mail to syslog (Event Log on Windows).
+;mail.log = syslog
+
+[SQL]
+; http://php.net/sql.safe-mode
+sql.safe_mode = Off
+
+[ODBC]
+; http://php.net/odbc.default-db
+;odbc.default_db = Not yet implemented
+
+; http://php.net/odbc.default-user
+;odbc.default_user = Not yet implemented
+
+; http://php.net/odbc.default-pw
+;odbc.default_pw = Not yet implemented
+
+; Controls the ODBC cursor model.
+; Default: SQL_CURSOR_STATIC (default).
+;odbc.default_cursortype
+
+; Allow or prevent persistent links.
+; http://php.net/odbc.allow-persistent
+odbc.allow_persistent = On
+
+; Check that a connection is still valid before reuse.
+; http://php.net/odbc.check-persistent
+odbc.check_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/odbc.max-persistent
+odbc.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/odbc.max-links
+odbc.max_links = -1
+
+; Handling of LONG fields. Returns number of bytes to variables. 0 means
+; passthru.
+; http://php.net/odbc.defaultlrl
+odbc.defaultlrl = 4096
+
+; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
+; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
+; of odbc.defaultlrl and odbc.defaultbinmode
+; http://php.net/odbc.defaultbinmode
+odbc.defaultbinmode = 1
+
+;birdstep.max_links = -1
+
+[Interbase]
+; Allow or prevent persistent links.
+ibase.allow_persistent = 1
+
+; Maximum number of persistent links. -1 means no limit.
+ibase.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+ibase.max_links = -1
+
+; Default database name for ibase_connect().
+;ibase.default_db =
+
+; Default username for ibase_connect().
+;ibase.default_user =
+
+; Default password for ibase_connect().
+;ibase.default_password =
+
+; Default charset for ibase_connect().
+;ibase.default_charset =
+
+; Default timestamp format.
+ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
+
+; Default date format.
+ibase.dateformat = "%Y-%m-%d"
+
+; Default time format.
+ibase.timeformat = "%H:%M:%S"
+
+[MySQL]
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysql.allow_local_infile
+mysql.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysql.allow-persistent
+mysql.allow_persistent = On
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysql.cache_size
+mysql.cache_size = 2000
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysql.max-persistent
+mysql.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/mysql.max-links
+mysql.max_links = -1
+
+; Default port number for mysql_connect(). If unset, mysql_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysql.default-port
+mysql.default_port =
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysql.default-socket
+mysql.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-host
+mysql.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-user
+mysql.default_user =
+
+; Default password for mysql_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysql.default-password
+mysql.default_password =
+
+; Maximum time (in seconds) for connect timeout. -1 means no limit
+; http://php.net/mysql.connect-timeout
+mysql.connect_timeout = 60
+
+; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
+; SQL-Errors will be displayed.
+; http://php.net/mysql.trace-mode
+mysql.trace_mode = Off
+
+[MySQLi]
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysqli.max-persistent
+mysqli.max_persistent = -1
+
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysqli.allow_local_infile
+;mysqli.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysqli.allow-persistent
+mysqli.allow_persistent = On
+
+; Maximum number of links. -1 means no limit.
+; http://php.net/mysqli.max-links
+mysqli.max_links = -1
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysqli.cache_size
+mysqli.cache_size = 2000
+
+; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysqli.default-port
+mysqli.default_port = 3306
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysqli.default-socket
+mysqli.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-host
+mysqli.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-user
+mysqli.default_user =
+
+; Default password for mysqli_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysqli.default-pw
+mysqli.default_pw =
+
+; Allow or prevent reconnect
+mysqli.reconnect = Off
+
+[mysqlnd]
+; Enable / Disable collection of general statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_statistics
+mysqlnd.collect_statistics = On
+
+; Enable / Disable collection of memory usage statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_memory_statistics
+mysqlnd.collect_memory_statistics = Off
+
+; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
+; http://php.net/mysqlnd.net_cmd_buffer_size
+;mysqlnd.net_cmd_buffer_size = 2048
+
+; Size of a pre-allocated buffer used for reading data sent by the server in
+; bytes.
+; http://php.net/mysqlnd.net_read_buffer_size
+;mysqlnd.net_read_buffer_size = 32768
+
+[OCI8]
+
+; Connection: Enables privileged connections using external
+; credentials (OCI_SYSOPER, OCI_SYSDBA)
+; http://php.net/oci8.privileged-connect
+;oci8.privileged_connect = Off
+
+; Connection: The maximum number of persistent OCI8 connections per
+; process. Using -1 means no limit.
+; http://php.net/oci8.max-persistent
+;oci8.max_persistent = -1
+
+; Connection: The maximum number of seconds a process is allowed to
+; maintain an idle persistent connection. Using -1 means idle
+; persistent connections will be maintained forever.
+; http://php.net/oci8.persistent-timeout
+;oci8.persistent_timeout = -1
+
+; Connection: The number of seconds that must pass before issuing a
+; ping during oci_pconnect() to check the connection validity. When
+; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
+; pings completely.
+; http://php.net/oci8.ping-interval
+;oci8.ping_interval = 60
+
+; Connection: Set this to a user chosen connection class to be used
+; for all pooled server requests with Oracle 11g Database Resident
+; Connection Pooling (DRCP). To use DRCP, this value should be set to
+; the same string for all web servers running the same application,
+; the database pool must be configured, and the connection string must
+; specify to use a pooled server.
+;oci8.connection_class =
+
+; High Availability: Using On lets PHP receive Fast Application
+; Notification (FAN) events generated when a database node fails. The
+; database must also be configured to post FAN events.
+;oci8.events = Off
+
+; Tuning: This option enables statement caching, and specifies how
+; many statements to cache. Using 0 disables statement caching.
+; http://php.net/oci8.statement-cache-size
+;oci8.statement_cache_size = 20
+
+; Tuning: Enables statement prefetching and sets the default number of
+; rows that will be fetched automatically after statement execution.
+; http://php.net/oci8.default-prefetch
+;oci8.default_prefetch = 100
+
+; Compatibility. Using On means oci_close() will not close
+; oci_connect() and oci_new_connect() connections.
+; http://php.net/oci8.old-oci-close-semantics
+;oci8.old_oci_close_semantics = Off
+
+[PostgreSQL]
+; Allow or prevent persistent links.
+; http://php.net/pgsql.allow-persistent
+pgsql.allow_persistent = On
+
+; Detect broken persistent links always with pg_pconnect().
+; Auto reset feature requires a little overheads.
+; http://php.net/pgsql.auto-reset-persistent
+pgsql.auto_reset_persistent = Off
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/pgsql.max-persistent
+pgsql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+; http://php.net/pgsql.max-links
+pgsql.max_links = -1
+
+; Ignore PostgreSQL backends Notice message or not.
+; Notice message logging require a little overheads.
+; http://php.net/pgsql.ignore-notice
+pgsql.ignore_notice = 0
+
+; Log PostgreSQL backends Notice message or not.
+; Unless pgsql.ignore_notice=0, module cannot log notice message.
+; http://php.net/pgsql.log-notice
+pgsql.log_notice = 0
+
+[Sybase-CT]
+; Allow or prevent persistent links.
+; http://php.net/sybct.allow-persistent
+sybct.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/sybct.max-persistent
+sybct.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/sybct.max-links
+sybct.max_links = -1
+
+; Minimum server message severity to display.
+; http://php.net/sybct.min-server-severity
+sybct.min_server_severity = 10
+
+; Minimum client message severity to display.
+; http://php.net/sybct.min-client-severity
+sybct.min_client_severity = 10
+
+; Set per-context timeout
+; http://php.net/sybct.timeout
+;sybct.timeout=
+
+;sybct.packet_size
+
+; The maximum time in seconds to wait for a connection attempt to succeed before returning failure.
+; Default: one minute
+;sybct.login_timeout=
+
+; The name of the host you claim to be connecting from, for display by sp_who.
+; Default: none
+;sybct.hostname=
+
+; Allows you to define how often deadlocks are to be retried. -1 means "forever".
+; Default: 0
+;sybct.deadlock_retry_count=
+
+[bcmath]
+; Number of decimal digits for all bcmath functions.
+; http://php.net/bcmath.scale
+bcmath.scale = 0
+
+[browscap]
+; http://php.net/browscap
+;browscap = extra/browscap.ini
+
+[Session]
+; Handler used to store/retrieve data.
+; http://php.net/session.save-handler
+session.save_handler = files
+
+; Argument passed to save_handler. In the case of files, this is the path
+; where data files are stored. Note: Windows users have to change this
+; variable in order to use PHP's session functions.
+;
+; The path can be defined as:
+;
+; session.save_path = "N;/path"
+;
+; where N is an integer. Instead of storing all the session files in
+; /path, what this will do is use subdirectories N-levels deep, and
+; store the session data in those directories. This is useful if
+; your OS has problems with many files in one directory, and is
+; a more efficient layout for servers that handle many sessions.
+;
+; NOTE 1: PHP will not create this directory structure automatically.
+; You can use the script in the ext/session dir for that purpose.
+; NOTE 2: See the section on garbage collection below if you choose to
+; use subdirectories for session storage
+;
+; The file storage module creates files using mode 600 by default.
+; You can change that by using
+;
+; session.save_path = "N;MODE;/path"
+;
+; where MODE is the octal representation of the mode. Note that this
+; does not overwrite the process's umask.
+; http://php.net/session.save-path
+session.save_path = "/var/lib/php/sessions"
+
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
+; Whether to use cookies.
+; http://php.net/session.use-cookies
+session.use_cookies = 1
+
+; http://php.net/session.cookie-secure
+;session.cookie_secure =
+
+; This option forces PHP to fetch and use a cookie for storing and maintaining
+; the session id. We encourage this operation as it's very helpful in combating
+; session hijacking when not specifying and managing your own session id. It is
+; not the be-all and end-all of session hijacking defense, but it's a good start.
+; http://php.net/session.use-only-cookies
+session.use_only_cookies = 1
+
+; Name of the session (used as cookie name).
+; http://php.net/session.name
+session.name = PHPSESSID
+
+; Initialize session on request startup.
+; http://php.net/session.auto-start
+session.auto_start = 0
+
+; Lifetime in seconds of cookie or, if 0, until browser is restarted.
+; http://php.net/session.cookie-lifetime
+session.cookie_lifetime = 0
+
+; The path for which the cookie is valid.
+; http://php.net/session.cookie-path
+session.cookie_path = /
+
+; The domain for which the cookie is valid.
+; http://php.net/session.cookie-domain
+session.cookie_domain =
+
+; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
+; http://php.net/session.cookie-httponly
+session.cookie_httponly =
+
+; Handler used to serialize data. php is the standard serializer of PHP.
+; http://php.net/session.serialize-handler
+session.serialize_handler = php
+
+; Defines the probability that the 'garbage collection' process is started
+; on every session initialization. The probability is calculated by using
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator
+; and gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request.
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.gc-probability
+session.gc_probability = 0
+
+; Defines the probability that the 'garbage collection' process is started on every
+; session initialization. The probability is calculated by using the following equation:
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
+; session.gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request. Increasing this value to 1000 will give you
+; a 0.1% chance the gc will run on any give request. For high volume production servers,
+; this is a more efficient approach.
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+; http://php.net/session.gc-divisor
+session.gc_divisor = 1000
+
+; After this number of seconds, stored data will be seen as 'garbage' and
+; cleaned up by the garbage collection process.
+; http://php.net/session.gc-maxlifetime
+session.gc_maxlifetime = 1440
+
+; NOTE: If you are using the subdirectory option for storing session files
+; (see session.save_path above), then garbage collection does *not*
+; happen automatically. You will need to do your own garbage
+; collection through a shell script, cron entry, or some other method.
+; For example, the following script would is the equivalent of
+; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+; find /path/to/sessions -cmin +24 -type f | xargs rm
+
+; Check HTTP Referer to invalidate externally stored URLs containing ids.
+; HTTP_REFERER has to contain this substring for the session to be
+; considered as valid.
+; http://php.net/session.referer-check
+session.referer_check =
+
+; How many bytes to read from the file.
+; http://php.net/session.entropy-length
+;session.entropy_length = 32
+
+; Specified here to create the session id.
+; http://php.net/session.entropy-file
+; Defaults to /dev/urandom
+; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom
+; If neither are found at compile time, the default is no entropy file.
+; On windows, setting the entropy_length setting will activate the
+; Windows random source (using the CryptoAPI)
+;session.entropy_file = /dev/urandom
+
+; Set to {nocache,private,public,} to determine HTTP caching aspects
+; or leave this empty to avoid sending anti-caching headers.
+; http://php.net/session.cache-limiter
+session.cache_limiter = nocache
+
+; Document expires after n minutes.
+; http://php.net/session.cache-expire
+session.cache_expire = 180
+
+; trans sid support is disabled by default.
+; Use of trans sid may risk your users' security.
+; Use this option with caution.
+; - User may send URL contains active session ID
+; to other person via. email/irc/etc.
+; - URL that contains active session ID may be stored
+; in publicly accessible computer.
+; - User may access your site with the same session ID
+; always using URL stored in browser's history or bookmarks.
+; http://php.net/session.use-trans-sid
+session.use_trans_sid = 0
+
+; Select a hash function for use in generating session ids.
+; Possible Values
+; 0 (MD5 128 bits)
+; 1 (SHA-1 160 bits)
+; This option may also be set to the name of any hash function supported by
+; the hash extension. A list of available hashes is returned by the hash_algos()
+; function.
+; http://php.net/session.hash-function
+session.hash_function = 0
+
+; Define how many bits are stored in each character when converting
+; the binary hash data to something readable.
+; Possible values:
+; 4 (4 bits: 0-9, a-f)
+; 5 (5 bits: 0-9, a-v)
+; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+; http://php.net/session.hash-bits-per-character
+session.hash_bits_per_character = 5
+
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; form/fieldset are special; if you include them here, the rewriter will
+; add a hidden <input> field with the info which is otherwise appended
+; to URLs. If you want XHTML conformity, remove the form entry.
+; Note that all valid entries require a "=", even if no value follows.
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; http://php.net/url-rewriter.tags
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; Enable upload progress tracking in $_SESSION
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.enabled
+;session.upload_progress.enabled = On
+
+; Cleanup the progress information as soon as all POST data has been read
+; (i.e. upload completed).
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.cleanup
+;session.upload_progress.cleanup = On
+
+; A prefix used for the upload progress key in $_SESSION
+; Default Value: "upload_progress_"
+; Development Value: "upload_progress_"
+; Production Value: "upload_progress_"
+; http://php.net/session.upload-progress.prefix
+;session.upload_progress.prefix = "upload_progress_"
+
+; The index name (concatenated with the prefix) in $_SESSION
+; containing the upload progress information
+; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; http://php.net/session.upload-progress.name
+;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
+
+; How frequently the upload progress should be updated.
+; Given either in percentages (per-file), or in bytes
+; Default Value: "1%"
+; Development Value: "1%"
+; Production Value: "1%"
+; http://php.net/session.upload-progress.freq
+;session.upload_progress.freq = "1%"
+
+; The minimum delay between updates, in seconds
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.upload-progress.min-freq
+;session.upload_progress.min_freq = "1"
+
+[MSSQL]
+; Allow or prevent persistent links.
+mssql.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+mssql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+mssql.max_links = -1
+
+; Minimum error severity to display.
+mssql.min_error_severity = 10
+
+; Minimum message severity to display.
+mssql.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+mssql.compatibility_mode = Off
+
+; Connect timeout
+;mssql.connect_timeout = 5
+
+; Query timeout
+;mssql.timeout = 60
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textlimit = 4096
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textsize = 4096
+
+; Limits the number of records in each batch. 0 = all records in one batch.
+;mssql.batchsize = 0
+
+; Specify how datetime and datetim4 columns are returned
+; On => Returns data converted to SQL server settings
+; Off => Returns values as YYYY-MM-DD hh:mm:ss
+;mssql.datetimeconvert = On
+
+; Use NT authentication when connecting to the server
+mssql.secure_connection = Off
+
+; Specify max number of processes. -1 = library default
+; msdlib defaults to 25
+; FreeTDS defaults to 4096
+;mssql.max_procs = -1
+
+; Specify client character set.
+; If empty or not set the client charset from freetds.conf is used
+; This is only used when compiled with FreeTDS
+;mssql.charset = "ISO-8859-1"
+
+[Assertion]
+; Assert(expr); active by default.
+; http://php.net/assert.active
+;assert.active = On
+
+; Issue a PHP warning for each failed assertion.
+; http://php.net/assert.warning
+;assert.warning = On
+
+; Don't bail out by default.
+; http://php.net/assert.bail
+;assert.bail = Off
+
+; User-function to be called if an assertion fails.
+; http://php.net/assert.callback
+;assert.callback = 0
+
+; Eval the expression with current error_reporting(). Set to true if you want
+; error_reporting(0) around the eval().
+; http://php.net/assert.quiet-eval
+;assert.quiet_eval = 0
+
+[COM]
+; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
+; http://php.net/com.typelib-file
+;com.typelib_file =
+
+; allow Distributed-COM calls
+; http://php.net/com.allow-dcom
+;com.allow_dcom = true
+
+; autoregister constants of a components typlib on com_load()
+; http://php.net/com.autoregister-typelib
+;com.autoregister_typelib = true
+
+; register constants casesensitive
+; http://php.net/com.autoregister-casesensitive
+;com.autoregister_casesensitive = false
+
+; show warnings on duplicate constant registrations
+; http://php.net/com.autoregister-verbose
+;com.autoregister_verbose = true
+
+; The default character set code-page to use when passing strings to and from COM objects.
+; Default: system ANSI code page
+;com.code_page=
+
+[mbstring]
+; language for internal character representation.
+; This affects mb_send_mail() and mbstrig.detect_order.
+; http://php.net/mbstring.language
+;mbstring.language = Japanese
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; internal/script encoding.
+; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;mbstring.internal_encoding =
+
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; http input encoding.
+; mbstring.encoding_traslation = On is needed to use this setting.
+; If empty, default_charset or input_encoding or mbstring.input is used.
+; The precedence is: default_charset < intput_encoding < mbsting.http_input
+; http://php.net/mbstring.http-input
+;mbstring.http_input =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; http output encoding.
+; mb_output_handler must be registered as output buffer to function.
+; If empty, default_charset or output_encoding or mbstring.http_output is used.
+; The precedence is: default_charset < output_encoding < mbstring.http_output
+; To use an output encoding conversion, mbstring's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+; http://php.net/mbstring.http-output
+;mbstring.http_output =
+
+; enable automatic encoding translation according to
+; mbstring.internal_encoding setting. Input chars are
+; converted to internal encoding by setting this to On.
+; Note: Do _not_ use automatic encoding translation for
+; portable libs/applications.
+; http://php.net/mbstring.encoding-translation
+;mbstring.encoding_translation = Off
+
+; automatic encoding detection order.
+; "auto" detect order is changed according to mbstring.language
+; http://php.net/mbstring.detect-order
+;mbstring.detect_order = auto
+
+; substitute_character used when character cannot be converted
+; one from another
+; http://php.net/mbstring.substitute-character
+;mbstring.substitute_character = none
+
+; overload(replace) single byte functions by mbstring functions.
+; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
+; etc. Possible values are 0,1,2,4 or combination of them.
+; For example, 7 for overload everything.
+; 0: No overload
+; 1: Overload mail() function
+; 2: Overload str*() functions
+; 4: Overload ereg*() functions
+; http://php.net/mbstring.func-overload
+;mbstring.func_overload = 0
+
+; enable strict encoding detection.
+; Default: Off
+;mbstring.strict_detection = On
+
+; This directive specifies the regex pattern of content types for which mb_output_handler()
+; is activated.
+; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
+;mbstring.http_output_conv_mimetype=
+
+[gd]
+; Tell the jpeg decode to ignore warnings and try to create
+; a gd image. The warning will then be displayed as notices
+; disabled by default
+; http://php.net/gd.jpeg-ignore-warning
+;gd.jpeg_ignore_warning = 0
+
+[exif]
+; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
+; With mbstring support this will automatically be converted into the encoding
+; given by corresponding encode setting. When empty mbstring.internal_encoding
+; is used. For the decode settings you can distinguish between motorola and
+; intel byte order. A decode setting cannot be empty.
+; http://php.net/exif.encode-unicode
+;exif.encode_unicode = ISO-8859-15
+
+; http://php.net/exif.decode-unicode-motorola
+;exif.decode_unicode_motorola = UCS-2BE
+
+; http://php.net/exif.decode-unicode-intel
+;exif.decode_unicode_intel = UCS-2LE
+
+; http://php.net/exif.encode-jis
+;exif.encode_jis =
+
+; http://php.net/exif.decode-jis-motorola
+;exif.decode_jis_motorola = JIS
+
+; http://php.net/exif.decode-jis-intel
+;exif.decode_jis_intel = JIS
+
+[Tidy]
+; The path to a default tidy configuration file to use when using tidy
+; http://php.net/tidy.default-config
+;tidy.default_config = /usr/local/lib/php/default.tcfg
+
+; Should tidy clean and repair output automatically?
+; WARNING: Do not use this option if you are generating non-html content
+; such as dynamic images
+; http://php.net/tidy.clean-output
+tidy.clean_output = Off
+
+[soap]
+; Enables or disables WSDL caching feature.
+; http://php.net/soap.wsdl-cache-enabled
+soap.wsdl_cache_enabled=1
+
+; Sets the directory name where SOAP extension will put cache files.
+; http://php.net/soap.wsdl-cache-dir
+soap.wsdl_cache_dir="/tmp"
+
+; (time to live) Sets the number of second while cached file will be used
+; instead of original one.
+; http://php.net/soap.wsdl-cache-ttl
+soap.wsdl_cache_ttl=86400
+
+; Sets the size of the cache limit. (Max. number of WSDL files to cache)
+soap.wsdl_cache_limit = 5
+
+[sysvshm]
+; A default size of the shared memory segment
+;sysvshm.init_mem = 10000
+
+[ldap]
+; Sets the maximum number of open links or -1 for unlimited.
+ldap.max_links = -1
+
+[mcrypt]
+; For more information about mcrypt settings see http://php.net/mcrypt-module-open
+
+; Directory where to load mcrypt algorithms
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.algorithms_dir=
+
+; Directory where to load mcrypt modes
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.modes_dir=
+
+[dba]
+;dba.default_handler=
+
+[opcache]
+; Determines if Zend OPCache is enabled
+;opcache.enable=0
+
+; Determines if Zend OPCache is enabled for the CLI version of PHP
+;opcache.enable_cli=0
+
+; The OPcache shared memory storage size.
+;opcache.memory_consumption=64
+
+; The amount of memory for interned strings in Mbytes.
+;opcache.interned_strings_buffer=4
+
+; The maximum number of keys (scripts) in the OPcache hash table.
+; Only numbers between 200 and 100000 are allowed.
+;opcache.max_accelerated_files=2000
+
+; The maximum percentage of "wasted" memory until a restart is scheduled.
+;opcache.max_wasted_percentage=5
+
+; When this directive is enabled, the OPcache appends the current working
+; directory to the script key, thus eliminating possible collisions between
+; files with the same name (basename). Disabling the directive improves
+; performance, but may break existing applications.
+;opcache.use_cwd=1
+
+; When disabled, you must reset the OPcache manually or restart the
+; webserver for changes to the filesystem to take effect.
+;opcache.validate_timestamps=1
+
+; How often (in seconds) to check file timestamps for changes to the shared
+; memory storage allocation. ("1" means validate once per second, but only
+; once per request. "0" means always validate)
+;opcache.revalidate_freq=2
+
+; Enables or disables file search in include_path optimization
+;opcache.revalidate_path=0
+
+; If disabled, all PHPDoc comments are dropped from the code to reduce the
+; size of the optimized code.
+;opcache.save_comments=1
+
+; If disabled, PHPDoc comments are not loaded from SHM, so "Doc Comments"
+; may be always stored (save_comments=1), but not loaded by applications
+; that don't need them anyway.
+;opcache.load_comments=1
+
+; If enabled, a fast shutdown sequence is used for the accelerated code
+;opcache.fast_shutdown=0
+
+; Allow file existence override (file_exists, etc.) performance feature.
+;opcache.enable_file_override=0
+
+; A bitmask, where each bit enables or disables the appropriate OPcache
+; passes
+;opcache.optimization_level=0xffffffff
+
+;opcache.inherited_hack=1
+;opcache.dups_fix=0
+
+; The location of the OPcache blacklist file (wildcards allowed).
+; Each OPcache blacklist file is a text file that holds the names of files
+; that should not be accelerated. The file format is to add each filename
+; to a new line. The filename may be a full path or just a file prefix
+; (i.e., /var/www/x blacklists all the files and directories in /var/www
+; that start with 'x'). Line starting with a ; are ignored (comments).
+;opcache.blacklist_filename=
+
+; Allows exclusion of large files from being cached. By default all files
+; are cached.
+;opcache.max_file_size=0
+
+; Check the cache checksum each N requests.
+; The default value of "0" means that the checks are disabled.
+;opcache.consistency_checks=0
+
+; How long to wait (in seconds) for a scheduled restart to begin if the cache
+; is not being accessed.
+;opcache.force_restart_timeout=180
+
+; OPcache error_log file name. Empty string assumes "stderr".
+;opcache.error_log=
+
+; All OPcache errors go to the Web server log.
+; By default, only fatal errors (level 0) or errors (level 1) are logged.
+; You can also enable warnings (level 2), info messages (level 3) or
+; debug messages (level 4).
+;opcache.log_verbosity_level=1
+
+; Preferred Shared Memory back-end. Leave empty and let the system decide.
+;opcache.preferred_memory_model=
+
+; Protect the shared memory from unexpected writing during script execution.
+; Useful for internal debugging only.
+;opcache.protect_memory=0
+
+[curl]
+; A default value for the CURLOPT_CAINFO option. This is required to be an
+; absolute path.
+;curl.cainfo =
+
+[openssl]
+; The location of a Certificate Authority (CA) file on the local filesystem
+; to use when verifying the identity of SSL/TLS peers. Most users should
+; not specify a value for this directive as PHP will attempt to use the
+; OS-managed cert stores in its absence. If specified, this value may still
+; be overridden on a per-stream basis via the "cafile" SSL stream context
+; option.
+;openssl.cafile=
+
+; If openssl.cafile is not specified or if the CA file is not found, the
+; directory pointed to by openssl.capath is searched for a suitable
+; certificate. This value must be a correctly hashed certificate directory.
+; Most users should not specify a value for this directive as PHP will
+; attempt to use the OS-managed cert stores in its absence. If specified,
+; this value may still be overridden on a per-stream basis via the "capath"
+; SSL stream context option.
+;openssl.capath=
+
+; Local Variables:
+; tab-width: 4
+; End:
--- /dev/null
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; About php.ini ;
+;;;;;;;;;;;;;;;;;;;
+; PHP's initialization file, generally called php.ini, is responsible for
+; configuring many of the aspects of PHP's behavior.
+
+; PHP attempts to find and load this configuration from a number of locations.
+; The following is a summary of its search order:
+; 1. SAPI module specific location.
+; 2. The PHPRC environment variable. (As of PHP 5.2.0)
+; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
+; 4. Current working directory (except CLI)
+; 5. The web server's directory (for SAPI modules), or directory of PHP
+; (otherwise in Windows)
+; 6. The directory from the --with-config-file-path compile time option, or the
+; Windows directory (C:\windows or C:\winnt)
+; See the PHP docs for more specific information.
+; http://php.net/configuration.file
+
+; The syntax of the file is extremely simple. Whitespace and lines
+; beginning with a semicolon are silently ignored (as you probably guessed).
+; Section headers (e.g. [Foo]) are also silently ignored, even though
+; they might mean something in the future.
+
+; Directives following the section heading [PATH=/www/mysite] only
+; apply to PHP files in the /www/mysite directory. Directives
+; following the section heading [HOST=www.example.com] only apply to
+; PHP files served from www.example.com. Directives set in these
+; special sections cannot be overridden by user-defined INI files or
+; at runtime. Currently, [PATH=] and [HOST=] sections only work under
+; CGI/FastCGI.
+; http://php.net/ini.sections
+
+; Directives are specified using the following syntax:
+; directive = value
+; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
+; Directives are variables used to configure PHP or PHP extensions.
+; There is no name validation. If PHP can't find an expected
+; directive because it is not set or is mistyped, a default value will be used.
+
+; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
+; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
+; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
+; previously set variable or directive (e.g. ${foo})
+
+; Expressions in the INI file are limited to bitwise operators and parentheses:
+; | bitwise OR
+; ^ bitwise XOR
+; & bitwise AND
+; ~ bitwise NOT
+; ! boolean NOT
+
+; Boolean flags can be turned on using the values 1, On, True or Yes.
+; They can be turned off using the values 0, Off, False or No.
+
+; An empty string can be denoted by simply not writing anything after the equal
+; sign, or by using the None keyword:
+
+; foo = ; sets foo to an empty string
+; foo = None ; sets foo to an empty string
+; foo = "None" ; sets foo to the string 'None'
+
+; If you use constants in your value, and these constants belong to a
+; dynamically loaded extension (either a PHP extension or a Zend extension),
+; you may only use these constants *after* the line that loads the extension.
+
+;;;;;;;;;;;;;;;;;;;
+; About this file ;
+;;;;;;;;;;;;;;;;;;;
+; PHP comes packaged with two INI files. One that is recommended to be used
+; in production environments and one that is recommended to be used in
+; development environments.
+
+; php.ini-production contains settings which hold security, performance and
+; best practices at its core. But please be aware, these settings may break
+; compatibility with older or less security conscience applications. We
+; recommending using the production ini in production and testing environments.
+
+; php.ini-development is very similar to its production variant, except it is
+; much more verbose when it comes to errors. We recommend using the
+; development version only in development environments, as errors shown to
+; application users can inadvertently leak otherwise secure information.
+
+; This is php.ini-production INI file.
+
+;;;;;;;;;;;;;;;;;;;
+; Quick Reference ;
+;;;;;;;;;;;;;;;;;;;
+; The following are all the settings which are different in either the production
+; or development versions of the INIs with respect to PHP's default behavior.
+; Please see the actual settings later in the document for more details as to why
+; we recommend these changes in PHP's behavior.
+
+; display_errors
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+
+; display_startup_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; error_reporting
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; html_errors
+; Default Value: On
+; Development Value: On
+; Production value: On
+
+; log_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+
+; max_input_time
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+
+; output_buffering
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+
+; register_argc_argv
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; request_order
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+
+; session.gc_divisor
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+
+; session.hash_bits_per_character
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+
+; short_open_tag
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+
+; track_errors
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+
+; url_rewriter.tags
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; variables_order
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS"
+
+;;;;;;;;;;;;;;;;;;;;
+; php.ini Options ;
+;;;;;;;;;;;;;;;;;;;;
+; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
+;user_ini.filename = ".user.ini"
+
+; To disable this feature set this option to empty value
+;user_ini.filename =
+
+; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
+;user_ini.cache_ttl = 300
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Enable the PHP scripting language engine under Apache.
+; http://php.net/engine
+engine = On
+
+; This directive determines whether or not PHP will recognize code between
+; <? and ?> tags as PHP source which should be processed as such. It is
+; generally recommended that <?php and ?> should be used and that this feature
+; should be disabled, as enabling it may result in issues when generating XML
+; documents, however this remains supported for backward compatibility reasons.
+; Note that this directive does not control the <?= shorthand tag, which can be
+; used regardless of this directive.
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/short-open-tag
+short_open_tag = Off
+
+; Allow ASP-style <% %> tags.
+; http://php.net/asp-tags
+asp_tags = Off
+
+; The number of significant digits displayed in floating point numbers.
+; http://php.net/precision
+precision = 14
+
+; Output buffering is a mechanism for controlling how much output data
+; (excluding headers and cookies) PHP should keep internally before pushing that
+; data to the client. If your application's output exceeds this setting, PHP
+; will send that data in chunks of roughly the size you specify.
+; Turning on this setting and managing its maximum buffer size can yield some
+; interesting side-effects depending on your application and web server.
+; You may be able to send headers and cookies after you've already sent output
+; through print or echo. You also may see performance benefits if your server is
+; emitting less packets due to buffered output versus PHP streaming the output
+; as it gets it. On production servers, 4096 bytes is a good setting for performance
+; reasons.
+; Note: Output buffering can also be controlled via Output Buffering Control
+; functions.
+; Possible Values:
+; On = Enabled and buffer is unlimited. (Use with caution)
+; Off = Disabled
+; Integer = Enables the buffer and sets its maximum size in bytes.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: Off
+; Development Value: 4096
+; Production Value: 4096
+; http://php.net/output-buffering
+output_buffering = 4096
+
+; You can redirect all of the output of your scripts to a function. For
+; example, if you set output_handler to "mb_output_handler", character
+; encoding will be transparently converted to the specified encoding.
+; Setting any output handler automatically turns on output buffering.
+; Note: People who wrote portable scripts should not depend on this ini
+; directive. Instead, explicitly set the output handler using ob_start().
+; Using this ini directive may cause problems unless you know what script
+; is doing.
+; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
+; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
+; Note: output_handler must be empty if this is set 'On' !!!!
+; Instead you must use zlib.output_handler.
+; http://php.net/output-handler
+;output_handler =
+
+; Transparent output compression using the zlib library
+; Valid values for this option are 'off', 'on', or a specific buffer size
+; to be used for compression (default is 4KB)
+; Note: Resulting chunk size may vary due to nature of compression. PHP
+; outputs chunks that are few hundreds bytes each as a result of
+; compression. If you prefer a larger chunk size for better
+; performance, enable output_buffering in addition.
+; Note: You need to use zlib.output_handler instead of the standard
+; output_handler, or otherwise the output will be corrupted.
+; http://php.net/zlib.output-compression
+zlib.output_compression = Off
+
+; http://php.net/zlib.output-compression-level
+;zlib.output_compression_level = -1
+
+; You cannot specify additional output handlers if zlib.output_compression
+; is activated here. This setting does the same as output_handler but in
+; a different order.
+; http://php.net/zlib.output-handler
+;zlib.output_handler =
+
+; Implicit flush tells PHP to tell the output layer to flush itself
+; automatically after every output block. This is equivalent to calling the
+; PHP function flush() after each and every call to print() or echo() and each
+; and every HTML block. Turning this option on has serious performance
+; implications and is generally recommended for debugging purposes only.
+; http://php.net/implicit-flush
+; Note: This directive is hardcoded to On for the CLI SAPI
+implicit_flush = Off
+
+; The unserialize callback function will be called (with the undefined class'
+; name as parameter), if the unserializer finds an undefined class
+; which should be instantiated. A warning appears if the specified function is
+; not defined, or if the function doesn't include/implement the missing class.
+; So only set this entry, if you really want to implement such a
+; callback-function.
+unserialize_callback_func =
+
+; When floats & doubles are serialized store serialize_precision significant
+; digits after the floating point. The default value ensures that when floats
+; are decoded with unserialize, the data will remain the same.
+serialize_precision = 17
+
+; open_basedir, if set, limits all file operations to the defined directory
+; and below. This directive makes most sense if used in a per-directory
+; or per-virtualhost web server configuration file.
+; http://php.net/open-basedir
+;open_basedir =
+
+; This directive allows you to disable certain functions for security reasons.
+; It receives a comma-delimited list of function names.
+; http://php.net/disable-functions
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
+
+; This directive allows you to disable certain classes for security reasons.
+; It receives a comma-delimited list of class names.
+; http://php.net/disable-classes
+disable_classes =
+
+; Colors for Syntax Highlighting mode. Anything that's acceptable in
+; <span style="color: ???????"> would work.
+; http://php.net/syntax-highlighting
+;highlight.string = #DD0000
+;highlight.comment = #FF9900
+;highlight.keyword = #007700
+;highlight.default = #0000BB
+;highlight.html = #000000
+
+; If enabled, the request will be allowed to complete even if the user aborts
+; the request. Consider enabling it if executing long requests, which may end up
+; being interrupted by the user or a browser timing out. PHP's default behavior
+; is to disable this feature.
+; http://php.net/ignore-user-abort
+;ignore_user_abort = On
+
+; Determines the size of the realpath cache to be used by PHP. This value should
+; be increased on systems where PHP opens many files to reflect the quantity of
+; the file operations performed.
+; http://php.net/realpath-cache-size
+;realpath_cache_size = 16k
+
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; http://php.net/realpath-cache-ttl
+;realpath_cache_ttl = 120
+
+; Enables or disables the circular reference collector.
+; http://php.net/zend.enable-gc
+zend.enable_gc = On
+
+; If enabled, scripts may be written in encodings that are incompatible with
+; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such
+; encodings. To use this feature, mbstring extension must be enabled.
+; Default: Off
+;zend.multibyte = Off
+
+; Allows to set the default encoding for the scripts. This value will be used
+; unless "declare(encoding=...)" directive appears at the top of the script.
+; Only affects if zend.multibyte is set.
+; Default: ""
+;zend.script_encoding =
+
+;;;;;;;;;;;;;;;;;
+; Miscellaneous ;
+;;;;;;;;;;;;;;;;;
+
+; Decides whether PHP may expose the fact that it is installed on the server
+; (e.g. by adding its signature to the Web server header). It is no security
+; threat in any way, but it makes it possible to determine whether you use PHP
+; on your server or not.
+; http://php.net/expose-php
+expose_php = Off
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+
+; Maximum execution time of each script, in seconds
+; http://php.net/max-execution-time
+; Note: This directive is hardcoded to 0 for the CLI SAPI
+max_execution_time = 30
+
+; Maximum amount of time each script may spend parsing request data. It's a good
+; idea to limit this time on productions servers in order to eliminate unexpectedly
+; long running scripts.
+; Note: This directive is hardcoded to -1 for the CLI SAPI
+; Default Value: -1 (Unlimited)
+; Development Value: 60 (60 seconds)
+; Production Value: 60 (60 seconds)
+; http://php.net/max-input-time
+max_input_time = 60
+
+; Maximum input variable nesting level
+; http://php.net/max-input-nesting-level
+;max_input_nesting_level = 64
+
+; How many GET/POST/COOKIE input variables may be accepted
+; max_input_vars = 1000
+
+; Maximum amount of memory a script may consume (128MB)
+; http://php.net/memory-limit
+memory_limit = 128M
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; This directive informs PHP of which errors, warnings and notices you would like
+; it to take action for. The recommended way of setting values for this
+; directive is through the use of the error level constants and bitwise
+; operators. The error level constants are below here for convenience as well as
+; some common settings and their meanings.
+; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
+; those related to E_NOTICE and E_STRICT, which together cover best practices and
+; recommended coding standards in PHP. For performance reasons, this is the
+; recommend error reporting setting. Your production server shouldn't be wasting
+; resources complaining about best practices and coding standards. That's what
+; development servers and development settings are for.
+; Note: The php.ini-development file has this setting as E_ALL. This
+; means it pretty much reports everything which is exactly what you want during
+; development and early testing.
+;
+; Error Level Constants:
+; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0)
+; E_ERROR - fatal run-time errors
+; E_RECOVERABLE_ERROR - almost fatal run-time errors
+; E_WARNING - run-time warnings (non-fatal errors)
+; E_PARSE - compile-time parse errors
+; E_NOTICE - run-time notices (these are warnings which often result
+; from a bug in your code, but it's possible that it was
+; intentional (e.g., using an uninitialized variable and
+; relying on the fact it is automatically initialized to an
+; empty string)
+; E_STRICT - run-time notices, enable to have PHP suggest changes
+; to your code which will ensure the best interoperability
+; and forward compatibility of your code
+; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
+; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
+; initial startup
+; E_COMPILE_ERROR - fatal compile-time errors
+; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
+; E_USER_ERROR - user-generated error message
+; E_USER_WARNING - user-generated warning message
+; E_USER_NOTICE - user-generated notice message
+; E_DEPRECATED - warn about code that will not work in future versions
+; of PHP
+; E_USER_DEPRECATED - user-generated deprecation warnings
+;
+; Common Values:
+; E_ALL (Show all errors, warnings and notices including coding standards.)
+; E_ALL & ~E_NOTICE (Show all errors, except for notices)
+; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
+; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
+; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED
+; Development Value: E_ALL
+; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
+; http://php.net/error-reporting
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; This directive controls whether or not and where PHP will output errors,
+; notices and warnings too. Error output is very useful during development, but
+; it could be very dangerous in production environments. Depending on the code
+; which is triggering the error, sensitive information could potentially leak
+; out of your application such as database usernames and passwords or worse.
+; For production environments, we recommend logging errors rather than
+; sending them to STDOUT.
+; Possible Values:
+; Off = Do not display any errors
+; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
+; On or stdout = Display errors to STDOUT
+; Default Value: On
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-errors
+display_errors = Off
+
+; The display of errors which occur during PHP's startup sequence are handled
+; separately from display_errors. PHP's default behavior is to suppress those
+; errors from clients. Turning the display of startup errors on can be useful in
+; debugging configuration problems. We strongly recommend you
+; set this to 'off' for production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/display-startup-errors
+display_startup_errors = Off
+
+; Besides displaying errors, PHP can also log errors to locations such as a
+; server-specific log, STDERR, or a location specified by the error_log
+; directive found below. While errors should not be displayed on productions
+; servers they should still be monitored and logging is a great way to do that.
+; Default Value: Off
+; Development Value: On
+; Production Value: On
+; http://php.net/log-errors
+log_errors = On
+
+; Set maximum length of log_errors. In error_log information about the source is
+; added. The default is 1024 and 0 allows to not apply any maximum length at all.
+; http://php.net/log-errors-max-len
+log_errors_max_len = 1024
+
+; Do not log repeated messages. Repeated errors must occur in same file on same
+; line unless ignore_repeated_source is set true.
+; http://php.net/ignore-repeated-errors
+ignore_repeated_errors = Off
+
+; Ignore source of message when ignoring repeated messages. When this setting
+; is On you will not log errors with repeated messages from different files or
+; source lines.
+; http://php.net/ignore-repeated-source
+ignore_repeated_source = Off
+
+; If this parameter is set to Off, then memory leaks will not be shown (on
+; stdout or in the log). This has only effect in a debug compile, and if
+; error reporting includes E_WARNING in the allowed list
+; http://php.net/report-memleaks
+report_memleaks = On
+
+; This setting is on by default.
+;report_zend_debug = 0
+
+; Store the last error/warning message in $php_errormsg (boolean). Setting this value
+; to On can assist in debugging and is appropriate for development servers. It should
+; however be disabled on production servers.
+; Default Value: Off
+; Development Value: On
+; Production Value: Off
+; http://php.net/track-errors
+track_errors = Off
+
+; Turn off normal error reporting and emit XML-RPC error XML
+; http://php.net/xmlrpc-errors
+;xmlrpc_errors = 0
+
+; An XML-RPC faultCode
+;xmlrpc_error_number = 0
+
+; When PHP displays or logs an error, it has the capability of formatting the
+; error message as HTML for easier reading. This directive controls whether
+; the error message is formatted as HTML or not.
+; Note: This directive is hardcoded to Off for the CLI SAPI
+; Default Value: On
+; Development Value: On
+; Production value: On
+; http://php.net/html-errors
+html_errors = On
+
+; If html_errors is set to On *and* docref_root is not empty, then PHP
+; produces clickable error messages that direct to a page describing the error
+; or function causing the error in detail.
+; You can download a copy of the PHP manual from http://php.net/docs
+; and change docref_root to the base URL of your local copy including the
+; leading '/'. You must also specify the file extension being used including
+; the dot. PHP's default behavior is to leave these settings empty, in which
+; case no links to documentation are generated.
+; Note: Never use this feature for production boxes.
+; http://php.net/docref-root
+; Examples
+;docref_root = "/phpmanual/"
+
+; http://php.net/docref-ext
+;docref_ext = .html
+
+; String to output before an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-prepend-string
+; Example:
+;error_prepend_string = "<span style='color: #ff0000'>"
+
+; String to output after an error message. PHP's default behavior is to leave
+; this setting blank.
+; http://php.net/error-append-string
+; Example:
+;error_append_string = "</span>"
+
+; Log errors to specified file. PHP's default behavior is to leave this value
+; empty.
+; http://php.net/error-log
+; Example:
+;error_log = php_errors.log
+; Log errors to syslog (Event Log on Windows).
+;error_log = syslog
+
+;windows.show_crt_warning
+; Default value: 0
+; Development value: 0
+; Production value: 0
+
+;;;;;;;;;;;;;;;;;
+; Data Handling ;
+;;;;;;;;;;;;;;;;;
+
+; The separator used in PHP generated URLs to separate arguments.
+; PHP's default setting is "&".
+; http://php.net/arg-separator.output
+; Example:
+;arg_separator.output = "&"
+
+; List of separator(s) used by PHP to parse input URLs into variables.
+; PHP's default setting is "&".
+; NOTE: Every character in this directive is considered as separator!
+; http://php.net/arg-separator.input
+; Example:
+;arg_separator.input = ";&"
+
+; This directive determines which super global arrays are registered when PHP
+; starts up. G,P,C,E & S are abbreviations for the following respective super
+; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty
+; paid for the registration of these arrays and because ENV is not as commonly
+; used as the others, ENV is not recommended on productions servers. You
+; can still get access to the environment variables through getenv() should you
+; need to.
+; Default Value: "EGPCS"
+; Development Value: "GPCS"
+; Production Value: "GPCS";
+; http://php.net/variables-order
+variables_order = "GPCS"
+
+; This directive determines which super global data (G,P & C) should be
+; registered into the super global array REQUEST. If so, it also determines
+; the order in which that data is registered. The values for this directive
+; are specified in the same manner as the variables_order directive,
+; EXCEPT one. Leaving this value empty will cause PHP to use the value set
+; in the variables_order directive. It does not mean it will leave the super
+; globals array REQUEST empty.
+; Default Value: None
+; Development Value: "GP"
+; Production Value: "GP"
+; http://php.net/request-order
+request_order = "GP"
+
+; This directive determines whether PHP registers $argv & $argc each time it
+; runs. $argv contains an array of all the arguments passed to PHP when a script
+; is invoked. $argc contains an integer representing the number of arguments
+; that were passed when the script was invoked. These arrays are extremely
+; useful when running scripts from the command line. When this directive is
+; enabled, registering these variables consumes CPU cycles and memory each time
+; a script is executed. For performance reasons, this feature should be disabled
+; on production servers.
+; Note: This directive is hardcoded to On for the CLI SAPI
+; Default Value: On
+; Development Value: Off
+; Production Value: Off
+; http://php.net/register-argc-argv
+register_argc_argv = Off
+
+; When enabled, the ENV, REQUEST and SERVER variables are created when they're
+; first used (Just In Time) instead of when the script starts. If these
+; variables are not used within a script, having this directive on will result
+; in a performance gain. The PHP directive register_argc_argv must be disabled
+; for this directive to have any affect.
+; http://php.net/auto-globals-jit
+auto_globals_jit = On
+
+; Whether PHP will read the POST data.
+; This option is enabled by default.
+; Most likely, you won't want to disable this option globally. It causes $_POST
+; and $_FILES to always be empty; the only way you will be able to read the
+; POST data will be through the php://input stream wrapper. This can be useful
+; to proxy requests or to process the POST data in a memory efficient fashion.
+; http://php.net/enable-post-data-reading
+;enable_post_data_reading = Off
+
+; Maximum size of POST data that PHP will accept.
+; Its value may be 0 to disable the limit. It is ignored if POST data reading
+; is disabled through enable_post_data_reading.
+; http://php.net/post-max-size
+post_max_size = 8M
+
+; Automatically add files before PHP document.
+; http://php.net/auto-prepend-file
+auto_prepend_file =
+
+; Automatically add files after PHP document.
+; http://php.net/auto-append-file
+auto_append_file =
+
+; By default, PHP will output a media type using the Content-Type header. To
+; disable this, simply set it to be empty.
+;
+; PHP's built-in default media type is set to text/html.
+; http://php.net/default-mimetype
+default_mimetype = "text/html"
+
+; PHP's default character set is set to UTF-8.
+; http://php.net/default-charset
+default_charset = "UTF-8"
+
+; PHP internal character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/internal-encoding
+;internal_encoding =
+
+; PHP input character encoding is set to empty.
+; If empty, default_charset is used.
+; http://php.net/input-encoding
+;input_encoding =
+
+; PHP output character encoding is set to empty.
+; If empty, default_charset is used.
+; mbstring or iconv output handler is used.
+; See also output_buffer.
+; http://php.net/output-encoding
+;output_encoding =
+
+; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
+; to disable this feature and it will be removed in a future version.
+; If post reading is disabled through enable_post_data_reading,
+; $HTTP_RAW_POST_DATA is *NOT* populated.
+; http://php.net/always-populate-raw-post-data
+;always_populate_raw_post_data = -1
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; UNIX: "/path1:/path2"
+;include_path = ".:/usr/share/php"
+;
+; Windows: "\path1;\path2"
+;include_path = ".;c:\php\includes"
+;
+; PHP's default setting for include_path is ".;/path/to/php/pear"
+; http://php.net/include-path
+
+; The root of the PHP pages, used only if nonempty.
+; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
+; if you are running php as a CGI under any web server (other than IIS)
+; see documentation for security issues. The alternate is to use the
+; cgi.force_redirect configuration below
+; http://php.net/doc-root
+doc_root =
+
+; The directory under which PHP opens the script using /~username used only
+; if nonempty.
+; http://php.net/user-dir
+user_dir =
+
+; Directory in which the loadable extensions (modules) reside.
+; http://php.net/extension-dir
+; extension_dir = "./"
+; On windows:
+; extension_dir = "ext"
+
+; Directory where the temporary files should be placed.
+; Defaults to the system default (see sys_get_temp_dir)
+; sys_temp_dir = "/tmp"
+
+; Whether or not to enable the dl() function. The dl() function does NOT work
+; properly in multithreaded servers, such as IIS or Zeus, and is automatically
+; disabled on them.
+; http://php.net/enable-dl
+enable_dl = Off
+
+; cgi.force_redirect is necessary to provide security running PHP as a CGI under
+; most web servers. Left undefined, PHP turns this on by default. You can
+; turn it off here AT YOUR OWN RISK
+; **You CAN safely turn this off for IIS, in fact, you MUST.**
+; http://php.net/cgi.force-redirect
+;cgi.force_redirect = 1
+
+; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
+; every request. PHP's default behavior is to disable this feature.
+;cgi.nph = 1
+
+; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
+; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
+; will look for to know it is OK to continue execution. Setting this variable MAY
+; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
+; http://php.net/cgi.redirect-status-env
+;cgi.redirect_status_env =
+
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
+; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting
+; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; http://php.net/cgi.fix-pathinfo
+;cgi.fix_pathinfo=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client. This allows IIS to define the
+; security context that the request runs under. mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS. Default is zero.
+; http://php.net/fastcgi.impersonate
+;fastcgi.impersonate = 1
+
+; Disable logging through FastCGI connection. PHP's default behavior is to enable
+; this feature.
+;fastcgi.logging = 0
+
+; cgi.rfc2616_headers configuration option tells PHP what type of headers to
+; use when sending HTTP response code. If set to 0, PHP sends Status: header that
+; is supported by Apache. When this option is set to 1, PHP will send
+; RFC2616 compliant header.
+; Default is zero.
+; http://php.net/cgi.rfc2616-headers
+;cgi.rfc2616_headers = 0
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+
+; Whether to allow HTTP file uploads.
+; http://php.net/file-uploads
+file_uploads = On
+
+; Temporary directory for HTTP uploaded files (will use system default if not
+; specified).
+; http://php.net/upload-tmp-dir
+;upload_tmp_dir =
+
+; Maximum allowed size for uploaded files.
+; http://php.net/upload-max-filesize
+upload_max_filesize = 2M
+
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+
+; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-fopen
+allow_url_fopen = On
+
+; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
+; http://php.net/allow-url-include
+allow_url_include = Off
+
+; Define the anonymous ftp password (your email address). PHP's default setting
+; for this is empty.
+; http://php.net/from
+;from="john@doe.com"
+
+; Define the User-Agent string. PHP's default setting for this is empty.
+; http://php.net/user-agent
+;user_agent="PHP"
+
+; Default timeout for socket based streams (seconds)
+; http://php.net/default-socket-timeout
+default_socket_timeout = 60
+
+; If your scripts have to deal with files from Macintosh systems,
+; or you are running on a Mac and need to deal with files from
+; unix or win32 systems, setting this flag will cause PHP to
+; automatically detect the EOL character in those files so that
+; fgets() and file() will work regardless of the source of the file.
+; http://php.net/auto-detect-line-endings
+;auto_detect_line_endings = Off
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+; extension=modulename.extension
+;
+; For example, on Windows:
+;
+; extension=msql.dll
+;
+; ... or under UNIX:
+;
+; extension=msql.so
+;
+; ... or with a path:
+;
+; extension=/path/to/extension/msql.so
+;
+; If you only provide the name of the extension, PHP will look for it in its
+; default extension directory.
+;
+
+;;;;;;;;;;;;;;;;;;;
+; Module Settings ;
+;;;;;;;;;;;;;;;;;;;
+
+[CLI Server]
+; Whether the CLI web server uses ANSI color coding in its terminal output.
+cli_server.color = On
+
+[Date]
+; Defines the default timezone used by the date functions
+; http://php.net/date.timezone
+;date.timezone =
+
+; http://php.net/date.default-latitude
+;date.default_latitude = 31.7667
+
+; http://php.net/date.default-longitude
+;date.default_longitude = 35.2333
+
+; http://php.net/date.sunrise-zenith
+;date.sunrise_zenith = 90.583333
+
+; http://php.net/date.sunset-zenith
+;date.sunset_zenith = 90.583333
+
+[filter]
+; http://php.net/filter.default
+;filter.default = unsafe_raw
+
+; http://php.net/filter.default-flags
+;filter.default_flags =
+
+[iconv]
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; If empty, default_charset or input_encoding or iconv.input_encoding is used.
+; The precedence is: default_charset < intput_encoding < iconv.input_encoding
+;iconv.input_encoding =
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;iconv.internal_encoding =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; If empty, default_charset or output_encoding or iconv.output_encoding is used.
+; The precedence is: default_charset < output_encoding < iconv.output_encoding
+; To use an output encoding conversion, iconv's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+;iconv.output_encoding =
+
+[intl]
+;intl.default_locale =
+; This directive allows you to produce PHP errors when some error
+; happens within intl functions. The value is the level of the error produced.
+; Default is 0, which does not produce any errors.
+;intl.error_level = E_WARNING
+;intl.use_exceptions = 0
+
+[sqlite3]
+;sqlite3.extension_dir =
+
+[Pcre]
+;PCRE library backtracking limit.
+; http://php.net/pcre.backtrack-limit
+;pcre.backtrack_limit=100000
+
+;PCRE library recursion limit.
+;Please note that if you set this value to a high number you may consume all
+;the available process stack and eventually crash PHP (due to reaching the
+;stack size limit imposed by the Operating System).
+; http://php.net/pcre.recursion-limit
+;pcre.recursion_limit=100000
+
+[Pdo]
+; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
+; http://php.net/pdo-odbc.connection-pooling
+;pdo_odbc.connection_pooling=strict
+
+;pdo_odbc.db2_instance_name
+
+[Pdo_mysql]
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/pdo_mysql.cache_size
+pdo_mysql.cache_size = 2000
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/pdo_mysql.default-socket
+pdo_mysql.default_socket=
+
+[Phar]
+; http://php.net/phar.readonly
+;phar.readonly = On
+
+; http://php.net/phar.require-hash
+;phar.require_hash = On
+
+;phar.cache_list =
+
+[mail function]
+; For Win32 only.
+; http://php.net/smtp
+SMTP = localhost
+; http://php.net/smtp-port
+smtp_port = 25
+
+; For Win32 only.
+; http://php.net/sendmail-from
+;sendmail_from = me@example.com
+
+; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
+; http://php.net/sendmail-path
+;sendmail_path =
+
+; Force the addition of the specified parameters to be passed as extra parameters
+; to the sendmail binary. These parameters will always replace the value of
+; the 5th parameter to mail().
+;mail.force_extra_parameters =
+
+; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
+mail.add_x_header = On
+
+; The path to a log file that will log all mail() calls. Log entries include
+; the full path of the script, line number, To address and headers.
+;mail.log =
+; Log mail to syslog (Event Log on Windows).
+;mail.log = syslog
+
+[SQL]
+; http://php.net/sql.safe-mode
+sql.safe_mode = Off
+
+[ODBC]
+; http://php.net/odbc.default-db
+;odbc.default_db = Not yet implemented
+
+; http://php.net/odbc.default-user
+;odbc.default_user = Not yet implemented
+
+; http://php.net/odbc.default-pw
+;odbc.default_pw = Not yet implemented
+
+; Controls the ODBC cursor model.
+; Default: SQL_CURSOR_STATIC (default).
+;odbc.default_cursortype
+
+; Allow or prevent persistent links.
+; http://php.net/odbc.allow-persistent
+odbc.allow_persistent = On
+
+; Check that a connection is still valid before reuse.
+; http://php.net/odbc.check-persistent
+odbc.check_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/odbc.max-persistent
+odbc.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/odbc.max-links
+odbc.max_links = -1
+
+; Handling of LONG fields. Returns number of bytes to variables. 0 means
+; passthru.
+; http://php.net/odbc.defaultlrl
+odbc.defaultlrl = 4096
+
+; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
+; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
+; of odbc.defaultlrl and odbc.defaultbinmode
+; http://php.net/odbc.defaultbinmode
+odbc.defaultbinmode = 1
+
+;birdstep.max_links = -1
+
+[Interbase]
+; Allow or prevent persistent links.
+ibase.allow_persistent = 1
+
+; Maximum number of persistent links. -1 means no limit.
+ibase.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+ibase.max_links = -1
+
+; Default database name for ibase_connect().
+;ibase.default_db =
+
+; Default username for ibase_connect().
+;ibase.default_user =
+
+; Default password for ibase_connect().
+;ibase.default_password =
+
+; Default charset for ibase_connect().
+;ibase.default_charset =
+
+; Default timestamp format.
+ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
+
+; Default date format.
+ibase.dateformat = "%Y-%m-%d"
+
+; Default time format.
+ibase.timeformat = "%H:%M:%S"
+
+[MySQL]
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysql.allow_local_infile
+mysql.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysql.allow-persistent
+mysql.allow_persistent = On
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysql.cache_size
+mysql.cache_size = 2000
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysql.max-persistent
+mysql.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/mysql.max-links
+mysql.max_links = -1
+
+; Default port number for mysql_connect(). If unset, mysql_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysql.default-port
+mysql.default_port =
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysql.default-socket
+mysql.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-host
+mysql.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysql.default-user
+mysql.default_user =
+
+; Default password for mysql_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysql.default-password
+mysql.default_password =
+
+; Maximum time (in seconds) for connect timeout. -1 means no limit
+; http://php.net/mysql.connect-timeout
+mysql.connect_timeout = 60
+
+; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
+; SQL-Errors will be displayed.
+; http://php.net/mysql.trace-mode
+mysql.trace_mode = Off
+
+[MySQLi]
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/mysqli.max-persistent
+mysqli.max_persistent = -1
+
+; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
+; http://php.net/mysqli.allow_local_infile
+;mysqli.allow_local_infile = On
+
+; Allow or prevent persistent links.
+; http://php.net/mysqli.allow-persistent
+mysqli.allow_persistent = On
+
+; Maximum number of links. -1 means no limit.
+; http://php.net/mysqli.max-links
+mysqli.max_links = -1
+
+; If mysqlnd is used: Number of cache slots for the internal result set cache
+; http://php.net/mysqli.cache_size
+mysqli.cache_size = 2000
+
+; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
+; at MYSQL_PORT.
+; http://php.net/mysqli.default-port
+mysqli.default_port = 3306
+
+; Default socket name for local MySQL connects. If empty, uses the built-in
+; MySQL defaults.
+; http://php.net/mysqli.default-socket
+mysqli.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-host
+mysqli.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+; http://php.net/mysqli.default-user
+mysqli.default_user =
+
+; Default password for mysqli_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
+; and reveal this password! And of course, any users with read access to this
+; file will be able to reveal the password as well.
+; http://php.net/mysqli.default-pw
+mysqli.default_pw =
+
+; Allow or prevent reconnect
+mysqli.reconnect = Off
+
+[mysqlnd]
+; Enable / Disable collection of general statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_statistics
+mysqlnd.collect_statistics = On
+
+; Enable / Disable collection of memory usage statistics by mysqlnd which can be
+; used to tune and monitor MySQL operations.
+; http://php.net/mysqlnd.collect_memory_statistics
+mysqlnd.collect_memory_statistics = Off
+
+; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
+; http://php.net/mysqlnd.net_cmd_buffer_size
+;mysqlnd.net_cmd_buffer_size = 2048
+
+; Size of a pre-allocated buffer used for reading data sent by the server in
+; bytes.
+; http://php.net/mysqlnd.net_read_buffer_size
+;mysqlnd.net_read_buffer_size = 32768
+
+[OCI8]
+
+; Connection: Enables privileged connections using external
+; credentials (OCI_SYSOPER, OCI_SYSDBA)
+; http://php.net/oci8.privileged-connect
+;oci8.privileged_connect = Off
+
+; Connection: The maximum number of persistent OCI8 connections per
+; process. Using -1 means no limit.
+; http://php.net/oci8.max-persistent
+;oci8.max_persistent = -1
+
+; Connection: The maximum number of seconds a process is allowed to
+; maintain an idle persistent connection. Using -1 means idle
+; persistent connections will be maintained forever.
+; http://php.net/oci8.persistent-timeout
+;oci8.persistent_timeout = -1
+
+; Connection: The number of seconds that must pass before issuing a
+; ping during oci_pconnect() to check the connection validity. When
+; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
+; pings completely.
+; http://php.net/oci8.ping-interval
+;oci8.ping_interval = 60
+
+; Connection: Set this to a user chosen connection class to be used
+; for all pooled server requests with Oracle 11g Database Resident
+; Connection Pooling (DRCP). To use DRCP, this value should be set to
+; the same string for all web servers running the same application,
+; the database pool must be configured, and the connection string must
+; specify to use a pooled server.
+;oci8.connection_class =
+
+; High Availability: Using On lets PHP receive Fast Application
+; Notification (FAN) events generated when a database node fails. The
+; database must also be configured to post FAN events.
+;oci8.events = Off
+
+; Tuning: This option enables statement caching, and specifies how
+; many statements to cache. Using 0 disables statement caching.
+; http://php.net/oci8.statement-cache-size
+;oci8.statement_cache_size = 20
+
+; Tuning: Enables statement prefetching and sets the default number of
+; rows that will be fetched automatically after statement execution.
+; http://php.net/oci8.default-prefetch
+;oci8.default_prefetch = 100
+
+; Compatibility. Using On means oci_close() will not close
+; oci_connect() and oci_new_connect() connections.
+; http://php.net/oci8.old-oci-close-semantics
+;oci8.old_oci_close_semantics = Off
+
+[PostgreSQL]
+; Allow or prevent persistent links.
+; http://php.net/pgsql.allow-persistent
+pgsql.allow_persistent = On
+
+; Detect broken persistent links always with pg_pconnect().
+; Auto reset feature requires a little overheads.
+; http://php.net/pgsql.auto-reset-persistent
+pgsql.auto_reset_persistent = Off
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/pgsql.max-persistent
+pgsql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+; http://php.net/pgsql.max-links
+pgsql.max_links = -1
+
+; Ignore PostgreSQL backends Notice message or not.
+; Notice message logging require a little overheads.
+; http://php.net/pgsql.ignore-notice
+pgsql.ignore_notice = 0
+
+; Log PostgreSQL backends Notice message or not.
+; Unless pgsql.ignore_notice=0, module cannot log notice message.
+; http://php.net/pgsql.log-notice
+pgsql.log_notice = 0
+
+[Sybase-CT]
+; Allow or prevent persistent links.
+; http://php.net/sybct.allow-persistent
+sybct.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+; http://php.net/sybct.max-persistent
+sybct.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent). -1 means no limit.
+; http://php.net/sybct.max-links
+sybct.max_links = -1
+
+; Minimum server message severity to display.
+; http://php.net/sybct.min-server-severity
+sybct.min_server_severity = 10
+
+; Minimum client message severity to display.
+; http://php.net/sybct.min-client-severity
+sybct.min_client_severity = 10
+
+; Set per-context timeout
+; http://php.net/sybct.timeout
+;sybct.timeout=
+
+;sybct.packet_size
+
+; The maximum time in seconds to wait for a connection attempt to succeed before returning failure.
+; Default: one minute
+;sybct.login_timeout=
+
+; The name of the host you claim to be connecting from, for display by sp_who.
+; Default: none
+;sybct.hostname=
+
+; Allows you to define how often deadlocks are to be retried. -1 means "forever".
+; Default: 0
+;sybct.deadlock_retry_count=
+
+[bcmath]
+; Number of decimal digits for all bcmath functions.
+; http://php.net/bcmath.scale
+bcmath.scale = 0
+
+[browscap]
+; http://php.net/browscap
+;browscap = extra/browscap.ini
+
+[Session]
+; Handler used to store/retrieve data.
+; http://php.net/session.save-handler
+session.save_handler = files
+
+; Argument passed to save_handler. In the case of files, this is the path
+; where data files are stored. Note: Windows users have to change this
+; variable in order to use PHP's session functions.
+;
+; The path can be defined as:
+;
+; session.save_path = "N;/path"
+;
+; where N is an integer. Instead of storing all the session files in
+; /path, what this will do is use subdirectories N-levels deep, and
+; store the session data in those directories. This is useful if
+; your OS has problems with many files in one directory, and is
+; a more efficient layout for servers that handle many sessions.
+;
+; NOTE 1: PHP will not create this directory structure automatically.
+; You can use the script in the ext/session dir for that purpose.
+; NOTE 2: See the section on garbage collection below if you choose to
+; use subdirectories for session storage
+;
+; The file storage module creates files using mode 600 by default.
+; You can change that by using
+;
+; session.save_path = "N;MODE;/path"
+;
+; where MODE is the octal representation of the mode. Note that this
+; does not overwrite the process's umask.
+; http://php.net/session.save-path
+;session.save_path = "/var/lib/php5/sessions"
+
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
+; Whether to use cookies.
+; http://php.net/session.use-cookies
+session.use_cookies = 1
+
+; http://php.net/session.cookie-secure
+;session.cookie_secure =
+
+; This option forces PHP to fetch and use a cookie for storing and maintaining
+; the session id. We encourage this operation as it's very helpful in combating
+; session hijacking when not specifying and managing your own session id. It is
+; not the be-all and end-all of session hijacking defense, but it's a good start.
+; http://php.net/session.use-only-cookies
+session.use_only_cookies = 1
+
+; Name of the session (used as cookie name).
+; http://php.net/session.name
+session.name = PHPSESSID
+
+; Initialize session on request startup.
+; http://php.net/session.auto-start
+session.auto_start = 0
+
+; Lifetime in seconds of cookie or, if 0, until browser is restarted.
+; http://php.net/session.cookie-lifetime
+session.cookie_lifetime = 0
+
+; The path for which the cookie is valid.
+; http://php.net/session.cookie-path
+session.cookie_path = /
+
+; The domain for which the cookie is valid.
+; http://php.net/session.cookie-domain
+session.cookie_domain =
+
+; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
+; http://php.net/session.cookie-httponly
+session.cookie_httponly =
+
+; Handler used to serialize data. php is the standard serializer of PHP.
+; http://php.net/session.serialize-handler
+session.serialize_handler = php
+
+; Defines the probability that the 'garbage collection' process is started
+; on every session initialization. The probability is calculated by using
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator
+; and gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request.
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.gc-probability
+session.gc_probability = 0
+
+; Defines the probability that the 'garbage collection' process is started on every
+; session initialization. The probability is calculated by using the following equation:
+; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
+; session.gc_divisor is the denominator in the equation. Setting this value to 1
+; when the session.gc_divisor value is 100 will give you approximately a 1% chance
+; the gc will run on any give request. Increasing this value to 1000 will give you
+; a 0.1% chance the gc will run on any give request. For high volume production servers,
+; this is a more efficient approach.
+; Default Value: 100
+; Development Value: 1000
+; Production Value: 1000
+; http://php.net/session.gc-divisor
+session.gc_divisor = 1000
+
+; After this number of seconds, stored data will be seen as 'garbage' and
+; cleaned up by the garbage collection process.
+; http://php.net/session.gc-maxlifetime
+session.gc_maxlifetime = 1440
+
+; NOTE: If you are using the subdirectory option for storing session files
+; (see session.save_path above), then garbage collection does *not*
+; happen automatically. You will need to do your own garbage
+; collection through a shell script, cron entry, or some other method.
+; For example, the following script would is the equivalent of
+; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+; find /path/to/sessions -cmin +24 -type f | xargs rm
+
+; Check HTTP Referer to invalidate externally stored URLs containing ids.
+; HTTP_REFERER has to contain this substring for the session to be
+; considered as valid.
+; http://php.net/session.referer-check
+session.referer_check =
+
+; How many bytes to read from the file.
+; http://php.net/session.entropy-length
+;session.entropy_length = 32
+
+; Specified here to create the session id.
+; http://php.net/session.entropy-file
+; Defaults to /dev/urandom
+; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom
+; If neither are found at compile time, the default is no entropy file.
+; On windows, setting the entropy_length setting will activate the
+; Windows random source (using the CryptoAPI)
+;session.entropy_file = /dev/urandom
+
+; Set to {nocache,private,public,} to determine HTTP caching aspects
+; or leave this empty to avoid sending anti-caching headers.
+; http://php.net/session.cache-limiter
+session.cache_limiter = nocache
+
+; Document expires after n minutes.
+; http://php.net/session.cache-expire
+session.cache_expire = 180
+
+; trans sid support is disabled by default.
+; Use of trans sid may risk your users' security.
+; Use this option with caution.
+; - User may send URL contains active session ID
+; to other person via. email/irc/etc.
+; - URL that contains active session ID may be stored
+; in publicly accessible computer.
+; - User may access your site with the same session ID
+; always using URL stored in browser's history or bookmarks.
+; http://php.net/session.use-trans-sid
+session.use_trans_sid = 0
+
+; Select a hash function for use in generating session ids.
+; Possible Values
+; 0 (MD5 128 bits)
+; 1 (SHA-1 160 bits)
+; This option may also be set to the name of any hash function supported by
+; the hash extension. A list of available hashes is returned by the hash_algos()
+; function.
+; http://php.net/session.hash-function
+session.hash_function = 0
+
+; Define how many bits are stored in each character when converting
+; the binary hash data to something readable.
+; Possible values:
+; 4 (4 bits: 0-9, a-f)
+; 5 (5 bits: 0-9, a-v)
+; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
+; Default Value: 4
+; Development Value: 5
+; Production Value: 5
+; http://php.net/session.hash-bits-per-character
+session.hash_bits_per_character = 5
+
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; form/fieldset are special; if you include them here, the rewriter will
+; add a hidden <input> field with the info which is otherwise appended
+; to URLs. If you want XHTML conformity, remove the form entry.
+; Note that all valid entries require a "=", even if no value follows.
+; Default Value: "a=href,area=href,frame=src,form=,fieldset="
+; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
+; http://php.net/url-rewriter.tags
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+; Enable upload progress tracking in $_SESSION
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.enabled
+;session.upload_progress.enabled = On
+
+; Cleanup the progress information as soon as all POST data has been read
+; (i.e. upload completed).
+; Default Value: On
+; Development Value: On
+; Production Value: On
+; http://php.net/session.upload-progress.cleanup
+;session.upload_progress.cleanup = On
+
+; A prefix used for the upload progress key in $_SESSION
+; Default Value: "upload_progress_"
+; Development Value: "upload_progress_"
+; Production Value: "upload_progress_"
+; http://php.net/session.upload-progress.prefix
+;session.upload_progress.prefix = "upload_progress_"
+
+; The index name (concatenated with the prefix) in $_SESSION
+; containing the upload progress information
+; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
+; http://php.net/session.upload-progress.name
+;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
+
+; How frequently the upload progress should be updated.
+; Given either in percentages (per-file), or in bytes
+; Default Value: "1%"
+; Development Value: "1%"
+; Production Value: "1%"
+; http://php.net/session.upload-progress.freq
+;session.upload_progress.freq = "1%"
+
+; The minimum delay between updates, in seconds
+; Default Value: 1
+; Development Value: 1
+; Production Value: 1
+; http://php.net/session.upload-progress.min-freq
+;session.upload_progress.min_freq = "1"
+
+[MSSQL]
+; Allow or prevent persistent links.
+mssql.allow_persistent = On
+
+; Maximum number of persistent links. -1 means no limit.
+mssql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent). -1 means no limit.
+mssql.max_links = -1
+
+; Minimum error severity to display.
+mssql.min_error_severity = 10
+
+; Minimum message severity to display.
+mssql.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+mssql.compatibility_mode = Off
+
+; Connect timeout
+;mssql.connect_timeout = 5
+
+; Query timeout
+;mssql.timeout = 60
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textlimit = 4096
+
+; Valid range 0 - 2147483647. Default = 4096.
+;mssql.textsize = 4096
+
+; Limits the number of records in each batch. 0 = all records in one batch.
+;mssql.batchsize = 0
+
+; Specify how datetime and datetim4 columns are returned
+; On => Returns data converted to SQL server settings
+; Off => Returns values as YYYY-MM-DD hh:mm:ss
+;mssql.datetimeconvert = On
+
+; Use NT authentication when connecting to the server
+mssql.secure_connection = Off
+
+; Specify max number of processes. -1 = library default
+; msdlib defaults to 25
+; FreeTDS defaults to 4096
+;mssql.max_procs = -1
+
+; Specify client character set.
+; If empty or not set the client charset from freetds.conf is used
+; This is only used when compiled with FreeTDS
+;mssql.charset = "ISO-8859-1"
+
+[Assertion]
+; Assert(expr); active by default.
+; http://php.net/assert.active
+;assert.active = On
+
+; Issue a PHP warning for each failed assertion.
+; http://php.net/assert.warning
+;assert.warning = On
+
+; Don't bail out by default.
+; http://php.net/assert.bail
+;assert.bail = Off
+
+; User-function to be called if an assertion fails.
+; http://php.net/assert.callback
+;assert.callback = 0
+
+; Eval the expression with current error_reporting(). Set to true if you want
+; error_reporting(0) around the eval().
+; http://php.net/assert.quiet-eval
+;assert.quiet_eval = 0
+
+[COM]
+; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
+; http://php.net/com.typelib-file
+;com.typelib_file =
+
+; allow Distributed-COM calls
+; http://php.net/com.allow-dcom
+;com.allow_dcom = true
+
+; autoregister constants of a components typlib on com_load()
+; http://php.net/com.autoregister-typelib
+;com.autoregister_typelib = true
+
+; register constants casesensitive
+; http://php.net/com.autoregister-casesensitive
+;com.autoregister_casesensitive = false
+
+; show warnings on duplicate constant registrations
+; http://php.net/com.autoregister-verbose
+;com.autoregister_verbose = true
+
+; The default character set code-page to use when passing strings to and from COM objects.
+; Default: system ANSI code page
+;com.code_page=
+
+[mbstring]
+; language for internal character representation.
+; This affects mb_send_mail() and mbstrig.detect_order.
+; http://php.net/mbstring.language
+;mbstring.language = Japanese
+
+; Use of this INI entry is deprecated, use global internal_encoding instead.
+; internal/script encoding.
+; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
+; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
+; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
+;mbstring.internal_encoding =
+
+; Use of this INI entry is deprecated, use global input_encoding instead.
+; http input encoding.
+; mbstring.encoding_traslation = On is needed to use this setting.
+; If empty, default_charset or input_encoding or mbstring.input is used.
+; The precedence is: default_charset < intput_encoding < mbsting.http_input
+; http://php.net/mbstring.http-input
+;mbstring.http_input =
+
+; Use of this INI entry is deprecated, use global output_encoding instead.
+; http output encoding.
+; mb_output_handler must be registered as output buffer to function.
+; If empty, default_charset or output_encoding or mbstring.http_output is used.
+; The precedence is: default_charset < output_encoding < mbstring.http_output
+; To use an output encoding conversion, mbstring's output handler must be set
+; otherwise output encoding conversion cannot be performed.
+; http://php.net/mbstring.http-output
+;mbstring.http_output =
+
+; enable automatic encoding translation according to
+; mbstring.internal_encoding setting. Input chars are
+; converted to internal encoding by setting this to On.
+; Note: Do _not_ use automatic encoding translation for
+; portable libs/applications.
+; http://php.net/mbstring.encoding-translation
+;mbstring.encoding_translation = Off
+
+; automatic encoding detection order.
+; "auto" detect order is changed according to mbstring.language
+; http://php.net/mbstring.detect-order
+;mbstring.detect_order = auto
+
+; substitute_character used when character cannot be converted
+; one from another
+; http://php.net/mbstring.substitute-character
+;mbstring.substitute_character = none
+
+; overload(replace) single byte functions by mbstring functions.
+; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
+; etc. Possible values are 0,1,2,4 or combination of them.
+; For example, 7 for overload everything.
+; 0: No overload
+; 1: Overload mail() function
+; 2: Overload str*() functions
+; 4: Overload ereg*() functions
+; http://php.net/mbstring.func-overload
+;mbstring.func_overload = 0
+
+; enable strict encoding detection.
+; Default: Off
+;mbstring.strict_detection = On
+
+; This directive specifies the regex pattern of content types for which mb_output_handler()
+; is activated.
+; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
+;mbstring.http_output_conv_mimetype=
+
+[gd]
+; Tell the jpeg decode to ignore warnings and try to create
+; a gd image. The warning will then be displayed as notices
+; disabled by default
+; http://php.net/gd.jpeg-ignore-warning
+;gd.jpeg_ignore_warning = 0
+
+[exif]
+; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
+; With mbstring support this will automatically be converted into the encoding
+; given by corresponding encode setting. When empty mbstring.internal_encoding
+; is used. For the decode settings you can distinguish between motorola and
+; intel byte order. A decode setting cannot be empty.
+; http://php.net/exif.encode-unicode
+;exif.encode_unicode = ISO-8859-15
+
+; http://php.net/exif.decode-unicode-motorola
+;exif.decode_unicode_motorola = UCS-2BE
+
+; http://php.net/exif.decode-unicode-intel
+;exif.decode_unicode_intel = UCS-2LE
+
+; http://php.net/exif.encode-jis
+;exif.encode_jis =
+
+; http://php.net/exif.decode-jis-motorola
+;exif.decode_jis_motorola = JIS
+
+; http://php.net/exif.decode-jis-intel
+;exif.decode_jis_intel = JIS
+
+[Tidy]
+; The path to a default tidy configuration file to use when using tidy
+; http://php.net/tidy.default-config
+;tidy.default_config = /usr/local/lib/php/default.tcfg
+
+; Should tidy clean and repair output automatically?
+; WARNING: Do not use this option if you are generating non-html content
+; such as dynamic images
+; http://php.net/tidy.clean-output
+tidy.clean_output = Off
+
+[soap]
+; Enables or disables WSDL caching feature.
+; http://php.net/soap.wsdl-cache-enabled
+soap.wsdl_cache_enabled=1
+
+; Sets the directory name where SOAP extension will put cache files.
+; http://php.net/soap.wsdl-cache-dir
+soap.wsdl_cache_dir="/tmp"
+
+; (time to live) Sets the number of second while cached file will be used
+; instead of original one.
+; http://php.net/soap.wsdl-cache-ttl
+soap.wsdl_cache_ttl=86400
+
+; Sets the size of the cache limit. (Max. number of WSDL files to cache)
+soap.wsdl_cache_limit = 5
+
+[sysvshm]
+; A default size of the shared memory segment
+;sysvshm.init_mem = 10000
+
+[ldap]
+; Sets the maximum number of open links or -1 for unlimited.
+ldap.max_links = -1
+
+[mcrypt]
+; For more information about mcrypt settings see http://php.net/mcrypt-module-open
+
+; Directory where to load mcrypt algorithms
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.algorithms_dir=
+
+; Directory where to load mcrypt modes
+; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt)
+;mcrypt.modes_dir=
+
+[dba]
+;dba.default_handler=
+
+[opcache]
+; Determines if Zend OPCache is enabled
+;opcache.enable=0
+
+; Determines if Zend OPCache is enabled for the CLI version of PHP
+;opcache.enable_cli=0
+
+; The OPcache shared memory storage size.
+;opcache.memory_consumption=64
+
+; The amount of memory for interned strings in Mbytes.
+;opcache.interned_strings_buffer=4
+
+; The maximum number of keys (scripts) in the OPcache hash table.
+; Only numbers between 200 and 100000 are allowed.
+;opcache.max_accelerated_files=2000
+
+; The maximum percentage of "wasted" memory until a restart is scheduled.
+;opcache.max_wasted_percentage=5
+
+; When this directive is enabled, the OPcache appends the current working
+; directory to the script key, thus eliminating possible collisions between
+; files with the same name (basename). Disabling the directive improves
+; performance, but may break existing applications.
+;opcache.use_cwd=1
+
+; When disabled, you must reset the OPcache manually or restart the
+; webserver for changes to the filesystem to take effect.
+;opcache.validate_timestamps=1
+
+; How often (in seconds) to check file timestamps for changes to the shared
+; memory storage allocation. ("1" means validate once per second, but only
+; once per request. "0" means always validate)
+;opcache.revalidate_freq=2
+
+; Enables or disables file search in include_path optimization
+;opcache.revalidate_path=0
+
+; If disabled, all PHPDoc comments are dropped from the code to reduce the
+; size of the optimized code.
+;opcache.save_comments=1
+
+; If disabled, PHPDoc comments are not loaded from SHM, so "Doc Comments"
+; may be always stored (save_comments=1), but not loaded by applications
+; that don't need them anyway.
+;opcache.load_comments=1
+
+; If enabled, a fast shutdown sequence is used for the accelerated code
+;opcache.fast_shutdown=0
+
+; Allow file existence override (file_exists, etc.) performance feature.
+;opcache.enable_file_override=0
+
+; A bitmask, where each bit enables or disables the appropriate OPcache
+; passes
+;opcache.optimization_level=0xffffffff
+
+;opcache.inherited_hack=1
+;opcache.dups_fix=0
+
+; The location of the OPcache blacklist file (wildcards allowed).
+; Each OPcache blacklist file is a text file that holds the names of files
+; that should not be accelerated. The file format is to add each filename
+; to a new line. The filename may be a full path or just a file prefix
+; (i.e., /var/www/x blacklists all the files and directories in /var/www
+; that start with 'x'). Line starting with a ; are ignored (comments).
+;opcache.blacklist_filename=
+
+; Allows exclusion of large files from being cached. By default all files
+; are cached.
+;opcache.max_file_size=0
+
+; Check the cache checksum each N requests.
+; The default value of "0" means that the checks are disabled.
+;opcache.consistency_checks=0
+
+; How long to wait (in seconds) for a scheduled restart to begin if the cache
+; is not being accessed.
+;opcache.force_restart_timeout=180
+
+; OPcache error_log file name. Empty string assumes "stderr".
+;opcache.error_log=
+
+; All OPcache errors go to the Web server log.
+; By default, only fatal errors (level 0) or errors (level 1) are logged.
+; You can also enable warnings (level 2), info messages (level 3) or
+; debug messages (level 4).
+;opcache.log_verbosity_level=1
+
+; Preferred Shared Memory back-end. Leave empty and let the system decide.
+;opcache.preferred_memory_model=
+
+; Protect the shared memory from unexpected writing during script execution.
+; Useful for internal debugging only.
+;opcache.protect_memory=0
+
+[curl]
+; A default value for the CURLOPT_CAINFO option. This is required to be an
+; absolute path.
+;curl.cainfo =
+
+[openssl]
+; The location of a Certificate Authority (CA) file on the local filesystem
+; to use when verifying the identity of SSL/TLS peers. Most users should
+; not specify a value for this directive as PHP will attempt to use the
+; OS-managed cert stores in its absence. If specified, this value may still
+; be overridden on a per-stream basis via the "cafile" SSL stream context
+; option.
+;openssl.cafile=
+
+; If openssl.cafile is not specified or if the CA file is not found, the
+; directory pointed to by openssl.capath is searched for a suitable
+; certificate. This value must be a correctly hashed certificate directory.
+; Most users should not specify a value for this directive as PHP will
+; attempt to use the OS-managed cert stores in its absence. If specified,
+; this value may still be overridden on a per-stream basis via the "capath"
+; SSL stream context option.
+;openssl.capath=
+
+; Local Variables:
+; tab-width: 4
+; End:
--- /dev/null
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+; will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
+; a specific port;
+; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+; a specific port;
+; 'port' - to listen on a TCP socket to all IPv4 addresses on a
+; specific port;
+; '[::]:port' - to listen on a TCP socket to all addresses
+; (IPv6 and IPv4-mapped) on a specific port;
+; '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /var/run/php-fpm.socket
+
+; Set listen(2) backlog.
+; Default Value: 65535 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 65535
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions.
+; Default Values: user and group are set as the running user
+; mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+; - The pool processes will inherit the master process priority
+; unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+; static - a fixed number (pm.max_children) of child processes;
+; dynamic - the number of child processes are set dynamically based on the
+; following directives. With this process management, there will be
+; always at least 1 children.
+; pm.max_children - the maximum number of children that can
+; be alive at the same time.
+; pm.start_servers - the number of children created on startup.
+; pm.min_spare_servers - the minimum number of children in 'idle'
+; state (waiting to process). If the number
+; of 'idle' processes is less than this
+; number then some children will be created.
+; pm.max_spare_servers - the maximum number of children in 'idle'
+; state (waiting to process). If the number
+; of 'idle' processes is greater than this
+; number then some children will be killed.
+; ondemand - no children are created at startup. Children will be forked when
+; new requests will connect. The following parameter are used:
+; pm.max_children - the maximum number of children that
+; can be alive at the same time.
+; pm.process_idle_timeout - The number of seconds after which
+; an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+; pool - the name of the pool;
+; process manager - static, dynamic or ondemand;
+; start time - the date and time FPM has started;
+; start since - number of seconds since FPM has started;
+; accepted conn - the number of request accepted by the pool;
+; listen queue - the number of request in the queue of pending
+; connections (see backlog in listen(2));
+; max listen queue - the maximum number of requests in the queue
+; of pending connections since FPM has started;
+; listen queue len - the size of the socket queue of pending connections;
+; idle processes - the number of idle processes;
+; active processes - the number of active processes;
+; total processes - the number of idle + active processes;
+; max active processes - the maximum number of active processes since FPM
+; has started;
+; max children reached - number of times, the process limit has been reached,
+; when pm tries to start more children (works only for
+; pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+; pool: www
+; process manager: static
+; start time: 01/Jul/2011:17:53:49 +0200
+; start since: 62636
+; accepted conn: 190460
+; listen queue: 0
+; max listen queue: 1
+; listen queue len: 42
+; idle processes: 4
+; active processes: 11
+; total processes: 15
+; max active processes: 12
+; max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+; http://www.foo.bar/status
+; http://www.foo.bar/status?json
+; http://www.foo.bar/status?html
+; http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+; http://www.foo.bar/status?full
+; http://www.foo.bar/status?json&full
+; http://www.foo.bar/status?html&full
+; http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+; pid - the PID of the process;
+; state - the state of the process (Idle, Running, ...);
+; start time - the date and time the process has started;
+; start since - the number of seconds since the process has started;
+; requests - the number of requests the process has served;
+; request duration - the duration in µs of the requests;
+; request method - the request method (GET, POST, ...);
+; request URI - the request URI with the query string;
+; content length - the content length of the request (only with POST);
+; user - the user (PHP_AUTH_USER) (or '-' if not set);
+; script - the main script called (or '-' if not set);
+; last request cpu - the %cpu the last request consumed
+; it's always 0 if the process is not in Idle state
+; because CPU calculation is done when the request
+; processing has terminated;
+; last request memory - the max amount of memory the last request consumed
+; it's always 0 if the process is not in Idle state
+; because memory calculation is done when the request
+; processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+; ************************
+; pid: 31330
+; state: Running
+; start time: 01/Jul/2011:17:53:49 +0200
+; start since: 63087
+; requests: 12808
+; request duration: 1250261
+; request method: GET
+; request URI: /test_mem.php?N=10000
+; content length: 0
+; user: -
+; script: /home/fat/web/docs/php/test_mem.php
+; last request cpu: 0.00
+; last request memory: 0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+; It's available in: /usr/share/php5/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+; anything, but it may not be a good idea to use the .php extension or it
+; may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+; anything, but it may not be a good idea to use the .php extension or it
+; may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+; %%: the '%' character
+; %C: %CPU used by the request
+; it can accept the following format:
+; - %{user}C for user CPU only
+; - %{system}C for system CPU only
+; - %{total}C for user + system CPU (default)
+; %d: time taken to serve the request
+; it can accept the following format:
+; - %{seconds}d (default)
+; - %{miliseconds}d
+; - %{mili}d
+; - %{microseconds}d
+; - %{micro}d
+; %e: an environment variable (same as $_ENV or $_SERVER)
+; it must be associated with embraces to specify the name of the env
+; variable. Some exemples:
+; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+; %f: script filename
+; %l: content-length of the request (for POST request only)
+; %m: request method
+; %M: peak of memory allocated by PHP
+; it can accept the following format:
+; - %{bytes}M (default)
+; - %{kilobytes}M
+; - %{kilo}M
+; - %{megabytes}M
+; - %{mega}M
+; %n: pool name
+; %o: output header
+; it must be associated with embraces to specify the name of the header:
+; - %{Content-Type}o
+; - %{X-Powered-By}o
+; - %{Transfert-Encoding}o
+; - ....
+; %p: PID of the child that serviced the request
+; %P: PID of the parent of the child that serviced the request
+; %q: the query string
+; %Q: the '?' character if query string exists
+; %r: the request URI (without the query string, see %q and %Q)
+; %R: remote IP address
+; %s: status (response code)
+; %t: server time the request was received
+; it can accept a strftime(3) format:
+; %d/%b/%Y:%H:%M:%S %z (default)
+; %T: time the log has been written (the request has finished)
+; it can accept a strftime(3) format:
+; %d/%b/%Y:%H:%M:%S %z (default)
+; %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+; possible. However, all PHP paths will be relative to the chroot
+; (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+chdir = /
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; exectute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+; php_value/php_flag - you can set classic ini defines which can
+; be overwritten from PHP call 'ini_set'.
+; php_admin_value/php_admin_flag - these directives won't be overwritten by
+; PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+; specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
--- /dev/null
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+; will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
+; a specific port;
+; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+; a specific port;
+; 'port' - to listen on a TCP socket to all IPv4 addresses on a
+; specific port;
+; '[::]:port' - to listen on a TCP socket to all addresses
+; (IPv6 and IPv4-mapped) on a specific port;
+; '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /var/run/php5-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 65535 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 65535
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions.
+; Default Values: user and group are set as the running user
+; mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+; - The pool processes will inherit the master process priority
+; unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+; static - a fixed number (pm.max_children) of child processes;
+; dynamic - the number of child processes are set dynamically based on the
+; following directives. With this process management, there will be
+; always at least 1 children.
+; pm.max_children - the maximum number of children that can
+; be alive at the same time.
+; pm.start_servers - the number of children created on startup.
+; pm.min_spare_servers - the minimum number of children in 'idle'
+; state (waiting to process). If the number
+; of 'idle' processes is less than this
+; number then some children will be created.
+; pm.max_spare_servers - the maximum number of children in 'idle'
+; state (waiting to process). If the number
+; of 'idle' processes is greater than this
+; number then some children will be killed.
+; ondemand - no children are created at startup. Children will be forked when
+; new requests will connect. The following parameter are used:
+; pm.max_children - the maximum number of children that
+; can be alive at the same time.
+; pm.process_idle_timeout - The number of seconds after which
+; an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+; pool - the name of the pool;
+; process manager - static, dynamic or ondemand;
+; start time - the date and time FPM has started;
+; start since - number of seconds since FPM has started;
+; accepted conn - the number of request accepted by the pool;
+; listen queue - the number of request in the queue of pending
+; connections (see backlog in listen(2));
+; max listen queue - the maximum number of requests in the queue
+; of pending connections since FPM has started;
+; listen queue len - the size of the socket queue of pending connections;
+; idle processes - the number of idle processes;
+; active processes - the number of active processes;
+; total processes - the number of idle + active processes;
+; max active processes - the maximum number of active processes since FPM
+; has started;
+; max children reached - number of times, the process limit has been reached,
+; when pm tries to start more children (works only for
+; pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+; pool: www
+; process manager: static
+; start time: 01/Jul/2011:17:53:49 +0200
+; start since: 62636
+; accepted conn: 190460
+; listen queue: 0
+; max listen queue: 1
+; listen queue len: 42
+; idle processes: 4
+; active processes: 11
+; total processes: 15
+; max active processes: 12
+; max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+; http://www.foo.bar/status
+; http://www.foo.bar/status?json
+; http://www.foo.bar/status?html
+; http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+; http://www.foo.bar/status?full
+; http://www.foo.bar/status?json&full
+; http://www.foo.bar/status?html&full
+; http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+; pid - the PID of the process;
+; state - the state of the process (Idle, Running, ...);
+; start time - the date and time the process has started;
+; start since - the number of seconds since the process has started;
+; requests - the number of requests the process has served;
+; request duration - the duration in µs of the requests;
+; request method - the request method (GET, POST, ...);
+; request URI - the request URI with the query string;
+; content length - the content length of the request (only with POST);
+; user - the user (PHP_AUTH_USER) (or '-' if not set);
+; script - the main script called (or '-' if not set);
+; last request cpu - the %cpu the last request consumed
+; it's always 0 if the process is not in Idle state
+; because CPU calculation is done when the request
+; processing has terminated;
+; last request memory - the max amount of memory the last request consumed
+; it's always 0 if the process is not in Idle state
+; because memory calculation is done when the request
+; processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+; ************************
+; pid: 31330
+; state: Running
+; start time: 01/Jul/2011:17:53:49 +0200
+; start since: 63087
+; requests: 12808
+; request duration: 1250261
+; request method: GET
+; request URI: /test_mem.php?N=10000
+; content length: 0
+; user: -
+; script: /home/fat/web/docs/php/test_mem.php
+; last request cpu: 0.00
+; last request memory: 0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+; It's available in: /usr/share/php5/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+; anything, but it may not be a good idea to use the .php extension or it
+; may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+; anything, but it may not be a good idea to use the .php extension or it
+; may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+; %%: the '%' character
+; %C: %CPU used by the request
+; it can accept the following format:
+; - %{user}C for user CPU only
+; - %{system}C for system CPU only
+; - %{total}C for user + system CPU (default)
+; %d: time taken to serve the request
+; it can accept the following format:
+; - %{seconds}d (default)
+; - %{miliseconds}d
+; - %{mili}d
+; - %{microseconds}d
+; - %{micro}d
+; %e: an environment variable (same as $_ENV or $_SERVER)
+; it must be associated with embraces to specify the name of the env
+; variable. Some exemples:
+; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+; %f: script filename
+; %l: content-length of the request (for POST request only)
+; %m: request method
+; %M: peak of memory allocated by PHP
+; it can accept the following format:
+; - %{bytes}M (default)
+; - %{kilobytes}M
+; - %{kilo}M
+; - %{megabytes}M
+; - %{mega}M
+; %n: pool name
+; %o: output header
+; it must be associated with embraces to specify the name of the header:
+; - %{Content-Type}o
+; - %{X-Powered-By}o
+; - %{Transfert-Encoding}o
+; - ....
+; %p: PID of the child that serviced the request
+; %P: PID of the parent of the child that serviced the request
+; %q: the query string
+; %Q: the '?' character if query string exists
+; %r: the request URI (without the query string, see %q and %Q)
+; %R: remote IP address
+; %s: status (response code)
+; %t: server time the request was received
+; it can accept a strftime(3) format:
+; %d/%b/%Y:%H:%M:%S %z (default)
+; %T: time the log has been written (the request has finished)
+; it can accept a strftime(3) format:
+; %d/%b/%Y:%H:%M:%S %z (default)
+; %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+; possible. However, all PHP paths will be relative to the chroot
+; (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+chdir = /
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; exectute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+; php_value/php_flag - you can set classic ini defines which can
+; be overwritten from PHP call 'ini_set'.
+; php_admin_value/php_admin_flag - these directives won't be overwritten by
+; PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+; specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
--- /dev/null
+; configuration for php CURL module
+; priority=20
+extension=curl.so
--- /dev/null
+; configuration for php GD module
+; priority=20
+extension=gd.so
--- /dev/null
+; configuration for php Internationalisation module
+; priority=20
+extension=intl.so
--- /dev/null
+; configuration for php json module
+; priority=20
+extension=json.so
--- /dev/null
+; configuration for php MCrypt module
+; priority=20
+extension=mcrypt.so
--- /dev/null
+; configuration for php MySQL module
+; priority=20
+extension=mysql.so
--- /dev/null
+; configuration for php MySQL module
+; priority=20
+extension=mysqli.so
--- /dev/null
+; configuration for php ZendOpcache module
+; priority=05
+zend_extension=opcache.so
--- /dev/null
+; configuration for php PDO module
+; priority=10
+extension=pdo.so
--- /dev/null
+; configuration for php MySQL module
+; priority=20
+extension=pdo_mysql.so
--- /dev/null
+# See man 5 aliases for format
+
+abuse: postmaster
+adm: root
+amavis: postmaster
+apache: webmaster
+apt: frank
+bind: hostmaster
+clamav: root
+daemon: root
+fail2ban: root
+f-brehm: frank
+f.brehm: frank
+fbr: frank
+fbrehm: frank
+frak: frank
+frank-brehm: frank
+frank.brehm: frank
+frank: frank@brehm-online.com
+hostmaster: root
+iredapd: root
+mail: postmaster
+mailer-daemon: postmaster
+me: frank
+nagios: root
+named: hostmaster
+news: root
+nginx: webmaster
+nobody: noreply
+noreply: /dev/null
+package: frank
+packages: frank
+portage: frank
+postfix: postmaster
+postmaster: frank@brehm-online.com
+root: frank
+security: root
+usenet: news
+uucp: root
+virusalert: root
+vmail: root
+webmaster: root
+www: webmaster
+www-data: webmaster
--- /dev/null
+# Postfix dynamic maps configuration file.
+#
+#type location of .so file open function (mkmap func)
+#==== ================================ ============= ============
+tcp /usr/lib/postfix/dict_tcp.so dict_tcp_open
+sqlite /usr/lib/postfix/dict_sqlite.so dict_sqlite_open
+mysql /usr/lib/postfix/dict_mysql.so dict_mysql_open
+pcre /usr/lib/postfix/dict_pcre.so dict_pcre_open
--- /dev/null
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail. If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+#
+# Sample Postfix check_helo_access rule. It should be localted at:
+# /etc/postfix/check_helo_access.pcre
+#
+# Shipped within iRedMail project:
+# * http://www.iredmail.org/
+#
+# Thanks all contributer(s):
+# * muniao <at> gamil.
+#
+
+# Prepend HELO hostname of sender server
+#/(.*)/ PREPEND X-Original-Helo: $1 (iRedMail: http://www.iredmail.org/)
+
+# No one will use these in helo command.
+/^(localhost)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/^(localhost.localdomain)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(\.local)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+
+# Reject who use IP address as helo.
+# Correct: [xxx.xxx.xxx.xxx]
+# Incorrect: xxx.xxx.xxx.xxx
+/^([0-9\.]+)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server sent non RFC compliant HELO identity (${1})
+
+#
+# This is the real HELO identify of these ISPs:
+# sohu.com websmtp.sohu.com relay2nd.mail.sohu.com
+# 126.com m15-78.126.com
+# 163.com m31-189.vip.163.com m13-49.163.com
+# sina.com mail2-209.sinamail.sina.com.cn
+# gmail.com xx-out-NNNN.google.com
+/^(126\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(163\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(163\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(sohu\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(gmail\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(google\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(yahoo\.com\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+/^(yahoo\.co\.jp)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server seems to be impersonating another mail server (${1})
+
+#
+# Spammers.
+#
+/^(728154EA470B4AA\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(taj-co\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(CF8D3DB045C1455\.net)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(dsgsfdg\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(se\.nit7-ngbo\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(mail\.goo\.ne\.jp)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(n-ong_an\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(meqail\.teamefs-ine5tl\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(zzg\.jhf-sp\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(din_glo-ng\.net)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(fda-cnc\.ie\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(yrtaj-yrco\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(m\.am\.biz\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(xr_haig\.roup\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(hjn\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(we_blf\.com\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(netvigator\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(mysam\.biz)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(mail\.teams-intl\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(seningbo\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(nblf\.com\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(kdn\.ktguide\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(zzsp\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(nblongan\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(dpu\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(nbalton\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(cncie\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(xinhaigroup\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/^(wz\.com)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/(\.zj\.cn)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+/(\.kornet)$/ REJECT ACCESS DENIED. Your email was rejected because it appears to come from a known spamming mail server (${1})
+
+/^(dsldevice\.lan)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/^(system\.mail)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/^(speedtouch\.lan)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/^(dsldevice\.lan)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+
+#
+# Reject adsl spammers.
+#
+# match word `adsl` with word boundary `\b`.
+/(\badsl\b)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(\d{1,3}\.ip\.-\d{1,3}-\d{1,3}-\d{1,3}\.eu)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(pppoe)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(dsl\.brasiltelecom\.net\.br)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(dsl\.optinet\.hr)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(dsl\.telesp\.net\.br)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(dialup)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(dhcp)/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(static-pool-[\d\.-]*\.flagman\.zp\.ua)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+
+/(speedy\.com\.ar)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(speedyterra\.com\.br)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(static\.sbb\.rs)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+/(static\.vsnl\.net\.in)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (${1})
+
+/(advance\.com\.ar)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(airtelbroadband\.in)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(bb\.netvision\.net\.il)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(broadband3\.iol\.cz)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(cable\.net\.co)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(catv\.broadband\.hu)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(chello\.nl)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(chello\.sk)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(client\.mchsi\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(comunitel\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(coprosys\.cz)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(dclient\.hispeed\.ch)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(dip0\.t-ipconnect\.de)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(domain\.invalid)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(dyn\.centurytel\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(embarqhsd\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(emcali\.net\.co)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(epm\.net\.co)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(eutelia\.it)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(fastwebnet\.it)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(fibertel\.com\.ar)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(freedom2surf\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(hgcbroadband\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(HINET-IP\.hinet\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(infonet\.by)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(is74\.ru)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(kievnet\.com\.ua)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(metrotel\.net\.co)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(nw\.nuvox\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(pldt\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(pool\.invitel\.hu)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(pool\.ukrtel\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(pools\.arcor-ip\.net)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(pppoe\.avangarddsl\.ru)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(retail\.telecomitalia\.it)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(revip2\.asianet\.co\.th)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(tim\.ro)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(tsi\.tychy\.pl)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(ttnet\.net\.tr)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(tttmaxnet\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(user\.veloxzone\.com\.br)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(utk\.ru)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(veloxzone\.com\.br)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(virtua\.com\.br)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(wanamaroc\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(wbt\.ru)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(wireless\.iaw\.on\.ca)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(business\.telecomitalia\.it)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(cotas\.com\.bo)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(marunouchi\.tokyo\.ocn\.ne\.jp)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(amedex\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
+/(aageneva\.com)$/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server does not identify itself correctly (${1})
--- /dev/null
+# --------------------
+# INSTALL-TIME CONFIGURATION INFORMATION
+#
+# location of the Postfix queue. Default is /var/spool/postfix.
+queue_directory = /var/spool/postfix
+
+# location of all postXXX commands. Default is /usr/sbin.
+command_directory = /usr/sbin
+
+# location of all Postfix daemon programs (i.e. programs listed in the
+# master.cf file). This directory must be owned by root.
+# Default is /usr/libexec/postfix
+daemon_directory = /usr/lib/postfix
+
+# location of Postfix-writable data files (caches, random numbers).
+# This directory must be owned by the mail_owner account (see below).
+# Default is /var/lib/postfix.
+data_directory = /var/lib/postfix
+
+# owner of the Postfix queue and of most Postfix daemon processes.
+# Specify the name of a user account THAT DOES NOT SHARE ITS USER OR GROUP ID
+# WITH OTHER ACCOUNTS AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM.
+# In particular, don't specify nobody or daemon. PLEASE USE A DEDICATED USER.
+# Default is postfix.
+mail_owner = postfix
+
+# The following parameters are used when installing a new Postfix version.
+#
+# sendmail_path: The full pathname of the Postfix sendmail command.
+# This is the Sendmail-compatible mail posting interface.
+#
+sendmail_path = /usr/sbin/sendmail
+
+# newaliases_path: The full pathname of the Postfix newaliases command.
+# This is the Sendmail-compatible command to build alias databases.
+#
+newaliases_path = /usr/bin/newaliases
+
+# full pathname of the Postfix mailq command. This is the Sendmail-compatible
+# mail queue listing command.
+mailq_path = /usr/bin/mailq
+
+# group for mail submission and queue management commands.
+# This must be a group name with a numerical group ID that is not shared with
+# other accounts, not even with the Postfix account.
+setgid_group = postdrop
+
+# external command that is executed when a Postfix daemon program is run with
+# the -D option.
+#
+# Use "command .. & sleep 5" so that the debugger can attach before
+# the process marches on. If you use an X-based debugger, be sure to
+# set up your XAUTHORITY environment variable before starting Postfix.
+#
+debugger_command =
+ PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+ ddd $daemon_directory/$process_name $process_id & sleep 5
+
+debug_peer_level = 2
+
+# --------------------
+# CUSTOM SETTINGS
+#
+
+# SMTP server response code when recipient or domain not found.
+unknown_local_recipient_reject_code = 550
+
+# Do not notify local user.
+biff = no
+
+# Disable the rewriting of "site!user" into "user@site".
+swap_bangpath = no
+
+# Disable the rewriting of the form "user%domain" to "user@domain".
+allow_percent_hack = no
+
+# Allow recipient address start with '-'.
+allow_min_user = no
+
+# Disable the SMTP VRFY command. This stops some techniques used to
+# harvest email addresses.
+disable_vrfy_command = yes
+
+# Enable both IPv4 and/or IPv6: ipv4, ipv6, all.
+inet_protocols = all
+
+# Enable all network interfaces.
+inet_interfaces = all
+
+#
+# TLS settings.
+#
+# SSL key, certificate, CA
+#
+smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
+smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt
+smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt
+
+#
+# Disable SSLv2, SSLv3
+#
+smtpd_tls_protocols = !SSLv2 !SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
+smtp_tls_protocols = !SSLv2 !SSLv3
+smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
+lmtp_tls_protocols = !SSLv2 !SSLv3
+lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
+
+#
+# Fix 'The Logjam Attack'.
+#
+smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
+smtpd_tls_dh512_param_file = /etc/ssl/dh512_param.pem
+smtpd_tls_dh1024_param_file = /etc/ssl/dh2048_param.pem
+
+tls_random_source = dev:/dev/urandom
+
+# Log only a summary message on TLS handshake completion — no logging of client
+# certificate trust-chain verification errors if client certificate
+# verification is not required. With Postfix 2.8 and earlier, log the summary
+# message, peer certificate summary information and unconditionally log
+# trust-chain verification errors.
+smtp_tls_loglevel = 1
+smtpd_tls_loglevel = 1
+
+# Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do
+# not require that clients use TLS encryption.
+smtpd_tls_security_level = may
+
+# Produce `Received:` message headers that include information about the
+# protocol and cipher used, as well as the remote SMTP client CommonName and
+# client certificate issuer CommonName.
+# This is disabled by default, as the information may be modified in transit
+# through other mail servers. Only information that was recorded by the final
+# destination can be trusted.
+#smtpd_tls_received_header = yes
+
+# Opportunistic TLS, used when Postfix sends email to remote SMTP server.
+# Use TLS if this is supported by the remote SMTP server, otherwise use
+# plaintext.
+# References:
+# - http://www.postfix.org/TLS_README.html#client_tls_may
+# - http://www.postfix.org/postconf.5.html#smtp_tls_security_level
+smtp_tls_security_level = may
+
+# Use the same CA file as smtpd.
+smtp_tls_CAfile = $smtpd_tls_CAfile
+smtp_tls_note_starttls_offer = yes
+
+# Enable long, non-repeating, queue IDs (queue file names).
+# The benefit of non-repeating names is simpler logfile analysis and easier
+# queue migration (there is no need to run "postsuper" to change queue file
+# names that don't match their message file inode number).
+#enable_long_queue_ids = yes
+
+# Reject unlisted sender and recipient
+smtpd_reject_unlisted_recipient = yes
+smtpd_reject_unlisted_sender = yes
+
+# Header and body checks with PCRE table
+header_checks = pcre:/etc/postfix/header_checks
+body_checks = pcre:/etc/postfix/body_checks.pcre
+
+# HELO restriction
+smtpd_helo_required = yes
+smtpd_helo_restrictions =
+ permit_mynetworks
+ permit_sasl_authenticated
+ reject_non_fqdn_helo_hostname
+ reject_invalid_helo_hostname
+ check_helo_access pcre:/etc/postfix/helo_access.pcre
+
+# Sender restrictions
+smtpd_sender_restrictions =
+ reject_unknown_sender_domain
+ reject_non_fqdn_sender
+ reject_unlisted_sender
+ permit_mynetworks
+ permit_sasl_authenticated
+ check_sender_access pcre:/etc/postfix/sender_access.pcre
+
+# Recipient restrictions
+smtpd_recipient_restrictions =
+ reject_unknown_recipient_domain
+ reject_non_fqdn_recipient
+ reject_unlisted_recipient
+ check_policy_service inet:127.0.0.1:7777
+ permit_mynetworks
+ permit_sasl_authenticated
+ reject_unauth_destination
+
+# Data restrictions
+smtpd_data_restrictions = reject_unauth_pipelining
+
+# END-OF-MESSAGE restrictions
+smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
+
+proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
+
+# Avoid duplicate recipient messages. Default is 'yes'.
+enable_original_recipient = no
+
+# Virtual support.
+virtual_minimum_uid = 2000
+virtual_uid_maps = static:2000
+virtual_gid_maps = static:2000
+virtual_mailbox_base = /home/vmail
+
+# Do not set virtual_alias_domains.
+virtual_alias_domains =
+
+#
+# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
+# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
+# be forced to submit email through port 587 instead.
+#
+#smtpd_sasl_auth_enable = yes
+#smtpd_tls_auth_only = yes
+#smtpd_sasl_security_options = noanonymous
+
+# hostname
+myhostname = sarah.uhu-banane.de
+myorigin = sarah.uhu-banane.de
+mydomain = sarah.uhu-banane.de
+
+# trusted SMTP clients which are allowed to relay mail through Postfix.
+#
+# Note: additional IP addresses/networks listed in mynetworks should be listed
+# in iRedAPD setting 'MYNETWORKS' too. for example:
+#
+# MYNETWORKS = ['xx.xx.xx.xx', 'xx.xx.xx.0/24', ...]
+#
+mynetworks = 127.0.0.1
+
+# Accepted local emails
+mydestination = $myhostname, localhost, localhost.localdomain
+
+alias_maps = hash:/etc/postfix/aliases
+alias_database = hash:/etc/postfix/aliases
+
+# Default message_size_limit.
+message_size_limit = 15728640
+
+# The set of characters that can separate a user name from its extension
+# (example: user+foo), or a .forward file name from its extension (example:
+# .forward+foo).
+# Postfix 2.11 and later supports multiple characters.
+recipient_delimiter = +
+
+#
+# Lookup virtual mail accounts
+#
+transport_maps =
+ proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
+
+sender_dependent_relayhost_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf
+
+# Lookup table with the SASL login names that own the sender (MAIL FROM) addresses.
+smtpd_sender_login_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
+
+virtual_mailbox_domains =
+ proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
+
+relay_domains =
+ $mydestination
+ proxy:mysql:/etc/postfix/mysql/relay_domains.cf
+
+virtual_mailbox_maps =
+ proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
+
+virtual_alias_maps =
+ proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf
+ proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf
+ proxy:mysql:/etc/postfix/mysql/catchall_maps.cf
+ proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
+
+sender_bcc_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
+
+recipient_bcc_maps =
+ proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
+postscreen_dnsbl_threshold = 2
+postscreen_dnsbl_sites = zen.spamhaus.org*3 b.barracudacentral.org*2
+postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply
+postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
+postscreen_greet_action = enforce
+postscreen_dnsbl_action = enforce
+postscreen_blacklist_action = enforce
+postscreen_dnsbl_whitelist_threshold = -2
+#
+# Dovecot SASL support.
+#
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/dovecot-auth
+virtual_transport = dovecot
+dovecot_destination_recipient_limit = 1
+content_filter = smtp-amavis:[127.0.0.1]:10024
+smtp-amavis_destination_recipient_limit = 1
--- /dev/null
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific: Specifying a file name will cause the first
+# line of that file to be used as the name. The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
+myhostname = sarah.uhu-banane.de
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = sarah.uhu-banane.de, localhost.uhu-banane.de, , localhost
+relayhost =
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
--- /dev/null
+# --------------------
+# INSTALL-TIME CONFIGURATION INFORMATION
+#
+# location of the Postfix queue. Default is /var/spool/postfix.
+queue_directory = /var/spool/postfix
+
+# location of all postXXX commands. Default is /usr/sbin.
+command_directory = /usr/sbin
+
+# location of all Postfix daemon programs (i.e. programs listed in the
+# master.cf file). This directory must be owned by root.
+# Default is /usr/libexec/postfix
+daemon_directory = /usr/lib/postfix
+
+# location of Postfix-writable data files (caches, random numbers).
+# This directory must be owned by the mail_owner account (see below).
+# Default is /var/lib/postfix.
+data_directory = /var/lib/postfix
+
+# owner of the Postfix queue and of most Postfix daemon processes.
+# Specify the name of a user account THAT DOES NOT SHARE ITS USER OR GROUP ID
+# WITH OTHER ACCOUNTS AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM.
+# In particular, don't specify nobody or daemon. PLEASE USE A DEDICATED USER.
+# Default is postfix.
+mail_owner = postfix
+
+# The following parameters are used when installing a new Postfix version.
+#
+# sendmail_path: The full pathname of the Postfix sendmail command.
+# This is the Sendmail-compatible mail posting interface.
+#
+sendmail_path = /usr/sbin/sendmail
+
+# newaliases_path: The full pathname of the Postfix newaliases command.
+# This is the Sendmail-compatible command to build alias databases.
+#
+newaliases_path = /usr/bin/newaliases
+
+# full pathname of the Postfix mailq command. This is the Sendmail-compatible
+# mail queue listing command.
+mailq_path = /usr/bin/mailq
+
+# group for mail submission and queue management commands.
+# This must be a group name with a numerical group ID that is not shared with
+# other accounts, not even with the Postfix account.
+setgid_group = postdrop
+
+# external command that is executed when a Postfix daemon program is run with
+# the -D option.
+#
+# Use "command .. & sleep 5" so that the debugger can attach before
+# the process marches on. If you use an X-based debugger, be sure to
+# set up your XAUTHORITY environment variable before starting Postfix.
+#
+debugger_command =
+ PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+ ddd $daemon_directory/$process_name $process_id & sleep 5
+
+debug_peer_level = 2
+
+# --------------------
+# CUSTOM SETTINGS
+#
+
+# SMTP server response code when recipient or domain not found.
+unknown_local_recipient_reject_code = 550
+
+# Do not notify local user.
+biff = no
+
+# Disable the rewriting of "site!user" into "user@site".
+swap_bangpath = no
+
+# Disable the rewriting of the form "user%domain" to "user@domain".
+allow_percent_hack = no
+
+# Allow recipient address start with '-'.
+allow_min_user = no
+
+# Disable the SMTP VRFY command. This stops some techniques used to
+# harvest email addresses.
+disable_vrfy_command = yes
+
+# Enable both IPv4 and/or IPv6: ipv4, ipv6, all.
+inet_protocols = all
+
+# Enable all network interfaces.
+inet_interfaces = all
+
+#
+# TLS settings.
+#
+# SSL key, certificate, CA
+#
+smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
+smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt
+smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt
+
+#
+# Disable SSLv2, SSLv3
+#
+smtpd_tls_protocols = !SSLv2 !SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
+smtp_tls_protocols = !SSLv2 !SSLv3
+smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
+lmtp_tls_protocols = !SSLv2 !SSLv3
+lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
+
+#
+# Fix 'The Logjam Attack'.
+#
+smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
+smtpd_tls_dh512_param_file = /etc/ssl/dh512_param.pem
+smtpd_tls_dh1024_param_file = /etc/ssl/dh2048_param.pem
+
+tls_random_source = dev:/dev/urandom
+
+# Log only a summary message on TLS handshake completion — no logging of client
+# certificate trust-chain verification errors if client certificate
+# verification is not required. With Postfix 2.8 and earlier, log the summary
+# message, peer certificate summary information and unconditionally log
+# trust-chain verification errors.
+smtp_tls_loglevel = 1
+smtpd_tls_loglevel = 1
+
+# Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do
+# not require that clients use TLS encryption.
+smtpd_tls_security_level = may
+
+# Produce `Received:` message headers that include information about the
+# protocol and cipher used, as well as the remote SMTP client CommonName and
+# client certificate issuer CommonName.
+# This is disabled by default, as the information may be modified in transit
+# through other mail servers. Only information that was recorded by the final
+# destination can be trusted.
+#smtpd_tls_received_header = yes
+
+# Opportunistic TLS, used when Postfix sends email to remote SMTP server.
+# Use TLS if this is supported by the remote SMTP server, otherwise use
+# plaintext.
+# References:
+# - http://www.postfix.org/TLS_README.html#client_tls_may
+# - http://www.postfix.org/postconf.5.html#smtp_tls_security_level
+smtp_tls_security_level = may
+
+# Use the same CA file as smtpd.
+smtp_tls_CAfile = $smtpd_tls_CAfile
+smtp_tls_note_starttls_offer = yes
+
+# Enable long, non-repeating, queue IDs (queue file names).
+# The benefit of non-repeating names is simpler logfile analysis and easier
+# queue migration (there is no need to run "postsuper" to change queue file
+# names that don't match their message file inode number).
+#enable_long_queue_ids = yes
+
+# Reject unlisted sender and recipient
+smtpd_reject_unlisted_recipient = yes
+smtpd_reject_unlisted_sender = yes
+
+# Header and body checks with PCRE table
+header_checks = pcre:/etc/postfix/header_checks
+body_checks = pcre:/etc/postfix/body_checks.pcre
+
+# HELO restriction
+smtpd_helo_required = yes
+smtpd_helo_restrictions =
+ permit_mynetworks
+ permit_sasl_authenticated
+ reject_non_fqdn_helo_hostname
+ reject_invalid_helo_hostname
+ check_helo_access pcre:/etc/postfix/helo_access.pcre
+
+# Sender restrictions
+smtpd_sender_restrictions =
+ reject_unknown_sender_domain
+ reject_non_fqdn_sender
+ reject_unlisted_sender
+ permit_mynetworks
+ permit_sasl_authenticated
+ check_sender_access pcre:/etc/postfix/sender_access.pcre
+
+# Recipient restrictions
+smtpd_recipient_restrictions =
+ reject_unknown_recipient_domain
+ reject_non_fqdn_recipient
+ reject_unlisted_recipient
+ check_policy_service inet:127.0.0.1:7777
+ permit_mynetworks
+ permit_sasl_authenticated
+ reject_unauth_destination
+
+# Data restrictions
+smtpd_data_restrictions = reject_unauth_pipelining
+
+# END-OF-MESSAGE restrictions
+smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
+
+proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
+
+# Avoid duplicate recipient messages. Default is 'yes'.
+enable_original_recipient = no
+
+# Virtual support.
+virtual_minimum_uid = 2000
+virtual_uid_maps = static:2000
+virtual_gid_maps = static:2000
+virtual_mailbox_base = /home/vmail
+
+# Do not set virtual_alias_domains.
+virtual_alias_domains =
+
+#
+# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
+# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
+# be forced to submit email through port 587 instead.
+#
+#smtpd_sasl_auth_enable = yes
+#smtpd_tls_auth_only = yes
+#smtpd_sasl_security_options = noanonymous
+
+# hostname
+myhostname = sarah.uhu-banane.de
+myorigin = sarah.uhu-banane.de
+mydomain = sarah.uhu-banane.de
+
+# trusted SMTP clients which are allowed to relay mail through Postfix.
+#
+# Note: additional IP addresses/networks listed in mynetworks should be listed
+# in iRedAPD setting 'MYNETWORKS' too. for example:
+#
+# MYNETWORKS = ['xx.xx.xx.xx', 'xx.xx.xx.0/24', ...]
+#
+mynetworks = 127.0.0.1
+
+# Accepted local emails
+mydestination = $myhostname, localhost, localhost.localdomain
+
+alias_maps = hash:/etc/postfix/aliases
+alias_database = hash:/etc/postfix/aliases
+
+# Default message_size_limit.
+message_size_limit = 15728640
+
+# The set of characters that can separate a user name from its extension
+# (example: user+foo), or a .forward file name from its extension (example:
+# .forward+foo).
+# Postfix 2.11 and later supports multiple characters.
+recipient_delimiter = +
+
+#
+# Lookup virtual mail accounts
+#
+transport_maps =
+ proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
+
+sender_dependent_relayhost_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf
+
+# Lookup table with the SASL login names that own the sender (MAIL FROM) addresses.
+smtpd_sender_login_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
+
+virtual_mailbox_domains =
+ proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
+
+relay_domains =
+ $mydestination
+ proxy:mysql:/etc/postfix/mysql/relay_domains.cf
+
+virtual_mailbox_maps =
+ proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
+
+virtual_alias_maps =
+ proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf
+ proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf
+ proxy:mysql:/etc/postfix/mysql/catchall_maps.cf
+ proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
+
+sender_bcc_maps =
+ proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
+
+recipient_bcc_maps =
+ proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf
+ proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
--- /dev/null
+#
+# Postfix master process configuration file. For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type private unpriv chroot wakeup maxproc command + args
+# (yes) (yes) (yes) (never) (100)
+# ==========================================================================
+#smtp inet n - - - - smtpd
+smtp inet n - - - 1 postscreen
+smtpd pass - - - - - smtpd
+dnsblog unix - - - - 0 dnsblog
+tlsproxy unix - - - - 0 tlsproxy
+#submission inet n - - - - smtpd
+# -o syslog_name=postfix/submission
+# -o smtpd_tls_security_level=encrypt
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#smtps inet n - - - - smtpd
+# -o syslog_name=postfix/smtps
+# -o smtpd_tls_wrappermode=yes
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#628 inet n - - - - qmqpd
+pickup unix n - - 60 1 pickup
+cleanup unix n - - - 0 cleanup
+qmgr unix n - n 300 1 qmgr
+#qmgr unix n - n 300 1 oqmgr
+tlsmgr unix - - - 1000? 1 tlsmgr
+rewrite unix - - - - - trivial-rewrite
+bounce unix - - - - 0 bounce
+defer unix - - - - 0 bounce
+trace unix - - - - 0 bounce
+verify unix - - - - 1 verify
+flush unix n - - 1000? 0 flush
+proxymap unix - - n - - proxymap
+proxywrite unix - - n - 1 proxymap
+smtp unix - - - - - smtp
+relay unix - - - - - smtp
+# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq unix n - - - - showq
+error unix - - - - - error
+retry unix - - - - - error
+discard unix - - - - - discard
+local unix - n n - - local
+virtual unix - n n - - virtual
+lmtp unix - - - - - lmtp
+anvil unix - - - - 1 anvil
+scache unix - - - - 1 scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent. See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop unix - n n - - pipe
+ flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+# mailbox_transport = lmtp:inet:localhost
+# virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus unix - n n - - pipe
+# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix - n n - - pipe
+# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp unix - n n - - pipe
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail unix - n n - - pipe
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp unix - n n - - pipe
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix - n n - 2 pipe
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman unix - n n - - pipe
+ flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+ ${nexthop} ${user}
+
+# Submission, port 587, force TLS connection.
+submission inet n - n - - smtpd
+ -o syslog_name=postfix/submission
+ -o smtpd_tls_security_level=encrypt
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
+ -o content_filter=smtp-amavis:[127.0.0.1]:10026
+
+# Use dovecot's `deliver` program as LDA.
+dovecot unix - n n - - pipe
+ flags=DRh user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -m ${extension}
+
+# Amavisd integration.
+smtp-amavis unix - - n - 2 smtp
+ -o smtp_data_done_timeout=1200
+ -o smtp_send_xforward_command=yes
+ -o disable_dns_lookups=yes
+ -o max_use=20
+
+127.0.0.1:10025 inet n - n - - smtpd
+ -o content_filter=
+ -o mynetworks_style=host
+ -o mynetworks=127.0.0.0/8
+ -o local_recipient_maps=
+ -o relay_recipient_maps=
+ -o strict_rfc821_envelopes=yes
+ -o smtp_tls_security_level=none
+ -o smtpd_tls_security_level=none
+ -o smtpd_restriction_classes=
+ -o smtpd_delay_reject=no
+ -o smtpd_client_restrictions=permit_mynetworks,reject
+ -o smtpd_helo_restrictions=
+ -o smtpd_sender_restrictions=
+ -o smtpd_recipient_restrictions=permit_mynetworks,reject
+ -o smtpd_end_of_data_restrictions=
+ -o smtpd_error_sleep_time=0
+ -o smtpd_soft_error_limit=1001
+ -o smtpd_hard_error_limit=1000
+ -o smtpd_client_connection_count_limit=0
+ -o smtpd_client_connection_rate_limit=0
+ -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
--- /dev/null
+#
+# Postfix master process configuration file. For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type private unpriv chroot wakeup maxproc command + args
+# (yes) (yes) (yes) (never) (100)
+# ==========================================================================
+smtp inet n - - - - smtpd
+#smtp inet n - - - 1 postscreen
+#smtpd pass - - - - - smtpd
+#dnsblog unix - - - - 0 dnsblog
+#tlsproxy unix - - - - 0 tlsproxy
+#submission inet n - - - - smtpd
+# -o syslog_name=postfix/submission
+# -o smtpd_tls_security_level=encrypt
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#smtps inet n - - - - smtpd
+# -o syslog_name=postfix/smtps
+# -o smtpd_tls_wrappermode=yes
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#628 inet n - - - - qmqpd
+pickup unix n - - 60 1 pickup
+cleanup unix n - - - 0 cleanup
+qmgr unix n - n 300 1 qmgr
+#qmgr unix n - n 300 1 oqmgr
+tlsmgr unix - - - 1000? 1 tlsmgr
+rewrite unix - - - - - trivial-rewrite
+bounce unix - - - - 0 bounce
+defer unix - - - - 0 bounce
+trace unix - - - - 0 bounce
+verify unix - - - - 1 verify
+flush unix n - - 1000? 0 flush
+proxymap unix - - n - - proxymap
+proxywrite unix - - n - 1 proxymap
+smtp unix - - - - - smtp
+relay unix - - - - - smtp
+# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq unix n - - - - showq
+error unix - - - - - error
+retry unix - - - - - error
+discard unix - - - - - discard
+local unix - n n - - local
+virtual unix - n n - - virtual
+lmtp unix - - - - - lmtp
+anvil unix - - - - 1 anvil
+scache unix - - - - 1 scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent. See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop unix - n n - - pipe
+ flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+# mailbox_transport = lmtp:inet:localhost
+# virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus unix - n n - - pipe
+# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix - n n - - pipe
+# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp unix - n n - - pipe
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail unix - n n - - pipe
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp unix - n n - - pipe
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix - n n - 2 pipe
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman unix - n n - - pipe
+ flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+ ${nexthop} ${user}
+
--- /dev/null
+#
+# Postfix master process configuration file. For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type private unpriv chroot wakeup maxproc command + args
+# (yes) (yes) (yes) (never) (100)
+# ==========================================================================
+smtp inet n - - - - smtpd
+#smtp inet n - - - 1 postscreen
+#smtpd pass - - - - - smtpd
+#dnsblog unix - - - - 0 dnsblog
+#tlsproxy unix - - - - 0 tlsproxy
+#submission inet n - - - - smtpd
+# -o syslog_name=postfix/submission
+# -o smtpd_tls_security_level=encrypt
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#smtps inet n - - - - smtpd
+# -o syslog_name=postfix/smtps
+# -o smtpd_tls_wrappermode=yes
+# -o smtpd_sasl_auth_enable=yes
+# -o smtpd_reject_unlisted_recipient=no
+# -o smtpd_client_restrictions=$mua_client_restrictions
+# -o smtpd_helo_restrictions=$mua_helo_restrictions
+# -o smtpd_sender_restrictions=$mua_sender_restrictions
+# -o smtpd_recipient_restrictions=
+# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+# -o milter_macro_daemon_name=ORIGINATING
+#628 inet n - - - - qmqpd
+pickup unix n - - 60 1 pickup
+cleanup unix n - - - 0 cleanup
+qmgr unix n - n 300 1 qmgr
+#qmgr unix n - n 300 1 oqmgr
+tlsmgr unix - - - 1000? 1 tlsmgr
+rewrite unix - - - - - trivial-rewrite
+bounce unix - - - - 0 bounce
+defer unix - - - - 0 bounce
+trace unix - - - - 0 bounce
+verify unix - - - - 1 verify
+flush unix n - - 1000? 0 flush
+proxymap unix - - n - - proxymap
+proxywrite unix - - n - 1 proxymap
+smtp unix - - - - - smtp
+relay unix - - - - - smtp
+# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq unix n - - - - showq
+error unix - - - - - error
+retry unix - - - - - error
+discard unix - - - - - discard
+local unix - n n - - local
+virtual unix - n n - - virtual
+lmtp unix - - - - - lmtp
+anvil unix - - - - 1 anvil
+scache unix - - - - 1 scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent. See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop unix - n n - - pipe
+ flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+# mailbox_transport = lmtp:inet:localhost
+# virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus unix - n n - - pipe
+# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix - n n - - pipe
+# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp unix - n n - - pipe
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail unix - n n - - pipe
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp unix - n n - - pipe
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix - n n - 2 pipe
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman unix - n n - - pipe
+ flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+ ${nexthop} ${user}
+
+# Submission, port 587, force TLS connection.
+submission inet n - n - - smtpd
+ -o syslog_name=postfix/submission
+ -o smtpd_tls_security_level=encrypt
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
+ -o content_filter=smtp-amavis:[127.0.0.1]:10026
+
+# Use dovecot's `deliver` program as LDA.
+dovecot unix - n n - - pipe
+ flags=DRh user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${domain} -m ${extension}
+
+# Amavisd integration.
+smtp-amavis unix - - n - 2 smtp
+ -o smtp_data_done_timeout=1200
+ -o smtp_send_xforward_command=yes
+ -o disable_dns_lookups=yes
+ -o max_use=20
+
+127.0.0.1:10025 inet n - n - - smtpd
+ -o content_filter=
+ -o mynetworks_style=host
+ -o mynetworks=127.0.0.0/8
+ -o local_recipient_maps=
+ -o relay_recipient_maps=
+ -o strict_rfc821_envelopes=yes
+ -o smtp_tls_security_level=none
+ -o smtpd_tls_security_level=none
+ -o smtpd_restriction_classes=
+ -o smtpd_delay_reject=no
+ -o smtpd_client_restrictions=permit_mynetworks,reject
+ -o smtpd_helo_restrictions=
+ -o smtpd_sender_restrictions=
+ -o smtpd_recipient_restrictions=permit_mynetworks,reject
+ -o smtpd_end_of_data_restrictions=
+ -o smtpd_error_sleep_time=0
+ -o smtpd_soft_error_limit=1001
+ -o smtpd_hard_error_limit=1000
+ -o smtpd_client_connection_count_limit=0
+ -o smtpd_client_connection_rate_limit=0
+ -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT alias.goto FROM alias,domain WHERE alias.address='%d' AND '%u' NOT LIKE '%%+%%' AND alias.address=domain.domain AND alias.active=1 AND domain.active=1 AND domain.backupmx=0
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT alias.goto FROM alias,alias_domain,domain WHERE alias_domain.alias_domain='%d' AND alias.address=alias_domain.target_domain AND alias_domain.target_domain=domain.domain AND alias.active=1 AND alias_domain.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT alias.goto FROM alias,alias_domain,domain WHERE alias_domain.alias_domain='%d' AND alias.address=CONCAT('%u', '@', alias_domain.target_domain) AND alias_domain.target_domain=domain.domain AND alias.active=1 AND alias_domain.active=1 AND domain.backupmx=0
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT bcc_address FROM recipient_bcc_domain WHERE domain='%d' AND active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT recipient_bcc_user.bcc_address FROM recipient_bcc_user,domain WHERE recipient_bcc_user.username='%s' AND recipient_bcc_user.domain='%d' AND recipient_bcc_user.domain=domain.domain AND domain.backupmx=0 AND domain.active=1 AND recipient_bcc_user.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT domain FROM domain WHERE domain='%s' AND backupmx=1 AND active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT bcc_address FROM sender_bcc_domain WHERE domain='%d' AND active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT sender_bcc_user.bcc_address FROM sender_bcc_user,domain WHERE sender_bcc_user.username='%s' AND sender_bcc_user.domain='%d' AND sender_bcc_user.domain=domain.domain AND domain.backupmx=0 AND domain.active=1 AND sender_bcc_user.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT relayhost FROM sender_relayhost WHERE account='%s' LIMIT 1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT mailbox.username FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.domain='%d' AND mailbox.domain=domain.domain AND mailbox.enablesmtp=1 AND mailbox.active=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT transport FROM domain WHERE domain='%s' AND active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT mailbox.transport FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.domain='%d' AND mailbox.domain=domain.domain AND mailbox.transport<>'' AND mailbox.active=1 AND mailbox.enabledeliver=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT alias.goto FROM alias,domain WHERE alias.address='%s' AND alias.domain='%d' AND alias.domain=domain.domain AND alias.active=1 AND domain.backupmx=0 AND domain.active=1
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT domain FROM domain WHERE domain='%s' AND backupmx=0 AND active=1 UNION SELECT alias_domain.alias_domain FROM alias_domain,domain WHERE alias_domain.alias_domain='%s' AND alias_domain.active=1 AND alias_domain.target_domain=domain.domain AND domain.active=1 AND domain.backupmx=0
--- /dev/null
+hosts = 127.0.0.1
+port = 3306
+user = vmail
+password = 511f8COpWlgTgNlxW5N5AIyqZ5LkJG
+dbname = vmail
+query = SELECT CONCAT(mailbox.storagenode, '/', mailbox.maildir, '/Maildir/') FROM mailbox,domain WHERE mailbox.username='%s' AND mailbox.active=1 AND mailbox.enabledeliver=1 AND domain.domain = mailbox.domain AND domain.active=1
--- /dev/null
+#!/bin/sh
+
+# To view the formatted manual page of this file, type:
+# POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man
+
+#++
+# NAME
+# post-install
+# SUMMARY
+# Postfix post-installation script
+# SYNOPSIS
+# postfix post-install [name=value] command ...
+# DESCRIPTION
+# The post-install script performs the finishing touch of a Postfix
+# installation, after the executable programs and configuration
+# files are installed. Usage is one of the following:
+# .IP o
+# While installing Postfix from source code on the local machine, the
+# script is run by the postfix-install script to update selected file
+# or directory permissions and to update Postfix configuration files.
+# .IP o
+# While installing Postfix from a pre-built package, the script is run
+# by the package management procedure to set all file or directory
+# permissions and to update Postfix configuration files.
+# .IP o
+# The script can be used to change installation parameter settings such
+# as mail_owner or setgid_group after Postfix is already installed.
+# .IP o
+# The script can be used to upgrade configuration files and to upgrade
+# file/directory permissions of a secondary Postfix instance.
+# .IP o
+# At Postfix start-up time, the script is run from "postfix check" to
+# create missing queue directories.
+# .PP
+# The post-install script is controlled by installation parameters.
+# Specific parameters are described at the end of this document.
+# All installation parameters must be specified ahead of time via
+# one of the methods described below.
+#
+# Arguments
+# .IP create-missing
+# Create missing queue directories with ownerships and permissions
+# according to the contents of $daemon_directory/postfix-files
+# and optionally in $daemon_directory/postfix-files.d/*, using
+# the mail_owner and setgid_group parameter settings from the
+# command line, process environment or from the installed
+# main.cf file.
+#
+# This is required at Postfix start-up time.
+# .IP set-permissions
+# Set all file/directory ownerships and permissions according to the
+# contents of $daemon_directory/postfix-files and optionally
+# in $daemon_directory/postfix-files.d/*, using the mail_owner
+# and setgid_group parameter settings from the command line,
+# process environment or from the installed main.cf file.
+# Implies create-missing.
+#
+# This is required when installing Postfix from a pre-built package,
+# or when changing the mail_owner or setgid_group installation parameter
+# settings after Postfix is already installed.
+# .IP upgrade-permissions
+# Update ownership and permission of existing files/directories as
+# specified in $daemon_directory/postfix-files and optionally
+# in $daemon_directory/postfix-files.d/*, using the mail_owner
+# and setgid_group parameter settings from the command line,
+# process environment or from the installed main.cf file.
+# Implies create-missing.
+#
+# This is required when upgrading an existing Postfix instance.
+# .IP upgrade-configuration
+# Edit the installed main.cf and master.cf files, in order to account
+# for missing services and to fix deprecated parameter settings.
+#
+# This is required when upgrading an existing Postfix instance.
+# .IP upgrade-source
+# Short-hand for: upgrade-permissions upgrade-configuration.
+#
+# This is recommended when upgrading Postfix from source code.
+# .IP upgrade-package
+# Short-hand for: set-permissions upgrade-configuration.
+#
+# This is recommended when upgrading Postfix from a pre-built package.
+# .IP first-install-reminder
+# Remind the user that they still need to configure main.cf and the
+# aliases file, and that newaliases still needs to be run.
+#
+# This is recommended when Postfix is installed for the first time.
+# MULTIPLE POSTFIX INSTANCES
+# .ad
+# .fi
+# Multiple Postfix instances on the same machine can share command and
+# daemon program files but must have separate configuration and queue
+# directories.
+#
+# To create a secondary Postfix installation on the same machine,
+# copy the configuration files from the primary Postfix instance to
+# a secondary configuration directory and execute:
+#
+# postfix post-install config_directory=secondary-config-directory \e
+# .in +4
+# queue_directory=secondary-queue-directory \e
+# .br
+# create-missing
+# .PP
+# This creates secondary Postfix queue directories, sets their access
+# permissions, and saves the specified installation parameters to the
+# secondary main.cf file.
+#
+# Be sure to list the secondary configuration directory in the
+# alternate_config_directories parameter in the primary main.cf file.
+#
+# To upgrade a secondary Postfix installation on the same machine,
+# execute:
+#
+# postfix post-install config_directory=secondary-config-directory \e
+# .in +4
+# upgrade-permissions upgrade-configuration
+# INSTALLATION PARAMETER INPUT METHODS
+# .ad
+# .fi
+# Parameter settings can be specified through a variety of
+# mechanisms. In order of decreasing precedence these are:
+# .IP "command line"
+# Parameter settings can be given as name=value arguments on
+# the post-install command line. These have the highest precedence.
+# Settings that override the installed main.cf file are saved.
+# .IP "process environment"
+# Parameter settings can be given as name=value environment
+# variables.
+# Settings that override the installed main.cf file are saved.
+# .IP "installed configuration files"
+# If a parameter is not specified via the command line or via the
+# process environment, post-install will attempt to extract its
+# value from the already installed Postfix main.cf configuration file.
+# These settings have the lowest precedence.
+# INSTALLATION PARAMETER DESCRIPTION
+# .ad
+# .fi
+# The description of installation parameters is as follows:
+# .IP config_directory
+# The directory for Postfix configuration files.
+# .IP daemon_directory
+# The directory for Postfix daemon programs. This directory
+# should not be in the command search path of any users.
+# .IP command_directory
+# The directory for Postfix administrative commands. This
+# directory should be in the command search path of adminstrative users.
+# .IP queue_directory
+# The directory for Postfix queues.
+# .IP data_directory
+# The directory for Postfix writable data files (caches, etc.).
+# .IP sendmail_path
+# The full pathname for the Postfix sendmail command.
+# This is the Sendmail-compatible mail posting interface.
+# .IP newaliases_path
+# The full pathname for the Postfix newaliases command.
+# This is the Sendmail-compatible command to build alias databases
+# for the Postfix local delivery agent.
+# .IP mailq_path
+# The full pathname for the Postfix mailq command.
+# This is the Sendmail-compatible command to list the mail queue.
+# .IP mail_owner
+# The owner of the Postfix queue. Its numerical user ID and group ID
+# must not be used by any other accounts on the system.
+# .IP setgid_group
+# The group for mail submission and for queue management commands.
+# Its numerical group ID must not be used by any other accounts on the
+# system, not even by the mail_owner account.
+# .IP html_directory
+# The directory for the Postfix HTML files.
+# .IP manpage_directory
+# The directory for the Postfix on-line manual pages.
+# .IP sample_directory
+# The directory for the Postfix sample configuration files.
+# This feature is obsolete as of Postfix 2.1.
+# .IP readme_directory
+# The directory for the Postfix README files.
+# SEE ALSO
+# postfix-install(1) Postfix primary installation script.
+# FILES
+# $config_directory/main.cf, Postfix installation parameters.
+# $daemon_directory/postfix-files, installation control file.
+# $daemon_directory/postfix-files.d/*, optional control files.
+# $config_directory/install.cf, obsolete configuration file.
+# LICENSE
+# .ad
+# .fi
+# The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+# Wietse Venema
+# IBM T.J. Watson Research
+# P.O. Box 704
+# Yorktown Heights, NY 10598, USA
+#--
+
+umask 022
+
+PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd
+SHELL=/bin/sh
+IFS="
+"
+BACKUP_IFS="$IFS"
+debug=:
+#debug=echo
+MOST_PARAMETERS="command_directory daemon_directory data_directory
+ html_directory mail_owner mailq_path manpage_directory
+ newaliases_path queue_directory readme_directory sample_directory
+ sendmail_path setgid_group"
+NON_SHARED="config_directory queue_directory data_directory"
+
+USAGE="Usage: $0 [name=value] command
+ create-missing Create missing queue directories.
+ upgrade-source When installing or upgrading from source code.
+ upgrade-package When installing or upgrading from pre-built package.
+ first-install-reminder Remind of mandatory first-time configuration steps.
+ name=value Specify an installation parameter".
+
+# Process command-line options and parameter settings. Work around
+# brain damaged shells. "IFS=value command" should not make the
+# IFS=value setting permanent. But some broken standard allows it.
+
+create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder=
+obsolete=; keep_list=;
+
+for arg
+do
+ case $arg in
+ *=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
+ create-missing) create=1;;
+ set-perm*) create=1; set_perms=1;;
+ upgrade-perm*) create=1; upgrade_perms=1;;
+ upgrade-conf*) upgrade_conf=1;;
+ upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;;
+ upgrade-package) create=1; upgrade_conf=1; set_perms=1;;
+ first-install*) first_install_reminder=1;;
+ *) echo "$0: Error: $USAGE" 1>&2; exit 1;;
+ esac
+ shift
+done
+
+# Sanity checks.
+
+test -n "$create$upgrade_conf$first_install_reminder" || {
+ echo "$0: Error: $USAGE" 1>&2
+ exit 1
+}
+
+# Bootstrapping problem.
+
+if [ -n "$command_directory" ]
+then
+ POSTCONF="$command_directory/postconf"
+else
+ POSTCONF="postconf"
+fi
+
+$POSTCONF -d mail_version >/dev/null 2>/dev/null || {
+ echo $0: Error: no $POSTCONF command found. 1>&2
+ echo Re-run this command as $0 command_directory=/some/where. 1>&2
+ exit 1
+}
+
+# Also used to require license etc. files only in the default instance.
+
+def_config_directory=`$POSTCONF -d -h config_directory` || exit 1
+test -n "$config_directory" ||
+ config_directory="$def_config_directory"
+
+test -d "$config_directory" || {
+ echo $0: Error: $config_directory is not a directory. 1>&2
+ exit 1
+}
+
+# If this is a secondary instance, don't touch shared files.
+# XXX Solaris does not have "test -e".
+
+instances=`test ! -f $def_config_directory/main.cf ||
+ $POSTCONF -c $def_config_directory -h multi_instance_directories |
+ sed 's/,/ /'` || exit 1
+
+update_shared_files=1
+for name in $instances
+do
+ case "$name" in
+ "$def_config_directory") ;;
+ "$config_directory") update_shared_files=; break;;
+ esac
+done
+
+test -f $daemon_directory/postfix-files || {
+ echo $0: Error: $daemon_directory/postfix-files is not a file. 1>&2
+ exit 1
+}
+
+# SunOS5 fmt(1) truncates lines > 1000 characters.
+
+fake_fmt() {
+ sed '
+ :top
+ /^\( *\)\([^ ][^ ]*\) */{
+ s//\1\2\
+\1/
+ P
+ D
+ b top
+ }
+ ' | fmt
+}
+
+case `uname -s` in
+HP-UX*) FMT=cat;;
+SunOS*) FMT=fake_fmt;;
+ *) FMT=fmt;;
+esac
+
+# If a parameter is not set via the command line or environment,
+# try to use settings from installed configuration files.
+
+# Extract parameter settings from the obsolete install.cf file, as
+# a transitional aid.
+
+grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
+ test -f $config_directory/install.cf && {
+ for name in sendmail_path newaliases_path mailq_path setgid manpages
+ do
+ eval junk=\$$name
+ case "$junk" in
+ "") eval unset $name;;
+ esac
+ eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
+ || exit 1
+ done
+ : ${setgid_group=$setgid}
+ : ${manpage_directory=$manpages}
+ }
+}
+
+# Extract parameter settings from the installed main.cf file.
+
+test -f $config_directory/main.cf && {
+ for name in $MOST_PARAMETERS
+ do
+ eval junk=\$$name
+ case "$junk" in
+ "") eval unset $name;;
+ esac
+ eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
+ done
+}
+
+# Sanity checks
+
+case $manpage_directory in
+ no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2
+ echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;;
+esac
+
+case $setgid_group in
+ no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2
+ echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;;
+esac
+
+for path in "$daemon_directory" "$command_directory" "$queue_directory" \
+ "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
+do
+ case "$path" in
+ /*) ;;
+ *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;;
+ esac
+done
+
+for path in "$html_directory" "$readme_directory"
+do
+ case "$path" in
+ /*) ;;
+ no) ;;
+ *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;;
+ esac
+done
+
+# Find out what parameters were not specified via command line,
+# via environment, or via installed configuration files.
+
+missing=
+for name in $MOST_PARAMETERS
+do
+ eval test -n \"\$$name\" || missing="$missing $name"
+done
+
+# All parameters must be specified at this point.
+
+test -n "$non_interactive" -a -n "$missing" && {
+ cat <<EOF | ${FMT} 1>&2
+$0: Error: some required installation parameters are not defined.
+
+- Either the parameters need to be given in the $config_directory/main.cf
+file from a recent Postfix installation,
+
+- Or the parameters need to be specified through the process
+environment.
+
+- Or the parameters need to be specified as name=value arguments
+on the $0 command line,
+
+The following parameters were missing:
+
+ $missing
+
+EOF
+ exit 1
+}
+
+POSTCONF="$command_directory/postconf"
+
+# Save settings, allowing command line/environment override.
+
+override=
+for name in $MOST_PARAMETERS
+do
+ eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
+ override=1
+ break
+ }
+done
+
+test -n "$override" && {
+ $POSTCONF -c $config_directory -e \
+ "daemon_directory = $daemon_directory" \
+ "command_directory = $command_directory" \
+ "queue_directory = $queue_directory" \
+ "data_directory = $data_directory" \
+ "mail_owner = $mail_owner" \
+ "setgid_group = $setgid_group" \
+ "sendmail_path = $sendmail_path" \
+ "mailq_path = $mailq_path" \
+ "newaliases_path = $newaliases_path" \
+ "html_directory = $html_directory" \
+ "manpage_directory = $manpage_directory" \
+ "sample_directory = $sample_directory" \
+ "readme_directory = $readme_directory" \
+ || exit 1
+}
+
+# Use file/directory status information in $daemon_directory/postfix-files.
+
+test -n "$create" && {
+ postfix_files_d=$daemon_directory/postfix-files.d
+ for postfix_file in $daemon_directory/postfix-files \
+ `test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }`
+ do
+ exec <$postfix_file || exit 1
+ while IFS=: read path type owner group mode flags junk
+ do
+ IFS="$BACKUP_IFS"
+ set_permission=
+ # Skip comments. Skip shared files, if updating a secondary instance.
+ case $path in
+ [$]*) case "$update_shared_files" in
+ 1) $debug keep non-shared or shared $path;;
+ *) non_shared=
+ for name in $NON_SHARED
+ do
+ case $path in
+ "\$$name"*) non_shared=1; break;;
+ esac
+ done
+ case "$non_shared" in
+ 1) $debug keep non-shared $path;;
+ *) $debug skip shared $path; continue;;
+ esac;;
+ esac;;
+ *) continue;;
+ esac
+ # Skip hard links and symbolic links.
+ case $type in
+ [hl]) continue;;
+ [df]) ;;
+ *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;;
+ esac
+ # Expand $name, and canonicalize null fields.
+ for name in path owner group flags
+ do
+ eval junk=\${$name}
+ case $junk in
+ [$]*) eval $name=$junk;;
+ -) eval $name=;;
+ *) ;;
+ esac
+ done
+ # Skip uninstalled files.
+ case $path in
+ no|no/*) continue;;
+ esac
+ # Pick up the flags.
+ case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac
+ case $flags in *c*) create_flag=1;; *) create_flag=;; esac
+ case $flags in *r*) recursive="-R";; *) recursive=;; esac
+ case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac
+ case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \
+ "$def_config_directory" && continue;; esac
+ # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e".
+ if [ -n "$obsolete_flag" ]
+ then
+ test -r $path -a "$type" != "d" && obsolete="$obsolete $path"
+ continue;
+ else
+ keep_list="$keep_list $path"
+ fi
+ # Create missing directories with proper owner/group/mode settings.
+ if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ]
+ then
+ mkdir $path || exit 1
+ set_permission=1
+ # Update all owner/group/mode settings.
+ elif [ -n "$set_perms" ]
+ then
+ set_permission=1
+ # Update obsolete owner/group/mode settings.
+ elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ]
+ then
+ set_permission=1
+ fi
+ test -n "$set_permission" && {
+ chown $recursive $owner $path || exit 1
+ test -z "$group" || chgrp $recursive $group $path || exit 1
+ # Don't "chmod -R"; queue file status is encoded in mode bits.
+ if [ "$type" = "d" -a -n "$recursive" ]
+ then
+ find $path -type d -exec chmod $mode "{}" ";"
+ else
+ chmod $mode $path
+ fi || exit 1
+ }
+ done
+ IFS="$BACKUP_IFS"
+ done
+}
+
+# Upgrade existing Postfix configuration files if necessary.
+
+test -n "$upgrade_conf" && {
+
+ # Postfix 2.0.
+ # Add missing relay service to master.cf.
+
+ grep '^relay' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for relay service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+relay unix - - n - - smtp
+EOF
+ }
+
+ # Postfix 1.1.
+ # Add missing flush service to master.cf.
+
+ grep '^flush.*flush' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for flush service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+flush unix - - n 1000? 0 flush
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing trace service to master.cf.
+
+ grep 'trace.*bounce' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for trace service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+trace unix - - n - 0 bounce
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing verify service to master.cf.
+
+ grep '^verify.*verify' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for verify service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+verify unix - - n - 1 verify
+EOF
+ }
+
+ # Postfix 2.1.
+ # Fix verify service process limit.
+
+ grep '^verify.*[ ]0[ ]*verify' \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, setting verify process limit to 1
+ ed $config_directory/master.cf <<EOF || exit 1
+/^verify.*[ ]0[ ]*verify/
+s/\([ ]\)0\([ ]\)/\11\2/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 1.1.
+ # Change privileged pickup service into unprivileged.
+
+ grep "^pickup[ ]*fifo[ ]*n[ ]*n" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, making the pickup service unprivileged
+ ed $config_directory/master.cf <<EOF || exit 1
+/^pickup[ ]*fifo[ ]*n[ ]*n/
+s/\(n[ ]*\)n/\1-/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 1.1.
+ # Change private cleanup and flush services into public.
+
+ for name in cleanup flush
+ do
+ grep "^$name[ ]*unix[ ]*[-y]" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, making the $name service public
+ ed $config_directory/master.cf <<EOF || exit 1
+/^$name[ ]*unix[ ]*[-y]/
+s/[-y]/n/
+p
+w
+q
+EOF
+ }
+ done
+
+ # Postfix 2.2.
+ # File systems have improved since Postfix came out, and all we
+ # require now is that defer and deferred are hashed because those
+ # can contain lots of files.
+
+ found=`$POSTCONF -c $config_directory -h hash_queue_names`
+ missing=
+ (echo "$found" | grep defer >/dev/null) || missing="$missing defer"
+ (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred"
+ test -n "$missing" && {
+ echo fixing main.cf hash_queue_names for missing $missing
+ $POSTCONF -c $config_directory -e hash_queue_names="$found$missing" ||
+ exit 1
+ }
+
+ # Turn on safety nets for new features that could bounce mail that
+ # would be accepted by a previous Postfix version.
+
+ # [The "unknown_local_recipient_reject_code = 450" safety net,
+ # introduced with Postfix 2.0 and deleted after Postfix 2.3.]
+
+ # Postfix 2.0.
+ # Add missing proxymap service to master.cf.
+
+ grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for proxymap service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+proxymap unix - - n - - proxymap
+EOF
+ }
+
+ # Postfix 2.1.
+ # Add missing anvil service to master.cf.
+
+ grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for anvil service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+anvil unix - - n - 1 anvil
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing scache service to master.cf.
+
+ grep '^scache.*scache' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for scache service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+scache unix - - n - 1 scache
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing discard service to master.cf.
+
+ grep '^discard.*discard' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for discard service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+discard unix - - n - - discard
+EOF
+ }
+
+ # Postfix 2.2.
+ # Update the tlsmgr fifo->unix service.
+
+ grep "^tlsmgr[ ]*fifo[ ]" \
+ $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service
+ ed $config_directory/master.cf <<EOF || exit 1
+/^tlsmgr[ ]*fifo[ ]/
+s/fifo/unix/
+s/[0-9][0-9]*/&?/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing tlsmgr service to master.cf.
+
+ grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+tlsmgr unix - - n 1000? 1 tlsmgr
+EOF
+ }
+
+ # Postfix 2.2.
+ # Add missing retry service to master.cf.
+
+ grep '^retry.*error' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for retry service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+retry unix - - n - - error
+EOF
+ }
+
+ # Postfix 2.5.
+ # Add missing proxywrite service to master.cf.
+
+ grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for proxywrite service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+proxywrite unix - - n - 1 proxymap
+EOF
+ }
+
+ # Postfix 2.5.
+ # Fix a typo in the default master.cf proxywrite entry.
+
+ grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && {
+ echo Editing $config_directory/master.cf, setting proxywrite process limit to 1
+ ed $config_directory/master.cf <<EOF || exit 1
+/^proxywrite.*-[ ]*proxymap/
+s/-\([ ]*proxymap\)/1\1/
+p
+w
+q
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add missing postscreen service to master.cf.
+
+ grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#smtp inet n - n - 1 postscreen
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add missing smtpd (unix-domain) service to master.cf.
+
+ grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#smtpd pass - - n - - smtpd
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add temporary dnsblog (unix-domain) service to master.cf.
+
+ grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#dnsblog unix - - n - 0 dnsblog
+EOF
+ }
+
+ # Postfix 2.8.
+ # Add tlsproxy (unix-domain) service to master.cf.
+
+ grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || {
+ echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service
+ cat >>$config_directory/master.cf <<EOF || exit 1
+#tlsproxy unix - - n - 0 tlsproxy
+EOF
+ }
+
+ # Report (but do not remove) obsolete files.
+
+ test -n "$obsolete" && {
+ cat <<EOF | ${FMT}
+
+ Note: the following files or directories still exist but are
+ no longer part of Postfix:
+
+ $obsolete
+
+EOF
+ }
+
+ # Postfix 2.9.
+ # Safety net for incompatible changes in IPv6 defaults.
+ # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN
+ # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX
+ # BEFORE 2.9.
+ # This code assumes that the default is "inet_protocols = ipv4"
+ # when IPv6 support is not compiled in. See util/sys_defs.h.
+
+ test "`$POSTCONF -dh inet_protocols`" = "ipv4" ||
+ test -n "`$POSTCONF -c $config_directory -n inet_protocols`" || {
+ cat <<EOF | ${FMT}
+ COMPATIBILITY: editing $config_directory/main.cf, setting
+ inet_protocols=ipv4. Specify inet_protocols explicitly if you
+ want to enable IPv6.
+ In a future release IPv6 will be enabled by default.
+EOF
+ $POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1
+ }
+
+# Disabled because unhelpful down-stream maintainers disable the safety net.
+# # Postfix 2.10.
+# # Safety net for incompatible changes due to the introduction
+# # of the smtpd_relay_restrictions feature to separate the
+# # mail relay policy from the spam blocking policy.
+# # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT
+# # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM
+# # POSTFIX BEFORE 2.10.
+# test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || {
+# cat <<EOF | ${FMT}
+# COMPATIBILITY: editing $config_directory/main.cf, overriding
+# smtpd_relay_restrictions to prevent inbound mail from
+# unexpectedly bouncing.
+# Specify an empty smtpd_relay_restrictions value to keep using
+# smtpd_recipient_restrictions as before.
+#EOF
+# $POSTCONF -c $config_directory "smtpd_relay_restrictions = \
+# permit_mynetworks permit_sasl_authenticated \
+# defer_unauth_destination" || exit 1
+# }
+}
+
+# A reminder if this is the first time Postfix is being installed.
+
+test -n "$first_install_reminder" && {
+
+ ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'`
+ NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path`
+ cat <<EOF | ${FMT}
+
+ Warning: you still need to edit myorigin/mydestination/mynetworks
+ parameter settings in $config_directory/main.cf.
+
+ See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
+ for information about dialup sites or about sites inside a
+ firewalled network.
+
+ BTW: Check your $ALIASES file and be sure to set up aliases
+ that send mail for root and postmaster to a real person, then
+ run $NEWALIASES_PATH.
+
+EOF
+
+}
+
+exit 0
--- /dev/null
+#
+# Do not edit this file.
+#
+# This file controls the postfix-install script for installation of
+# Postfix programs, configuration files and documentation, as well
+# as the post-install script for setting permissions and for updating
+# Postfix configuration files. See the respective manual pages within
+# the script files.
+#
+# Do not list $command_directory in this file, or it will be blown
+# away by a future Postfix uninstallation procedure. You would not
+# want to lose all files in /usr/sbin.
+#
+# Each record in this file describes one file or directory.
+# Fields are separated by ":". Specify a null field as "-".
+# Missing fields or separators at the end are OK.
+#
+# File format:
+# name:type:owner:group:permission:flags
+# No group means don't change group ownership.
+#
+# File types:
+# d=directory
+# f=regular file
+# h=hard link (*)
+# l=symbolic link (*)
+#
+# (*) With hard links and symbolic links, the owner field becomes the
+# source pathname, while the group and permissions are ignored.
+#
+# File flags:
+# No flag means the flag is not active.
+# p=preserve existing file, do not replace (postfix-install).
+# u=update owner/group/mode (post-install upgrade-permissions).
+# c=create missing directory (post-install create-missing).
+# r=apply owner/group recursively (post-install set/upgrade-permissions).
+# o=obsolete, no longer part of Postfix
+# 1=optional for non-default instance (config_dir != built-in default).
+#
+# Note: the "u" flag is for upgrading the permissions of existing files
+# or directories after changes in Postfix architecture. For robustness
+# it is a good idea to "u" all the files that have special ownership or
+# permissions, so that running "make install" fixes any glitches.
+#
+$config_directory:d:root:-:755:u
+$data_directory:d:$mail_owner:-:700:uc
+$daemon_directory:d:root:-:755:u
+$queue_directory:d:root:-:755:uc
+$sample_directory:d:root:-:755:o
+$readme_directory:d:root:-:755
+$html_directory:d:root:-:755
+$queue_directory/active:d:$mail_owner:-:700:ucr
+$queue_directory/bounce:d:$mail_owner:-:700:ucr
+$queue_directory/corrupt:d:$mail_owner:-:700:ucr
+$queue_directory/defer:d:$mail_owner:-:700:ucr
+$queue_directory/deferred:d:$mail_owner:-:700:ucr
+$queue_directory/flush:d:$mail_owner:-:700:ucr
+$queue_directory/hold:d:$mail_owner:-:700:ucr
+$queue_directory/incoming:d:$mail_owner:-:700:ucr
+$queue_directory/private:d:$mail_owner:-:700:uc
+$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc
+$queue_directory/public:d:$mail_owner:$setgid_group:710:uc
+$queue_directory/pid:d:root:-:755:uc
+$queue_directory/saved:d:$mail_owner:-:700:ucr
+$queue_directory/trace:d:$mail_owner:-:700:ucr
+$daemon_directory/anvil:f:root:-:755
+$daemon_directory/bounce:f:root:-:755
+$daemon_directory/dict_cdb.so:f:root:-:755
+$daemon_directory/dict_ldap.so:f:root:-:755
+$daemon_directory/dict_pcre.so:f:root:-:755
+$daemon_directory/dict_mysql.so:f:root:-:755
+$daemon_directory/dict_sqlite.so:f:root:-:755
+$daemon_directory/dict_tcp.so:f:root:-:755
+$daemon_directory/dict_sdbm.so:f:root:-:755
+$daemon_directory/cleanup:f:root:-:755
+$daemon_directory/discard:f:root:-:755
+$daemon_directory/dnsblog:f:root:-:755
+$daemon_directory/error:f:root:-:755
+$daemon_directory/flush:f:root:-:755
+#$daemon_directory/lmtp:f:root:-:755
+$daemon_directory/local:f:root:-:755
+$daemon_directory/main.cf:f:root:-:644
+$daemon_directory/master.cf:f:root:-:644
+$daemon_directory/master:f:root:-:755
+$daemon_directory/oqmgr:f:root:-:755
+$daemon_directory/pickup:f:root:-:755
+$daemon_directory/pipe:f:root:-:755
+$daemon_directory/post-install:f:root:-:755
+$daemon_directory/postfix-files:f:root:-:644
+$daemon_directory/postfix-script:f:root:-:755
+$daemon_directory/postfix-wrapper:f:root:-:755
+$daemon_directory/postmulti-script:f:root:-:755
+$daemon_directory/postscreen:f:root:-:755
+$daemon_directory/proxymap:f:root:-:755
+$daemon_directory/qmgr:f:root:-:755
+$daemon_directory/qmqpd:f:root:-:755
+$daemon_directory/scache:f:root:-:755
+$daemon_directory/showq:f:root:-:755
+$daemon_directory/smtp:f:root:-:755
+$daemon_directory/smtpd:f:root:-:755
+$daemon_directory/spawn:f:root:-:755
+$daemon_directory/tlsproxy:f:root:-:755
+$daemon_directory/tlsmgr:f:root:-:755
+$daemon_directory/trivial-rewrite:f:root:-:755
+$daemon_directory/verify:f:root:-:755
+$daemon_directory/virtual:f:root:-:755
+/usr/lib/libpostfix-dns.so.1:f:root:-:755
+/usr/lib/libpostfix-global.so.1:f:root:-:755
+/usr/lib/libpostfix-tls.so.1:f:root:-:755
+/usr/lib/libpostfix-master.so.1:f:root:-:755
+/usr/lib/libpostfix-util.so.1:f:root:-:755
+$daemon_directory/nqmgr:h:$daemon_directory/qmgr
+$daemon_directory/lmtp:h:$daemon_directory/smtp
+$command_directory/postalias:f:root:-:755
+$command_directory/postcat:f:root:-:755
+$command_directory/postconf:f:root:-:755
+$command_directory/postfix:f:root:-:755
+$command_directory/postkick:f:root:-:755
+$command_directory/postlock:f:root:-:755
+$command_directory/postlog:f:root:-:755
+$command_directory/postmap:f:root:-:755
+$command_directory/postmulti:f:root:-:755
+$command_directory/postsuper:f:root:-:755
+$command_directory/postdrop:f:root:$setgid_group:2755:u
+$command_directory/postqueue:f:root:$setgid_group:2755:u
+$sendmail_path:f:root:-:755
+$newaliases_path:l:$sendmail_path
+$mailq_path:l:$sendmail_path
+$config_directory/LICENSE:f:root:-:644:1
+$config_directory/TLS_LICENSE:f:root:-:644:1
+$config_directory/access:f:root:-:644:p1
+$config_directory/aliases:f:root:-:644:p1
+$config_directory/bounce.cf.default:f:root:-:644:1
+$config_directory/canonical:f:root:-:644:p1
+$config_directory/dynamicmaps.cf:f:root:-:644:p1
+$config_directory/cidr_table:f:root:-:644:o
+$config_directory/generic:f:root:-:644:p1
+$config_directory/generics:f:root:-:644:o
+$config_directory/header_checks:f:root:-:644:p1
+$config_directory/install.cf:f:root:-:644:o
+$config_directory/main.cf.default:f:root:-:644:1
+$config_directory/main.cf:f:root:-:644:p
+$config_directory/makedefs.out:f:root:-:644:1
+$config_directory/master.cf:f:root:-:644:p
+$config_directory/pcre_table:f:root:-:644:o
+$config_directory/postfix-files:f:root:-:644:o
+$config_directory/regexp_table:f:root:-:644:o
+$config_directory/relocated:f:root:-:644:p1
+$config_directory/tcp_table:f:root:-:644:o
+$config_directory/transport:f:root:-:644:p1
+$config_directory/virtual:f:root:-:644:p1
+$config_directory/postfix-script:f:root:-:755:o
+$config_directory/postfix-script-sgid:f:root:-:755:o
+$config_directory/postfix-script-nosgid:f:root:-:755:o
+$config_directory/post-install:f:root:-:755:o
+$manpage_directory/man1/mailq.1:f:root:-:644
+$manpage_directory/man1/newaliases.1:f:root:-:644
+$manpage_directory/man1/postalias.1:f:root:-:644
+$manpage_directory/man1/postcat.1:f:root:-:644
+$manpage_directory/man1/postconf.1:f:root:-:644
+$manpage_directory/man1/postdrop.1:f:root:-:644
+$manpage_directory/man1/postfix.1:f:root:-:644
+$manpage_directory/man1/postkick.1:f:root:-:644
+$manpage_directory/man1/postlock.1:f:root:-:644
+$manpage_directory/man1/postlog.1:f:root:-:644
+$manpage_directory/man1/postmap.1:f:root:-:644
+$manpage_directory/man1/postmulti.1:f:root:-:644
+$manpage_directory/man1/postqueue.1:f:root:-:644
+$manpage_directory/man1/postsuper.1:f:root:-:644
+$manpage_directory/man1/sendmail.1:f:root:-:644
+$manpage_directory/man5/access.5:f:root:-:644
+$manpage_directory/man5/aliases.5:f:root:-:644
+$manpage_directory/man5/body_checks.5:f:root:-:644
+$manpage_directory/man5/bounce.5:f:root:-:644
+$manpage_directory/man5/canonical.5:f:root:-:644
+$manpage_directory/man5/cidr_table.5:f:root:-:644
+$manpage_directory/man5/generics.5:f:root:-:644:o
+$manpage_directory/man5/generic.5:f:root:-:644
+$manpage_directory/man5/header_checks.5:f:root:-:644
+$manpage_directory/man5/ldap_table.5:f:root:-:644
+$manpage_directory/man5/lmdb_table.5:f:root:-:644
+$manpage_directory/man5/master.5:f:root:-:644
+$manpage_directory/man5/memcache_table.5:f:root:-:644
+$manpage_directory/man5/mysql_table.5:f:root:-:644
+$manpage_directory/man5/socketmap_table.5:f:root:-:644
+$manpage_directory/man5/sqlite_table.5:f:root:-:644
+$manpage_directory/man5/nisplus_table.5:f:root:-:644
+$manpage_directory/man5/pcre_table.5:f:root:-:644
+$manpage_directory/man5/pgsql_table.5:f:root:-:644
+$manpage_directory/man5/postconf.5:f:root:-:644
+$manpage_directory/man5/postfix-wrapper.5:f:root:-:644
+$manpage_directory/man5/regexp_table.5:f:root:-:644
+$manpage_directory/man5/relocated.5:f:root:-:644
+$manpage_directory/man5/tcp_table.5:f:root:-:644
+$manpage_directory/man5/transport.5:f:root:-:644
+$manpage_directory/man5/virtual.5:f:root:-:644
+$manpage_directory/man8/bounce.8:f:root:-:644
+$manpage_directory/man8/cleanup.8:f:root:-:644
+$manpage_directory/man8/anvil.8:f:root:-:644
+$manpage_directory/man8/defer.8:f:root:-:644
+$manpage_directory/man8/discard.8:f:root:-:644
+$manpage_directory/man8/dnsblog.8:f:root:-:644
+$manpage_directory/man8/error.8:f:root:-:644
+$manpage_directory/man8/flush.8:f:root:-:644
+$manpage_directory/man8/lmtp.8:f:root:-:644
+$manpage_directory/man8/local.8:f:root:-:644
+$manpage_directory/man8/master.8:f:root:-:644
+$manpage_directory/man8/nqmgr.8:f:root:-:644:o
+$manpage_directory/man8/oqmgr.8:f:root:-:644:
+$manpage_directory/man8/pickup.8:f:root:-:644
+$manpage_directory/man8/pipe.8:f:root:-:644
+$manpage_directory/man8/postscreen.8:f:root:-:644
+$manpage_directory/man8/proxymap.8:f:root:-:644
+$manpage_directory/man8/qmgr.8:f:root:-:644
+$manpage_directory/man8/qmqpd.8:f:root:-:644
+$manpage_directory/man8/scache.8:f:root:-:644
+$manpage_directory/man8/showq.8:f:root:-:644
+$manpage_directory/man8/smtp.8:f:root:-:644
+$manpage_directory/man8/smtpd.8:f:root:-:644
+$manpage_directory/man8/spawn.8:f:root:-:644
+$manpage_directory/man8/tlsproxy.8:f:root:-:644
+$manpage_directory/man8/tlsmgr.8:f:root:-:644
+$manpage_directory/man8/trace.8:f:root:-:644
+$manpage_directory/man8/trivial-rewrite.8:f:root:-:644
+$manpage_directory/man8/verify.8:f:root:-:644
+$manpage_directory/man8/virtual.8:f:root:-:644
+$sample_directory/sample-aliases.cf:f:root:-:644:o
+$sample_directory/sample-auth.cf:f:root:-:644:o
+$sample_directory/sample-canonical.cf:f:root:-:644:o
+$sample_directory/sample-compatibility.cf:f:root:-:644:o
+$sample_directory/sample-debug.cf:f:root:-:644:o
+$sample_directory/sample-filter.cf:f:root:-:644:o
+$sample_directory/sample-flush.cf:f:root:-:644:o
+$sample_directory/sample-ipv6.cf:f:root:-:644:o
+$sample_directory/sample-ldap.cf:f:root:-:644:o
+$sample_directory/sample-lmtp.cf:f:root:-:644:o
+$sample_directory/sample-local.cf:f:root:-:644:o
+$sample_directory/sample-mime.cf:f:root:-:644:o
+$sample_directory/sample-misc.cf:f:root:-:644:o
+$sample_directory/sample-pcre-access.cf:f:root:-:644:o
+$sample_directory/sample-pcre-body.cf:f:root:-:644:o
+$sample_directory/sample-pcre-header.cf:f:root:-:644:o
+$sample_directory/sample-pgsql-aliases.cf:f:root:-:644:o
+$sample_directory/sample-qmqpd.cf:f:root:-:644:o
+$sample_directory/sample-rate.cf:f:root:-:644:o
+$sample_directory/sample-regexp-access.cf:f:root:-:644:o
+$sample_directory/sample-regexp-body.cf:f:root:-:644:o
+$sample_directory/sample-regexp-header.cf:f:root:-:644:o
+$sample_directory/sample-relocated.cf:f:root:-:644:o
+$sample_directory/sample-resource.cf:f:root:-:644:o
+$sample_directory/sample-rewrite.cf:f:root:-:644:o
+$sample_directory/sample-scheduler.cf:f:root:-:644:o
+$sample_directory/sample-smtp.cf:f:root:-:644:o
+$sample_directory/sample-smtpd.cf:f:root:-:644:o
+$sample_directory/sample-tls.cf:f:root:-:644:o
+$sample_directory/sample-transport.cf:f:root:-:644:o
+$sample_directory/sample-verify.cf:f:root:-:644:o
+$sample_directory/sample-virtual.cf:f:root:-:644:o
+$readme_directory/AAAREADME:f:root:-:644
+$readme_directory/ADDRESS_CLASS_README:f:root:-:644
+$readme_directory/ADDRESS_REWRITING_README:f:root:-:644
+$readme_directory/ADDRESS_VERIFICATION_README:f:root:-:644
+$readme_directory/BACKSCATTER_README:f:root:-:644
+$readme_directory/BASIC_CONFIGURATION_README:f:root:-:644
+$readme_directory/BUILTIN_FILTER_README:f:root:-:644
+$readme_directory/CDB_README:f:root:-:644
+$readme_directory/CONNECTION_CACHE_README:f:root:-:644
+$readme_directory/CONTENT_INSPECTION_README:f:root:-:644
+$readme_directory/DATABASE_README:f:root:-:644
+$readme_directory/DB_README:f:root:-:644
+$readme_directory/DEBUG_README:f:root:-:644
+$readme_directory/DSN_README:f:root:-:644
+$readme_directory/ETRN_README:f:root:-:644
+$readme_directory/FILTER_README:f:root:-:644
+$readme_directory/FORWARD_SECRECY_README:f:root:-:644
+$readme_directory/HOSTING_README:f:root:-:644:o
+$readme_directory/INSTALL:f:root:-:644
+$readme_directory/IPV6_README:f:root:-:644
+$readme_directory/LDAP_README:f:root:-:644
+$readme_directory/LINUX_README:f:root:-:644
+$readme_directory/LMDB_README:f:root:-:644
+$readme_directory/LOCAL_RECIPIENT_README:f:root:-:644
+$readme_directory/MACOSX_README:f:root:-:644:o
+$readme_directory/MAILDROP_README:f:root:-:644
+$readme_directory/MEMCACHE_README:f:root:-:644
+$readme_directory/MILTER_README:f:root:-:644
+$readme_directory/MULTI_INSTANCE_README:f:root:-:644
+$readme_directory/MYSQL_README:f:root:-:644
+$readme_directory/SQLITE_README:f:root:-:644
+$readme_directory/NFS_README:f:root:-:644
+$readme_directory/OVERVIEW:f:root:-:644
+$readme_directory/PACKAGE_README:f:root:-:644
+$readme_directory/PCRE_README:f:root:-:644
+$readme_directory/PGSQL_README:f:root:-:644
+$readme_directory/POSTSCREEN_README:f:root:-:644
+$readme_directory/QMQP_README:f:root:-:644:o
+$readme_directory/QSHAPE_README:f:root:-:644
+$readme_directory/RELEASE_NOTES:f:root:-:644
+$readme_directory/RESTRICTION_CLASS_README:f:root:-:644
+$readme_directory/SASL_README:f:root:-:644
+$readme_directory/SCHEDULER_README:f:root:-:644
+$readme_directory/SMTPD_ACCESS_README:f:root:-:644
+$readme_directory/SMTPD_POLICY_README:f:root:-:644
+$readme_directory/SMTPD_PROXY_README:f:root:-:644
+$readme_directory/SOHO_README:f:root:-:644
+$readme_directory/STANDARD_CONFIGURATION_README:f:root:-:644
+$readme_directory/STRESS_README:f:root:-:644
+$readme_directory/TLS_LEGACY_README:f:root:-:644
+$readme_directory/TLS_README:f:root:-:644
+$readme_directory/TUNING_README:f:root:-:644
+$readme_directory/ULTRIX_README:f:root:-:644
+$readme_directory/UUCP_README:f:root:-:644
+$readme_directory/VERP_README:f:root:-:644
+$readme_directory/VIRTUAL_README:f:root:-:644
+$readme_directory/XCLIENT_README:f:root:-:644
+$readme_directory/XFORWARD_README:f:root:-:644
+$html_directory/ADDRESS_CLASS_README.html:f:root:-:644
+$html_directory/ADDRESS_REWRITING_README.html:f:root:-:644
+$html_directory/ADDRESS_VERIFICATION_README.html:f:root:-:644
+$html_directory/BACKSCATTER_README.html:f:root:-:644
+$html_directory/BASIC_CONFIGURATION_README.html:f:root:-:644
+$html_directory/BUILTIN_FILTER_README.html:f:root:-:644
+$html_directory/CDB_README.html:f:root:-:644
+$html_directory/CONNECTION_CACHE_README.html:f:root:-:644
+$html_directory/CONTENT_INSPECTION_README.html:f:root:-:644
+$html_directory/CYRUS_README.html:f:root:-:644:o
+$html_directory/DATABASE_README.html:f:root:-:644
+$html_directory/DB_README.html:f:root:-:644
+$html_directory/DEBUG_README.html:f:root:-:644
+$html_directory/DSN_README.html:f:root:-:644
+$html_directory/ETRN_README.html:f:root:-:644
+$html_directory/FILTER_README.html:f:root:-:644
+$html_directory/FORWARD_SECRECY_README.html:f:root:-:644
+$html_directory/INSTALL.html:f:root:-:644
+$html_directory/IPV6_README.html:f:root:-:644
+$html_directory/LDAP_README.html:f:root:-:644
+$html_directory/LINUX_README.html:f:root:-:644
+$html_directory/LMDB_README.html:f:root:-:644
+$html_directory/LOCAL_RECIPIENT_README.html:f:root:-:644
+$html_directory/MAILDROP_README.html:f:root:-:644
+$html_directory/MILTER_README.html:f:root:-:644
+$html_directory/MULTI_INSTANCE_README.html:f:root:-:644
+$html_directory/MYSQL_README.html:f:root:-:644
+$html_directory/SQLITE_README.html:f:root:-:644
+$html_directory/NFS_README.html:f:root:-:644
+$html_directory/OVERVIEW.html:f:root:-:644
+$html_directory/PACKAGE_README.html:f:root:-:644
+$html_directory/PCRE_README.html:f:root:-:644
+$html_directory/PGSQL_README.html:f:root:-:644
+$html_directory/POSTSCREEN_README.html:f:root:-:644
+$html_directory/QMQP_README.html:f:root:-:644:o
+$html_directory/QSHAPE_README.html:f:root:-:644
+$html_directory/RESTRICTION_CLASS_README.html:f:root:-:644
+$html_directory/SASL_README.html:f:root:-:644
+$html_directory/SCHEDULER_README.html:f:root:-:644
+$html_directory/SMTPD_ACCESS_README.html:f:root:-:644
+$html_directory/SMTPD_POLICY_README.html:f:root:-:644
+$html_directory/SMTPD_PROXY_README.html:f:root:-:644
+$html_directory/SOHO_README.html:f:root:-:644
+$html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644
+$html_directory/STRESS_README.html:f:root:-:644
+$html_directory/TLS_LEGACY_README.html:f:root:-:644
+$html_directory/TLS_README.html:f:root:-:644
+$html_directory/TUNING_README.html:f:root:-:644
+$html_directory/ULTRIX_README.html:f:root:-:644:o
+$html_directory/UUCP_README.html:f:root:-:644
+$html_directory/VERP_README.html:f:root:-:644
+$html_directory/VIRTUAL_README.html:f:root:-:644
+$html_directory/XCLIENT_README.html:f:root:-:644
+$html_directory/XFORWARD_README.html:f:root:-:644
+$html_directory/access.5.html:f:root:-:644
+$html_directory/aliases.5.html:f:root:-:644
+$html_directory/anvil.8.html:f:root:-:644
+$html_directory/bounce.8.html:f:root:-:644
+$html_directory/canonical.5.html:f:root:-:644
+$html_directory/cidr_table.5.html:f:root:-:644
+$html_directory/cleanup.8.html:f:root:-:644
+$html_directory/defer.8.html:h:$html_directory/bounce.8.html:-:644
+$html_directory/discard.8.html:f:root:-:644
+$html_directory/dnsblog.8.html:f:root:-:644
+$html_directory/error.8.html:f:root:-:644
+$html_directory/flush.8.html:f:root:-:644
+$html_directory/generics.5.html:f:root:-:644:o
+$html_directory/generic.5.html:f:root:-:644
+$html_directory/header_checks.5.html:f:root:-:644
+$html_directory/index.html:f:root:-:644
+$html_directory/ldap_table.5.html:f:root:-:644
+$html_directory/lmtp.8.html:f:root:-:644
+$html_directory/local.8.html:f:root:-:644
+$html_directory/mailq.1.html:f:root:-:644
+$html_directory/master.5.html:f:root:-:644
+$html_directory/master.8.html:f:root:-:644
+$html_directory/memcache_table.5.html:f:root:-:644
+$html_directory/mysql_table.5.html:f:root:-:644
+$html_directory/sqlite_table.5.html:f:root:-:644
+$html_directory/nisplus_table.5.html:f:root:-:644
+$html_directory/newaliases.1.html:h:$html_directory/mailq.1.html:-:644
+$html_directory/oqmgr.8.html:f:root:-:644
+$html_directory/pcre_table.5.html:f:root:-:644
+$html_directory/pgsql_table.5.html:f:root:-:644
+$html_directory/pickup.8.html:f:root:-:644
+$html_directory/pipe.8.html:f:root:-:644
+$html_directory/postalias.1.html:f:root:-:644
+$html_directory/postcat.1.html:f:root:-:644
+$html_directory/postconf.1.html:f:root:-:644
+$html_directory/postconf.5.html:f:root:-:644
+$html_directory/postdrop.1.html:f:root:-:644
+$html_directory/postfix-logo.jpg:f:root:-:644
+$html_directory/postfix-manuals.html:f:root:-:644
+$html_directory/postfix-wrapper.5.html:f:root:-:644
+$html_directory/postfix.1.html:f:root:-:644
+$html_directory/postkick.1.html:f:root:-:644
+$html_directory/postlock.1.html:f:root:-:644
+$html_directory/postlog.1.html:f:root:-:644
+$html_directory/postmap.1.html:f:root:-:644
+$html_directory/postmulti.1.html:f:root:-:644
+$html_directory/postqueue.1.html:f:root:-:644
+$html_directory/postscreen.8.html:f:root:-:644
+$html_directory/postsuper.1.html:f:root:-:644
+$html_directory/qshape.1.html:f:root:-:644
+$html_directory/proxymap.8.html:f:root:-:644
+$html_directory/qmgr.8.html:f:root:-:644
+$html_directory/qmqp-sink.1.html:f:root:-:644
+$html_directory/qmqp-source.1.html:f:root:-:644
+$html_directory/qmqpd.8.html:f:root:-:644
+$html_directory/regexp_table.5.html:f:root:-:644
+$html_directory/relocated.5.html:f:root:-:644
+$html_directory/sendmail.1.html:h:$html_directory/mailq.1.html:-:644
+$html_directory/showq.8.html:f:root:-:644
+$html_directory/smtp-sink.1.html:f:root:-:644
+$html_directory/smtp-source.1.html:f:root:-:644
+$html_directory/smtp.8.html:h:$html_directory/lmtp.8.html:-:644
+$html_directory/smtpd.8.html:f:root:-:644
+$html_directory/spawn.8.html:f:root:-:644
+$html_directory/tlsproxy.8.html:f:root:-:644
+$html_directory/tcp_table.5.html:f:root:-:644
+$html_directory/trace.8.html:h:$html_directory/bounce.8.html:-:644
+$html_directory/transport.5.html:f:root:-:644
+$html_directory/trivial-rewrite.8.html:f:root:-:644
+$html_directory/verify.8.html:f:root:-:644
+$html_directory/virtual.5.html:f:root:-:644
+$html_directory/virtual.8.html:f:root:-:644
--- /dev/null
+#!/bin/sh
+
+#++
+# NAME
+# postfix-script 1
+# SUMMARY
+# execute Postfix administrative commands
+# SYNOPSIS
+# \fBpostfix-script\fR \fIcommand\fR
+# DESCRIPTION
+# The \fBpostfix-script\fR script executes Postfix administrative
+# commands in an environment that is set up by the \fBpostfix\fR(1)
+# command.
+# SEE ALSO
+# master(8) Postfix master program
+# postfix(1) Postfix administrative interface
+# LICENSE
+# .ad
+# .fi
+# The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+# Wietse Venema
+# IBM T.J. Watson Research
+# P.O. Box 704
+# Yorktown Heights, NY 10598, USA
+#--
+
+# Avoid POSIX death due to SIGHUP when some parent process exits.
+
+trap '' 1
+
+case $daemon_directory in
+"") echo This script must be run by the postfix command. 1>&2
+ echo Do not run directly. 1>&2
+ exit 1
+esac
+
+LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
+INFO="$LOGGER -p info"
+WARN="$LOGGER -p warn"
+ERROR="$LOGGER -p error"
+FATAL="$LOGGER -p fatal"
+PANIC="$LOGGER -p panic"
+
+if [ "X${1#quiet-}" != "X${1}" ]; then
+ INFO=:
+ x=${1#quiet-}
+ shift
+ set -- $x "$@"
+fi
+
+umask 022
+SHELL=/bin/sh
+
+#
+# Can't do much without these in place.
+#
+cd $command_directory || {
+ $FATAL no Postfix command directory $command_directory!
+ exit 1
+}
+cd $daemon_directory || {
+ $FATAL no Postfix daemon directory $daemon_directory!
+ exit 1
+}
+test -f master || {
+ $FATAL no Postfix master program $daemon_directory/master!
+ exit 1
+}
+cd $config_directory || {
+ $FATAL no Postfix configuration directory $config_directory!
+ exit 1
+}
+cd $queue_directory || {
+ $FATAL no Postfix queue directory $queue_directory!
+ exit 1
+}
+def_config_directory=`$command_directory/postconf -dh config_directory` || {
+ $FATAL cannot execute $command_directory/postconf!
+ exit 1
+}
+
+# If this is a secondary instance, don't touch shared files.
+
+instances=`test ! -f $def_config_directory/main.cf ||
+ $command_directory/postconf -c $def_config_directory \
+ -h multi_instance_directories | sed 's/,/ /'` || {
+ $FATAL cannot execute $command_directory/postconf!
+ exit 1
+}
+
+check_shared_files=1
+for name in $instances
+do
+ case "$name" in
+ "$def_config_directory") ;;
+ "$config_directory") check_shared_files=; break;;
+ esac
+done
+
+#
+# Parse JCL
+#
+case $1 in
+
+start_msg)
+
+ echo "Start postfix"
+ ;;
+
+stop_msg)
+
+ echo "Stop postfix"
+ ;;
+
+quick-start)
+
+ $daemon_directory/master -t 2>/dev/null || {
+ $FATAL the Postfix mail system is already running
+ exit 1
+ }
+ $daemon_directory/postfix-script quick-check || {
+ $FATAL Postfix integrity check failed!
+ exit 1
+ }
+ $INFO starting the Postfix mail system
+ $daemon_directory/master &
+ ;;
+
+start)
+
+ $daemon_directory/master -t 2>/dev/null || {
+ $FATAL the Postfix mail system is already running
+ exit 1
+ }
+ if [ -f $queue_directory/quick-start ]
+ then
+ rm -f $queue_directory/quick-start
+ else
+ $daemon_directory/postfix-script check-fatal || {
+ $FATAL Postfix integrity check failed!
+ exit 1
+ }
+ # Foreground this so it can be stopped. All inodes are cached.
+ $daemon_directory/postfix-script check-warn
+ fi
+ $INFO starting the Postfix mail system
+ # NOTE: wait in foreground process to get the initialization status.
+ $daemon_directory/master -w || {
+ $FATAL "mail system startup failed"
+ exit 1
+ }
+ ;;
+
+drain)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 1
+ }
+ $INFO stopping the Postfix mail system
+ kill -9 `sed 1q pid/master.pid`
+ ;;
+
+quick-stop)
+
+ $daemon_directory/postfix-script stop
+ touch $queue_directory/quick-start
+ ;;
+
+stop)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 0
+ }
+ $INFO stopping the Postfix mail system
+ kill `sed 1q pid/master.pid`
+ for i in 5 4 3 2 1
+ do
+ $daemon_directory/master -t && exit 0
+ $INFO waiting for the Postfix mail system to terminate
+ sleep 1
+ done
+ $WARN stopping the Postfix mail system with force
+ pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
+ kill -9 -$pid
+ ;;
+
+abort)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 0
+ }
+ $INFO aborting the Postfix mail system
+ kill `sed 1q pid/master.pid`
+ ;;
+
+reload)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $FATAL the Postfix mail system is not running
+ exit 1
+ }
+ $INFO refreshing the Postfix mail system
+ $command_directory/postsuper active || exit 1
+ kill -HUP `sed 1q pid/master.pid`
+ $command_directory/postsuper &
+ ;;
+
+flush)
+
+ cd $queue_directory || {
+ $FATAL no Postfix queue directory $queue_directory!
+ exit 1
+ }
+ $command_directory/postqueue -f
+ ;;
+
+check)
+
+ $daemon_directory/postfix-script check-fatal || exit 1
+ $daemon_directory/postfix-script check-warn
+ exit 0
+ ;;
+
+status)
+
+ $daemon_directory/master -t 2>/dev/null && {
+ $INFO the Postfix mail system is not running
+ exit 1
+ }
+ $INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
+ exit 0
+ ;;
+
+quick-check)
+ # This command is NOT part of the public interface.
+
+ $SHELL $daemon_directory/post-install create-missing || {
+ $WARN unable to create missing queue directories
+ exit 1
+ }
+
+ # Look for incomplete installations.
+
+ test -f $config_directory/master.cf || {
+ $FATAL no $config_directory/master.cf file found
+ exit 1
+ }
+ exit 0
+ ;;
+
+check-fatal)
+ # This command is NOT part of the public interface.
+
+ $daemon_directory/postfix-script quick-check
+
+ # See if all queue files are in the right place. This is slow.
+ # We must scan all queues for mis-named queue files before the
+ # mail system can run.
+
+ $command_directory/postsuper || exit 1
+ exit 0
+ ;;
+
+check-warn)
+ # This command is NOT part of the public interface.
+
+ todo="$config_directory $queue_directory $queue_directory/pid"
+ test -n "$check_shared_files" && todo="$daemon_directory $todo"
+
+ for dir in $todo
+ do
+ ls -lLd $dir | (grep " root " >/dev/null ||
+ $WARN not owned by root: $dir)
+ done
+
+ # Some people break Postfix's security model.
+ ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
+ $WARN group or other writable: $queue_directory
+
+ todo="$config_directory/*"
+ test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
+
+ find $todo ! -user root \
+ -exec $WARN not owned by root: {} \;
+
+ todo="$config_directory/."
+ test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
+
+ find $todo \
+ \( -perm -020 -o -perm -002 \) -type f \
+ -exec $WARN group or other writable: {} \;
+
+ find $data_directory/. ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: {} \;
+
+ ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
+ $WARN group or other writable: $data_directory
+
+ find `ls -d $queue_directory/* | \
+ egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
+ ! \( -type p -o -type s \) ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: {} \;
+
+ todo="$queue_directory/public $queue_directory/maildrop"
+ test -n "$check_shared_files" &&
+ todo="$command_directory/postqueue $command_directory/postdrop $todo"
+
+ find $todo \
+ -prune ! -group $setgid_group \
+ -exec $WARN not owned by group $setgid_group: {} \;
+
+ test -n "$check_shared_files" &&
+ find $command_directory/postqueue $command_directory/postdrop \
+ -prune ! -perm -02111 \
+ -exec $WARN not set-gid or not owner+group+world executable: {} \;
+
+ for name in `ls -d $queue_directory/* | \
+ egrep '/(bin|etc|lib|usr)$'` ; \
+ do \
+ find $name ! -user root \
+ -exec $WARN not owned by root: {} \; ; \
+ done
+
+ # WARNING: this should not descend into the maildrop directory.
+ # maildrop is the least trusted Postfix directory.
+
+ find $queue_directory/maildrop/. -prune ! -user $mail_owner \
+ -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
+
+ for dir in bin etc lib sbin usr
+ do
+ test -d $dir && find $dir -type f -print | while read path
+ do
+ test -f /$path && {
+ cmp -s $path /$path ||
+ $WARN $queue_directory/$path and /$path differ
+ }
+ done
+ done
+
+ find corrupt -type f -exec $WARN damaged message: {} \;
+
+ # XXX also: look for weird stuff, weird permissions, etc.
+
+ test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
+ -f /usr/lib/sendmail && {
+ cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
+ $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
+ $WARN Replace one by a symbolic link to the other
+ }
+ }
+ exit 0
+ ;;
+
+set-permissions|upgrade-configuration)
+ $daemon_directory/post-install create-missing "$@"
+ ;;
+
+post-install)
+ # Currently not part of the public interface.
+ shift
+ $daemon_directory/post-install "$@"
+ ;;
+
+/*)
+ # Currently not part of the public interface.
+ "$@"
+ ;;
+
+*)
+ $ERROR "unknown command: '$1'"
+ $FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
+ exit 1
+ ;;
+
+esac
--- /dev/null
+# Rules are evaluated in the order as specified.
+#1.2.3.4 permit
+#2.3.4.5 reject
+
+# Permit local clients
+127.0.0.0/8 permit
+192.168.254.0/24 permit
--- /dev/null
+# Secret DNSBL name Name in postscreen(8) replies
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is down
+# so that it won't try to contact the server.
+# John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+
+/bin/pidof chronyd > /dev/null || exit 0
+# Don't mark the connection offline unless we know ppp brought it up.
+test -e /var/run/chrony-ppp-up || exit 0
+KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+/usr/bin/chronyc << EOF
+password $PASSWORD
+offline
+EOF
+rm -f /var/run/chrony-ppp-up
+exit 0
--- /dev/null
+#!/bin/sh
+# 2004-01-25, Thomas Lamy <thomas.lamy@in-online.net>
+# From Magnus Ekdahl's <magnus@debian.org> clamav-freshclam-handledaemon(8)
+
+set -e
+
+[ -e /var/lib/clamav/interface ] || exit 0
+
+INIT=/etc/init.d/clamav-freshclam
+CLAMAV_CONF_FILE=/etc/clamav/clamd.conf
+FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf
+
+INTERNETIFACE=`cat /var/lib/clamav/interface`
+
+if grep -q freshclam /proc/*/stat 2>/dev/null; then
+ IS_RUNNING=true
+else
+ IS_RUNNING=false
+fi
+
+# $IFACE is set by ifup/down, $PPP_IFACE by pppd
+[ -n "$PPP_IFACE" ] && IFACE=$PPP_IFACE
+
+# This is sloppy - woody's pppd exports variables, while sid's passes them as
+# arguments and exports them.
+
+if [ "$1" = "$IFACE" ]; then # We're called by sid's pppd
+ shift 6 # and we already know the interface
+fi # Dump the arguments passed.
+
+if [ -z "$1" ]; then
+ case $(dirname "$0") in
+ */if-up.d|*/ip-up.d)
+ # Short circuit and exit early if freshclam is already running
+ [ "$IS_RUNNING" = 'true' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=start
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ */if-down.d|*/ip-down.d)
+ # Short circuit and exit early if freshclam is not already running
+ [ "$IS_RUNNING" = 'false' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=stop
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ *)
+ FMODE=skip
+ ;;
+ esac
+else
+ FMODE="$1"
+fi
+
+case "$FMODE" in
+ start|stop)
+ IFACE="$IFACE" $INIT $FMODE
+ ;;
+ skip)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|skip}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#!/bin/sh -e
+
+# Called when an interface disconnects
+# Written by LaMont Jones <lamont@debian.org>
+
+# start or reload Postfix as needed
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is up so that it can
+# contact the server. John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+
+/bin/pidof chronyd > /dev/null || exit 0
+KEY=$(awk '$1 ~ /^commandkey$/ { print $2; exit}' /etc/chrony/chrony.conf)
+PASSWORD=`awk '$1 ~ /^'$KEY'$/ {print $2; exit}' /etc/chrony/chrony.keys`
+/usr/bin/chronyc << EOF
+password $PASSWORD
+online
+burst 5/10
+quit
+EOF
+touch /var/run/chrony-ppp-up
+exit 0
--- /dev/null
+#!/bin/sh
+# 2004-01-25, Thomas Lamy <thomas.lamy@in-online.net>
+# From Magnus Ekdahl's <magnus@debian.org> clamav-freshclam-handledaemon(8)
+
+set -e
+
+[ -e /var/lib/clamav/interface ] || exit 0
+
+INIT=/etc/init.d/clamav-freshclam
+CLAMAV_CONF_FILE=/etc/clamav/clamd.conf
+FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf
+
+INTERNETIFACE=`cat /var/lib/clamav/interface`
+
+if grep -q freshclam /proc/*/stat 2>/dev/null; then
+ IS_RUNNING=true
+else
+ IS_RUNNING=false
+fi
+
+# $IFACE is set by ifup/down, $PPP_IFACE by pppd
+[ -n "$PPP_IFACE" ] && IFACE=$PPP_IFACE
+
+# This is sloppy - woody's pppd exports variables, while sid's passes them as
+# arguments and exports them.
+
+if [ "$1" = "$IFACE" ]; then # We're called by sid's pppd
+ shift 6 # and we already know the interface
+fi # Dump the arguments passed.
+
+if [ -z "$1" ]; then
+ case $(dirname "$0") in
+ */if-up.d|*/ip-up.d)
+ # Short circuit and exit early if freshclam is already running
+ [ "$IS_RUNNING" = 'true' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=start
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ */if-down.d|*/ip-down.d)
+ # Short circuit and exit early if freshclam is not already running
+ [ "$IS_RUNNING" = 'false' ] && exit 0
+ for interface in $INTERNETIFACE; do
+ if [ "$interface" = "$IFACE" ]; then
+ FMODE=stop
+ break
+ else
+ FMODE=skip
+ fi
+ done
+ ;;
+ *)
+ FMODE=skip
+ ;;
+ esac
+else
+ FMODE="$1"
+fi
+
+case "$FMODE" in
+ start|stop)
+ IFACE="$IFACE" $INIT $FMODE
+ ;;
+ skip)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|skip}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
--- /dev/null
+#!/bin/sh -e
+# Called when a new interface comes up
+# Written by LaMont Jones <lamont@debian.org>
+
+# don't bother to restart postfix when lo is configured.
+if [ "$IFACE" = "lo" ]; then
+ exit 0
+fi
+
+# If /usr isn't mounted yet, silently bail.
+if [ ! -d /usr/lib/postfix ]; then
+ exit 0
+fi
+
+RUNNING=""
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -f /var/spool/postfix/pid/master.pid ]; then
+ pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
+ exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //;s/.*\///')
+ if [ "X$exe" = "Xmaster" ]; then
+ RUNNING="y"
+ fi
+fi
+
+# start or reload Postfix as needed
+if [ ! -x /sbin/resolvconf ]; then
+ f=/etc/resolv.conf
+ if ! cp $f $(postconf -h queue_directory)$f 2>/dev/null; then
+ exit 0
+ fi
+ if [ -n "$RUNNING" ]; then
+ /etc/init.d/postfix reload >/dev/null 2>&1
+ fi
+fi
+
+# If master is running, force a queue run to unload any mail that is
+# hanging around. Yes, sendmail is a symlink...
+if [ -n "$RUNNING" ]; then
+ if [ -x /usr/sbin/sendmail ]; then
+ /usr/sbin/sendmail -q >/dev/null 2>&1
+ fi
+fi
--- /dev/null
+# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
+# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
+
+if [ "`id -u`" -eq 0 ]; then
+ PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+else
+ PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
+fi
+export PATH
+
+if [ "$PS1" ]; then
+ if [ "$BASH" ] && [ "$BASH" != "/bin/sh" ]; then
+ # The file bash.bashrc already sets the default PS1.
+ # PS1='\h:\w\$ '
+ if [ -f /etc/bash.bashrc ]; then
+ . /etc/bash.bashrc
+ fi
+ else
+ if [ "`id -u`" -eq 0 ]; then
+ PS1='# '
+ else
+ PS1='$ '
+ fi
+ fi
+fi
+
+if [ -d /etc/profile.d ]; then
+ for i in /etc/profile.d/*.sh; do
+ if [ -r $i ]; then
+ . $i
+ fi
+ done
+ unset i
+fi
--- /dev/null
+# Check for interactive bash and that we haven't already been sourced.
+if [ -n "$BASH_VERSION" -a -n "$PS1" -a -z "$BASH_COMPLETION_COMPAT_DIR" ]; then
+
+# Check for recent enough version of bash.
+bash=${BASH_VERSION%.*}; bmajor=${bash%.*}; bminor=${bash#*.}
+if [ $bmajor -gt 4 ] || [ $bmajor -eq 4 -a $bminor -ge 1 ]; then
+ [ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \
+ . "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion"
+ if shopt -q progcomp && [ -r /usr/share/bash-completion/bash_completion ]; then
+ # Source completion code.
+ . /usr/share/bash-completion/bash_completion
+ fi
+fi
+unset bash bmajor bminor
+
+fi
--- /dev/null
+# If not running interactively, don't do anything
+[ -z "$PS1" ] && return
+
+# Check for bash
+[ -z "$BASH_VERSION" ] && return
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=50000
+HISTFILESIZE=50000
+HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S '
+HISTCONTROL=ignoredups:ignorespace
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# coloring grep:
+export GREP_OPTIONS='--color=auto'
+export GREP_COLOR='1;32'
+# hold these special chars when piping to less
+export LESS="--RAW-CONTROL-CHARS"
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# make less more friendly for non-text input files, see lesspipe(1)
+[[ -x /bin/lesspipe ]] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [[ -z "${debian_chroot:-}" && -r /etc/debian_chroot ]]; then
+ debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, overwrite the one in /etc/profile)
+PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+force_color_prompt=yes
+
+if [[ -n "$force_color_prompt" ]]; then
+ if [[ -x /usr/bin/tput ]] && tput setaf 1 >&/dev/null; then
+ # We have color support; assume it's compliant with Ecma-48
+ # (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+ # a case would tend to support setf rather than setaf.)
+ color_prompt=yes
+ else
+ color_prompt=
+ fi
+fi
+
+prompt_status() {
+ local e=$?;
+ [[ $e != 0 ]] && echo -e "$e ";
+}
+
+if [[ "$color_prompt" = yes ]]; then
+ if type -t __git_ps1 >/dev/null ; then
+ if [[ "$UID" = 0 ]]; then
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;35m\] \$ \[\033[00m\]'
+ else
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;32m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;35m\] > \[\033[00m\]'
+ fi
+ else
+ if [[ "$UID" = 0 ]]; then
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w \[\033[01;35m\]\$ \[\033[00m\]'
+ else
+ PS1='${debian_chroot:+($debian_chroot)}\[\e[31m\]$(prompt_status)\[\033[01;32m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w \[\033[01;35m\]> \[\033[00m\]'
+ fi
+ fi
+else
+ PS1='${debian_chroot:+($debian_chroot)}$(prompt_status)\u@\h:\w\$ '
+fi
+
+# enable color support of ls and also add handy aliases
+if [[ -x /usr/bin/dircolors ]]; then
+ test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+ alias ls='ls --color=auto'
+ #alias dir='dir --color=auto'
+ #alias vdir='vdir --color=auto'
+
+# alias grep='grep --color=auto'
+# alias fgrep='fgrep --color=auto'
+# alias egrep='egrep --color=auto'
+fi
+
+# Save each command to the history file as it's executed. #517342
+# This does mean sessions get interleaved when reading later on, but this
+# way the history is always up to date. History is not synced across live
+# sessions though; that is what `history -n` does.
+# Disabled by default due to concerns related to system recovery when $HOME
+# is under duress, or lives somewhere flaky (like NFS). Constantly syncing
+# the history will halt the shell prompt until it's finished.
+PROMPT_COMMAND='history -a'
+
+# Commented out, don't overwrite xterm -T "title" -n "icontitle" by default.
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+ xterm*|rxvt*)
+ PROMPT_COMMAND='history -a; echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
+ ;;
+ *)
+ ;;
+esac
+
+alias ..='cd ..'
+alias ...='cd ../..'
+alias cd..='cd ..'
+alias cd...='cd ../..'
+alias l='ls -l'
+alias la='ls -la'
+alias ll='ls -lA'
+alias md='mkdir -p'
+if type -t whoami >/dev/null; then
+ alias pl="ps -fu $(whoami)"
+fi
+alias rd='rmdir'
+
+if [[ "$(type -t colordiff)" = "file" ]] ; then
+ alias diff="$(type -p colordiff)"
+fi
+
+if [[ -f ~/.bash_aliases ]]; then
+ . ~/.bash_aliases
+fi
+
+# enable bash completion in interactive shells
+if ! shopt -oq posix; then
+ if [[ -f /usr/share/bash-completion/bash_completion ]]; then
+ . /usr/share/bash-completion/bash_completion
+ elif [[ -f /etc/bash_completion ]]; then
+ . /etc/bash_completion
+ fi
+fi
+
+# if the command-not-found package is installed, use it
+if [[ -x /usr/lib/command-not-found || -x /usr/share/command-not-found/command-not-found ]]; then
+ function command_not_found_handle {
+ # check because c-n-f could've been removed in the meantime
+ if [[ -x /usr/lib/command-not-found ]]; then
+ /usr/bin/python /usr/lib/command-not-found -- "$1"
+ return $?
+ elif [[ -x /usr/share/command-not-found/command-not-found ]]; then
+ /usr/bin/python /usr/share/command-not-found/command-not-found -- "$1"
+ return $?
+ else
+ printf "%s: command not found\n" "$1" >&2
+ return 127
+ fi
+ }
+fi
+
+unset color_prompt force_color_prompt
+
+# vim: ts=4 expandtab
--- /dev/null
+# Internet (IP) protocols
+#
+# Updated from http://www.iana.org/assignments/protocol-numbers and other
+# sources.
+# New protocols will be added on request if they have been officially
+# assigned by IANA and are not historical.
+# If you need a huge list of used numbers please install the nmap package.
+
+ip 0 IP # internet protocol, pseudo protocol number
+hopopt 0 HOPOPT # IPv6 Hop-by-Hop Option [RFC1883]
+icmp 1 ICMP # internet control message protocol
+igmp 2 IGMP # Internet Group Management
+ggp 3 GGP # gateway-gateway protocol
+ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'')
+st 5 ST # ST datagram mode
+tcp 6 TCP # transmission control protocol
+egp 8 EGP # exterior gateway protocol
+igp 9 IGP # any private interior gateway (Cisco)
+pup 12 PUP # PARC universal packet protocol
+udp 17 UDP # user datagram protocol
+hmp 20 HMP # host monitoring protocol
+xns-idp 22 XNS-IDP # Xerox NS IDP
+rdp 27 RDP # "reliable datagram" protocol
+iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905]
+dccp 33 DCCP # Datagram Congestion Control Prot. [RFC4340]
+xtp 36 XTP # Xpress Transfer Protocol
+ddp 37 DDP # Datagram Delivery Protocol
+idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport
+ipv6 41 IPv6 # Internet Protocol, version 6
+ipv6-route 43 IPv6-Route # Routing Header for IPv6
+ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6
+idrp 45 IDRP # Inter-Domain Routing Protocol
+rsvp 46 RSVP # Reservation Protocol
+gre 47 GRE # General Routing Encapsulation
+esp 50 IPSEC-ESP # Encap Security Payload [RFC2406]
+ah 51 IPSEC-AH # Authentication Header [RFC2402]
+skip 57 SKIP # SKIP
+ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6
+ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
+ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
+rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB)
+vmtp 81 VMTP # Versatile Message Transport
+eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco)
+ospf 89 OSPFIGP # Open Shortest Path First IGP
+ax.25 93 AX.25 # AX.25 frames
+ipip 94 IPIP # IP-within-IP Encapsulation Protocol
+etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378]
+encap 98 ENCAP # Yet Another IP encapsulation [RFC1241]
+# 99 # any private encryption scheme
+pim 103 PIM # Protocol Independent Multicast
+ipcomp 108 IPCOMP # IP Payload Compression Protocol
+vrrp 112 VRRP # Virtual Router Redundancy Protocol [RFC5798]
+l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661]
+isis 124 ISIS # IS-IS over IPv4
+sctp 132 SCTP # Stream Control Transmission Protocol
+fc 133 FC # Fibre Channel
+mobility-header 135 Mobility-Header # Mobility Support for IPv6 [RFC3775]
+udplite 136 UDPLite # UDP-Lite [RFC3828]
+mpls-in-ip 137 MPLS-in-IP # MPLS-in-IP [RFC4023]
+manet 138 # MANET Protocols [RFC5498]
+hip 139 HIP # Host Identity Protocol
+shim6 140 Shim6 # Shim6 Protocol [RFC5533]
+wesp 141 WESP # Wrapped Encapsulating Security Payload
+rohc 142 ROHC # Robust Header Compression
--- /dev/null
+[DEFAULT]
+# how to byte-compile (comma separated: standard, optimize)
+byte-compile = standard
--- /dev/null
+# install the apport exception handler if available
+try:
+ import apport_python_hook
+except ImportError:
+ pass
+else:
+ apport_python_hook.install()
--- /dev/null
+# install the apport exception handler if available
+try:
+ import apport_python_hook
+except ImportError:
+ pass
+else:
+ apport_python_hook.install()
--- /dev/null
+[DEFAULT]
+# how to byte-compile (comma separated: standard, optimize)
+byte-compile = standard
--- /dev/null
+#!/bin/sh -e
+#
+# rc.local
+#
+# This script is executed at the end of each multiuser runlevel.
+# Make sure that the script will "exit 0" on success or any other
+# value on error.
+#
+# In order to enable or disable this script just change the execution
+# bits.
+#
+# By default this script does nothing.
+
+exit 0
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/sendsigs
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/umountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/umountfs
\ No newline at end of file
--- /dev/null
+../init.d/umountroot
\ No newline at end of file
--- /dev/null
+../init.d/halt
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed once when entering
+runlevel 0.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and to make the system ready
+for shutdown.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and thus to put the system in
+single-user mode.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/killprocs
\ No newline at end of file
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/single
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/dbus
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/dbus
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/dbus
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed each time the system enters
+this runlevel.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a service in this runlevel, rename its script in this
+directory so that the new name begins with a 'K' and a two-digit
+number, and run 'update-rc.d script defaults' to reorder the scripts
+according to dependencies. A warning about the current runlevels
+being enabled not matching the LSB header in the init.d script will be
+printed. To re-enable the service, rename the script back to its
+original name beginning with 'S' and run update-rc.d again.
+
+For a more information see /etc/init.d/README.
--- /dev/null
+../init.d/motd
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/acpid
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/cron
\ No newline at end of file
--- /dev/null
+../init.d/dbus
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/rsync
\ No newline at end of file
--- /dev/null
+../init.d/ssh
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/bootlogs
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/rc.local
\ No newline at end of file
--- /dev/null
+../init.d/rmnologin
\ No newline at end of file
--- /dev/null
+../init.d/amavis
\ No newline at end of file
--- /dev/null
+../init.d/amavis-mc
\ No newline at end of file
--- /dev/null
+../init.d/amavisd-snmp-subagent
\ No newline at end of file
--- /dev/null
+../init.d/atd
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/clamav-freshclam
\ No newline at end of file
--- /dev/null
+../init.d/fail2ban
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/iredapd
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+../init.d/nginx
\ No newline at end of file
--- /dev/null
+../init.d/php5-fpm
\ No newline at end of file
--- /dev/null
+../init.d/postfix
\ No newline at end of file
--- /dev/null
+../init.d/salt-minion
\ No newline at end of file
--- /dev/null
+../init.d/ulogd2
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/uwsgi
\ No newline at end of file
--- /dev/null
+../init.d/clamav-daemon
\ No newline at end of file
--- /dev/null
+../init.d/dovecot
\ No newline at end of file
--- /dev/null
+../init.d/iptables
\ No newline at end of file
--- /dev/null
+../init.d/spamassassin
\ No newline at end of file
--- /dev/null
+../init.d/mysql
\ No newline at end of file
--- /dev/null
+../init.d/sendsigs
\ No newline at end of file
--- /dev/null
+../init.d/rsyslog
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/umountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/umountfs
\ No newline at end of file
--- /dev/null
+../init.d/umountroot
\ No newline at end of file
--- /dev/null
+../init.d/reboot
\ No newline at end of file
--- /dev/null
+The scripts in this directory are executed once when entering
+runlevel 6.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+Generally it is not necessary to alter the scripts in this directory.
+Their purpose is to stop all services and to make the system ready
+for reboot.
+
+For more information see /etc/init.d/README.
--- /dev/null
+The scripts in this directory whose names begin with an 'S' are
+executed once when booting the system, even when booting directly into
+single user mode.
+
+The scripts are all symbolic links whose targets are located in
+/etc/init.d/ .
+
+To disable a script in this directory, rename it so that it begins
+with a 'K' and run 'update-rc.d script defaults' to update the order
+using the script dependencies.
+
+For more information see /etc/init.d/README.
--- /dev/null
+../init.d/hostname.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountkernfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/udev
\ No newline at end of file
--- /dev/null
+../init.d/mountdevsubfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/keymap.sh
\ No newline at end of file
--- /dev/null
+../init.d/keyboard-setup
\ No newline at end of file
--- /dev/null
+../init.d/hwclock.sh
\ No newline at end of file
--- /dev/null
+../init.d/lvm2
\ No newline at end of file
--- /dev/null
+../init.d/checkroot.sh
\ No newline at end of file
--- /dev/null
+../init.d/checkfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/checkroot-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/kmod
\ No newline at end of file
--- /dev/null
+../init.d/mountall.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountall-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/procps
\ No newline at end of file
--- /dev/null
+../init.d/udev-finish
\ No newline at end of file
--- /dev/null
+../init.d/urandom
\ No newline at end of file
--- /dev/null
+../init.d/networking
\ No newline at end of file
--- /dev/null
+../init.d/mountnfs.sh
\ No newline at end of file
--- /dev/null
+../init.d/mountnfs-bootclean.sh
\ No newline at end of file
--- /dev/null
+../init.d/kbd
\ No newline at end of file
--- /dev/null
+../init.d/console-setup
\ No newline at end of file
--- /dev/null
+../init.d/bootmisc.sh
\ No newline at end of file
--- /dev/null
+../init.d/netfilter-persistent
\ No newline at end of file
--- /dev/null
+VIRUS /usr/bin/scan /nomem /sub *
+arj
+ arj a -+ -y -a1 -r -j$ -s -jm -2s "%s"
+ arj x -y "%s"
+ AD
+zip
+ zip -r "%s" . -i *
+ unzip "%s"
+ AD
+rar
+ rar a -r -y "%s"
+ rar x -y "%s"
+ AD
+tar.Z
+ tar -cvZf "%s" .
+ tar -xvZf "%s"
+ ADT
+tar.gz
+ tar -cvzf "%s" .
+ tar -xvzf "%s"
+ ADT
+tgz
+ tar -cvzf "%s" .
+ tar -xvzf "%s"
+ ADT
+tar.bz2
+ tar --bzip2 -cvf "%s" .
+ tar --bzip2 -xvf "%s"
+ ADT
--- /dev/null
+domain uhu-banane.de
+search uhu-banane.de brehm-online.com hennig-berlin.org
+nameserver 10.12.20.2
+nameserver 185.48.118.6
+nameserver 185.48.116.10
--- /dev/null
+#!/bin/sh -e
+
+# we only need to copy this in if the service is already running.
+# if it's not running, it'll get picked up by the init script on start.
+/etc/init.d/postfix status >/dev/null 2>&1 || exit 0
+
+QUEUEDIR="$(/usr/sbin/postconf -h queue_directory 2>/dev/null || true)"
+if [ -n "$QUEUEDIR" ]; then
+ cp /etc/resolv.conf ${QUEUEDIR}/etc/resolv.conf
+ /etc/init.d/postfix reload >/dev/null 2>&1 || exit 0
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh
+#
+# This is not a mistake. This shell script (/etc/rmt) has been provided
+# for compatibility with other Unix-like systems, some of which have
+# utilities that expect to find (and execute) rmt in the /etc directory
+# on remote systems.
+#
+exec /usr/sbin/rmt
--- /dev/null
+# This file contains user readable names that can be used in place of rpc
+# program numbers.
+
+portmapper 100000 portmap sunrpc
+rstatd 100001 rstat rstat_svc rup perfmeter
+rusersd 100002 rusers
+nfs 100003 nfsprog
+ypserv 100004 ypprog
+mountd 100005 mount showmount
+ypbind 100007
+walld 100008 rwall shutdown
+yppasswdd 100009 yppasswd
+etherstatd 100010 etherstat
+rquotad 100011 rquotaprog quota rquota
+sprayd 100012 spray
+3270_mapper 100013
+rje_mapper 100014
+selection_svc 100015 selnsvc
+database_svc 100016
+rexd 100017 rex
+alis 100018
+sched 100019
+llockmgr 100020
+nlockmgr 100021
+x25.inr 100022
+statmon 100023
+status 100024
+bootparam 100026
+ypupdated 100028 ypupdate
+keyserv 100029 keyserver
+tfsd 100037
+nsed 100038
+nsemntd 100039
+ypxfrd 100069
+pcnfsd 150001
+amd 300019 amq
+sgi_fam 391002
+ugidd 545580417
+fypxfrd 600100069 freebsd-ypxfrd
+bwnfsd 788585389
--- /dev/null
+# /etc/rsyslog.conf Configuration file for rsyslog.
+#
+# For more information see
+# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
+
+# Check config syntax on startup and abort if unclean (default: off)
+$AbortOnUncleanConfig on
+
+#################
+#### MODULES ####
+#################
+
+$ModLoad imuxsock # provides support for local system logging
+$ModLoad imklog # provides kernel logging support
+#$ModLoad immark # provides --MARK-- message capability
+module(load="immark" Interval="3600")
+
+# provides UDP syslog reception
+#$ModLoad imudp
+#$UDPServerRun 514
+
+# provides TCP syslog reception
+#$ModLoad imtcp
+#$InputTCPServerRun 514
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+module(load="impstats"
+ interval="43200"
+ severity="7"
+ log.syslog="off"
+ /* need to turn log stream logging off! */
+ log.file="/var/log/syslog.d/stats.log")
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+module(
+ load="builtin:omfile"
+ Template="RSYSLOG_FileFormat"
+ FileCreateMode="0644"
+ DirCreateMode="0755"
+ fileOwnerNum="0"
+ fileGroupNum="0"
+ dirOwnerNum="0"
+ dirGroupNum="0"
+)
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# First some standard log files. Log by facility.
+#
+#auth,authpriv.* /var/log/auth.log
+#*.*;auth,authpriv.none -/var/log/syslog
+#cron.* /var/log/cron.log
+#daemon.* -/var/log/daemon.log
+#kern.* -/var/log/kern.log
+#lpr.* -/var/log/lpr.log
+#mail.* -/var/log/mail.log
+#user.* -/var/log/user.log
+
+#
+# Logging for the mail system. Split it up so that
+# it is easy to write scripts to parse these files.
+#
+#mail.info -/var/log/mail.info
+#mail.warn -/var/log/mail.warn
+#mail.err /var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+#news.crit /var/log/news/news.crit
+#news.err /var/log/news/news.err
+#news.notice -/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+#*.=debug;\
+# auth,authpriv.none;\
+# news.none;mail.none -/var/log/debug
+#*.=info;*.=notice;*.=warn;\
+# auth,authpriv.none;\
+# cron,daemon.none;\
+# mail,news.none -/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg :omusrmsg:*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+# news.=crit;news.=err;news.=notice;\
+# *.=debug;*.=info;\
+# *.=notice;*.=warn /dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
+# you must invoke `xconsole' with the `-file' option:
+#
+# $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+# busy site..
+#
+daemon.*;mail.*;\
+ news.err;\
+ *.=debug;*.=info;\
+ *.=notice;*.=warn |/dev/xconsole
--- /dev/null
+*.=debug;auth,authpriv,news,mail.none action(
+ type="omfile"
+ File="/var/log/debug.log"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+*.info;auth,authpriv,cron,daemon,lpr,mail,news.none action(
+ type="omfile"
+ File="/var/log/messages"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+# Uncomment the following directive to re-enable the
+# deprecated "/var/log/syslog" log file (don't forget to re-enable log
+# rotation in "/etc/logrotate.d/rsyslog" if you do that!)
+*.*;auth,authpriv.none,mail.none action(
+ type="omfile"
+ File="/var/log/syslog"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+*.emerg action(
+ type="omusrmsg"
+ Users="*"
+ action.execOnlyOnceEveryInterval="10"
+)
+
+# Create an additional socket for the default chroot location
+# (used by net-misc/openssh[hpn], see https://bugs.gentoo.org/490744)
+#input(type="imuxsock" Socket="/var/empty/dev/log")
+
+
+# vim: filetype=conf
--- /dev/null
+template (
+ name="mail"
+ type="string"
+ string="/var/log/mail/%programname%.log"
+)
+
+mail.* action(
+ type="omfile"
+ DynaFile="mail"
+ DirCreateMode="0755"
+ FileCreateMode="0644"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+template (
+ name="mail_warn"
+ type="string"
+ string="/var/log/mail/mail.warn.log"
+)
+
+mail.warn action(
+ type="omfile"
+ DynaFile="mail_warn"
+ DirCreateMode="0755"
+ FileCreateMode="0644"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+
+# vim: filetype=conf
--- /dev/null
+template (
+ name="facility"
+ type="string"
+ string="/var/log/syslog.d/%syslogfacility-text%.log"
+)
+
+*.* action(
+ type="omfile"
+ DynaFile="facility"
+ DirCreateMode="0755"
+ FileCreateMode="0644"
+ FileOwner="root"
+ FileGroup="adm"
+)
+
+*.* action(
+ type="omfile"
+ File="/var/log/all.log"
+ FileOwner="root"
+ FileGroup="adm"
+ Sync="off"
+)
+
+*.warn;news,mail.none action(
+ type="omfile"
+ File="/dev/tty12"
+ FileOwner="root"
+ FileGroup="root"
+)
+
+# vim: filetype=conf
--- /dev/null
+# Create an additional socket in postfix's chroot in order not to break
+# mail logging when rsyslog is restarted. If the directory is missing,
+# rsyslog will silently skip creating the socket.
+$AddUnixListenSocket /var/spool/postfix/dev/log
--- /dev/null
+##### Primary configuration settings #####
+##########################################
+# This configuration file is used to manage the behavior of the Salt Minion.
+# With the exception of the location of the Salt Master Server, values that are
+# commented out but have an empty line after the comment are defaults that need
+# not be set in the config. If there is no blank line after the comment, the
+# value is presented as an example and is not the default.
+
+# Per default the minion will automatically include all config files
+# from minion.d/*.conf (minion.d is a directory in the same directory
+# as the main minion config file).
+#default_include: minion.d/*.conf
+
+# Set the location of the salt master server. If the master server cannot be
+# resolved, then the minion will fail to start.
+#master: salt
+
+# Set http proxy information for the minion when doing requests
+#proxy_host:
+#proxy_port:
+#proxy_username:
+#proxy_password:
+
+# If multiple masters are specified in the 'master' setting, the default behavior
+# is to always try to connect to them in the order they are listed. If random_master is
+# set to True, the order will be randomized instead. This can be helpful in distributing
+# the load of many minions executing salt-call requests, for example, from a cron job.
+# If only one master is listed, this setting is ignored and a warning will be logged.
+# NOTE: If master_type is set to failover, use master_shuffle instead.
+#random_master: False
+
+# Use if master_type is set to failover.
+#master_shuffle: False
+
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable. Multiple hot masters are configured by setting this
+# value to "str". Failover masters can be requested by setting
+# to "failover". MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: str
+
+# Poll interval in seconds for checking if the master is still there. Only
+# respected if master_type above is "failover". To disable the interval entirely,
+# set the value to -1. (This may be necessary on machines which have high numbers
+# of TCP connections, such as load balancers.)
+# master_alive_interval: 30
+
+# If the minion is in multi-master mode and the master_type configuration option
+# is set to "failover", this setting can be set to "True" to force the minion
+# to fail back to the first master in the list if the first master is back online.
+#master_failback: False
+
+# If the minion is in multi-master mode, the "master_type" configuration is set to
+# "failover", and the "master_failback" option is enabled, the master failback
+# interval can be set to ping the top master with this interval, in seconds.
+#master_failback_interval: 0
+
+# Set whether the minion should connect to the master via IPv6:
+#ipv6: False
+
+# Set the number of seconds to wait before attempting to resolve
+# the master hostname if name resolution fails. Defaults to 30 seconds.
+# Set to zero if the minion should shutdown and not retry.
+# retry_dns: 30
+
+# Set the port used by the master reply and authentication server.
+#master_port: 4506
+
+# The user to run salt.
+#user: root
+
+# The user to run salt remote execution commands as via sudo. If this option is
+# enabled then sudo will be used to change the active user executing the remote
+# command. If enabled the user will need to be allowed access via the sudoers
+# file for the user that the salt minion is configured to run as. The most
+# common option would be to use the root user. If this option is set the user
+# option should also be set to a non-root user. If migrating from a root minion
+# to a non root minion the minion cache should be cleared and the minion pki
+# directory will need to be changed to the ownership of the new user.
+#sudo_user: root
+
+# Specify the location of the daemon process ID file.
+#pidfile: /var/run/salt-minion.pid
+
+# The root directory prepended to these options: pki_dir, cachedir, log_file,
+# sock_dir, pidfile.
+#root_dir: /
+
+# The path to the minion's configuration file.
+#conf_file: /etc/salt/minion
+
+# The directory to store the pki information in
+#pki_dir: /etc/salt/pki/minion
+
+# Explicitly declare the id for this minion to use, if left commented the id
+# will be the hostname as returned by the python call: socket.getfqdn()
+# Since salt uses detached ids it is possible to run multiple minions on the
+# same machine but with different ids, this can be useful for salt compute
+# clusters.
+#id:
+
+# Cache the minion id to a file when the minion's id is not statically defined
+# in the minion config. Defaults to "True". This setting prevents potential
+# problems when automatic minion id resolution changes, which can cause the
+# minion to lose connection with the master. To turn off minion id caching,
+# set this config to ``False``.
+#minion_id_caching: True
+
+# Append a domain to a hostname in the event that it does not exist. This is
+# useful for systems where socket.getfqdn() does not actually result in a
+# FQDN (for instance, Solaris).
+#append_domain:
+
+# Custom static grains for this minion can be specified here and used in SLS
+# files just like all other grains. This example sets 4 custom grains, with
+# the 'roles' grain having two values that can be matched against.
+#grains:
+# roles:
+# - webserver
+# - memcache
+# deployment: datacenter4
+# cabinet: 13
+# cab_u: 14-15
+#
+# Where cache data goes.
+# This data may contain sensitive data and should be protected accordingly.
+#cachedir: /var/cache/salt/minion
+
+# Verify and set permissions on configuration directories at startup.
+#verify_env: True
+
+# The minion can locally cache the return data from jobs sent to it, this
+# can be a good way to keep track of jobs the minion has executed
+# (on the minion side). By default this feature is disabled, to enable, set
+# cache_jobs to True.
+#cache_jobs: False
+
+# Set the directory used to hold unix sockets.
+#sock_dir: /var/run/salt/minion
+
+# Set the default outputter used by the salt-call command. The default is
+# "nested".
+#output: nested
+#
+# By default output is colored. To disable colored output, set the color value
+# to False.
+#color: True
+
+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
+# Backup files that are replaced by file.managed and file.recurse under
+# 'cachedir'/file_backups relative to their original location and appended
+# with a timestamp. The only valid setting is "minion". Disabled by default.
+#
+# Alternatively this can be specified for each file in state files:
+# /etc/ssh/sshd_config:
+# file.managed:
+# - source: salt://ssh/sshd_config
+# - backup: minion
+#
+#backup_mode: minion
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the time, in
+# seconds, between those reconnection attempts.
+#acceptance_wait_time: 10
+
+# If this is nonzero, the time between reconnection attempts will increase by
+# acceptance_wait_time seconds per iteration, up to this maximum. If this is
+# set to zero, the time between reconnection attempts will stay constant.
+#acceptance_wait_time_max: 0
+
+# If the master rejects the minion's public key, retry instead of exiting.
+# Rejected keys will be handled the same as waiting on acceptance.
+#rejected_retry: False
+
+# When the master key changes, the minion will try to re-auth itself to receive
+# the new master key. In larger environments this can cause a SYN flood on the
+# master because all minions try to re-auth immediately. To prevent this and
+# have a minion wait for a random amount of time, use this optional parameter.
+# The wait-time will be a random number of seconds between 0 and the defined value.
+#random_reauth_delay: 60
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the timeout value,
+# in seconds, for each individual attempt. After this timeout expires, the minion
+# will wait for acceptance_wait_time seconds before trying again. Unless your master
+# is under unusually heavy load, this should be left at the default.
+#auth_timeout: 60
+
+# Number of consecutive SaltReqTimeoutError that are acceptable when trying to
+# authenticate.
+#auth_tries: 7
+
+# The number of attempts to connect to a master before giving up.
+# Set this to -1 for unlimited attempts. This allows for a master to have
+# downtime and the minion to reconnect to it later when it comes back up.
+# In 'failover' mode, it is the number of attempts for each set of masters.
+# In this mode, it will cycle through the list of masters for each attempt.
+#
+# This is different than auth_tries because auth_tries attempts to
+# retry auth attempts with a single master. auth_tries is under the
+# assumption that you can connect to the master but not gain
+# authorization from it. master_tries will still cycle through all
+# the masters in a given try, so it is appropriate if you expect
+# occasional downtime from the master(s).
+#master_tries: 1
+
+# If authentication fails due to SaltReqTimeoutError during a ping_interval,
+# cause sub minion process to restart.
+#auth_safemode: False
+
+# Ping Master to ensure connection is alive (minutes).
+#ping_interval: 0
+
+# To auto recover minions if master changes IP address (DDNS)
+# auth_tries: 10
+# auth_safemode: False
+# ping_interval: 90
+#
+# Minions won't know master is missing until a ping fails. After the ping fail,
+# the minion will attempt authentication and likely fails out and cause a restart.
+# When the minion restarts it will resolve the masters IP and attempt to reconnect.
+
+# If you don't have any problems with syn-floods, don't bother with the
+# three recon_* settings described below, just leave the defaults!
+#
+# The ZeroMQ pull-socket that binds to the masters publishing interface tries
+# to reconnect immediately, if the socket is disconnected (for example if
+# the master processes are restarted). In large setups this will have all
+# minions reconnect immediately which might flood the master (the ZeroMQ-default
+# is usually a 100ms delay). To prevent this, these three recon_* settings
+# can be used.
+# recon_default: the interval in milliseconds that the socket should wait before
+# trying to reconnect to the master (1000ms = 1 second)
+#
+# recon_max: the maximum time a socket should wait. each interval the time to wait
+# is calculated by doubling the previous time. if recon_max is reached,
+# it starts again at recon_default. Short example:
+#
+# reconnect 1: the socket will wait 'recon_default' milliseconds
+# reconnect 2: 'recon_default' * 2
+# reconnect 3: ('recon_default' * 2) * 2
+# reconnect 4: value from previous interval * 2
+# reconnect 5: value from previous interval * 2
+# reconnect x: if value >= recon_max, it starts again with recon_default
+#
+# recon_randomize: generate a random wait time on minion start. The wait time will
+# be a random value between recon_default and recon_default +
+# recon_max. Having all minions reconnect with the same recon_default
+# and recon_max value kind of defeats the purpose of being able to
+# change these settings. If all minions have the same values and your
+# setup is quite large (several thousand minions), they will still
+# flood the master. The desired behavior is to have timeframe within
+# all minions try to reconnect.
+#
+# Example on how to use these settings. The goal: have all minions reconnect within a
+# 60 second timeframe on a disconnect.
+# recon_default: 1000
+# recon_max: 59000
+# recon_randomize: True
+#
+# Each minion will have a randomized reconnect value between 'recon_default'
+# and 'recon_default + recon_max', which in this example means between 1000ms
+# 60000ms (or between 1 and 60 seconds). The generated random-value will be
+# doubled after each attempt to reconnect. Lets say the generated random
+# value is 11 seconds (or 11000ms).
+# reconnect 1: wait 11 seconds
+# reconnect 2: wait 22 seconds
+# reconnect 3: wait 33 seconds
+# reconnect 4: wait 44 seconds
+# reconnect 5: wait 55 seconds
+# reconnect 6: wait time is bigger than 60 seconds (recon_default + recon_max)
+# reconnect 7: wait 11 seconds
+# reconnect 8: wait 22 seconds
+# reconnect 9: wait 33 seconds
+# reconnect x: etc.
+#
+# In a setup with ~6000 thousand hosts these settings would average the reconnects
+# to about 100 per second and all hosts would be reconnected within 60 seconds.
+# recon_default: 100
+# recon_max: 5000
+# recon_randomize: False
+#
+#
+# The loop_interval sets how long in seconds the minion will wait between
+# evaluating the scheduler and running cleanup tasks. This defaults to a
+# sane 60 seconds, but if the minion scheduler needs to be evaluated more
+# often lower this value
+#loop_interval: 60
+
+# The grains can be merged, instead of overridden, using this option.
+# This allows custom grains to defined different subvalues of a dictionary
+# grain. By default this feature is disabled, to enable set grains_deep_merge
+# to ``True``.
+#grains_deep_merge: False
+
+# The grains_refresh_every setting allows for a minion to periodically check
+# its grains to see if they have changed and, if so, to inform the master
+# of the new grains. This operation is moderately expensive, therefore
+# care should be taken not to set this value too low.
+#
+# Note: This value is expressed in __minutes__!
+#
+# A value of 10 minutes is a reasonable default.
+#
+# If the value is set to zero, this check is disabled.
+#grains_refresh_every: 1
+
+# Cache grains on the minion. Default is False.
+#grains_cache: False
+
+# Cache rendered pillar data on the minion. Default is False.
+# This may cause 'cachedir'/pillar to contain sensitive data that should be
+# protected accordingly.
+#minion_pillar_cache: False
+
+# Grains cache expiration, in seconds. If the cache file is older than this
+# number of seconds then the grains cache will be dumped and fully re-populated
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
+# is not enabled.
+# grains_cache_expiration: 300
+
+# Determines whether or not the salt minion should run scheduled mine updates.
+# Defaults to "True". Set to "False" to disable the scheduled mine updates
+# (this essentially just does not add the mine update function to the minion's
+# scheduler).
+#mine_enabled: True
+
+# Determines whether or not scheduled mine updates should be accompanied by a job
+# return for the job cache. Defaults to "False". Set to "True" to include job
+# returns in the job cache for mine updates.
+#mine_return_job: False
+
+# Example functions that can be run via the mine facility
+# NO mine functions are established by default.
+# Note these can be defined in the minion's pillar as well.
+#mine_functions:
+# test.ping: []
+# network.ip_addrs:
+# interface: eth0
+# cidr: '10.0.0.0/8'
+
+# Windows platforms lack posix IPC and must rely on slower TCP based inter-
+# process communications. Set ipc_mode to 'tcp' on such systems
+#ipc_mode: ipc
+
+# Overwrite the default tcp ports used by the minion when in tcp mode
+#tcp_pub_port: 4510
+#tcp_pull_port: 4511
+
+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# minion event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# To detect failed master(s) and fire events on connect/disconnect, set
+# master_alive_interval to the number of seconds to poll the masters for
+# connection events.
+#
+#master_alive_interval: 30
+
+# The minion can include configuration from other files. To enable this,
+# pass a list of paths to this option. The paths can be either relative or
+# absolute; if relative, they are considered to be relative to the directory
+# the main minion configuration file lives in (this file). Paths can make use
+# of shell-style globbing. If no files are matched by a path passed to this
+# option then the minion will log a warning message.
+#
+# Include a config file from some other path:
+# include: /etc/salt/extra_config
+#
+# Include config from several files and directories:
+#include:
+# - /etc/salt/extra_config
+# - /etc/roles/webserver
+
+# The syndic minion can verify that it is talking to the correct master via the
+# key fingerprint of the higher-level master with the "syndic_finger" config.
+#syndic_finger: ''
+#
+#
+#
+##### Minion module management #####
+##########################################
+# Disable specific modules. This allows the admin to limit the level of
+# access the master has to the minion.
+#disable_modules: [cmd,test]
+#disable_returners: []
+#
+# Modules can be loaded from arbitrary paths. This enables the easy deployment
+# of third party modules. Modules for returners and minions can be loaded.
+# Specify a list of extra directories to search for minion modules and
+# returners. These paths must be fully qualified!
+#module_dirs: []
+#returner_dirs: []
+#states_dirs: []
+#render_dirs: []
+#utils_dirs: []
+#
+# A module provider can be statically overwritten or extended for the minion
+# via the providers option, in this case the default module will be
+# overwritten by the specified module. In this example the pkg module will
+# be provided by the yumpkg5 module instead of the system default.
+#providers:
+# pkg: yumpkg5
+#
+# Enable Cython modules searching and loading. (Default: False)
+#cython_enable: False
+#
+# Specify a max size (in bytes) for modules on import. This feature is currently
+# only supported on *nix operating systems and requires psutil.
+# modules_max_memory: -1
+
+
+##### State Management Settings #####
+###########################################
+# The state management system executes all of the state templates on the minion
+# to enable more granular control of system state management. The type of
+# template and serialization used for state management needs to be configured
+# on the minion, the default renderer is yaml_jinja. This is a yaml file
+# rendered from a jinja template, the available options are:
+# yaml_jinja
+# yaml_mako
+# yaml_wempy
+# json_jinja
+# json_mako
+# json_wempy
+#
+#renderer: yaml_jinja
+#
+# The failhard option tells the minions to stop immediately after the first
+# failure detected in the state execution. Defaults to False.
+#failhard: False
+#
+# Reload the modules prior to a highstate run.
+#autoload_dynamic_modules: True
+#
+# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
+# the dynamic modules on the master, this means that if a dynamic module is
+# not on the master it will be deleted from the minion. By default, this is
+# enabled and can be disabled by changing this value to False.
+#clean_dynamic_modules: True
+#
+# Normally, the minion is not isolated to any single environment on the master
+# when running states, but the environment can be isolated on the minion side
+# by statically setting it. Remember that the recommended way to manage
+# environments is to isolate via the top file.
+#environment: None
+#
+# Isolates the pillar environment on the minion side. This functions the same
+# as the environment setting, but for pillar instead of states.
+#pillarenv: None
+#
+# If using the local file directory, then the state top file name needs to be
+# defined, by default this is top.sls.
+#state_top: top.sls
+#
+# Run states when the minion daemon starts. To enable, set startup_states to:
+# 'highstate' -- Execute state.highstate
+# 'sls' -- Read in the sls_list option and execute the named sls files
+# 'top' -- Read top_file option and execute based on that file on the Master
+#startup_states: ''
+#
+# List of states to run when the minion starts up if startup_states is 'sls':
+#sls_list:
+# - edit.vim
+# - hyper
+#
+# Top file to execute if startup_states is 'top':
+#top_file: ''
+
+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to True. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
+##### File Directory Settings #####
+##########################################
+# The Salt Minion can redirect all file server operations to a local directory,
+# this allows for the same state tree that is on the master to be used if
+# copied completely onto the minion. This is a literal copy of the settings on
+# the master but used to reference a local directory on the minion.
+
+# Set the file client. The client defaults to looking on the master server for
+# files, but can be directed to look at the local file directory setting
+# defined below by setting it to "local". Setting a local file_client runs the
+# minion in masterless mode.
+#file_client: remote
+
+# The file directory works on environments passed to the minion, each environment
+# can have multiple root directories, the subdirectories in the multiple file
+# roots cannot match, otherwise the downloaded files will not be able to be
+# reliably ensured. A base environment is required to house the top file.
+# Example:
+# file_roots:
+# base:
+# - /srv/salt/
+# dev:
+# - /srv/salt/dev/services
+# - /srv/salt/dev/states
+# prod:
+# - /srv/salt/prod/services
+# - /srv/salt/prod/states
+#
+#file_roots:
+# base:
+# - /srv/salt
+
+# Uncomment the line below if you do not want the file_server to follow
+# symlinks when walking the filesystem tree. This is set to True
+# by default. Currently this only applies to the default roots
+# fileserver_backend.
+#fileserver_followsymlinks: False
+#
+# Uncomment the line below if you do not want symlinks to be
+# treated as the files they are pointing to. By default this is set to
+# False. By uncommenting the line below, any detected symlink while listing
+# files on the Master will not be returned to the Minion.
+#fileserver_ignoresymlinks: True
+#
+# By default, the Salt fileserver recurses fully into all defined environments
+# to attempt to find files. To limit this behavior so that the fileserver only
+# traverses directories with SLS files and special Salt directories like _modules,
+# enable the option below. This might be useful for installations where a file root
+# has a very large number of files and performance is negatively impacted. Default
+# is False.
+#fileserver_limit_traversal: False
+
+# The hash_type is the hash to use when discovering the hash of a file in
+# the local fileserver. The default is sha256, sha224, sha384 and sha512 are also supported.
+#
+# WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
+# Warning: Prior to changing this value, the minion should be stopped and all
+# Salt caches should be cleared.
+#hash_type: sha256
+
+# The Salt pillar is searched for locally if file_client is set to local. If
+# this is the case, and pillar data is defined, then the pillar_roots need to
+# also be configured on the minion:
+#pillar_roots:
+# base:
+# - /srv/pillar
+
+# Set a hard-limit on the size of the files that can be pushed to the master.
+# It will be interpreted as megabytes. Default: 100
+#file_recv_max_size: 100
+#
+#
+###### Security settings #####
+###########################################
+# Enable "open mode", this mode still maintains encryption, but turns off
+# authentication, this is only intended for highly secure environments or for
+# the situation where your keys end up in a bad state. If you run in open mode
+# you do so at your own risk!
+#open_mode: False
+
+# Enable permissive access to the salt keys. This allows you to run the
+# master or minion as root, but have a non-root group be given access to
+# your pki_dir. To make the access explicit, root must belong to the group
+# you've given access to. This is potentially quite insecure.
+#permissive_pki_access: False
+
+# The state_verbose and state_output settings can be used to change the way
+# state system data is printed to the display. By default all data is printed.
+# The state_verbose setting can be set to True or False, when set to False
+# all data that has a result of True and no changes will be suppressed.
+#state_verbose: True
+
+# The state_output setting changes if the output is the full multi line
+# output for each changed state if set to 'full', but if set to 'terse'
+# the output will be shortened to a single line.
+#state_output: full
+
+# The state_output_diff setting changes whether or not the output from
+# successful states is returned. Useful when even the terse output of these
+# states is cluttering the logs. Set it to True to ignore them.
+#state_output_diff: False
+
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
+# Fingerprint of the master public key to validate the identity of your Salt master
+# before the initial key exchange. The master fingerprint can be found by running
+# "salt-key -F master" on the Salt master.
+#master_finger: ''
+
+
+###### Thread settings #####
+###########################################
+# Disable multiprocessing support, by default when a minion receives a
+# publication a new process is spawned and the command is executed therein.
+#multiprocessing: True
+
+
+##### Logging settings #####
+##########################################
+# The location of the minion log file
+# The minion log can be sent to a regular file, local path name, or network
+# location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
+# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
+# format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
+#log_file: /var/log/salt/minion
+#log_file: file:///dev/log
+#log_file: udp://loghost:10514
+#
+#log_file: /var/log/salt/minion
+#key_logfile: /var/log/salt/key
+
+# The level of messages to send to the console.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
+# Default: 'warning'
+#log_level: warning
+
+# The level of messages to send to the log file.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
+# Default: 'warning'
+#log_level_logfile:
+
+# The date and time format used in log messages. Allowed date/time formatting
+# can be seen here: http://docs.python.org/library/time.html#time.strftime
+#log_datefmt: '%H:%M:%S'
+#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
+
+# The format of the console logging messages. Allowed formatting options can
+# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
+#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+
+# This can be used to control logging levels more specificically. This
+# example sets the main salt library at the 'warning' level, but sets
+# 'salt.modules' to log at the 'debug' level:
+# log_granular_levels:
+# 'salt': 'warning'
+# 'salt.modules': 'debug'
+#
+#log_granular_levels: {}
+
+# To diagnose issues with minions disconnecting or missing returns, ZeroMQ
+# supports the use of monitor sockets to log connection events. This
+# feature requires ZeroMQ 4.0 or higher.
+#
+# To enable ZeroMQ monitor sockets, set 'zmq_monitor' to 'True' and log at a
+# debug level or higher.
+#
+# A sample log event is as follows:
+#
+# [DEBUG ] ZeroMQ event: {'endpoint': 'tcp://127.0.0.1:4505', 'event': 512,
+# 'value': 27, 'description': 'EVENT_DISCONNECTED'}
+#
+# All events logged will include the string 'ZeroMQ event'. A connection event
+# should be logged as the minion starts up and initially connects to the
+# master. If not, check for debug log level and that the necessary version of
+# ZeroMQ is installed.
+#
+#zmq_monitor: False
+
+###### Module configuration #####
+###########################################
+# Salt allows for modules to be passed arbitrary configuration data, any data
+# passed here in valid yaml format will be passed on to the salt minion modules
+# for use. It is STRONGLY recommended that a naming convention be used in which
+# the module name is followed by a . and then the value. Also, all top level
+# data must be applied via the yaml dict construct, some examples:
+#
+# You can specify that all modules should run in test mode:
+#test: True
+#
+# A simple value for the test module:
+#test.foo: foo
+#
+# A list for the test module:
+#test.bar: [baz,quo]
+#
+# A dict for the test module:
+#test.baz: {spam: sausage, cheese: bread}
+#
+#
+###### Update settings ######
+###########################################
+# Using the features in Esky, a salt minion can both run as a frozen app and
+# be updated on the fly. These options control how the update process
+# (saltutil.update()) behaves.
+#
+# The url for finding and downloading updates. Disabled by default.
+#update_url: False
+#
+# The list of services to restart after a successful update. Empty by default.
+#update_restart_services: []
+
+
+###### Keepalive settings ######
+############################################
+# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
+# the OS. If connections between the minion and the master pass through
+# a state tracking device such as a firewall or VPN gateway, there is
+# the risk that it could tear down the connection the master and minion
+# without informing either party that their connection has been taken away.
+# Enabling TCP Keepalives prevents this from happening.
+
+# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
+# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
+#tcp_keepalive: True
+
+# How long before the first keepalive should be sent in seconds. Default 300
+# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
+# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
+#tcp_keepalive_idle: 300
+
+# How many lost probes are needed to consider the connection lost. Default -1
+# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
+#tcp_keepalive_cnt: -1
+
+# How often, in seconds, to send keepalives after the first one. Default -1 to
+# use OS defaults, typically 75 seconds on Linux, see
+# /proc/sys/net/ipv4/tcp_keepalive_intvl.
+#tcp_keepalive_intvl: -1
+
+
+###### Windows Software settings ######
+############################################
+# Location of the repository cache file on the master:
+#win_repo_cachefile: 'salt://win/repo/winrepo.p'
+
+
+###### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
+
+
+###### Miscellaneous settings ######
+############################################
+# Default match type for filtering events tags: startswith, endswith, find, regex, fnmatch
+#event_match_type: startswith
--- /dev/null
+schedule:
+ __mine_interval: {enabled: true, function: mine.update, jid_include: true, maxrunning: 2,
+ minutes: 60, return_job: false}
--- /dev/null
+sarah.uhu-banane.de
\ No newline at end of file
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAsSp1y+cF5bCKjGjJbA7nALVwtwarEtGZhwYsQbKPW4qgfVO+
+n02/mK8gb3J6tAdv8YlRkHUH4Pz++/jIHcfL3WnHwNCnACwOLiuQsM0DyM/xqO7k
+BM5bKy1mlAzvuI2LoXGnLghF4qYO8lmTI5ZonTjudI30Zq3oxxlxZ4U+OsflCMOR
+isOi3xuLPEk/9qLGsx9wn338tpS8/CzfQjkbTHZugKlZqf+DTlkIuGwvmsTF+8BM
+SmZQ+YmSjlXSQaYaiIR6Ji/lseoKnkOwtaf4gfSK60xs7tEa1sEg9GLTKBFv3vyq
+vGSWHm+jccQJfc3cvwfaNxhlHBwJ2pA9jtFkbwIDAQABAoIBACtgiALqh4kbVnDW
+Xyqz419LDVPisBQleX+TxVY4j90L7guBa5S5hoWtqzVeRCi8AW6T/oJuBQXTK+Mp
+oGWaO5H0ilHtRFZIcxhe1khTie+q6jJAe1ep5qyFqy3olPEMxvk6SIJ+yA2cNuCj
+ieEWvHpyLAAhmYtiXTISSq/b8caWLbqKyLel+ciWeApSNg1F8oiTLWTDrvX9gGXb
+4VOTYTqulEXFQvix06HpRiyIr3CNU3+D/tJ1QkuggG35qomdUcKfMquL2BqekJxe
+AzN98j3CVp4BUcuf2wxljPcPjRvrpV6rfYW+PnXUM9j7W312+WDGStzSVuAxKrrf
+vS6WJWECgYEAvSitCs5FfKusYNp453hQJpTiNrEn0twDTP/dlJES7HHgJR+VqVYL
+CNdB87/gvFbdTy+5c1LbjoPIKDJ1F8ZxpUFczWqK5anXYlhL3lWDWNuTSvSyKfEz
+L/3SBxdV6vQ4BtUY+fq37eCAdrcxgpv1Ev0jB9KlOVnT/OkLJwnPRvkCgYEA78Tk
+22HMZbilr89RqfamGb58sTyneFpy9XfSeslTCH/HeVTtYxQoWyKtp9kBcoskoaLn
+sx3Upaoi3MY5/+Sp/HllLFqqx/YZDR7WrQ0A9FbSxgEiIVgla8jf5BaazOXB+BQN
+7xXqff6FoJnIikBaCPi/2JCXfMP4zsDqhgB42KcCgYEAlD7mrwtNxhE9PYK7Mp1G
+I5aXW0mn7kdjhtsYKzEvZYMxqaaBQn8eksUw+PkuBi0FsOO0Mb+ENsLtASPaRNHP
+izYYpxyS0r8y/+43N35JPECJxTrUzq4r8ba4/bm6KjNQHXqw4mkt8Q37YA7ejH/x
+p/oflCfwOWw/CX0SsnurqPECgYAEGPlQRnuXwXATcReUMALmrbqzzLWP+Pu99i5C
+qu4gVw6xpCHqb43BAPa2x56etoIJwR70kK3xptaxrzGOjfnZtrlj6KjCghIrhztj
++bTqeBFiEOLkbv00uloZK8m5drO56Z3TWCyJuq/N7tLeifr/7EBbEx2DpFW8Ms/P
+OnLWQQKBgBY7/oKzNIt8FH6cHgHoGNitnjzNMy0EuJAxfJNB1romFHhufYCyAGjr
+6uujf1uc68JC2bTsvLgfrRcEJLtMp2CxtLo0jpCruh6L55u1jncaRZuBjY3rf675
+chJpYk/1WMwZmQV1ckzmL7fbSqr1w21af0cClLBGOXahSj8s48Gy
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
--- /dev/null
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSp1y+cF5bCKjGjJbA7n
+ALVwtwarEtGZhwYsQbKPW4qgfVO+n02/mK8gb3J6tAdv8YlRkHUH4Pz++/jIHcfL
+3WnHwNCnACwOLiuQsM0DyM/xqO7kBM5bKy1mlAzvuI2LoXGnLghF4qYO8lmTI5Zo
+nTjudI30Zq3oxxlxZ4U+OsflCMORisOi3xuLPEk/9qLGsx9wn338tpS8/CzfQjkb
+THZugKlZqf+DTlkIuGwvmsTF+8BMSmZQ+YmSjlXSQaYaiIR6Ji/lseoKnkOwtaf4
+gfSK60xs7tEa1sEg9GLTKBFv3vyqvGSWHm+jccQJfc3cvwfaNxhlHBwJ2pA9jtFk
+bwIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file
--- /dev/null
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUbxQYMDoCPQTWHREbbu
+lTBJ+BNLjeUalhTgXjaR7uNiGryiOoLGtSiQFwiYClJ/7QqUoSG7A9c5Xw1Qv6CI
+H73sBAdniAFaC9jeY+4Pe22QlrIuE9AoWGNw9X2gDQ1/9MHGaFnlumDW5pLNvP+i
+nd3DRVNuhSR+S0/sTJUbFpzXXIzN0WijIBLA+oqlR/ANPc89Y+XhXUaVje48yW0l
+oEiedhRzHPGS5mGwyDs9MqLano1LeRdu4kdyhboljqX3c/SsVgc/Q3oD42+XerI1
+rz+mkLBNzHhNQWn6k6W8PdiYTnRXH6WUyMMxniBR/5QPWx3Owu5aeSy23Dhl6SRc
+EQIDAQAB
+-----END PUBLIC KEY-----
\ No newline at end of file
--- /dev/null
+##### Primary configuration settings #####
+##########################################
+# This configuration file is used to manage the behavior of all Salt Proxy
+# Minions on this host.
+# With the exception of the location of the Salt Master Server, values that are
+# commented out but have an empty line after the comment are defaults that need
+# not be set in the config. If there is no blank line after the comment, the
+# value is presented as an example and is not the default.
+
+# Per default the minion will automatically include all config files
+# from minion.d/*.conf (minion.d is a directory in the same directory
+# as the main minion config file).
+#default_include: minion.d/*.conf
+
+# Backwards compatibility option for proxymodules created before 2015.8.2
+# This setting will default to 'False' in the 2016.3.0 release
+# Setting this to True adds proxymodules to the __opts__ dictionary.
+# This breaks several Salt features (basically anything that serializes
+# __opts__ over the wire) but retains backwards compatibility.
+#add_proxymodule_to_opts: True
+
+# Set the location of the salt master server. If the master server cannot be
+# resolved, then the minion will fail to start.
+#master: salt
+
+# If a proxymodule has a function called 'grains', then call it during
+# regular grains loading and merge the results with the proxy's grains
+# dictionary. Otherwise it is assumed that the module calls the grains
+# function in a custom way and returns the data elsewhere
+#
+# Default to False for 2016.3 and Carbon. Switch to True for Nitrogen.
+# proxy_merge_grains_in_module: False
+
+# If multiple masters are specified in the 'master' setting, the default behavior
+# is to always try to connect to them in the order they are listed. If random_master is
+# set to True, the order will be randomized instead. This can be helpful in distributing
+# the load of many minions executing salt-call requests, for example, from a cron job.
+# If only one master is listed, this setting is ignored and a warning will be logged.
+#random_master: False
+
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable. Multiple hot masters are configured by setting this
+# value to "str". Failover masters can be requested by setting
+# to "failover". MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: str
+
+# Poll interval in seconds for checking if the master is still there. Only
+# respected if master_type above is "failover".
+# master_alive_interval: 30
+
+# Set whether the minion should connect to the master via IPv6:
+#ipv6: False
+
+# Set the number of seconds to wait before attempting to resolve
+# the master hostname if name resolution fails. Defaults to 30 seconds.
+# Set to zero if the minion should shutdown and not retry.
+# retry_dns: 30
+
+# Set the port used by the master reply and authentication server.
+#master_port: 4506
+
+# The user to run salt.
+#user: root
+
+# Setting sudo_user will cause salt to run all execution modules under an sudo
+# to the user given in sudo_user. The user under which the salt minion process
+# itself runs will still be that provided in the user config above, but all
+# execution modules run by the minion will be rerouted through sudo.
+#sudo_user: saltdev
+
+# Specify the location of the daemon process ID file.
+#pidfile: /var/run/salt-minion.pid
+
+# The root directory prepended to these options: pki_dir, cachedir, log_file,
+# sock_dir, pidfile.
+#root_dir: /
+
+# The directory to store the pki information in
+#pki_dir: /etc/salt/pki/minion
+
+# Where cache data goes.
+# This data may contain sensitive data and should be protected accordingly.
+#cachedir: /var/cache/salt/minion
+
+# Verify and set permissions on configuration directories at startup.
+#verify_env: True
+
+# The minion can locally cache the return data from jobs sent to it, this
+# can be a good way to keep track of jobs the minion has executed
+# (on the minion side). By default this feature is disabled, to enable, set
+# cache_jobs to True.
+#cache_jobs: False
+
+# Set the directory used to hold unix sockets.
+#sock_dir: /var/run/salt/minion
+
+# Set the default outputter used by the salt-call command. The default is
+# "nested".
+#output: nested
+#
+# By default output is colored. To disable colored output, set the color value
+# to False.
+#color: True
+
+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
+# Backup files that are replaced by file.managed and file.recurse under
+# 'cachedir'/file_backups relative to their original location and appended
+# with a timestamp. The only valid setting is "minion". Disabled by default.
+#
+# Alternatively this can be specified for each file in state files:
+# /etc/ssh/sshd_config:
+# file.managed:
+# - source: salt://ssh/sshd_config
+# - backup: minion
+#
+#backup_mode: minion
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the time, in
+# seconds, between those reconnection attempts.
+#acceptance_wait_time: 10
+
+# If this is nonzero, the time between reconnection attempts will increase by
+# acceptance_wait_time seconds per iteration, up to this maximum. If this is
+# set to zero, the time between reconnection attempts will stay constant.
+#acceptance_wait_time_max: 0
+
+# If the master rejects the minion's public key, retry instead of exiting.
+# Rejected keys will be handled the same as waiting on acceptance.
+#rejected_retry: False
+
+# When the master key changes, the minion will try to re-auth itself to receive
+# the new master key. In larger environments this can cause a SYN flood on the
+# master because all minions try to re-auth immediately. To prevent this and
+# have a minion wait for a random amount of time, use this optional parameter.
+# The wait-time will be a random number of seconds between 0 and the defined value.
+#random_reauth_delay: 60
+
+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the timeout value,
+# in seconds, for each individual attempt. After this timeout expires, the minion
+# will wait for acceptance_wait_time seconds before trying again. Unless your master
+# is under unusually heavy load, this should be left at the default.
+#auth_timeout: 60
+
+# Number of consecutive SaltReqTimeoutError that are acceptable when trying to
+# authenticate.
+#auth_tries: 7
+
+# If authentication fails due to SaltReqTimeoutError during a ping_interval,
+# cause sub minion process to restart.
+#auth_safemode: False
+
+# Ping Master to ensure connection is alive (minutes).
+#ping_interval: 0
+
+# To auto recover minions if master changes IP address (DDNS)
+# auth_tries: 10
+# auth_safemode: False
+# ping_interval: 90
+#
+# Minions won't know master is missing until a ping fails. After the ping fail,
+# the minion will attempt authentication and likely fails out and cause a restart.
+# When the minion restarts it will resolve the masters IP and attempt to reconnect.
+
+# If you don't have any problems with syn-floods, don't bother with the
+# three recon_* settings described below, just leave the defaults!
+#
+# The ZeroMQ pull-socket that binds to the masters publishing interface tries
+# to reconnect immediately, if the socket is disconnected (for example if
+# the master processes are restarted). In large setups this will have all
+# minions reconnect immediately which might flood the master (the ZeroMQ-default
+# is usually a 100ms delay). To prevent this, these three recon_* settings
+# can be used.
+# recon_default: the interval in milliseconds that the socket should wait before
+# trying to reconnect to the master (1000ms = 1 second)
+#
+# recon_max: the maximum time a socket should wait. each interval the time to wait
+# is calculated by doubling the previous time. if recon_max is reached,
+# it starts again at recon_default. Short example:
+#
+# reconnect 1: the socket will wait 'recon_default' milliseconds
+# reconnect 2: 'recon_default' * 2
+# reconnect 3: ('recon_default' * 2) * 2
+# reconnect 4: value from previous interval * 2
+# reconnect 5: value from previous interval * 2
+# reconnect x: if value >= recon_max, it starts again with recon_default
+#
+# recon_randomize: generate a random wait time on minion start. The wait time will
+# be a random value between recon_default and recon_default +
+# recon_max. Having all minions reconnect with the same recon_default
+# and recon_max value kind of defeats the purpose of being able to
+# change these settings. If all minions have the same values and your
+# setup is quite large (several thousand minions), they will still
+# flood the master. The desired behavior is to have timeframe within
+# all minions try to reconnect.
+#
+# Example on how to use these settings. The goal: have all minions reconnect within a
+# 60 second timeframe on a disconnect.
+# recon_default: 1000
+# recon_max: 59000
+# recon_randomize: True
+#
+# Each minion will have a randomized reconnect value between 'recon_default'
+# and 'recon_default + recon_max', which in this example means between 1000ms
+# 60000ms (or between 1 and 60 seconds). The generated random-value will be
+# doubled after each attempt to reconnect. Lets say the generated random
+# value is 11 seconds (or 11000ms).
+# reconnect 1: wait 11 seconds
+# reconnect 2: wait 22 seconds
+# reconnect 3: wait 33 seconds
+# reconnect 4: wait 44 seconds
+# reconnect 5: wait 55 seconds
+# reconnect 6: wait time is bigger than 60 seconds (recon_default + recon_max)
+# reconnect 7: wait 11 seconds
+# reconnect 8: wait 22 seconds
+# reconnect 9: wait 33 seconds
+# reconnect x: etc.
+#
+# In a setup with ~6000 thousand hosts these settings would average the reconnects
+# to about 100 per second and all hosts would be reconnected within 60 seconds.
+# recon_default: 100
+# recon_max: 5000
+# recon_randomize: False
+#
+#
+# The loop_interval sets how long in seconds the minion will wait between
+# evaluating the scheduler and running cleanup tasks. This defaults to a
+# sane 60 seconds, but if the minion scheduler needs to be evaluated more
+# often lower this value
+#loop_interval: 60
+
+# The grains_refresh_every setting allows for a minion to periodically check
+# its grains to see if they have changed and, if so, to inform the master
+# of the new grains. This operation is moderately expensive, therefore
+# care should be taken not to set this value too low.
+#
+# Note: This value is expressed in __minutes__!
+#
+# A value of 10 minutes is a reasonable default.
+#
+# If the value is set to zero, this check is disabled.
+#grains_refresh_every: 1
+
+# Cache grains on the minion. Default is False.
+#grains_cache: False
+
+# Grains cache expiration, in seconds. If the cache file is older than this
+# number of seconds then the grains cache will be dumped and fully re-populated
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
+# is not enabled.
+# grains_cache_expiration: 300
+
+# Windows platforms lack posix IPC and must rely on slower TCP based inter-
+# process communications. Set ipc_mode to 'tcp' on such systems
+#ipc_mode: ipc
+
+# Overwrite the default tcp ports used by the minion when in tcp mode
+#tcp_pub_port: 4510
+#tcp_pull_port: 4511
+
+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# minion event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# To detect failed master(s) and fire events on connect/disconnect, set
+# master_alive_interval to the number of seconds to poll the masters for
+# connection events.
+#
+#master_alive_interval: 30
+
+# The minion can include configuration from other files. To enable this,
+# pass a list of paths to this option. The paths can be either relative or
+# absolute; if relative, they are considered to be relative to the directory
+# the main minion configuration file lives in (this file). Paths can make use
+# of shell-style globbing. If no files are matched by a path passed to this
+# option then the minion will log a warning message.
+#
+# Include a config file from some other path:
+# include: /etc/salt/extra_config
+#
+# Include config from several files and directories:
+#include:
+# - /etc/salt/extra_config
+# - /etc/roles/webserver
+#
+#
+#
+##### Minion module management #####
+##########################################
+# Disable specific modules. This allows the admin to limit the level of
+# access the master has to the minion.
+#disable_modules: [cmd,test]
+#disable_returners: []
+#
+# Modules can be loaded from arbitrary paths. This enables the easy deployment
+# of third party modules. Modules for returners and minions can be loaded.
+# Specify a list of extra directories to search for minion modules and
+# returners. These paths must be fully qualified!
+#module_dirs: []
+#returner_dirs: []
+#states_dirs: []
+#render_dirs: []
+#utils_dirs: []
+#
+# A module provider can be statically overwritten or extended for the minion
+# via the providers option, in this case the default module will be
+# overwritten by the specified module. In this example the pkg module will
+# be provided by the yumpkg5 module instead of the system default.
+#providers:
+# pkg: yumpkg5
+#
+# Enable Cython modules searching and loading. (Default: False)
+#cython_enable: False
+#
+# Specify a max size (in bytes) for modules on import. This feature is currently
+# only supported on *nix operating systems and requires psutil.
+# modules_max_memory: -1
+
+
+##### State Management Settings #####
+###########################################
+# The state management system executes all of the state templates on the minion
+# to enable more granular control of system state management. The type of
+# template and serialization used for state management needs to be configured
+# on the minion, the default renderer is yaml_jinja. This is a yaml file
+# rendered from a jinja template, the available options are:
+# yaml_jinja
+# yaml_mako
+# yaml_wempy
+# json_jinja
+# json_mako
+# json_wempy
+#
+#renderer: yaml_jinja
+#
+# The failhard option tells the minions to stop immediately after the first
+# failure detected in the state execution. Defaults to False.
+#failhard: False
+#
+# Reload the modules prior to a highstate run.
+#autoload_dynamic_modules: True
+#
+# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
+# the dynamic modules on the master, this means that if a dynamic module is
+# not on the master it will be deleted from the minion. By default, this is
+# enabled and can be disabled by changing this value to False.
+#clean_dynamic_modules: True
+#
+# Normally, the minion is not isolated to any single environment on the master
+# when running states, but the environment can be isolated on the minion side
+# by statically setting it. Remember that the recommended way to manage
+# environments is to isolate via the top file.
+#environment: None
+#
+# If using the local file directory, then the state top file name needs to be
+# defined, by default this is top.sls.
+#state_top: top.sls
+#
+# Run states when the minion daemon starts. To enable, set startup_states to:
+# 'highstate' -- Execute state.highstate
+# 'sls' -- Read in the sls_list option and execute the named sls files
+# 'top' -- Read top_file option and execute based on that file on the Master
+#startup_states: ''
+#
+# List of states to run when the minion starts up if startup_states is 'sls':
+#sls_list:
+# - edit.vim
+# - hyper
+#
+# Top file to execute if startup_states is 'top':
+#top_file: ''
+
+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to True. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
+##### File Directory Settings #####
+##########################################
+# The Salt Minion can redirect all file server operations to a local directory,
+# this allows for the same state tree that is on the master to be used if
+# copied completely onto the minion. This is a literal copy of the settings on
+# the master but used to reference a local directory on the minion.
+
+# Set the file client. The client defaults to looking on the master server for
+# files, but can be directed to look at the local file directory setting
+# defined below by setting it to "local". Setting a local file_client runs the
+# minion in masterless mode.
+#file_client: remote
+
+# The file directory works on environments passed to the minion, each environment
+# can have multiple root directories, the subdirectories in the multiple file
+# roots cannot match, otherwise the downloaded files will not be able to be
+# reliably ensured. A base environment is required to house the top file.
+# Example:
+# file_roots:
+# base:
+# - /srv/salt/
+# dev:
+# - /srv/salt/dev/services
+# - /srv/salt/dev/states
+# prod:
+# - /srv/salt/prod/services
+# - /srv/salt/prod/states
+#
+#file_roots:
+# base:
+# - /srv/salt
+
+# By default, the Salt fileserver recurses fully into all defined environments
+# to attempt to find files. To limit this behavior so that the fileserver only
+# traverses directories with SLS files and special Salt directories like _modules,
+# enable the option below. This might be useful for installations where a file root
+# has a very large number of files and performance is negatively impacted. Default
+# is False.
+#fileserver_limit_traversal: False
+
+# The hash_type is the hash to use when discovering the hash of a file in
+# the local fileserver. The default is sha256 but sha224, sha384 and sha512
+# are also supported.
+#
+# WARNING: While md5 and sha1 are also supported, do not use it due to the high chance
+# of possible collisions and thus security breach.
+#
+# Warning: Prior to changing this value, the minion should be stopped and all
+# Salt caches should be cleared.
+#hash_type: sha256
+
+# The Salt pillar is searched for locally if file_client is set to local. If
+# this is the case, and pillar data is defined, then the pillar_roots need to
+# also be configured on the minion:
+#pillar_roots:
+# base:
+# - /srv/pillar
+#
+#
+###### Security settings #####
+###########################################
+# Enable "open mode", this mode still maintains encryption, but turns off
+# authentication, this is only intended for highly secure environments or for
+# the situation where your keys end up in a bad state. If you run in open mode
+# you do so at your own risk!
+#open_mode: False
+
+# Enable permissive access to the salt keys. This allows you to run the
+# master or minion as root, but have a non-root group be given access to
+# your pki_dir. To make the access explicit, root must belong to the group
+# you've given access to. This is potentially quite insecure.
+#permissive_pki_access: False
+
+# The state_verbose and state_output settings can be used to change the way
+# state system data is printed to the display. By default all data is printed.
+# The state_verbose setting can be set to True or False, when set to False
+# all data that has a result of True and no changes will be suppressed.
+#state_verbose: True
+
+# The state_output setting changes if the output is the full multi line
+# output for each changed state if set to 'full', but if set to 'terse'
+# the output will be shortened to a single line.
+#state_output: full
+
+# The state_output_diff setting changes whether or not the output from
+# successful states is returned. Useful when even the terse output of these
+# states is cluttering the logs. Set it to True to ignore them.
+#state_output_diff: False
+
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
+# Fingerprint of the master public key to validate the identity of your Salt master
+# before the initial key exchange. The master fingerprint can be found by running
+# "salt-key -F master" on the Salt master.
+#master_finger: ''
+
+
+###### Thread settings #####
+###########################################
+# Disable multiprocessing support, by default when a minion receives a
+# publication a new process is spawned and the command is executed therein.
+#multiprocessing: True
+
+
+##### Logging settings #####
+##########################################
+# The location of the minion log file
+# The minion log can be sent to a regular file, local path name, or network
+# location. Remote logging works best when configured to use rsyslogd(8) (e.g.:
+# ``file:///dev/log``), with rsyslogd(8) configured for network logging. The URI
+# format is: <file|udp|tcp>://<host|socketpath>:<port-if-required>/<log-facility>
+#log_file: /var/log/salt/minion
+#log_file: file:///dev/log
+#log_file: udp://loghost:10514
+#
+#log_file: /var/log/salt/minion
+#key_logfile: /var/log/salt/key
+
+# The level of messages to send to the console.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
+# Default: 'warning'
+#log_level: warning
+
+# The level of messages to send to the log file.
+# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
+# Default: 'warning'
+#log_level_logfile:
+
+# The date and time format used in log messages. Allowed date/time formatting
+# can be seen here: http://docs.python.org/library/time.html#time.strftime
+#log_datefmt: '%H:%M:%S'
+#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
+
+# The format of the console logging messages. Allowed formatting options can
+# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
+#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+
+# This can be used to control logging levels more specificically. This
+# example sets the main salt library at the 'warning' level, but sets
+# 'salt.modules' to log at the 'debug' level:
+# log_granular_levels:
+# 'salt': 'warning'
+# 'salt.modules': 'debug'
+#
+#log_granular_levels: {}
+
+# To diagnose issues with minions disconnecting or missing returns, ZeroMQ
+# supports the use of monitor sockets # to log connection events. This
+# feature requires ZeroMQ 4.0 or higher.
+#
+# To enable ZeroMQ monitor sockets, set 'zmq_monitor' to 'True' and log at a
+# debug level or higher.
+#
+# A sample log event is as follows:
+#
+# [DEBUG ] ZeroMQ event: {'endpoint': 'tcp://127.0.0.1:4505', 'event': 512,
+# 'value': 27, 'description': 'EVENT_DISCONNECTED'}
+#
+# All events logged will include the string 'ZeroMQ event'. A connection event
+# should be logged on the as the minion starts up and initially connects to the
+# master. If not, check for debug log level and that the necessary version of
+# ZeroMQ is installed.
+#
+#zmq_monitor: False
+
+###### Module configuration #####
+###########################################
+# Salt allows for modules to be passed arbitrary configuration data, any data
+# passed here in valid yaml format will be passed on to the salt minion modules
+# for use. It is STRONGLY recommended that a naming convention be used in which
+# the module name is followed by a . and then the value. Also, all top level
+# data must be applied via the yaml dict construct, some examples:
+#
+# You can specify that all modules should run in test mode:
+#test: True
+#
+# A simple value for the test module:
+#test.foo: foo
+#
+# A list for the test module:
+#test.bar: [baz,quo]
+#
+# A dict for the test module:
+#test.baz: {spam: sausage, cheese: bread}
+#
+#
+###### Update settings ######
+###########################################
+# Using the features in Esky, a salt minion can both run as a frozen app and
+# be updated on the fly. These options control how the update process
+# (saltutil.update()) behaves.
+#
+# The url for finding and downloading updates. Disabled by default.
+#update_url: False
+#
+# The list of services to restart after a successful update. Empty by default.
+#update_restart_services: []
+
+
+###### Keepalive settings ######
+############################################
+# ZeroMQ now includes support for configuring SO_KEEPALIVE if supported by
+# the OS. If connections between the minion and the master pass through
+# a state tracking device such as a firewall or VPN gateway, there is
+# the risk that it could tear down the connection the master and minion
+# without informing either party that their connection has been taken away.
+# Enabling TCP Keepalives prevents this from happening.
+
+# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
+# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
+#tcp_keepalive: True
+
+# How long before the first keepalive should be sent in seconds. Default 300
+# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
+# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
+#tcp_keepalive_idle: 300
+
+# How many lost probes are needed to consider the connection lost. Default -1
+# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
+#tcp_keepalive_cnt: -1
+
+# How often, in seconds, to send keepalives after the first one. Default -1 to
+# use OS defaults, typically 75 seconds on Linux, see
+# /proc/sys/net/ipv4/tcp_keepalive_intvl.
+#tcp_keepalive_intvl: -1
+
+
+###### Windows Software settings ######
+############################################
+# Location of the repository cache file on the master:
+#win_repo_cachefile: 'salt://win/repo/winrepo.p'
+
+
+###### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
--- /dev/null
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+
+console
+
+# Local X displays (allows empty passwords with pam_unix's nullok_secure)
+:0
+:0.0
+:0.1
+:1
+:1.0
+:1.1
+:2
+:2.0
+:2.1
+:3
+:3.0
+:3.1
+#...
+
+
+# ==========================================================
+#
+# TTYs sorted by major number according to Documentation/devices.txt
+#
+# ==========================================================
+
+# Virtual consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
+
+# UART serial ports
+ttyS0
+ttyS1
+ttyS2
+ttyS3
+ttyS4
+ttyS5
+#...ttyS191
+
+# Serial Mux devices (Linux/PA-RISC only)
+ttyB0
+ttyB1
+#...
+
+# Chase serial card
+ttyH0
+ttyH1
+#...
+
+# Cyclades serial cards
+ttyC0
+ttyC1
+#...ttyC31
+
+# Digiboard serial cards
+ttyD0
+ttyD1
+#...
+
+# Stallion serial cards
+ttyE0
+ttyE1
+#...ttyE255
+
+# Specialix serial cards
+ttyX0
+ttyX1
+#...
+
+# Comtrol Rocketport serial cards
+ttyR0
+ttyR1
+#...
+
+# SDL RISCom serial cards
+ttyL0
+ttyL1
+#...
+
+# Hayes ESP serial card
+ttyP0
+ttyP1
+#...
+
+# Computone IntelliPort II serial card
+ttyF0
+ttyF1
+#...ttyF255
+
+# Specialix IO8+ serial card
+ttyW0
+ttyW1
+#...
+
+# Comtrol VS-1000 serial controller
+ttyV0
+ttyV1
+#...
+
+# ISI serial card
+ttyM0
+ttyM1
+#...
+
+# Technology Concepts serial card
+ttyT0
+ttyT1
+#...
+
+# Specialix RIO serial card
+ttySR0
+ttySR1
+#...ttySR511
+
+# Chase Research AT/PCI-Fast serial card
+ttyCH0
+ttyCH1
+#...ttyCH63
+
+# Moxa Intellio serial card
+ttyMX0
+ttyMX1
+#...ttyMX127
+
+# SmartIO serial card
+ttySI0
+ttySI1
+#...
+
+# USB dongles
+ttyUSB0
+ttyUSB1
+ttyUSB2
+#...
+
+# LinkUp Systems L72xx UARTs
+ttyLU0
+ttyLU1
+ttyLU2
+ttyLU3
+
+# StrongARM builtin serial ports
+ttySA0
+ttySA1
+ttySA2
+
+# SCI serial port (SuperH) ports and SC26xx serial ports
+ttySC0
+ttySC1
+ttySC2
+ttySC3
+
+# ARM "AMBA" serial ports
+ttyAM0
+ttyAM1
+ttyAM2
+ttyAM3
+ttyAM4
+ttyAM5
+ttyAM6
+ttyAM7
+ttyAM8
+ttyAM9
+ttyAM10
+ttyAM11
+ttyAM12
+ttyAM13
+ttyAM14
+ttyAM15
+
+# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU)
+ttyAMA0
+ttyAMA1
+ttyAMA2
+ttyAMA3
+
+# DataBooster serial ports
+ttyDB0
+ttyDB1
+ttyDB2
+ttyDB3
+ttyDB4
+ttyDB5
+ttyDB6
+ttyDB7
+
+# SGI Altix console ports
+ttySG0
+
+# Motorola i.MX ports
+ttySMX0
+ttySMX1
+ttySMX2
+
+# Marvell MPSC ports
+ttyMM0
+ttyMM1
+
+# PPC CPM (SCC or SMC) ports
+ttyCPM0
+ttyCPM1
+ttyCPM2
+ttyCPM3
+ttyCPM4
+ttyCPM5
+
+# Altix serial cards
+ttyIOC0
+ttyIOC1
+#...ttyIOC31
+
+# NEC VR4100 series SIU
+ttyVR0
+
+# NEC VR4100 series SSIU
+ttyVR1
+
+# Altix ioc4 serial cards
+ttyIOC84
+ttyIOC85
+#...ttyIOC115
+
+# Altix ioc3 serial cards
+ttySIOC0
+ttySIOC1
+#...ttySIOC31
+
+# PPC PSC ports
+ttyPSC0
+ttyPSC1
+ttyPSC2
+ttyPSC3
+ttyPSC4
+ttyPSC5
+
+# ATMEL serial ports
+ttyAT0
+ttyAT1
+#...ttyAT15
+
+# Hilscher netX serial port
+ttyNX0
+ttyNX1
+#...ttyNX15
+
+# Xilinx uartlite - port
+ttyUL0
+ttyUL1
+ttyUL2
+ttyUL3
+
+# Xen virtual console - port 0
+xvc0
+
+# pmac_zilog - port
+ttyPZ0
+ttyPZ1
+ttyPZ2
+ttyPZ3
+
+# TX39/49 serial port
+ttyTX0
+ttyTX1
+ttyTX2
+ttyTX3
+ttyTX4
+ttyTX5
+ttyTX6
+ttyTX7
+
+# SC26xx serial ports (see SCI serial ports (SuperH))
+
+# MAX3100 serial ports
+ttyMAX0
+ttyMAX1
+ttyMAX2
+ttyMAX3
+
+# OMAP serial ports
+ttyO0
+ttyO1
+ttyO2
+ttyO3
+
+# User space serial ports
+ttyU0
+ttyU1
+
+# A2232 serial card
+ttyY0
+ttyY1
+
+# IBM 3270 terminal Unix tty access
+3270/tty1
+3270/tty2
+#...
+
+# IBM iSeries/pSeries virtual console
+hvc0
+hvc1
+#...
+#IBM pSeries console ports
+hvsi0
+hvsi1
+hvsi2
+
+# Equinox SST multi-port serial boards
+ttyEQ0
+ttyEQ1
+#...ttyEQ1027
+
+# ==========================================================
+#
+# Not in Documentation/Devices.txt
+#
+# ==========================================================
+
+# Embedded Freescale i.MX ports
+ttymxc0
+ttymxc1
+ttymxc2
+ttymxc3
+ttymxc4
+ttymxc5
+
+# LXC (Linux Containers)
+lxc/console
+lxc/tty1
+lxc/tty2
+lxc/tty3
+lxc/tty4
+
+# Serial Console for MIPS Swarm
+duart0
+duart1
+
+# s390 and s390x ports in LPAR mode
+ttysclp0
--- /dev/null
+# Login access control table.
+#
+# Comment line must start with "#", no space at front.
+# Order of lines is important.
+#
+# When someone logs in, the table is scanned for the first entry that
+# matches the (user, host) combination, or, in case of non-networked
+# logins, the first entry that matches the (user, tty) combination. The
+# permissions field of that table entry determines whether the login will
+# be accepted or refused.
+#
+# Format of the login access control table is three fields separated by a
+# ":" character:
+#
+# [Note, if you supply a 'fieldsep=|' argument to the pam_access.so
+# module, you can change the field separation character to be
+# '|'. This is useful for configurations where you are trying to use
+# pam_access with X applications that provide PAM_TTY values that are
+# the display variable like "host:0".]
+#
+# permission : users : origins
+#
+# The first field should be a "+" (access granted) or "-" (access denied)
+# character.
+#
+# The second field should be a list of one or more login names, group
+# names, or ALL (always matches). A pattern of the form user@host is
+# matched when the login name matches the "user" part, and when the
+# "host" part matches the local machine name.
+#
+# The third field should be a list of one or more tty names (for
+# non-networked logins), host names, domain names (begin with "."), host
+# addresses, internet network numbers (end with "."), ALL (always
+# matches), NONE (matches no tty on non-networked logins) or
+# LOCAL (matches any string that does not contain a "." character).
+#
+# You can use @netgroupname in host or user patterns; this even works
+# for @usergroup@@hostgroup patterns.
+#
+# The EXCEPT operator makes it possible to write very compact rules.
+#
+# The group file is searched only when a name does not match that of the
+# logged-in user. Both the user's primary group is matched, as well as
+# groups in which users are explicitly listed.
+# To avoid problems with accounts, which have the same name as a group,
+# you can use brackets around group names '(group)' to differentiate.
+# In this case, you should also set the "nodefgroup" option.
+#
+# TTY NAMES: Must be in the form returned by ttyname(3) less the initial
+# "/dev" (e.g. tty1 or vc/1)
+#
+##############################################################################
+#
+# Disallow non-root logins on tty1
+#
+#-:ALL EXCEPT root:tty1
+#
+# Disallow console logins to all but a few accounts.
+#
+#-:ALL EXCEPT wheel shutdown sync:LOCAL
+#
+# Same, but make sure that really the group wheel and not the user
+# wheel is used (use nodefgroup argument, too):
+#
+#-:ALL EXCEPT (wheel) shutdown sync:LOCAL
+#
+# Disallow non-local logins to privileged accounts (group wheel).
+#
+#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
+#
+# Some accounts are not allowed to login from anywhere:
+#
+#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
+#
+# All other accounts are allowed to login from anywhere.
+#
+##############################################################################
+# All lines from here up to the end are building a more complex example.
+##############################################################################
+#
+# User "root" should be allowed to get access via cron .. tty5 tty6.
+#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
+#
+# User "root" should be allowed to get access from hosts with ip addresses.
+#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
+#+ : root : 127.0.0.1
+#
+# User "root" should get access from network 192.168.201.
+# This term will be evaluated by string matching.
+# comment: It might be better to use network/netmask instead.
+# The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
+#+ : root : 192.168.201.
+#
+# User "root" should be able to have access from domain.
+# Uses string matching also.
+#+ : root : .foo.bar.org
+#
+# User "root" should be denied to get access from all other sources.
+#- : root : ALL
+#
+# User "foo" and members of netgroup "nis_group" should be
+# allowed to get access from all sources.
+# This will only work if netgroup service is available.
+#+ : @nis_group foo : ALL
+#
+# User "john" should get access from ipv4 net/mask
+#+ : john : 127.0.0.0/24
+#
+# User "john" should get access from ipv4 as ipv6 net/mask
+#+ : john : ::ffff:127.0.0.0/127
+#
+# User "john" should get access from ipv6 host address
+#+ : john : 2001:4ca0:0:101::1
+#
+# User "john" should get access from ipv6 host address (same as above)
+#+ : john : 2001:4ca0:0:101:0:0:0:1
+#
+# User "john" should get access from ipv6 net/mask
+#+ : john : 2001:4ca0:0:101::/64
+#
+# All other users should be denied to get access from all sources.
+#- : ALL : ALL
--- /dev/null
+#
+# This is the configuration file for the pam_group module.
+#
+
+#
+# *** Please note that giving group membership on a session basis is
+# *** NOT inherently secure. If a user can create an executable that
+# *** is setgid a group that they are infrequently given membership
+# *** of, they can basically obtain group membership any time they
+# *** like. Example: games are allowed between the hours of 6pm and 6am
+# *** user joe logs in at 7pm writes a small C-program toplay.c that
+# *** invokes their favorite shell, compiles it and does
+# *** "chgrp play toplay; chmod g+s toplay". They are basically able
+# *** to play games any time... You have been warned. AGM
+#
+
+#
+# The syntax of the lines is as follows:
+#
+# services;ttys;users;times;groups
+#
+# white space is ignored and lines maybe extended with '\\n' (escaped
+# newlines). From reading these comments, it is clear that
+# text following a '#' is ignored to the end of the line.
+#
+# the combination of individual users/terminals etc is a logic list
+# namely individual tokens that are optionally prefixed with '!' (logical
+# not) and separated with '&' (logical and) and '|' (logical or).
+#
+# services
+# is a logic list of PAM service names that the rule applies to.
+#
+# ttys
+# is a logic list of terminal names that this rule applies to.
+#
+# users
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
+#
+# NB. For these items the simple wildcard '*' may be used only once.
+# With netgroups no wildcards or logic operators are allowed.
+#
+# times
+# It is used to indicate "when" these groups are to be given to the
+# user. The format here is a logic list of day/time-range
+# entries the days are specified by a sequence of two character
+# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
+# that repeated days are unset MoMo = no day, and MoWk = all weekdays
+# bar Monday. The two character combinations accepted are
+#
+# Mo Tu We Th Fr Sa Su Wk Wd Al
+#
+# the last two being week-end days and all 7 days of the week
+# respectively. As a final example, AlFr means all days except Friday.
+#
+# Each day/time-range can be prefixed with a '!' to indicate "anything
+# but"
+#
+# The time-range part is two 24-hour times HHMM separated by a hyphen
+# indicating the start and finish time (if the finish time is smaller
+# than the start time it is deemed to apply on the following day).
+#
+# groups
+# The (comma or space separated) list of groups that the user
+# inherits membership of. These groups are added if the previous
+# fields are satisfied by the user's request
+#
+# For a rule to be active, ALL of service+ttys+users must be satisfied
+# by the applying process.
+#
+
+#
+# Note, to get this to work as it is currently typed you need
+#
+# 1. to run an application as root
+# 2. add the following groups to the /etc/group file:
+# floppy, play, sound
+#
+
+#
+# Here is a simple example: running 'xsh' on tty* (any ttyXXX device),
+# the user 'us' is given access to the floppy (through membership of
+# the floppy group)
+#
+
+#xsh;tty*&!ttyp*;us;Al0000-2400;floppy
+
+#
+# another example: running 'xsh' on tty* (any ttyXXX device),
+# the user 'sword' is given access to games (through membership of
+# the sound and play group) after work hours.
+#
+
+#xsh; tty* ;sword;!Wk0900-1800;sound, play
+#xsh; tty* ;*;Al0900-1800;floppy
+
+#
+# yet another example: any member of the group 'admin' running
+# 'xsh' on tty*, is granted access (at any time) to the group 'plugdev'
+#
+
+#xsh; tty* ;%admin;Al0000-2400;plugdev
+
+#
+# End of group.conf file
+#
--- /dev/null
+# /etc/security/limits.conf
+#
+#Each line describes a limit for a user in the form:
+#
+#<domain> <type> <item> <value>
+#
+#Where:
+#<domain> can be:
+# - a user name
+# - a group name, with @group syntax
+# - the wildcard *, for default entry
+# - the wildcard %, can be also used with %group syntax,
+# for maxlogin limit
+# - NOTE: group and wildcard limits are not applied to root.
+# To apply a limit to the root user, <domain> must be
+# the literal username root.
+#
+#<type> can have the two values:
+# - "soft" for enforcing the soft limits
+# - "hard" for enforcing hard limits
+#
+#<item> can be one of the following:
+# - core - limits the core file size (KB)
+# - data - max data size (KB)
+# - fsize - maximum filesize (KB)
+# - memlock - max locked-in-memory address space (KB)
+# - nofile - max number of open files
+# - rss - max resident set size (KB)
+# - stack - max stack size (KB)
+# - cpu - max CPU time (MIN)
+# - nproc - max number of processes
+# - as - address space limit (KB)
+# - maxlogins - max number of logins for this user
+# - maxsyslogins - max number of logins on the system
+# - priority - the priority to run user process with
+# - locks - max number of file locks the user can hold
+# - sigpending - max number of pending signals
+# - msgqueue - max memory used by POSIX message queues (bytes)
+# - nice - max nice priority allowed to raise to values: [-20, 19]
+# - rtprio - max realtime priority
+# - chroot - change root to directory (Debian-specific)
+#
+#<domain> <type> <item> <value>
+#
+
+#* soft core 0
+#root hard core 100000
+#* hard rss 10000
+#@student hard nproc 20
+#@faculty soft nproc 20
+#@faculty hard nproc 50
+#ftp hard nproc 0
+#ftp - chroot /ftp
+#@student - maxlogins 4
+
+# End of file
--- /dev/null
+# /etc/security/namespace.conf
+#
+# See /usr/share/doc/pam-*/txts/README.pam_namespace for more information.
+#
+# Uncommenting the following three lines will polyinstantiate
+# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will
+# be polyinstantiated based on the MLS level part of the security context as well as user
+# name, Polyinstantion will not be performed for user root and adm for directories
+# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users.
+# The user name and context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+#/tmp /tmp-inst/ level root,adm
+#/var/tmp /var/tmp/tmp-inst/ level root,adm
+#$HOME $HOME/$USER.inst/ level
--- /dev/null
+#!/bin/sh -p
+# It receives polydir path as $1, the instance path as $2,
+# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3,
+# and user name in $4.
+#
+# The following section will copy the contents of /etc/skel if this is a
+# newly created home directory.
+if [ "$3" = 1 ]; then
+ # This line will fix the labeling on all newly created directories
+ [ -x /sbin/restorecon ] && /sbin/restorecon "$1"
+ user="$4"
+ passwd=$(getent passwd "$user")
+ homedir=$(echo "$passwd" | cut -f6 -d":")
+ if [ "$1" = "$homedir" ]; then
+ gid=$(echo "$passwd" | cut -f4 -d":")
+ cp -rT /etc/skel "$homedir"
+ chown -R "$user":"$gid" "$homedir"
+ mask=$(awk '/^UMASK/{gsub("#.*$", "", $2); print $2; exit}' /etc/login.defs)
+ mode=$(printf "%o" $((0777 & ~$mask)))
+ chmod ${mode:-700} "$homedir"
+ [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir"
+ fi
+fi
+
+exit 0
--- /dev/null
+#
+# This is the configuration file for pam_env, a PAM module to load in
+# a configurable list of environment variables for a
+#
+# The original idea for this came from Andrew G. Morgan ...
+#<quote>
+# Mmm. Perhaps you might like to write a pam_env module that reads a
+# default environment from a file? I can see that as REALLY
+# useful... Note it would be an "auth" module that returns PAM_IGNORE
+# for the auth part and sets the environment returning PAM_SUCCESS in
+# the setcred function...
+#</quote>
+#
+# What I wanted was the REMOTEHOST variable set, purely for selfish
+# reasons, and AGM didn't want it added to the SimpleApps login
+# program (which is where I added the patch). So, my first concern is
+# that variable, from there there are numerous others that might/would
+# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER .....
+#
+# Of course, these are a different kind of variable than REMOTEHOST in
+# that they are things that are likely to be configured by
+# administrators rather than set by logging in, how to treat them both
+# in the same config file?
+#
+# Here is my idea:
+#
+# Each line starts with the variable name, there are then two possible
+# options for each variable DEFAULT and OVERRIDE.
+# DEFAULT allows and administrator to set the value of the
+# variable to some default value, if none is supplied then the empty
+# string is assumed. The OVERRIDE option tells pam_env that it should
+# enter in its value (overriding the default value) if there is one
+# to use. OVERRIDE is not used, "" is assumed and no override will be
+# done.
+#
+# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
+#
+# (Possibly non-existent) environment variables may be used in values
+# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
+# be used in values using the @{string} syntax. Both the $ and @
+# characters can be backslash escaped to be used as literal values
+# values can be delimited with "", escaped " not supported.
+# Note that many environment variables that you would like to use
+# may not be set by the time the module is called.
+# For example, HOME is used below several times, but
+# many PAM applications don't make it available by the time you need it.
+#
+#
+# First, some special variables
+#
+# Set the REMOTEHOST variable for any hosts that are remote, default
+# to "localhost" rather than not being set at all
+#REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
+#
+# Set the DISPLAY variable if it seems reasonable
+#DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
+#
+#
+# Now some simple variables
+#
+#PAGER DEFAULT=less
+#MANPAGER DEFAULT=less
+#LESS DEFAULT="M q e h15 z23 b80"
+#NNTPSERVER DEFAULT=localhost
+#PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
+#:/usr/bin:/usr/local/bin/X11:/usr/bin/X11
+#
+# silly examples of escaped variables, just to show how they work.
+#
+#DOLLAR DEFAULT=\$
+#DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
+#DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
+#ATSIGN DEFAULT="" OVERRIDE=\@
--- /dev/null
+# /etc/security/sepermit.conf
+#
+# Each line contains either:
+# - an user name
+# - a group name, with @group syntax
+# - a SELinux user name, with %seuser syntax
+# Each line can contain optional arguments separated by :
+# The possible arguments are:
+# - exclusive - only single login session will
+# be allowed for the user and the user's processes
+# will be killed on logout
--- /dev/null
+# this is an example configuration file for the pam_time module. Its syntax
+# was initially based heavily on that of the shadow package (shadow-960129).
+#
+# the syntax of the lines is as follows:
+#
+# services;ttys;users;times
+#
+# white space is ignored and lines maybe extended with '\\n' (escaped
+# newlines). As should be clear from reading these comments,
+# text following a '#' is ignored to the end of the line.
+#
+# the combination of individual users/terminals etc is a logic list
+# namely individual tokens that are optionally prefixed with '!' (logical
+# not) and separated with '&' (logical and) and '|' (logical or).
+#
+# services
+# is a logic list of PAM service names that the rule applies to.
+#
+# ttys
+# is a logic list of terminal names that this rule applies to.
+#
+# users
+# is a logic list of users or a netgroup of users to whom this
+# rule applies.
+#
+# NB. For these items the simple wildcard '*' may be used only once.
+#
+# times
+# the format here is a logic list of day/time-range
+# entries the days are specified by a sequence of two character
+# entries, MoTuSa for example is Monday Tuesday and Saturday. Note
+# that repeated days are unset MoMo = no day, and MoWk = all weekdays
+# bar Monday. The two character combinations accepted are
+#
+# Mo Tu We Th Fr Sa Su Wk Wd Al
+#
+# the last two being week-end days and all 7 days of the week
+# respectively. As a final example, AlFr means all days except Friday.
+#
+# each day/time-range can be prefixed with a '!' to indicate "anything
+# but"
+#
+# The time-range part is two 24-hour times HHMM separated by a hyphen
+# indicating the start and finish time (if the finish time is smaller
+# than the start time it is deemed to apply on the following day).
+#
+# for a rule to be active, ALL of service+ttys+users must be satisfied
+# by the applying process.
+#
+
+#
+# Here is a simple example: running blank on tty* (any ttyXXX device),
+# the users 'you' and 'me' are denied service all of the time
+#
+
+#blank;tty* & !ttyp*;you|me;!Al0000-2400
+
+# Another silly example, user 'root' is denied xsh access
+# from pseudo terminals at the weekend and on mondays.
+
+#xsh;ttyp*;root;!WdMo0000-2400
+
+#
+# End of example file.
+#
--- /dev/null
+# Authors: Jason Tang <jtang@tresys.com>
+#
+# Copyright (C) 2004-2005 Tresys Technology, LLC
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#
+# Specify how libsemanage will interact with a SELinux policy manager.
+# The four options are:
+#
+# "source" - libsemanage manipulates a source SELinux policy
+# "direct" - libsemanage will write directly to a module store.
+# /foo/bar - Write by way of a policy management server, whose
+# named socket is at /foo/bar. The path must begin
+# with a '/'.
+# foo.com:4242 - Establish a TCP connection to a remote policy
+# management server at foo.com. If there is a colon
+# then the remainder is interpreted as a port number;
+# otherwise default to port 4242.
+module-store = direct
+
+# When generating the final linked and expanded policy, by default
+# semanage will set the policy version to POLICYDB_VERSION_MAX, as
+# given in <sepol/policydb.h>. Change this setting if a different
+# version is necessary.
+#policy-version = 19
+
+# expand-check check neverallow rules when executing all semanage commands.
+# Large penalty in time if you turn this on.
+expand-check=0
--- /dev/null
+# Network services, Internet style
+#
+# Note that it is presently the policy of IANA to assign a single well-known
+# port number for both TCP and UDP; hence, officially ports have two entries
+# even if the protocol doesn't support UDP operations.
+#
+# Updated from http://www.iana.org/assignments/port-numbers and other
+# sources like http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/services .
+# New ports will be added on request if they have been officially assigned
+# by IANA and used in the real-world or are needed by a debian package.
+# If you need a huge list of used numbers please install the nmap package.
+
+tcpmux 1/tcp # TCP port service multiplexer
+echo 7/tcp
+echo 7/udp
+discard 9/tcp sink null
+discard 9/udp sink null
+systat 11/tcp users
+daytime 13/tcp
+daytime 13/udp
+netstat 15/tcp
+qotd 17/tcp quote
+msp 18/tcp # message send protocol
+msp 18/udp
+chargen 19/tcp ttytst source
+chargen 19/udp ttytst source
+ftp-data 20/tcp
+ftp 21/tcp
+fsp 21/udp fspd
+ssh 22/tcp # SSH Remote Login Protocol
+ssh 22/udp
+telnet 23/tcp
+smtp 25/tcp mail
+time 37/tcp timserver
+time 37/udp timserver
+rlp 39/udp resource # resource location
+nameserver 42/tcp name # IEN 116
+whois 43/tcp nicname
+tacacs 49/tcp # Login Host Protocol (TACACS)
+tacacs 49/udp
+re-mail-ck 50/tcp # Remote Mail Checking Protocol
+re-mail-ck 50/udp
+domain 53/tcp # Domain Name Server
+domain 53/udp
+mtp 57/tcp # deprecated
+tacacs-ds 65/tcp # TACACS-Database Service
+tacacs-ds 65/udp
+bootps 67/tcp # BOOTP server
+bootps 67/udp
+bootpc 68/tcp # BOOTP client
+bootpc 68/udp
+tftp 69/udp
+gopher 70/tcp # Internet Gopher
+gopher 70/udp
+rje 77/tcp netrjs
+finger 79/tcp
+http 80/tcp www # WorldWideWeb HTTP
+http 80/udp # HyperText Transfer Protocol
+link 87/tcp ttylink
+kerberos 88/tcp kerberos5 krb5 kerberos-sec # Kerberos v5
+kerberos 88/udp kerberos5 krb5 kerberos-sec # Kerberos v5
+supdup 95/tcp
+hostnames 101/tcp hostname # usually from sri-nic
+iso-tsap 102/tcp tsap # part of ISODE
+acr-nema 104/tcp dicom # Digital Imag. & Comm. 300
+acr-nema 104/udp dicom
+csnet-ns 105/tcp cso-ns # also used by CSO name server
+csnet-ns 105/udp cso-ns
+rtelnet 107/tcp # Remote Telnet
+rtelnet 107/udp
+pop2 109/tcp postoffice pop-2 # POP version 2
+pop2 109/udp pop-2
+pop3 110/tcp pop-3 # POP version 3
+pop3 110/udp pop-3
+sunrpc 111/tcp portmapper # RPC 4.0 portmapper
+sunrpc 111/udp portmapper
+auth 113/tcp authentication tap ident
+sftp 115/tcp
+uucp-path 117/tcp
+nntp 119/tcp readnews untp # USENET News Transfer Protocol
+ntp 123/tcp
+ntp 123/udp # Network Time Protocol
+pwdgen 129/tcp # PWDGEN service
+pwdgen 129/udp
+loc-srv 135/tcp epmap # Location Service
+loc-srv 135/udp epmap
+netbios-ns 137/tcp # NETBIOS Name Service
+netbios-ns 137/udp
+netbios-dgm 138/tcp # NETBIOS Datagram Service
+netbios-dgm 138/udp
+netbios-ssn 139/tcp # NETBIOS session service
+netbios-ssn 139/udp
+imap2 143/tcp imap # Interim Mail Access P 2 and 4
+imap2 143/udp imap
+snmp 161/tcp # Simple Net Mgmt Protocol
+snmp 161/udp
+snmp-trap 162/tcp snmptrap # Traps for SNMP
+snmp-trap 162/udp snmptrap
+cmip-man 163/tcp # ISO mgmt over IP (CMOT)
+cmip-man 163/udp
+cmip-agent 164/tcp
+cmip-agent 164/udp
+mailq 174/tcp # Mailer transport queue for Zmailer
+mailq 174/udp
+xdmcp 177/tcp # X Display Mgr. Control Proto
+xdmcp 177/udp
+nextstep 178/tcp NeXTStep NextStep # NeXTStep window
+nextstep 178/udp NeXTStep NextStep # server
+bgp 179/tcp # Border Gateway Protocol
+bgp 179/udp
+prospero 191/tcp # Cliff Neuman's Prospero
+prospero 191/udp
+irc 194/tcp # Internet Relay Chat
+irc 194/udp
+smux 199/tcp # SNMP Unix Multiplexer
+smux 199/udp
+at-rtmp 201/tcp # AppleTalk routing
+at-rtmp 201/udp
+at-nbp 202/tcp # AppleTalk name binding
+at-nbp 202/udp
+at-echo 204/tcp # AppleTalk echo
+at-echo 204/udp
+at-zis 206/tcp # AppleTalk zone information
+at-zis 206/udp
+qmtp 209/tcp # Quick Mail Transfer Protocol
+qmtp 209/udp
+z3950 210/tcp wais # NISO Z39.50 database
+z3950 210/udp wais
+ipx 213/tcp # IPX
+ipx 213/udp
+imap3 220/tcp # Interactive Mail Access
+imap3 220/udp # Protocol v3
+pawserv 345/tcp # Perf Analysis Workbench
+pawserv 345/udp
+zserv 346/tcp # Zebra server
+zserv 346/udp
+fatserv 347/tcp # Fatmen Server
+fatserv 347/udp
+rpc2portmap 369/tcp
+rpc2portmap 369/udp # Coda portmapper
+codaauth2 370/tcp
+codaauth2 370/udp # Coda authentication server
+clearcase 371/tcp Clearcase
+clearcase 371/udp Clearcase
+ulistserv 372/tcp # UNIX Listserv
+ulistserv 372/udp
+ldap 389/tcp # Lightweight Directory Access Protocol
+ldap 389/udp
+imsp 406/tcp # Interactive Mail Support Protocol
+imsp 406/udp
+svrloc 427/tcp # Server Location
+svrloc 427/udp
+https 443/tcp # http protocol over TLS/SSL
+https 443/udp
+snpp 444/tcp # Simple Network Paging Protocol
+snpp 444/udp
+microsoft-ds 445/tcp # Microsoft Naked CIFS
+microsoft-ds 445/udp
+kpasswd 464/tcp
+kpasswd 464/udp
+urd 465/tcp ssmtp smtps # URL Rendesvous Directory for SSM
+saft 487/tcp # Simple Asynchronous File Transfer
+saft 487/udp
+isakmp 500/tcp # IPsec - Internet Security Association
+isakmp 500/udp # and Key Management Protocol
+rtsp 554/tcp # Real Time Stream Control Protocol
+rtsp 554/udp
+nqs 607/tcp # Network Queuing system
+nqs 607/udp
+npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
+npmp-local 610/udp dqs313_qmaster
+npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
+npmp-gui 611/udp dqs313_execd
+hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS
+hmmp-ind 612/udp dqs313_intercell
+asf-rmcp 623/udp # ASF Remote Management and Control Protocol
+qmqp 628/tcp
+qmqp 628/udp
+ipp 631/tcp # Internet Printing Protocol
+ipp 631/udp
+#
+# UNIX specific services
+#
+exec 512/tcp
+biff 512/udp comsat
+login 513/tcp
+who 513/udp whod
+shell 514/tcp cmd # no passwords used
+syslog 514/udp
+printer 515/tcp spooler # line printer spooler
+talk 517/udp
+ntalk 518/udp
+route 520/udp router routed # RIP
+timed 525/udp timeserver
+tempo 526/tcp newdate
+courier 530/tcp rpc
+conference 531/tcp chat
+netnews 532/tcp readnews
+netwall 533/udp # for emergency broadcasts
+gdomap 538/tcp # GNUstep distributed objects
+gdomap 538/udp
+uucp 540/tcp uucpd # uucp daemon
+klogin 543/tcp # Kerberized `rlogin' (v5)
+kshell 544/tcp krcmd # Kerberized `rsh' (v5)
+dhcpv6-client 546/tcp
+dhcpv6-client 546/udp
+dhcpv6-server 547/tcp
+dhcpv6-server 547/udp
+afpovertcp 548/tcp # AFP over TCP
+afpovertcp 548/udp
+idfp 549/tcp
+idfp 549/udp
+remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
+nntps 563/tcp snntp # NNTP over SSL
+nntps 563/udp snntp
+submission 587/tcp # Submission [RFC4409]
+submission 587/udp
+ldaps 636/tcp # LDAP over SSL
+ldaps 636/udp
+tinc 655/tcp # tinc control port
+tinc 655/udp
+silc 706/tcp
+silc 706/udp
+kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
+#
+webster 765/tcp # Network dictionary
+webster 765/udp
+rsync 873/tcp
+rsync 873/udp
+ftps-data 989/tcp # FTP over SSL (data)
+ftps 990/tcp
+telnets 992/tcp # Telnet over SSL
+telnets 992/udp
+imaps 993/tcp # IMAP over SSL
+imaps 993/udp
+ircs 994/tcp # IRC over SSL
+ircs 994/udp
+pop3s 995/tcp # POP-3 over SSL
+pop3s 995/udp
+#
+# From ``Assigned Numbers'':
+#
+#> The Registered Ports are not controlled by the IANA and on most systems
+#> can be used by ordinary user processes or programs executed by ordinary
+#> users.
+#
+#> Ports are used in the TCP [45,106] to name the ends of logical
+#> connections which carry long term conversations. For the purpose of
+#> providing services to unknown callers, a service contact port is
+#> defined. This list specifies the port used by the server process as its
+#> contact port. While the IANA can not control uses of these ports it
+#> does register or list uses of these ports as a convienence to the
+#> community.
+#
+socks 1080/tcp # socks proxy server
+socks 1080/udp
+proofd 1093/tcp
+proofd 1093/udp
+rootd 1094/tcp
+rootd 1094/udp
+openvpn 1194/tcp
+openvpn 1194/udp
+rmiregistry 1099/tcp # Java RMI Registry
+rmiregistry 1099/udp
+kazaa 1214/tcp
+kazaa 1214/udp
+nessus 1241/tcp # Nessus vulnerability
+nessus 1241/udp # assessment scanner
+lotusnote 1352/tcp lotusnotes # Lotus Note
+lotusnote 1352/udp lotusnotes
+ms-sql-s 1433/tcp # Microsoft SQL Server
+ms-sql-s 1433/udp
+ms-sql-m 1434/tcp # Microsoft SQL Monitor
+ms-sql-m 1434/udp
+ingreslock 1524/tcp
+ingreslock 1524/udp
+prospero-np 1525/tcp # Prospero non-privileged
+prospero-np 1525/udp
+datametrics 1645/tcp old-radius
+datametrics 1645/udp old-radius
+sa-msg-port 1646/tcp old-radacct
+sa-msg-port 1646/udp old-radacct
+kermit 1649/tcp
+kermit 1649/udp
+groupwise 1677/tcp
+groupwise 1677/udp
+l2f 1701/tcp l2tp
+l2f 1701/udp l2tp
+radius 1812/tcp
+radius 1812/udp
+radius-acct 1813/tcp radacct # Radius Accounting
+radius-acct 1813/udp radacct
+msnp 1863/tcp # MSN Messenger
+msnp 1863/udp
+unix-status 1957/tcp # remstats unix-status server
+log-server 1958/tcp # remstats log server
+remoteping 1959/tcp # remstats remoteping server
+cisco-sccp 2000/tcp # Cisco SCCP
+cisco-sccp 2000/udp
+search 2010/tcp ndtp
+pipe-server 2010/tcp pipe_server
+nfs 2049/tcp # Network File System
+nfs 2049/udp # Network File System
+gnunet 2086/tcp
+gnunet 2086/udp
+rtcm-sc104 2101/tcp # RTCM SC-104 IANA 1/29/99
+rtcm-sc104 2101/udp
+gsigatekeeper 2119/tcp
+gsigatekeeper 2119/udp
+gris 2135/tcp # Grid Resource Information Server
+gris 2135/udp
+cvspserver 2401/tcp # CVS client/server operations
+cvspserver 2401/udp
+venus 2430/tcp # codacon port
+venus 2430/udp # Venus callback/wbc interface
+venus-se 2431/tcp # tcp side effects
+venus-se 2431/udp # udp sftp side effect
+codasrv 2432/tcp # not used
+codasrv 2432/udp # server port
+codasrv-se 2433/tcp # tcp side effects
+codasrv-se 2433/udp # udp sftp side effect
+mon 2583/tcp # MON traps
+mon 2583/udp
+dict 2628/tcp # Dictionary server
+dict 2628/udp
+f5-globalsite 2792/tcp
+f5-globalsite 2792/udp
+gsiftp 2811/tcp
+gsiftp 2811/udp
+gpsd 2947/tcp
+gpsd 2947/udp
+gds-db 3050/tcp gds_db # InterBase server
+gds-db 3050/udp gds_db
+icpv2 3130/tcp icp # Internet Cache Protocol
+icpv2 3130/udp icp
+iscsi-target 3260/tcp
+mysql 3306/tcp
+mysql 3306/udp
+nut 3493/tcp # Network UPS Tools
+nut 3493/udp
+distcc 3632/tcp # distributed compiler
+distcc 3632/udp
+daap 3689/tcp # Digital Audio Access Protocol
+daap 3689/udp
+svn 3690/tcp subversion # Subversion protocol
+svn 3690/udp subversion
+suucp 4031/tcp # UUCP over SSL
+suucp 4031/udp
+sysrqd 4094/tcp # sysrq daemon
+sysrqd 4094/udp
+sieve 4190/tcp # ManageSieve Protocol
+epmd 4369/tcp # Erlang Port Mapper Daemon
+epmd 4369/udp
+remctl 4373/tcp # Remote Authenticated Command Service
+remctl 4373/udp
+f5-iquery 4353/tcp # F5 iQuery
+f5-iquery 4353/udp
+ipsec-nat-t 4500/udp # IPsec NAT-Traversal [RFC3947]
+iax 4569/tcp # Inter-Asterisk eXchange
+iax 4569/udp
+mtn 4691/tcp # monotone Netsync Protocol
+mtn 4691/udp
+radmin-port 4899/tcp # RAdmin Port
+radmin-port 4899/udp
+rfe 5002/udp # Radio Free Ethernet
+rfe 5002/tcp
+mmcc 5050/tcp # multimedia conference control tool (Yahoo IM)
+mmcc 5050/udp
+sip 5060/tcp # Session Initiation Protocol
+sip 5060/udp
+sip-tls 5061/tcp
+sip-tls 5061/udp
+aol 5190/tcp # AIM
+aol 5190/udp
+xmpp-client 5222/tcp jabber-client # Jabber Client Connection
+xmpp-client 5222/udp jabber-client
+xmpp-server 5269/tcp jabber-server # Jabber Server Connection
+xmpp-server 5269/udp jabber-server
+cfengine 5308/tcp
+cfengine 5308/udp
+mdns 5353/tcp # Multicast DNS
+mdns 5353/udp
+postgresql 5432/tcp postgres # PostgreSQL Database
+postgresql 5432/udp postgres
+freeciv 5556/tcp rptp # Freeciv gameplay
+freeciv 5556/udp
+amqps 5671/tcp # AMQP protocol over TLS/SSL
+amqp 5672/tcp
+amqp 5672/udp
+amqp 5672/sctp
+ggz 5688/tcp # GGZ Gaming Zone
+ggz 5688/udp
+x11 6000/tcp x11-0 # X Window System
+x11 6000/udp x11-0
+x11-1 6001/tcp
+x11-1 6001/udp
+x11-2 6002/tcp
+x11-2 6002/udp
+x11-3 6003/tcp
+x11-3 6003/udp
+x11-4 6004/tcp
+x11-4 6004/udp
+x11-5 6005/tcp
+x11-5 6005/udp
+x11-6 6006/tcp
+x11-6 6006/udp
+x11-7 6007/tcp
+x11-7 6007/udp
+gnutella-svc 6346/tcp # gnutella
+gnutella-svc 6346/udp
+gnutella-rtr 6347/tcp # gnutella
+gnutella-rtr 6347/udp
+sge-qmaster 6444/tcp sge_qmaster # Grid Engine Qmaster Service
+sge-qmaster 6444/udp sge_qmaster
+sge-execd 6445/tcp sge_execd # Grid Engine Execution Service
+sge-execd 6445/udp sge_execd
+mysql-proxy 6446/tcp # MySQL Proxy
+mysql-proxy 6446/udp
+afs3-fileserver 7000/tcp bbs # file server itself
+afs3-fileserver 7000/udp bbs
+afs3-callback 7001/tcp # callbacks to cache managers
+afs3-callback 7001/udp
+afs3-prserver 7002/tcp # users & groups database
+afs3-prserver 7002/udp
+afs3-vlserver 7003/tcp # volume location database
+afs3-vlserver 7003/udp
+afs3-kaserver 7004/tcp # AFS/Kerberos authentication
+afs3-kaserver 7004/udp
+afs3-volser 7005/tcp # volume managment server
+afs3-volser 7005/udp
+afs3-errors 7006/tcp # error interpretation service
+afs3-errors 7006/udp
+afs3-bos 7007/tcp # basic overseer process
+afs3-bos 7007/udp
+afs3-update 7008/tcp # server-to-server updater
+afs3-update 7008/udp
+afs3-rmtsys 7009/tcp # remote cache manager service
+afs3-rmtsys 7009/udp
+font-service 7100/tcp xfs # X Font Service
+font-service 7100/udp xfs
+http-alt 8080/tcp webcache # WWW caching service
+http-alt 8080/udp
+bacula-dir 9101/tcp # Bacula Director
+bacula-dir 9101/udp
+bacula-fd 9102/tcp # Bacula File Daemon
+bacula-fd 9102/udp
+bacula-sd 9103/tcp # Bacula Storage Daemon
+bacula-sd 9103/udp
+xmms2 9667/tcp # Cross-platform Music Multiplexing System
+xmms2 9667/udp
+nbd 10809/tcp # Linux Network Block Device
+zabbix-agent 10050/tcp # Zabbix Agent
+zabbix-agent 10050/udp
+zabbix-trapper 10051/tcp # Zabbix Trapper
+zabbix-trapper 10051/udp
+amanda 10080/tcp # amanda backup services
+amanda 10080/udp
+dicom 11112/tcp
+hkp 11371/tcp # OpenPGP HTTP Keyserver
+hkp 11371/udp
+bprd 13720/tcp # VERITAS NetBackup
+bprd 13720/udp
+bpdbm 13721/tcp # VERITAS NetBackup
+bpdbm 13721/udp
+bpjava-msvc 13722/tcp # BP Java MSVC Protocol
+bpjava-msvc 13722/udp
+vnetd 13724/tcp # Veritas Network Utility
+vnetd 13724/udp
+bpcd 13782/tcp # VERITAS NetBackup
+bpcd 13782/udp
+vopied 13783/tcp # VERITAS NetBackup
+vopied 13783/udp
+db-lsp 17500/tcp # Dropbox LanSync Protocol
+dcap 22125/tcp # dCache Access Protocol
+gsidcap 22128/tcp # GSI dCache Access Protocol
+wnn6 22273/tcp # wnn6
+wnn6 22273/udp
+
+#
+# Datagram Delivery Protocol services
+#
+rtmp 1/ddp # Routing Table Maintenance Protocol
+nbp 2/ddp # Name Binding Protocol
+echo 4/ddp # AppleTalk Echo Protocol
+zip 6/ddp # Zone Information Protocol
+
+#=========================================================================
+# The remaining port numbers are not as allocated by IANA.
+#=========================================================================
+
+# Kerberos (Project Athena/MIT) services
+# Note that these are for Kerberos v4, and are unofficial. Sites running
+# v4 should uncomment these and comment out the v5 entries above.
+#
+kerberos4 750/udp kerberos-iv kdc # Kerberos (server)
+kerberos4 750/tcp kerberos-iv kdc
+kerberos-master 751/udp kerberos_master # Kerberos authentication
+kerberos-master 751/tcp
+passwd-server 752/udp passwd_server # Kerberos passwd server
+krb-prop 754/tcp krb_prop krb5_prop hprop # Kerberos slave propagation
+krbupdate 760/tcp kreg # Kerberos registration
+swat 901/tcp # swat
+kpop 1109/tcp # Pop with Kerberos
+knetd 2053/tcp # Kerberos de-multiplexor
+zephyr-srv 2102/udp # Zephyr server
+zephyr-clt 2103/udp # Zephyr serv-hm connection
+zephyr-hm 2104/udp # Zephyr hostmanager
+eklogin 2105/tcp # Kerberos encrypted rlogin
+# Hmmm. Are we using Kv4 or Kv5 now? Worrying.
+# The following is probably Kerberos v5 --- ajt@debian.org (11/02/2000)
+kx 2111/tcp # X over Kerberos
+iprop 2121/tcp # incremental propagation
+#
+# Unofficial but necessary (for NetBSD) services
+#
+supfilesrv 871/tcp # SUP server
+supfiledbg 1127/tcp # SUP debugging
+
+#
+# Services added for the Debian GNU/Linux distribution
+#
+linuxconf 98/tcp # LinuxConf
+poppassd 106/tcp # Eudora
+poppassd 106/udp
+moira-db 775/tcp moira_db # Moira database
+moira-update 777/tcp moira_update # Moira update protocol
+moira-ureg 779/udp moira_ureg # Moira user registration
+spamd 783/tcp # spamassassin daemon
+omirr 808/tcp omirrd # online mirror
+omirr 808/udp omirrd
+customs 1001/tcp # pmake customs server
+customs 1001/udp
+skkserv 1178/tcp # skk jisho server port
+predict 1210/udp # predict -- satellite tracking
+rmtcfg 1236/tcp # Gracilis Packeten remote config server
+wipld 1300/tcp # Wipl network monitor
+xtel 1313/tcp # french minitel
+xtelw 1314/tcp # french minitel
+support 1529/tcp # GNATS
+cfinger 2003/tcp # GNU Finger
+frox 2121/tcp # frox: caching ftp proxy
+ninstall 2150/tcp # ninstall service
+ninstall 2150/udp
+zebrasrv 2600/tcp # zebra service
+zebra 2601/tcp # zebra vty
+ripd 2602/tcp # ripd vty (zebra)
+ripngd 2603/tcp # ripngd vty (zebra)
+ospfd 2604/tcp # ospfd vty (zebra)
+bgpd 2605/tcp # bgpd vty (zebra)
+ospf6d 2606/tcp # ospf6d vty (zebra)
+ospfapi 2607/tcp # OSPF-API
+isisd 2608/tcp # ISISd vty (zebra)
+afbackup 2988/tcp # Afbackup system
+afbackup 2988/udp
+afmbackup 2989/tcp # Afmbackup system
+afmbackup 2989/udp
+xtell 4224/tcp # xtell server
+fax 4557/tcp # FAX transmission service (old)
+hylafax 4559/tcp # HylaFAX client-server protocol (new)
+distmp3 4600/tcp # distmp3host daemon
+munin 4949/tcp lrrd # Munin
+enbd-cstatd 5051/tcp # ENBD client statd
+enbd-sstatd 5052/tcp # ENBD server statd
+pcrd 5151/tcp # PCR-1000 Daemon
+noclog 5354/tcp # noclogd with TCP (nocol)
+noclog 5354/udp # noclogd with UDP (nocol)
+hostmon 5355/tcp # hostmon uses TCP (nocol)
+hostmon 5355/udp # hostmon uses UDP (nocol)
+rplay 5555/udp # RPlay audio service
+nrpe 5666/tcp # Nagios Remote Plugin Executor
+nsca 5667/tcp # Nagios Agent - NSCA
+mrtd 5674/tcp # MRT Routing Daemon
+bgpsim 5675/tcp # MRT Routing Simulator
+canna 5680/tcp # cannaserver
+syslog-tls 6514/tcp # Syslog over TLS [RFC5425]
+sane-port 6566/tcp sane saned # SANE network scanner daemon
+ircd 6667/tcp # Internet Relay Chat
+zope-ftp 8021/tcp # zope management by ftp
+tproxy 8081/tcp # Transparent Proxy
+omniorb 8088/tcp # OmniORB
+omniorb 8088/udp
+clc-build-daemon 8990/tcp # Common lisp build daemon
+xinetd 9098/tcp
+mandelspawn 9359/udp mandelbrot # network mandelbrot
+git 9418/tcp # Git Version Control System
+zope 9673/tcp # zope server
+webmin 10000/tcp
+kamanda 10081/tcp # amanda backup services (Kerberos)
+kamanda 10081/udp
+amandaidx 10082/tcp # amanda backup services
+amidxtape 10083/tcp # amanda backup services
+smsqp 11201/tcp # Alamin SMS gateway
+smsqp 11201/udp
+xpilot 15345/tcp # XPilot Contact Port
+xpilot 15345/udp
+sgi-cmsd 17001/udp # Cluster membership services daemon
+sgi-crsd 17002/udp
+sgi-gcd 17003/udp # SGI Group membership daemon
+sgi-cad 17004/tcp # Cluster Admin daemon
+isdnlog 20011/tcp # isdn logging system
+isdnlog 20011/udp
+vboxd 20012/tcp # voice box system
+vboxd 20012/udp
+binkp 24554/tcp # binkp fidonet protocol
+asp 27374/tcp # Address Search Protocol
+asp 27374/udp
+csync2 30865/tcp # cluster synchronization tool
+dircproxy 57000/tcp # Detachable IRC Proxy
+tfido 60177/tcp # fidonet EMSI over telnet
+fido 60179/tcp # fidonet EMSI over TCP
+
+# Local services
--- /dev/null
+/var/lib/sgml-base/supercatalog
\ No newline at end of file
--- /dev/null
+CATALOG /usr/share/sgml/dtd/xml-core/catalog
--- /dev/null
+root:$5$m3FZrMJ6$ueK1x.Td/Vs4WiF8MCKitaOvyu1DR2uByyqXXmprz49:17001:0:99999:7:::
+daemon:*:16983:0:99999:7:::
+bin:*:16983:0:99999:7:::
+sys:*:16983:0:99999:7:::
+sync:*:16983:0:99999:7:::
+games:*:16983:0:99999:7:::
+man:*:16983:0:99999:7:::
+lp:*:16983:0:99999:7:::
+mail:*:16983:0:99999:7:::
+news:*:16983:0:99999:7:::
+uucp:*:16983:0:99999:7:::
+proxy:*:16983:0:99999:7:::
+www-data:*:16983:0:99999:7:::
+backup:*:16983:0:99999:7:::
+list:*:16983:0:99999:7:::
+irc:*:16983:0:99999:7:::
+gnats:*:16983:0:99999:7:::
+nobody:*:16983:0:99999:7:::
+systemd-timesync:*:16983:0:99999:7:::
+systemd-network:*:16983:0:99999:7:::
+systemd-resolve:*:16983:0:99999:7:::
+systemd-bus-proxy:*:16983:0:99999:7:::
+sshd:*:16983:0:99999:7:::
+messagebus:*:16983:0:99999:7:::
+mysql:!:17002:0:99999:7:::
+postfix:*:17002:0:99999:7:::
+clamav:!:17002:0:99999:7:::
+dovecot:*:17002:0:99999:7:::
+dovenull:*:17002:0:99999:7:::
+amavis:*:17002:0:99999:7:::
+debian-spamd:*:17002:0:99999:7:::
+vmail:!:17002:0:99999:7:::
+iredadmin:!:17002:0:99999:7:::
+iredapd:!:17002:0:99999:7:::
+ulog:*:17003:0:99999:7:::
+frank:$6$XvWKCqsO$ilXvfnvvIT/ot91lmWUlX.crje8qP/jQvAh9r1XTUJFWKKM9mx5YdCOpBBBjqJ/vqrBo2tqTo5LpLKNAv1F241:17007:0:99999:7:::
--- /dev/null
+root:$5$m3FZrMJ6$ueK1x.Td/Vs4WiF8MCKitaOvyu1DR2uByyqXXmprz49:17001:0:99999:7:::
+daemon:*:16983:0:99999:7:::
+bin:*:16983:0:99999:7:::
+sys:*:16983:0:99999:7:::
+sync:*:16983:0:99999:7:::
+games:*:16983:0:99999:7:::
+man:*:16983:0:99999:7:::
+lp:*:16983:0:99999:7:::
+mail:*:16983:0:99999:7:::
+news:*:16983:0:99999:7:::
+uucp:*:16983:0:99999:7:::
+proxy:*:16983:0:99999:7:::
+www-data:*:16983:0:99999:7:::
+backup:*:16983:0:99999:7:::
+list:*:16983:0:99999:7:::
+irc:*:16983:0:99999:7:::
+gnats:*:16983:0:99999:7:::
+nobody:*:16983:0:99999:7:::
+systemd-timesync:*:16983:0:99999:7:::
+systemd-network:*:16983:0:99999:7:::
+systemd-resolve:*:16983:0:99999:7:::
+systemd-bus-proxy:*:16983:0:99999:7:::
+sshd:*:16983:0:99999:7:::
+messagebus:*:16983:0:99999:7:::
+mysql:!:17002:0:99999:7:::
+postfix:*:17002:0:99999:7:::
+clamav:!:17002:0:99999:7:::
+dovecot:*:17002:0:99999:7:::
+dovenull:*:17002:0:99999:7:::
+amavis:*:17002:0:99999:7:::
+debian-spamd:*:17002:0:99999:7:::
+vmail:!:17002:0:99999:7:::
+iredadmin:!:17002:0:99999:7:::
+iredapd:!:17002:0:99999:7:::
+ulog:*:17003:0:99999:7:::
--- /dev/null
+# /etc/shells: valid login shells
+/bin/sh
+/bin/dash
+/bin/bash
+/bin/rbash
+/bin/zsh
+/usr/bin/zsh
--- /dev/null
+# ~/.bash_logout: executed by bash(1) when login shell exits.
+
+# when leaving the console clear the screen to increase privacy
+
+#if [ "$SHLVL" = 1 ]; then
+# [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
+#fi
--- /dev/null
+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+ *i*) ;;
+ *) return;;
+esac
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# If this is an xterm set the title to user@host:dir
+#case "$TERM" in
+#xterm*|rxvt*)
+# PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+# ;;
+#*)
+# ;;
+#esac
+
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+ . ~/.bash_aliases
+fi
+
--- /dev/null
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+ # include .bashrc if it exists
+ if [ -f "$HOME/.bashrc" ]; then
+ . "$HOME/.bashrc"
+ fi
+fi
+
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+ PATH="$HOME/bin:$PATH"
+fi
--- /dev/null
+#
+# smi.conf - Global SMI configuration file.
+#
+# Copyright (c) 2000 Frank Strauss, Technical University of Braunschweig.
+#
+# See the file "COPYING" for information on usage and redistribution
+# of this file, and for a DISCLAIMER OF ALL WARRANTIES.
+#
+# See smi_config(3) for detailed information on configuration files.
+#
+# Debian version by Remco van de Meent <remco@debian.org>
+# 20010612
+
+# Extend (note the semicolon) the libsmi default module search path.
+# (On Windows systems, use `;' instead of `:', and `\' instead of `/'.)
+
+path :/usr/share/mibs/iana
+path :/usr/share/mibs/ietf
+path :/usr/share/mibs/netsnmp
+path :/usr/share/mibs/site
+
+# Don't show any errors by default.
+level 0
+
+# Preload some basic SMIv2 modules.
+load SNMPv2-SMI
+load SNMPv2-TC
+load SNMPv2-CONF
+
+# Make smilint shout loud to report all errors and warnings.
+smilint: level 9
+
+# But please don't claim about any names longer than 32 chars.
+# (note: this is the prefix of errors `namelength-32-module,
+# -type, -object, -enumeration, and -bit)
+smilint: hide namelength-32
+
+# Preloading some more modules for special applications.
+# smiquery: load IF-MIB
--- /dev/null
+# Special SpamAssassin rules for Debian
+# Duncan Findlay
+
+header D_SENT_BY_DEBCONF Subject =~ /^Debconf:/
+score D_SENT_BY_DEBCONF -5.0
+describe D_SENT_BY_DEBCONF Sent by Debconf
+
+body D_SENT_BY_AFBACKUP /^\[Afbackup\]: Overall exit status:/
+score D_SENT_BY_AFBACKUP -5.0
+describe D_SENT_BY_AFBACKUP Sent by Afbackup
+
+header D_SENT_BY_APTLC Subject =~ /^apt-listchanges: (changelogs|news) for/
+score D_SENT_BY_APTLC -5.0
+describe D_SENT_BY_APTLC Sent by apt-listchanges
+
+header __ANACRON_SUBJ Subject =~ /^Anacron job '[a-z0-9_.-]+' on/i
+header __ANACRON_FROM From =~ /^Anacron/
+meta D_SENT_BY_ANACRON __ANACRON_SUBJ && __ANACRON_FROM
+score D_SENT_BY_ANACRON -5.0
+describe D_SENT_BY_ANACRON Sent by Anacron Daemon
+
+
+header __CRON_FROM From =~ /^Cron Daemon/
+header __CRON_HEADER X-Cron-Env =~ /./
+meta D_SENT_BY_CRON __CRON_FROM && __CRON_HEADER
+score D_SENT_BY_CRON -5.0
+describe D_SENT_BY_CRON Sent by Cron Daemon
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file contains plugin activation commands for plugins included
+# in SpamAssassin 3.0.x releases. It will not be installed if you
+# already have a file in place called "init.pre".
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+###########################################################################
+
+# RelayCountry - add metadata for Bayes learning, marking the countries
+# a message was relayed through
+#
+# Note: This requires the Geo::IP Perl module
+#
+# loadplugin Mail::SpamAssassin::Plugin::RelayCountry
+
+# URIDNSBL - look up URLs found in the message against several DNS
+# blocklists.
+#
+loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
+
+# Hashcash - perform hashcash verification.
+#
+loadplugin Mail::SpamAssassin::Plugin::Hashcash
+
+# SPF - perform SPF verification.
+#
+loadplugin Mail::SpamAssassin::Plugin::SPF
+
--- /dev/null
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail. If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+#
+# Sample SpamAssassin rules. It should be localted at:
+# /etc/mail/spamassassin/local.cf
+#
+# Shipped within iRedMail project:
+# * http://iRedMail.googlecode.com/
+#
+# See also:
+# $ man Mail::SpamAssassin::Conf
+#
+
+
+# These two lines will not affect due to Amavisd use its
+# own variables setting in /etc/amavisd.conf.
+required_score 5.0
+rewrite_header subject [ SPAM ]
+
+report_safe 0
+lock_method flock
+
+#
+# Bayesian support
+#
+# References:
+# - http://wiki.apache.org/spamassassin/BayesInSpamAssassin
+# - http://svn.apache.org/repos/asf/spamassassin/branches/3.3/sql/README.bayes
+# Addition plugin for Roundcube webmail to call sa-learn
+# - http://www.tehinterweb.co.uk/roundcube/#pimarkasjunk2
+#
+use_bayes 1
+bayes_auto_learn 1
+bayes_auto_expire 1
+
+# Store bayesian data in MySQL.
+# Please make sure you have correct server address, port and database name.
+#bayes_store_module Mail::SpamAssassin::BayesStore::MySQL
+#bayes_sql_dsn DBI:mysql:sa_bayes:127.0.0.1:3306
+
+# Store bayesian data in PostgreSQL.
+# Please make sure you have correct server address, port and database name.
+#bayes_store_module Mail::SpamAssassin::BayesStore::PgSQL
+#bayes_sql_dsn DBI:Pg:sa_bayes:127.0.0.1:5432
+
+# SQL username and password.
+#bayes_sql_username db_username
+#bayes_sql_password db_password
+
+# Override the username used for storing data in the database.
+# This could be used to group users together to share bayesian filter data.
+# You can also use this config option to trick sa-learn to learn data as a specific user.
+#bayes_sql_override_username vmail
+
+
+# Turn off ALL DNSBL (DNS Blocklists)
+#skip_rbl_checks 1
+# Turn off DNSBL: rhsbl.ahbl.org.
+# Check /usr/share/spamassassin/20_dnsbl_teest.cf to see the rule name.
+score DNS_FROM_AHBL_RHSBL 0
+
+score URIBL_AB_SURBL 0 0.3306 0 0.3812
+score URIBL_JP_SURBL 0 0.3360 0 0.4087
+score URIBL_OB_SURBL 0 0.2617 0 0.3008
+score URIBL_PH_SURBL 0 0.2240 0 0.2800
+score URIBL_SBL 0 0.1094 0 0.1639
+score URIBL_SC_SURBL 0 0.3600 0 0.4498
+score URIBL_WS_SURBL 0 0.1533 0 0.2140
+
+# For SpamAssassin-3.2.x. Reference:
+# http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Plugin_SPF.html
+#do_not_use_mail_spf 0
+#do_not_use_mail_spf_query 1
+#ignore_received_spf_header 1
+
+# Trusted networks. Examples:
+# 192.168/16 # all in 192.168.*.*
+# 212.17.35.15 # just that host
+# !10.0.1.5 10.0.1/24 # all in 10.0.1.* but not 10.0.1.5
+# DEAD:BEEF::/32 # all in that ipv6 prefix
+# Local host (127.0.0.1) will automatically be trusted implicitly.
+#trusted_networks 192.168/16
+
+# Whitelist from SPF.
+#whitelist_from_spf joe@example.com fred@example.com
+#whitelist_from_spf *@example.com
+
+# Whitelist from DKIM.
+loadplugin Mail::SpamAssassin::Plugin::DKIM
+whitelist_from_dkim *@paypal.com
+whitelist_from_dkim *@linkedin.com
+whitelist_from_dkim *@twitter.com
+whitelist_from_dkim *@bounce.twitter.com
+
+# Whitelist domains.
+# Reference: http://wiki.apache.org/spamassassin/ManualWhitelist
+#whitelist_from *@gmail.com
+
+# Locales.
+ok_locales all
+
+# Some sample custom file rules. Refer to SpamAssassin wiki site for more
+# details: http://wiki.apache.org/spamassassin/WritingRules
+#
+# Filter Headers.
+# -- Subject
+#header LOCAL_DEMONSTRATION_SUBJECT Subject =~ /\btest\b/i
+#score LOCAL_DEMONSTRATION_SUBJECT 0.1
+# -- From
+#header LOCAL_DEMONSTRATION_FROM From =~ /test\.com/i
+#score LOCAL_DEMONSTRATION_FROM 0.1
+# -- Look at all the headers and match if any of them contain the specified regex:
+#header LOCAL_DEMONSTRATION_ALL ALL =~ /test\.com/i
+#score LOCAL_DEMONSTRATION_ALL 0.1
+#
+# Filter mail body.
+#body LOCAL_DEMONSTRATION_RULE /test/
+#score LOCAL_DEMONSTRATION_RULE 0.1
+#describe LOCAL_DEMONSTRATION_RULE This is a simple test rule
+
+# Decrease score for authenticated senders.
+# IMPORTANT NOTES:
+#
+# 1) Please replace 'your\.server\.com' by the value of Postfix parameter
+# "myhostname".
+# 2) Please set 'smtpd_sasl_authenticated_header = yes' in Postfix main.cf.
+#
+#header AUTHENTICATED_SENDER Received =~ /Authenticated\ sender\:.*by\ your\.server\.com/
+#describe AUTHENTICATED_SENDER Header 'Received:' contains 'Authenticated sender:'
+#score AUTHENTICATED_SENDER -3
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# Only a small subset of options are listed below
+#
+###########################################################################
+
+# Add *****SPAM***** to the Subject header of spam e-mails
+#
+# rewrite_header Subject *****SPAM*****
+
+
+# Save spam messages as a message/rfc822 MIME attachment instead of
+# modifying the original message (0: off, 2: use text/plain instead)
+#
+# report_safe 1
+
+
+# Set which networks or hosts are considered 'trusted' by your mail
+# server (i.e. not spammers)
+#
+# trusted_networks 212.17.35.
+
+
+# Set file-locking method (flock is not safe over NFS, but is faster)
+#
+# lock_method flock
+
+
+# Set the threshold at which a message is considered spam (default: 5.0)
+#
+# required_score 5.0
+
+
+# Use Bayesian classifier (default: 1)
+#
+# use_bayes 1
+
+
+# Bayesian classifier auto-learning (default: 1)
+#
+# bayes_auto_learn 1
+
+
+# Set headers which may provide inappropriate cues to the Bayesian
+# classifier
+#
+# bayes_ignore_header X-Bogosity
+# bayes_ignore_header X-Spam-Flag
+# bayes_ignore_header X-Spam-Status
+
+
+# Some shortcircuiting, if the plugin is enabled
+#
+ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
+#
+# default: strongly-whitelisted mails are *really* whitelisted now, if the
+# shortcircuiting plugin is active, causing early exit to save CPU load.
+# Uncomment to turn this on
+#
+# shortcircuit USER_IN_WHITELIST on
+# shortcircuit USER_IN_DEF_WHITELIST on
+# shortcircuit USER_IN_ALL_SPAM_TO on
+# shortcircuit SUBJECT_IN_WHITELIST on
+
+# the opposite; blacklisted mails can also save CPU
+#
+# shortcircuit USER_IN_BLACKLIST on
+# shortcircuit USER_IN_BLACKLIST_TO on
+# shortcircuit SUBJECT_IN_BLACKLIST on
+
+# if you have taken the time to correctly specify your "trusted_networks",
+# this is another good way to save CPU
+#
+# shortcircuit ALL_TRUSTED on
+
+# and a well-trained bayes DB can save running rules, too
+#
+# shortcircuit BAYES_99 spam
+# shortcircuit BAYES_00 ham
+
+endif # Mail::SpamAssassin::Plugin::Shortcircuit
--- /dev/null
+#!/bin/sh
+
+#This scripts restarts amavisd-new after spamassassin
+#rules got updated
+
+NAME=amavisd-new
+AMAVISPID=/var/run/amavis/amavisd.pid
+INIT=/etc/init.d/amavis
+
+# stolen from dhcpd3 initscript
+# single arg is -v for messages, -q for none
+check_status()
+{
+ if [ ! -r "$AMAVISPID" ]; then
+ test "$1" != -v || echo "$NAME is not running."
+ return 3
+ fi
+ if read pid < "$AMAVISPID" && ps -p "$pid" > /dev/null 2>&1; then
+ test "$1" != -v || echo "$NAME is running."
+ return 0
+ else
+ test "$1" != -v || echo "$NAME is not running but $AMAVISPID exists."
+ return 1
+ fi
+}
+
+#exit if amavis is not running
+check_status || exit
+
+$INIT restart > /dev/null
+
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file was installed during the installation of SpamAssassin 3.1.0,
+# and contains plugin loading commands for the new plugins added in that
+# release. It will not be overwritten during future SpamAssassin installs,
+# so you can modify it to enable some disabled-by-default plugins below,
+# if you so wish.
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+###########################################################################
+
+# DCC - perform DCC message checks.
+#
+# DCC is disabled here because it is not open source. See the DCC
+# license for more details.
+#
+#loadplugin Mail::SpamAssassin::Plugin::DCC
+
+# Pyzor - perform Pyzor message checks.
+#
+loadplugin Mail::SpamAssassin::Plugin::Pyzor
+
+# Razor2 - perform Razor2 message checks.
+#
+loadplugin Mail::SpamAssassin::Plugin::Razor2
+
+# SpamCop - perform SpamCop message reporting
+#
+loadplugin Mail::SpamAssassin::Plugin::SpamCop
+
+# AntiVirus - some simple anti-virus checks, this is not a replacement
+# for an anti-virus filter like Clam AntiVirus
+#
+#loadplugin Mail::SpamAssassin::Plugin::AntiVirus
+
+# AWL - do auto-whitelist checks
+#
+#loadplugin Mail::SpamAssassin::Plugin::AWL
+
+# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning
+#
+loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
+
+# TextCat - language guesser
+#
+#loadplugin Mail::SpamAssassin::Plugin::TextCat
+
+# AccessDB - lookup from-addresses in access database
+#
+#loadplugin Mail::SpamAssassin::Plugin::AccessDB
+
+# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions
+#
+loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
+
+###########################################################################
+# experimental plugins
+
+# DomainKeys - perform DomainKeys verification
+#
+# This plugin has been removed as of v3.3.0. Use the DKIM plugin instead,
+# which supports both Domain Keys and DKIM.
+
+# MIMEHeader - apply regexp rules against MIME headers in the message
+#
+loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
+
+# ReplaceTags
+#
+loadplugin Mail::SpamAssassin::Plugin::ReplaceTags
+
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file was installed during the installation of SpamAssassin 3.1.2,
+# and contains plugin loading commands for the new plugins added in that
+# release. It will not be overwritten during future SpamAssassin installs,
+# so you can modify it to enable some disabled-by-default plugins below,
+# if you so wish.
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+
+###########################################################################
+# experimental plugins
+
+# DKIM - perform DKIM verification
+#
+# Mail::DKIM module required for use, see INSTALL for more information.
+#
+# Note that if C<Mail::DKIM> version 0.20 or later is installed, this
+# renders the DomainKeys plugin redundant.
+#
+loadplugin Mail::SpamAssassin::Plugin::DKIM
+
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file was installed during the installation of SpamAssassin 3.2.0,
+# and contains plugin loading commands for the new plugins added in that
+# release. It will not be overwritten during future SpamAssassin installs,
+# so you can modify it to enable some disabled-by-default plugins below,
+# if you so wish.
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+###########################################################################
+
+# Check - Provides main check functionality
+#
+loadplugin Mail::SpamAssassin::Plugin::Check
+
+# HTTPSMismatch - find URI mismatches between href and anchor text
+#
+loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch
+
+# URIDetail - test URIs using detailed URI information
+#
+loadplugin Mail::SpamAssassin::Plugin::URIDetail
+
+# Shortcircuit - stop evaluation early if high-accuracy rules fire
+#
+# loadplugin Mail::SpamAssassin::Plugin::Shortcircuit
+
+# Plugins which used to be EvalTests.pm
+# broken out into separate plugins
+loadplugin Mail::SpamAssassin::Plugin::Bayes
+loadplugin Mail::SpamAssassin::Plugin::BodyEval
+loadplugin Mail::SpamAssassin::Plugin::DNSEval
+loadplugin Mail::SpamAssassin::Plugin::HTMLEval
+loadplugin Mail::SpamAssassin::Plugin::HeaderEval
+loadplugin Mail::SpamAssassin::Plugin::MIMEEval
+loadplugin Mail::SpamAssassin::Plugin::RelayEval
+loadplugin Mail::SpamAssassin::Plugin::URIEval
+loadplugin Mail::SpamAssassin::Plugin::WLBLEval
+
+# VBounce - anti-bounce-message rules, see rules/20_vbounce.cf
+#
+loadplugin Mail::SpamAssassin::Plugin::VBounce
+
+# Rule2XSBody - speedup by compilation of ruleset to native code
+#
+# loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
+
+# ASN - Look up the Autonomous System Number of the connecting IP
+# and create a header containing ASN data for bayes tokenization.
+# See plugin's POD docs for usage info.
+#
+# loadplugin Mail::SpamAssassin::Plugin::ASN
+
+# ImageInfo - rules to match metadata of image attachments
+#
+loadplugin Mail::SpamAssassin::Plugin::ImageInfo
+
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file was installed during the installation of SpamAssassin 3.3.0,
+# and contains plugin loading commands for the new plugins added in that
+# release. It will not be overwritten during future SpamAssassin installs,
+# so you can modify it to enable some disabled-by-default plugins below,
+# if you so wish.
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+###########################################################################
+
+# PhishTag - allows sites to rewrite suspect phish-mail URLs
+# (Note: this requires configuration, see http://umut.topkara.org/PhishTag)
+#
+#loadplugin Mail::SpamAssassin::Plugin::PhishTag
+
+# FreeMail - detect email addresses using free webmail services,
+# usable as input for other rules
+#
+loadplugin Mail::SpamAssassin::Plugin::FreeMail
+
--- /dev/null
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# This file was installed during the installation of SpamAssassin 3.4.0,
+# and contains plugin loading commands for the new plugins added in that
+# release. It will not be overwritten during future SpamAssassin installs,
+# so you can modify it to enable some disabled-by-default plugins below,
+# if you so wish.
+#
+# There are now multiple files read to enable plugins in the
+# /etc/mail/spamassassin directory; previously only one, "init.pre" was
+# read. Now both "init.pre", "v310.pre", and any other files ending in
+# ".pre" will be read. As future releases are made, new plugins will be
+# added to new files, named according to the release they're added in.
+###########################################################################
+
+# AskDNS - forms a DNS query based on 'tags' as supplied by other plugins
+#
+loadplugin Mail::SpamAssassin::Plugin::AskDNS
--- /dev/null
+# Time Type Tests Tries Size Generator Modulus
+20120821044040 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A770E2EC9F
+20120821044046 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7711F2C6B
+20120821044047 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771225323
+20120821044048 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712507AB
+20120821044050 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712A2DB3
+20120821044051 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7712CACEF
+20120821044053 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7713959C3
+20120821044057 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7715BBA13
+20120821044103 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77191592F
+20120821044104 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771938E1F
+20120821044106 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771A1E127
+20120821044108 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771B3CDFB
+20120821044109 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771B71913
+20120821044111 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771C2759F
+20120821044113 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771CF8ABF
+20120821044114 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771D2B49B
+20120821044116 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771DF6193
+20120821044117 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771E67E33
+20120821044120 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A771FA581B
+20120821044121 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772027DDB
+20120821044123 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772093F8B
+20120821044124 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7720EEF6F
+20120821044125 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77216CAD7
+20120821044126 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77219A90B
+20120821044129 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7722A0103
+20120821044130 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772343DBF
+20120821044133 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772460C3F
+20120821044137 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7726A4E0F
+20120821044138 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772716D8B
+20120821044141 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A7728D719B
+20120821044143 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A77297AA8B
+20120821044145 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772A8794B
+20120821044147 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772B4D6AB
+20120821044149 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772BD325F
+20120821044150 2 6 100 1023 5 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772BDAE07
+20120821044151 2 6 100 1023 2 D9277DAA27DB131C03B108D41A76B4DA8ACEECCCAE73D2E48CEDAAA70B09EF9F04FB020DCF36C51B8E485B26FABE0337E24232BE4F4E693548310244937433FB1A5758195DC73B84ADEF8237472C46747D79DC0A2CF8A57CE8DBD8F466A20F8551E7B1B824B2E4987A8816D9BC0741C2798F3EBAD3ADEBCC78FCE6A772C95CE3
+20120821044502 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F96361507
+20120821044515 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F965885BF
+20120821044519 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F966006C7
+20120821044528 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9674A0EB
+20120821044539 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F969457F3
+20120821044544 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F969BE79B
+20120821044606 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F96E1E827
+20120821044623 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9714284B
+20120821044630 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97231CB7
+20120821044636 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F972E01DF
+20120821044647 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974BCED3
+20120821044650 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974C3A43
+20120821044653 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F974E8F73
+20120821044701 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9763403B
+20120821044705 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9767666B
+20120821044708 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9768D81F
+20120821044726 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F979FD437
+20120821044729 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97A29BC7
+20120821044732 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97A56447
+20120821044737 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97AEDBDB
+20120821044740 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97B187F3
+20120821044746 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97BC6EE3
+20120821044757 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F97DCCDEB
+20120821044817 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F981975F7
+20120821044831 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F983EC267
+20120821044841 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F985A032F
+20120821044846 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9863B0AB
+20120821044852 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F986E5C7F
+20120821044911 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98A8FF6B
+20120821044917 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98B40E4B
+20120821044924 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98C5840F
+20120821044940 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F98F22CEB
+20120821044947 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99040FFF
+20120821044954 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99139AE3
+20120821045010 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9940BEFB
+20120821045017 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9954379F
+20120821045020 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99548C23
+20120821045023 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99562FC3
+20120821045028 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9960CDCF
+20120821045038 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F997AC0B3
+20120821045045 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F998D9B6B
+20120821045050 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9994BB77
+20120821045059 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99AC001B
+20120821045101 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99AC5547
+20120821045107 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99B86567
+20120821045110 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99BA2677
+20120821045128 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F99EF4523
+20120821045154 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A419DAB
+20120821045214 2 6 100 1535 5 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A7D1E67
+20120821045218 2 6 100 1535 2 D1391174233D315398FE2830AC6B2B66BCCD01B0A634899F339B7879F1DB85712E9DC4E4B1C6C8355570C1D2DCB53493DF18175A9C53D1128B592B4C72D97136F5542FEB981CBFE8012FDD30361F288A42BD5EBB08BAB0A5640E1AC48763B2ABD1945FEE36B2D55E1D50A1C86CED9DD141C4E7BE2D32D9B562A0F8E2E927020E91F58B57EB9ACDDA106A59302D7E92AD5F6E851A45FA1CFE86029A0F727F65A8F475F33572E2FDAB6073F0C21B8B54C3823DB2EF068927E5D747498F9A826443
+20120821045639 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293680B09D63
+20120821045830 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936814C2FFB
+20120821050046 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368214FC53
+20120821050054 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368218E83F
+20120821050118 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293682361D5F
+20120821050218 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936828ADA17
+20120821050243 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293682A8A7CB
+20120821050427 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368341AC87
+20120821050515 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936837F8657
+20120821050545 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683A3DFD3
+20120821050554 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683A9635F
+20120821050636 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683DF582B
+20120821050648 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293683E86803
+20120821050758 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684495A13
+20120821050807 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936844FAB5B
+20120821050849 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368486D99B
+20120821050916 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684A776A7
+20120821050942 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684C4FF73
+20120821051003 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684DB980F
+20120821051010 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293684DD4FBF
+20120821051158 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685721537
+20120821051206 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685768253
+20120821051231 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685930F13
+20120821051240 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685987B0B
+20120821051324 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685D5E36B
+20120821051349 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293685F3AB7F
+20120821051424 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686206187
+20120821051516 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368668EB4B
+20120821051540 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C60429368686EB87
+20120821051622 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686BCCF13
+20120821051703 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686F13B9F
+20120821051715 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293686FB2D4F
+20120821051837 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936876ED7DF
+20120821051843 2 6 100 2047 2 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C6042936876F05DB
+20120821051930 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293687AEDE8F
+20120821052131 2 6 100 2047 5 DD2047CBDBB6F8E919BC63DE885B34D0FD6E3DB2887D8B46FE249886ACED6B46DFCD5553168185FD376122171CD8927E60120FA8D01F01D03E58281FEA9A1ABE97631C828E41815F34FDCDF787419FE13A3137649AA93D2584230DF5F24B5C00C88B7D7DE4367693428C730376F218A53E853B0851BAB7C53C15DA7839CBE1285DB63F6FA45C1BB59FE1C5BB918F0F8459D7EF60ACFF5C0FA0F3FCAD1C5F4CE4416D4F4B36B05CDCEBE4FB879E95847EFBC6449CD190248843BC7EDB145FBFC4EDBB1A3C959298F08F3BA2CFBE231BBE204BE6F906209D28BD4820AB3E7BE96C26AE8A809ADD8D1A5A0B008E9570FA4C4697E116B8119892C604293688637CFF
+20120821053137 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942284EA9F
+20120821053209 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94228B7F67
+20120821053317 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9422A2B3C7
+20120821053841 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94232DEF87
+20120821054039 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942359AB7B
+20120821054334 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9423A371A7
+20120821054455 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9423C1CEEF
+20120821054844 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424273F1F
+20120821055307 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424987667
+20120821055436 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424B90BAB
+20120821055700 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9424F6C7CF
+20120821060224 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94258ADCEF
+20120821060334 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9425A1FCEB
+20120821060420 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9425AEBF43
+20120821060927 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942634C34F
+20120821061829 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94272F0D4F
+20120821062020 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94275B00B7
+20120821062241 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9427941F5F
+20120821063416 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9428D5E367
+20120821063648 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942917E127
+20120821064052 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9429825A2B
+20120821064951 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942A74C4EB
+20120821065736 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942B4640D3
+20120821071146 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942CCD6D1B
+20120821071337 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942CF9321B
+20120821072545 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF942E48654F
+20120821075022 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9430F1B6A3
+20120821080229 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9432356F63
+20120821081230 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF94333D9363
+20120821081746 2 6 100 3071 5 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9433C6A7A7
+20120821081811 2 6 100 3071 2 DFAA35D35531E0F524F0099877A482D2AC8D589F374394A262A8E81A8A4FB2F65FADBAB395E05D147B29D486DFAA41F41597A256DA82A8B6F76401AED53D0253F956CEC610D417E42E3B287F7938FC24D8821B40BFA218A956EB7401BED6C96C68C7FD64F8170A8A76B953DD2F05420118F6B144D8FE48060A2BCB85056B478EDEF96DBC70427053ECD2958C074169E9550DD877779A3CF17C5AC850598C7586BEEA9DCFE9DD2A5FB62DF5F33EA7BC00CDA31B9D2DD721F979EA85B6E63F0C4E30BDDCD3A335522F9004C4ED50B15DC537F55324DD4FA119FB3F101467C6D7E1699DE4B3E3C478A8679B8EB3FA5C9B826B44530FD3BE9AD3063B240B0C853EBDDBD68DD940332D98F148D5D9E1DC977D60A0D23D0CA1198637FEAE4E7FAAC173AF2B84313A666CFB4EE6972811921D0AD867CE57F3BBC8D6CB057E3B66757BB46C9F72662624D44E14528327E3A7100E81A12C43C4E236118318CD90C8AA185BBB0C764826DAEAEE8DD245C5B451B4944E6122CC522D1C335C2EEF9433C94C93
+20120821084945 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45B27D047
+20120821091240 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45C370A33
+20120821092428 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45CBB9FBB
+20120821093047 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45D001E73
+20120821095420 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45E104D6F
+20120821095624 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45E21E2BF
+20120821102749 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA45F9B1B7B
+20120821105854 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4610E205F
+20120821110658 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA461631FBF
+20120821110744 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA461635E3B
+20120821115206 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4636E0DF7
+20120821121256 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4645F38B3
+20120821121421 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46467609B
+20120821122649 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA464F87D6B
+20120821122854 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46508F94B
+20120821125200 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4661CBC5B
+20120821130613 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA466BC6B33
+20120821131115 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA466ED9CC7
+20120821132817 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA467B278B3
+20120821135349 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA468D8351B
+20120821141206 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA469A817A7
+20120821144909 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46B488EF7
+20120821150021 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46BC5D5E7
+20120821153843 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46D774723
+20120821162006 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA46F5488DB
+20120821170404 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA47157A067
+20120821173305 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA472A1E94B
+20120821173936 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA472E0E57F
+20120821174533 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4731F7433
+20120821180053 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA473C7CE3F
+20120821180952 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4742A8237
+20120821181124 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA474343C5B
+20120821183540 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4754D89DB
+20120821183852 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA47569B47F
+20120821184512 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475AC57DB
+20120821184603 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475AD78CB
+20120821184701 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA475B0038F
+20120821185939 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA4763BD72F
+20120821190630 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA476853BB7
+20120821190945 2 6 100 4095 2 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA476A47843
+20120821195501 2 6 100 4095 5 EF07B0F39662DC8600224E46AB8BE8CB72E552D52E88013D20EC039A0697ED9AAD018B16F0B910D4AD54437B8585AAA4EAE0CE216E31F50EDF0CD05DAF5E02A73D399C91B38220EC3B62C42D1CF6BF06378533A70C1F8F4F4416DD542213D3432412125FDBFF7B9473CE6F8812D860E66282C9F34C1774D1EA57D54DADDF7E37A12C4A6AD5B4A30128C29D27D03B6535C0F7A8AF857E18ECAB992984E6D546918AAACB971A2AC2C2E7AF79A9547979E6342DB7443985E5F7EDF6F9F22B600EEB42CB84A5F1ACD76E213C52E3052DAE1A9119801CFA28E6EFD4F6BC35FA06C8724D78A96AF054826C0BF865D0EC5F6F4D31C1D3F7CF2FE6F16AF267A7BA04753AEF420D4D8C36BCE8D9694814B9E9C3DF468064EB5636405C71CA9D8D50D36570B42639C9C2C02FB3A3D0C6B28DD200B0AF164C621D60B12E35E4D00129C8900F6EFDBB49FF34DD64CB13CD4087A7F84FEFD77D4E8099C2B804BA643EAFCA66D1F02BD09AE44AC83A5149F60711B7B108C01D53FF15FA59B36BE62A870F163F5063CEE103B377808343AFBD32271199E26D93734011BED2305EDE2E841EAD512E23B8C9B8CD4D398C7B4C8B76B355CC150B66B8EB7779E2CA519E10E45D0FB138676850C56F23DB135F546D364B92BC1C9423E089D30D4D57D27D7885EE14AE135A488C0542C3719FBEF46F4BB5FB53A28DA26DDF84C8BC55348A8AA478A96AEF
+20120705232031 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B241215BB
+20120705233800 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B246EC93B
+20120706002709 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2582B477
+20120706013826 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B271419A3
+20120706014732 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B273FB1BB
+20120706021008 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B27B7E59F
+20120705225552 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B29C4E81B
+20120705233754 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2AB07037
+20120705234834 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2AE25CBB
+20120706024556 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B2EDFAA6F
+20120705233556 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B30EE83EB
+20120706002117 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B31E6F727
+20120705233808 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B37267537
+20120706001148 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B3DF98C1F
+20120706013155 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B3FBB98EB
+20120706025705 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B418898A7
+20120706022948 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B4707179B
+20120705233534 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B4F3D25C7
+20120706014542 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B520205CB
+20120706030026 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B539518DB
+20120706003519 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B566E0243
+20120706032218 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B59E508EF
+20120706033523 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B5A254F5F
+20120705235242 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B5B60C48F
+20120706022615 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B646A1B3B
+20120706032540 2 6 100 6143 5 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B6594B14F
+20120706001843 2 6 100 6143 2 EEBCAD36F686DDEB790C1EBDF6C6355A4EEB95435785FAC26C1DDBBD0D3C284AB5B4A1D5BA22131604AAE087D8B9431038CDA76DAA9E1C8D10793F53374FDF26489D38FF13188B6961B86E44A065D2FADEFC6C9496350AFA4129C9FD1B6B321E6053A6C645978C151D623C1106FE6669C220690B637F6259522F88250CC2B1B7F170706E9CE741F6E26BB4E86FB6822B13D8A7CE99FEF5CD66EF08310ECE5CC86648BD90E1DC59332505579116D3F3C8314065DC1319BEA133ED809903CA4949905C3D21619217816465E964768FFE76BC962AACBC8FF13477990A81C8759BBE95DFFA22E299F7C0F79A0EA7C44B28E8AB96149CC213E7C886E3D0A2230D7A4176749D6EDD6FCA2F5F3E2BD10392BC818CFB25C696C1EC14CE6F23CDB6C3DA2ED77E098A874799EB65F82A4EAF85CA0C9E68278381AF964AA5816B2CDA8E1ABB2954C02F641E1F374563B0F9DBF2F1B6D8168558BB971C8F48668A8034F82908D45D4D9A9072375D00AE0D5D442C6E6B6B2E7280C104C7675FDB0795DD0D3273E74BDC7B243B7604447502EB1572A273ABA0032CDB754345B1ACDF17B5AEDA45B661DBEFDA084B1427F94C8EA62BAB6A1E05DED8F2F706445879F15FB096996765238B6B546FDE5F219B5B85B31E804A989C4959600998A03572FB59DC150714BDB0C71A236497AE79871FBEFCAFFF34D2DF0142F2AF3C9C5D92F5FC7A61A27FF9AA1EADDF3552A2BED2CC4D19FB0F67DCC02744947A42FE10B338A3A8E634B413AE46C4E644DD5934D5820C9714656171A02BBCA25AED1CCD9EB9BEF9C63E7E966B0E2E47146191ECA452588FA2AFF50AF25FABAF83E143D47A651BD9B9C37CF5D6319FDCBC2F5D4B76D07B52D857FDE48FD983F06B531F7D316E2961E17D358FE6556C82C2E78C1D9CCF68760EFD8CC692E8912914781651D834C0C766B3D71C07C91AB93619E0C06385CFAC6FA18E1DEC7F3C5EE92C906CC49A4786D24CDB4F5656DE60F1F4412367B16BDA68DA368218C16E30C48366A8C0FDFA6E708E3353B8471402A42E594903774A65EA7AB5A83D08AD10D34DB38201B44B677C3593
+20120705054703 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453518A0F7
+20120705060217 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445353B291F
+20120705100916 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344537DF8F1B
+20120705112627 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344538AF7C7B
+20120705121419 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445392BB61F
+20120705162623 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453BD5FE03
+20120705171958 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453C6257EF
+20120705222541 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234453FBF1073
+20120705120012 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344544BA2363
+20120705143238 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445464ED33B
+20120705175610 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445486B9E93
+20120705143839 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344551AEBB1B
+20120705164833 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344553053057
+20120705195911 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344560200E33
+20120705051445 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445620DCB9B
+20120705090103 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456453E2C3
+20120705102457 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456520F7B3
+20120705045958 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456CC34FE7
+20120705064048 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456DBB1643
+20120705100057 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234456FACFC3F
+20120705130216 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445716EEFD3
+20120705184211 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344574BD3B0F
+20120705075506 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234457918ED6F
+20120705111016 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445857E1707
+20120705051124 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234458C6078E3
+20120705054255 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234458CA4E313
+20120705155949 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459281E7B3
+20120705065517 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE2344597A57CB3
+20120705082307 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445987253DB
+20120705182442 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459E124B2F
+20120705184956 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE234459E442F5B
+20120705071209 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445A1E0FD83
+20120705155527 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445A6BDA473
+20120705103912 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445ADCE429F
+20120705115451 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AE75FB83
+20120705133531 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AF5813A3
+20120705144902 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445AFF92FDF
+20120705160631 2 6 100 8191 5 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445B0A9AF9F
+20120705194100 2 6 100 8191 2 DA2167F01CB32874E032B38C40FEC5F2557C9C4411B3A4B3D38C889A8BEED4EB7EF08A9A1E1EAAEEC22C2A46891D3CA84517FDFCDFA2BACBCDE2FC8EA87182542F5C8D3897B6C8A6DB951256F3DDBA7C5D6E7060925AD1F3046F49D00B433770B412DAA2A74E539EB81E3266DDDA82781BB21B19695FB925FA8BB6D249B5C33401C5D9E5C6B1719A36F1EB36E7CCD28AD98AA74DFD453D343BD189C968EB8F459809E87F77C6BA985B82B960A46660C7A277970E016EBD183CE7D6232F56EB06ECC0931024B9333879EF063F976C3603649AB9DCBE9714753E0A865020C3EF22BABF2F473F771CFC70A7C43FE320640D6E2816E88B6CA501A85A34F88EFF26AD8FFA0D11B0A21CB1A4FC7F90DB97B11BD5367302CBB45A390D2CB28CE83D50156A161D0080FD5F3961872ABC56FBCB973C517F6D7205E6CCF44E22E5DF8793D5037A9E779A52628D258CEA6B45CA4AC604CD69875D51145EE4C3D8856E24F9DBCA0134D54A734320A46A0AF52E20DD604AD465508172D4185C0D5C720B325ABC1760B1680B7BDFBAA1AE845A84AC3C7BBC53CD01C000B2186DC3915A1879224DD703E817C58F5FFCFBDF0189BB4B5033769F49852F3C48A88B88FB659B4AC96EE9DFC1D7E1760194EE4E1B6A8052BA17C827BE8A74C9F3FA7EA3236171F3DF9ACF19C40636825F1C49EFAAB12CEAD24F4585FE7C466FDE7ACF7E1FC91C8D473A8AB12C652AF568227E7CE3421256F83084D8E82DC977309E5B8C73EB8D92B71B9DAF6A53D13539D55C1A67BAC646358352529958AA3599DF0D882B8640ABFF17031C3F246A3E07F86AEB29CEACACF3B3EB931C40D292D09F4B99E08E4C68D811F9425DA30AC456107454AAC470DBD627C3EE2132E7C6FCEB61C2BA1CBE4FE6F07A2A4E398FDFBECC0283E9CF440F9F8F6893D019A98EFE992BA7433951DF341A3B3A8E879B090FB0E11907382853FBD6FA79B5B3FFF4EBE286F92A99D24C548949209867B1116BDBE1F104230EE26CCA0A12602A328B9B7A86D18415881AEFC9527AD4BB563CC330F29DF51199E1E9F0317EE6F3768C0849351FC1F95D47A1DE90484BE923ADC004D8287A90168C1D1491AD9A9B3266A826F966AA964E814F171FF9F3BA755DF83961182D95317844D6064D8BDED2DDB9AB4D74C325C1748036103690D88D85B532B692B74ED199253CB77E3BA57A2369BD9DD3B4FE68A66A1EFE507BA1F1A0164B6EDF397DF550EAC7FA155F7DED564A34DA73BC1F72E2D56CBABADAF3ED6B03C56FE00CA51548604403757ACAE67C71C564D4F688BA44465C7D3FFC84DB2BA142E06A967181CA0806E732134D795AD6E936BB25C00A14FE0DA5A83A7095D0271B380E802CD9E6E601C582EAC20CB6AC0C670108376302BA364FFD30E78D0CAB72BADB15F282CD256BC3B365896D80DC170BE23445B296E223
--- /dev/null
+
+# This is the ssh client system-wide configuration file. See
+# ssh_config(5) for more information. This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+# 1. command line options
+# 2. user-specific file
+# 3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options. For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+# ForwardAgent no
+# ForwardX11 no
+# ForwardX11Trusted yes
+# RhostsRSAAuthentication no
+# RSAAuthentication yes
+# PasswordAuthentication yes
+# HostbasedAuthentication no
+# GSSAPIAuthentication no
+# GSSAPIDelegateCredentials no
+# GSSAPIKeyExchange no
+# GSSAPITrustDNS no
+# BatchMode no
+# CheckHostIP yes
+# AddressFamily any
+# ConnectTimeout 0
+# StrictHostKeyChecking ask
+# IdentityFile ~/.ssh/identity
+# IdentityFile ~/.ssh/id_rsa
+# IdentityFile ~/.ssh/id_dsa
+# Port 22
+# Protocol 2,1
+# Cipher 3des
+# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
+# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+# EscapeChar ~
+# Tunnel no
+# TunnelDevice any:any
+# PermitLocalCommand no
+# VisualHostKey no
+# ProxyCommand ssh -q -W %h:%p gateway.example.com
+# RekeyLimit 1G 1h
+ SendEnv LANG LC_*
+ HashKnownHosts yes
+ GSSAPIAuthentication yes
+ GSSAPIDelegateCredentials no
--- /dev/null
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQDtvEiU6eaRRaC8QuscNpYR/dAM5DiLVbJeBkeXQese4Vk0MIpG
+A94hZ4wHHK5XX9odGM1WJNvPRFY28g4FKj8/yAgqVaoiw18FOJE2nwyKmruhI1Xo
+XtSgQe3EuwklTjLTDDsUgI4yxGJ5bth7gChLumuU28qCjFdOrKXdqzGSzQIVAPS5
+OrYyNArFvocCMRxOoKQvEmVZAoGBAKRxL6OjC9GRkXmAhbmiBGRZtvGS57yheMz/
+49W6hWGjJNbtlXJ0+6eN8UNhOrOoG56AnfZ9VeTPwRRStA2Rt02ZvEKnoMkASEeu
+N96HWM1T7Z9bg7rMetumqXXdoTC+0c8otvh9nQPiRbQz76akmTp4Btrx2MtANoMm
+vhHaf3CiAoGABnmqmG06X+0FZ7PeceaNP8x1oz+2T+M8FfRYCuv7xMiqBm9eXdqB
+z9RsuPb3Jiccb3KjZvgqU76vk8AbpltYqexlAapcvcnFZx5/9sRjhaSbzwQrlxwq
+WrcEwGPpC4veBbgPra1SCv6R6b5xl8C10H5xe1CoMQgxsOyJ1lv40m0CFQDH/4iu
+lmq1TReh++n7tzZVb4Hsxw==
+-----END DSA PRIVATE KEY-----
--- /dev/null
+ssh-dss AAAAB3NzaC1kc3MAAACBAO28SJTp5pFFoLxC6xw2lhH90AzkOItVsl4GR5dB6x7hWTQwikYD3iFnjAccrldf2h0YzVYk289EVjbyDgUqPz/ICCpVqiLDXwU4kTafDIqau6EjVehe1KBB7cS7CSVOMtMMOxSAjjLEYnlu2HuAKEu6a5TbyoKMV06spd2rMZLNAAAAFQD0uTq2MjQKxb6HAjEcTqCkLxJlWQAAAIEApHEvo6ML0ZGReYCFuaIEZFm28ZLnvKF4zP/j1bqFYaMk1u2VcnT7p43xQ2E6s6gbnoCd9n1V5M/BFFK0DZG3TZm8QqegyQBIR6433odYzVPtn1uDusx626apdd2hML7Rzyi2+H2dA+JFtDPvpqSZOngG2vHYy0A2gya+Edp/cKIAAACABnmqmG06X+0FZ7PeceaNP8x1oz+2T+M8FfRYCuv7xMiqBm9eXdqBz9RsuPb3Jiccb3KjZvgqU76vk8AbpltYqexlAapcvcnFZx5/9sRjhaSbzwQrlxwqWrcEwGPpC4veBbgPra1SCv6R6b5xl8C10H5xe1CoMQgxsOyJ1lv40m0= root@debian
--- /dev/null
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPzTEw5TrDj5e5eMVJllvD+povBu+Fm+yyfaXugrhcqqoAoGCCqGSM49
+AwEHoUQDQgAE9y4V5VA5OE4RX12fvntZGmTBTXRXe1M3nsMBbeMg4zAP+y92l9zy
+LXhy2uSsMXeKfOxNQ1HjeL6gwJLeGtrRWQ==
+-----END EC PRIVATE KEY-----
--- /dev/null
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPcuFeVQOThOEV9dn757WRpkwU10V3tTN57DAW3jIOMwD/svdpfc8i14ctrkrDF3inzsTUNR43i+oMCS3hra0Vk= root@debian
--- /dev/null
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDvZFljLiAigCYgsufhPIjOkMeEnTpB68gzuJhK8G3+nAAAAJDcIPfS3CD3
+0gAAAAtzc2gtZWQyNTUxOQAAACDvZFljLiAigCYgsufhPIjOkMeEnTpB68gzuJhK8G3+nA
+AAAEDFJrBTI9VD9gWTR38CDXgNhAU1FwwMxt9kkDWxTs1Uw+9kWWMuICKAJiCy5+E8iM6Q
+x4SdOkHryDO4mErwbf6cAAAAC3Jvb3RAZGViaWFuAQI=
+-----END OPENSSH PRIVATE KEY-----
--- /dev/null
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO9kWWMuICKAJiCy5+E8iM6Qx4SdOkHryDO4mErwbf6c root@debian
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA5p5rq1FMclOSUAb/sKYQGcmOcAbtD424Xf1V/5RTEX66YIJV
+wlYllj/8UtebdekkiWqnRkw9+GnFgmY3TBqjCir1hVVD/KYHHM6XW0EB3IwwrJMK
+c/YEBWRhe0XHr/1RZdze72Wrg4JUuuo9fhJDsqwGiJ+pKRoA62pz7k2zwZkm7fH/
+DzoX6H8sALbQvMWhatG7Mc8BVxs6AzFgOdsvjat1L6GXVs8etrGePBE2DdwcvkwJ
++xYjGTgOLK354HWNbW1w1899Qdvuyc9hVbu4ccNN06qphVdDlj6bjj+n2gqC/8NH
+I6oSltGV3gaEBbURxEngY+3/kCOhY8pBL0PyZQIDAQABAoIBACYdAnBSxE6UrzaY
+oYNBPqH0ZJzxGBac9l5aMu9FRSE8D3NJtwCiGh4lvv618VRgTpCDVtfQW+GFIYY2
+fGcQc+eHSAJcIBtOGRjSr8L+EF+xr42l03FstCdr+oxT8PeN5vjtss5fwCPA0138
+vmLqg9OwiHfl4yAO0x4U/sngf5e79ocZ2FU2mNMLtHknEtENBH9stZIvB+ED4H+i
+NsWjPThY0DtWKWMLAhEAFG7WNlqHqeoY39/jMQDliJN5AxNy1gyg6XIbCcuKmXVj
+witIP4fi8kKbav03KMOPDGsfLFk1LNztEGF07PJhP4brZ9684YAYvs0ZK4U4DI05
+7BUVm4ECgYEA/ZvZvnvfZhjaBhEWFDTTp/gkDvFzdVYaELrcP4zeIRDGvKFvoi/f
+fKRGtX0vE9eQJZHUsewivgFMeNmAyeznvcbyB+/h9vkTBDchjCcsPEbHmcDg7ZNW
+vqTj3DJxmbK/TzYDYrSlshqNvffDYDIzlGJEr0rcUkL5xLXYclP53SECgYEA6MsT
+8LVqSxkd0hRSSi2EsV8shtCRxB1HXwrElbNMjB9Lbb6RhiEu51k0HGpkvavWY+eA
+ccejyrm+BpyHQCeaKTITjVQS91IosFWfWrk44z2e4cWl73Teypq1uPMDXd5FLGlL
+GaxGJV1qZUkDtM4fa0E1OObFyo2tC+W81TDbyMUCgYEAg4QI3TFb3pRQrAi8TGpA
+wMB74ovv9g9aoQZmJUamAruydCu7un3dBcQjLwbmHQISrIj9pe7w7Vu7Doisswp5
++v5qkRcjNXJhHDSC3y2JURDbfa56dnmL6H2V9KDsLGp3r1oxU0SfEMeYbcVIumAO
+Q4raV5UYwEgfQpWS02cdEkECgYEAtEaP6piS+BU7QrT6BPe7CqDpmn1qZLVH0BJG
+qqdvYBPcFeC+UWDhMcei016RJVEtdbCRh4tTDGtK/VO6abRBbiWZfpjdFypI2EV2
+YouNwmy13aFyHz4iSkQE9nU65jZ62ymvPvJqYAU3n7grZpk5O5YD4UzVX0bX+56t
+3Ws4yQECgYEA96gp6m70scn9FzHUuQvLWJqYmqMzOX4dWQFdFS3kFhwIiQn1TgNK
+L+uG5muw/lLIVRy0f6q7T5eJvGENW5eO9jdtWrNty76hV3gRscrNMnqc/OyhVtKu
+hZuOKnmp8X5s2bgbNCSWf0NDM0C8q4cMiDrhrB8X39zBhO1UY6UVXBE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmnmurUUxyU5JQBv+wphAZyY5wBu0Pjbhd/VX/lFMRfrpgglXCViWWP/xS15t16SSJaqdGTD34acWCZjdMGqMKKvWFVUP8pgcczpdbQQHcjDCskwpz9gQFZGF7Rcev/VFl3N7vZauDglS66j1+EkOyrAaIn6kpGgDranPuTbPBmSbt8f8POhfofywAttC8xaFq0bsxzwFXGzoDMWA52y+Nq3UvoZdWzx62sZ48ETYN3By+TAn7FiMZOA4srfngdY1tbXDXz31B2+7Jz2FVu7hxw03TqqmFV0OWPpuOP6faCoL/w0cjqhKW0ZXeBoQFtRHESeBj7f+QI6FjykEvQ/Jl root@debian
--- /dev/null
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+# Use these options to restrict which interfaces/protocols sshd will bind to
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+#Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 1024
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+# PermitRootLogin yes
+PermitRootLogin without-password
+StrictModes yes
+
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile %h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+RhostsRSAAuthentication no
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+#PasswordAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
--- /dev/null
+thawte_Primary_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Comodo_Secure_Services_root.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_EV_CA_2.pem
\ No newline at end of file
--- /dev/null
+WoSign_China.pem
\ No newline at end of file
--- /dev/null
+USERTrust_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Qualified_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2_G3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Root_CA_Generalitat_Valenciana.pem
\ No newline at end of file
--- /dev/null
+WellsSecure_Public_Root_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+Starfield_Services_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+CFCA_EV_ROOT.pem
\ No newline at end of file
--- /dev/null
+Global_Chambersign_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R4.pem
\ No newline at end of file
--- /dev/null
+Starfield_Services_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_EC1.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Juur-SK.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Comodo_Trusted_Services_root.pem
\ No newline at end of file
--- /dev/null
+EE_Certification_Centre_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DST_Root_CA_X3.pem
\ No newline at end of file
--- /dev/null
+AddTrust_External_Root.pem
\ No newline at end of file
--- /dev/null
+Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
\ No newline at end of file
--- /dev/null
+China_Internet_Network_Information_Center_EV_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+Certplus_Class_2_Primary_CA.pem
\ No newline at end of file
--- /dev/null
+China_Internet_Network_Information_Center_EV_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+SecureSign_RootCA11.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Universal_Root_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R5.pem
\ No newline at end of file
--- /dev/null
+DST_ACES_CA_X6.pem
\ No newline at end of file
--- /dev/null
+Taiwan_GRCA.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_2009.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Public_Sector_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_2.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_3.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R3.pem
\ No newline at end of file
--- /dev/null
+Chambers_of_Commerce_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2_G3.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R1.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+Starfield_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_High_Assurance_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Certification_Authority_of_WoSign_G2.pem
\ No newline at end of file
--- /dev/null
+CA_WoSign_ECC_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+NetLock_Express_=Class_C=_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R5.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R2.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Commercial.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_3_Root_CA.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DST_Root_CA_X3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Network_Solutions_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Cybertrust_Global_Root.pem
\ No newline at end of file
--- /dev/null
+EC-ACC.pem
\ No newline at end of file
--- /dev/null
+USERTrust_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+ACEDICOM_Root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GA_CA.pem
\ No newline at end of file
--- /dev/null
+Baltimore_CyberTrust_Root.pem
\ No newline at end of file
--- /dev/null
+EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem
\ No newline at end of file
--- /dev/null
+Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
\ No newline at end of file
--- /dev/null
+AddTrust_External_Root.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Gold_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+ACCVRAIZ1.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+Hongkong_Post_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Entrust.net_Premium_2048_Secure_Server_CA.pem
\ No newline at end of file
--- /dev/null
+IGC_A.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+COMODO_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
\ No newline at end of file
--- /dev/null
+Network_Solutions_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+Certum_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Platinum_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Izenpe.com.pem
\ No newline at end of file
--- /dev/null
+Certum_Trusted_Network_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA_-_R2.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Public_Sector_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Starfield_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Deutsche_Telekom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Gold_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Silver_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Universal_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+E-Tugra_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_1_G3.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_3.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+TC_TrustCenter_Class_3_CA_II.pem
\ No newline at end of file
--- /dev/null
+Comodo_Trusted_Services_root.pem
\ No newline at end of file
--- /dev/null
+spi-cacert-2008.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA_2.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_CA.pem
\ No newline at end of file
--- /dev/null
+ApplicationCA_-_Japanese_Government.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Silver_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+IGC_A.pem
\ No newline at end of file
--- /dev/null
+TURKTRUST_Certificate_Services_Provider_Root_2007.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_CA.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+COMODO_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+NetLock_Business_=Class_B=_Root.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+TeliaSonera_Root_CA_v1.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA.pem
\ No newline at end of file
--- /dev/null
+WoSign_China.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
\ No newline at end of file
--- /dev/null
+TWCA_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Actalis_Authentication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G2.pem
\ No newline at end of file
--- /dev/null
+NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Universal_Root_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Express_=Class_C=_Root.pem
\ No newline at end of file
--- /dev/null
+TeliaSonera_Root_CA_v1.pem
\ No newline at end of file
--- /dev/null
+Taiwan_GRCA.pem
\ No newline at end of file
--- /dev/null
+Baltimore_CyberTrust_Root.pem
\ No newline at end of file
--- /dev/null
+TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_1_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Certum_Root_CA.pem
\ No newline at end of file
--- /dev/null
+AC_Raíz_Certicámara_S.A..pem
\ No newline at end of file
--- /dev/null
+Visa_eCommerce_Root.pem
\ No newline at end of file
--- /dev/null
+XRamp_Global_CA_Root.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_CA_1.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_1_G3.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_Global_eBusiness_CA.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_1_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Comodo_AAA_Services_root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Trusted_Root_G4.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+XRamp_Global_CA_Root.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Autorité_Racine.pem
\ No newline at end of file
--- /dev/null
+Cybertrust_Global_Root.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3.pem
\ No newline at end of file
--- /dev/null
+DST_ACES_CA_X6.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_eBusiness_CA_1.pem
\ No newline at end of file
--- /dev/null
+TC_TrustCenter_Class_3_CA_II.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+WellsSecure_Public_Root_Certificate_Authority.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G3.pem
\ No newline at end of file
--- /dev/null
+ssl-cert-snakeoil.pem
\ No newline at end of file
--- /dev/null
+WoSign.pem
\ No newline at end of file
--- /dev/null
+Deutsche_Telekom_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA_2009.pem
\ No newline at end of file
--- /dev/null
+DigiCert_High_Assurance_EV_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Qualified_=Class_QA=_Root.pem
\ No newline at end of file
--- /dev/null
+RSA_Security_2048_v3.pem
\ No newline at end of file
--- /dev/null
+Starfield_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Low-Value_Services_Root.pem
\ No newline at end of file
--- /dev/null
+NetLock_Qualified_=Class_QA=_Root.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Networking.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_G2.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA_2.pem
\ No newline at end of file
--- /dev/null
+certSIGN_ROOT_CA.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA_2.pem
\ No newline at end of file
--- /dev/null
+CNNIC_ROOT.pem
\ No newline at end of file
--- /dev/null
+COMODO_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Public_Services_Root.pem
\ No newline at end of file
--- /dev/null
+PSCProcert.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G2.pem
\ No newline at end of file
--- /dev/null
+certSIGN_ROOT_CA.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R1.pem
\ No newline at end of file
--- /dev/null
+EE_Certification_Centre_Root_CA.pem
\ No newline at end of file
--- /dev/null
+CFCA_EV_ROOT.pem
\ No newline at end of file
--- /dev/null
+Actalis_Authentication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Networking.pem
\ No newline at end of file
--- /dev/null
+CA_Disig_Root_R2.pem
\ No newline at end of file
--- /dev/null
+Certum_Trusted_Network_CA.pem
\ No newline at end of file
--- /dev/null
+WoSign.pem
\ No newline at end of file
--- /dev/null
+Hongkong_Post_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_EV_CA_2.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium_ECC.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G2.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_EV_RootCA1.pem
\ No newline at end of file
--- /dev/null
+ePKI_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_EV_RootCA1.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Email_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Global_Chambersign_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ACEDICOM_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AC_Raíz_Certicámara_S.A..crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Low-Value_Services_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Public_Services_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AddTrust_Qualified_Certificates_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ApplicationCA_-_Japanese_Government.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_2_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig_Root_R1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CA_WoSign_ECC_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Camerfirma_Chambers_of_Commerce_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Camerfirma_Global_Chambersign_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certification_Authority_of_WoSign_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certigna.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certinomis_-_Autorité_Racine.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certinomis_-_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certplus_Class_2_Primary_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certum_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ComSign_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_Secure_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Comodo_Trusted_Services_root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Deutsche_Telekom_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EC-ACC.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/EE_Certification_Centre_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_Global_eBusiness_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Equifax_Secure_eBusiness_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Global_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IGC_A.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Izenpe.com.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Juur-SK.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Business_=Class_B=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Express_=Class_C=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Notary_=Class_A=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/NetLock_Qualified_=Class_QA=_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/PSCProcert.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/RSA_Security_2048_v3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Root_CA_Generalitat_Valenciana.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/S-TRUST_Universal_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SecureTrust_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Secure_Global_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_EV_RootCA1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Sonera_Class_1_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/StartCom_Certification_Authority_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Platinum_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_CA_1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Swisscom_Root_EV_CA_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TC_TrustCenter_Class_3_CA_II.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TURKTRUST_Certificate_Services_Provider_Root_2007.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Taiwan_GRCA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/UTN_USERFirst_Email_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/UTN_USERFirst_Hardware_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/Visa_eCommerce_Root.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WellsSecure_Public_Root_Certificate_Authority.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WoSign.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/WoSign_China.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt
\ No newline at end of file
--- /dev/null
+Camerfirma_Global_Chambersign_Root.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Trusted_Root_G4.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Public_Services_Root.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Sonera_Class_2_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Visa_eCommerce_Root.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+SwissSign_Platinum_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+ACCVRAIZ1.pem
\ No newline at end of file
--- /dev/null
+SecureSign_RootCA11.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA.pem
\ No newline at end of file
--- /dev/null
+NetLock_Notary_=Class_A=_Root.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_2.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+EC-ACC.pem
\ No newline at end of file
--- /dev/null
+Entrust.net_Premium_2048_Secure_Server_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_ECC_Root_CA_-_R4.pem
\ No newline at end of file
--- /dev/null
+TWCA_Global_Root_CA.pem
\ No newline at end of file
--- /dev/null
+GlobalSign_Root_CA.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_CA.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Hardware_Root_CA.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GA_CA.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority_-_EC1.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Secure_Global_CA.pem
\ No newline at end of file
--- /dev/null
+CA_Disig.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium.pem
\ No newline at end of file
--- /dev/null
+TWCA_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+TWCA_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+NetLock_Business_=Class_B=_Root.pem
\ No newline at end of file
--- /dev/null
+Atos_TrustedRoot_2011.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G3.pem
\ No newline at end of file
--- /dev/null
+ComSign_CA.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+CNNIC_ROOT.pem
\ No newline at end of file
--- /dev/null
+Secure_Global_CA.pem
\ No newline at end of file
--- /dev/null
+Entrust_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Universal_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+thawte_Primary_Root_CA_-_G2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_2009.pem
\ No newline at end of file
--- /dev/null
+Chambers_of_Commerce_Root_-_2008.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Assured_ID_Root_G3.pem
\ No newline at end of file
--- /dev/null
+Trustis_FPS_Root_CA.pem
\ No newline at end of file
--- /dev/null
+PSCProcert.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Email_Root_CA.pem
\ No newline at end of file
--- /dev/null
+TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+AC_Raíz_Certicámara_S.A..pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G2.pem
\ No newline at end of file
--- /dev/null
+RSA_Security_2048_v3.pem
\ No newline at end of file
--- /dev/null
+Comodo_Secure_Services_root.pem
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ
+BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND
+VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb
+qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY
+HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo
+G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA
+lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr
+IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/
+0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH
+k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47
+4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO
+m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa
+cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl
+uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI
+KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls
+ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG
+AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2
+VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT
+VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG
+CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA
+cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA
+QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA
+7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA
+cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA
+QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA
+czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu
+aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt
+aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud
+DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF
+BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp
+D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU
+JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m
+AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD
+vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms
+tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH
+7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h
+I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA
+h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF
+d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H
+pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UE
+AwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00x
+CzAJBgNVBAYTAkVTMB4XDTA4MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEW
+MBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZF
+RElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHkWLn7
+09gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7
+XBZXehuDYAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5P
+Grjm6gSSrj0RuVFCPYewMYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAK
+t0SdE3QrwqXrIhWYENiLxQSfHY9g5QYbm8+5eaA9oiM/Qj9r+hwDezCNzmzAv+Yb
+X79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbkHQl/Sog4P75n/TSW9R28
+MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTTxKJxqvQU
+fecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI
+2Sf23EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyH
+K9caUPgn6C9D4zq92Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEae
+ZAwUswdbxcJzbPEHXEUkFDWug/FqTYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAP
+BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz4SsrSbbXc6GqlPUB53NlTKxQ
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU9QHnc2VMrFAw
+RAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
+bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWIm
+fQwng4/F9tqgaHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3
+gvoFNTPhNahXwOf9jU8/kzJPeGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKe
+I6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1PwkzQSulgUV1qzOMPPKC8W64iLgpq0i
+5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1ThCojz2GuHURwCRi
+ipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oIKiMn
+MCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZ
+o5NjEFIqnxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6
+zqylfDJKZ0DcMDQj3dcEI2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacN
+GHk0vFQYXlPKNFHtRQrmjseCNj6nOGOpMCwXEGCSn1WHElkQwg9naRHMTh5+Spqt
+r0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3otkYNbn5XOmeUwssfnHdK
+Z05phkOTOPu220+DkdRgfks+KzgHVZhepA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx
+CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp
+ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa
+QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw
+NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft
+ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu
+QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG
+qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL
+fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ
+Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4
+Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ
+54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b
+MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j
+ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej
+YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt
+A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF
+rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ
+pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB
+lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy
+YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50
+7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs
+YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6
+xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc
+unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/
+Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp
+ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42
+gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0
+jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+
+XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD
+W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/
+RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r
+MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk
+BYn8eNZcLCZDqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC
+SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1
+ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv
+UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX
+4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9
+KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/
+gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb
+rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ
+51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F
+be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe
+KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F
+v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn
+fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7
+jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz
+ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt
+ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL
+e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70
+jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz
+WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V
+SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j
+pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX
+X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok
+fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R
+K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU
+ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU
+LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT
+LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
+MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
+QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
+VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
+CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
+tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
+dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
+PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
++Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
+BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
+MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
+ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
+IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
+7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
+43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
+eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
+pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
+WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
+MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
+ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
+BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
+6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
+GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
+dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
+1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
+62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
+BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
+MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
+cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
+b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
+IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
+iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
+GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
+4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
+XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
+b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
+MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
+EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
+BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
+xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
+87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
+2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
+WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
+0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
+A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
+pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
+ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
+aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
+hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
+hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
+dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
+P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
+iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
+xqE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL
+MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp
+cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP
+Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr
+ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL
+MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1
+yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr
+VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/
+nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG
+XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj
+vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt
+Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g
+N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC
+nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL
+MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp
+cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y
+YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua
+kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL
+QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp
+6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG
+yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i
+QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO
+tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu
+QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ
+Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u
+olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48
+x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
+dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG
+A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U
+cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf
+qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ
+JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ
++jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS
+s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5
+HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7
+70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG
+V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S
+qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S
+5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia
+C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX
+OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE
+FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
+BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2
+KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg
+Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B
+8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ
+MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc
+0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ
+u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF
+u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH
+YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8
+GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO
+RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e
+KeC2uAloGRwYQw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
+cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ
+BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt
+VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D
+0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9
+ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G
+A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs
+aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I
+flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEc
+MBoGA1UEChMTSmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRp
+b25DQTAeFw0wNzEyMTIxNTAwMDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYT
+AkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zlcm5tZW50MRYwFAYDVQQLEw1BcHBs
+aWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp23gdE6H
+j6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4fl+K
+f5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55
+IrmTwcrNwVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cw
+FO5cjFW6WY2H/CPek9AEjP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDiht
+QWEjdnjDuGWk81quzMKq2edY3rZ+nYVunyoKb58DKTCXKB28t89UKU5RMfkntigm
+/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRUWssmP3HMlEYNllPqa0jQ
+k/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNVBAYTAkpQ
+MRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOC
+seODvOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBADlqRHZ3ODrso2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJ
+hyzjVOGjprIIC8CFqMjSnHH2HZ9g/DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+
+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYDio+nEhEMy/0/ecGc/WLuo89U
+DNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmWdupwX3kSa+Sj
+B1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL
+rosot4LKGAfmt1t06SAZf7IbiVQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
+AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
+EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM
+FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC
+REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp
+Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM
+VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+
+SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ
+4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L
+cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi
+eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG
+A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3
+DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j
+vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP
+DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc
+maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D
+lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv
+KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy
+MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg
+Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9
+thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM
+cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG
+L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i
+NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h
+X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b
+m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy
+Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja
+EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T
+KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF
+6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh
+OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD
+VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD
+VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp
+cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv
+ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl
+AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF
+661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9
+am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1
+ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481
+PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS
+3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k
+SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF
+3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM
+ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g
+StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz
+Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB
+jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
+RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
+VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
+DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
+ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
+VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
+mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
+IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
+mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
+XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
+dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
+jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
+BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
+DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
+9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
+jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
+Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
+ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
+R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDUzCCAjugAwIBAgIBATANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3Mg
+Q2xhc3MgMiBDQSAxMB4XDTA2MTAxMzEwMjUwOVoXDTE2MTAxMzEwMjUwOVowSzEL
+MAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MR0wGwYD
+VQQDDBRCdXlwYXNzIENsYXNzIDIgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAIs8B0XY9t/mx8q6jUPFR42wWsE425KEHK8T1A9vNkYgxC7McXA0
+ojTTNy7Y3Tp3L8DrKehc0rWpkTSHIln+zNvnma+WwajHQN2lFYxuyHyXA8vmIPLX
+l18xoS830r7uvqmtqEyeIWZDO6i88wmjONVZJMHCR3axiFyCO7srpgTXjAePzdVB
+HfCuuCkslFJgNJQ72uA40Z0zPhX0kzLFANq1KWYOOngPIVJfAuWSeyXTkh4vFZ2B
+5J2O6O+JzhRMVB0cgRJNcKi+EAUXfh/RuFdV7c27UsKwHnjCTTZoy1YmwVLBvXb3
+WNVyfh9EdrsAiR0WnVE1703CVu9r4Iw7DekCAwEAAaNCMEAwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUP42aWYv8e3uco684sDntkHGA1sgwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAVGn4TirnoB6NLJzKyQJHyIdFkhb5jatLP
+gcIV1Xp+DCmsNx4cfHZSldq1fyOhKXdlyTKdqC5Wq2B2zha0jX94wNWZUYN/Xtm+
+DKhQ7SLHrQVMdvvt7h5HZPb3J31cKA9FxVxiXqaakZG3Uxcu3K1gnZZkOb1naLKu
+BctN518fV4bVIJwo+28TOPX2EZL2fZleHwzoq0QkKXJAPTZSr4xYkHPB7GEseaHs
+h7U/2k3ZIQAw3pDaDtMaSKk+hQsUi4y8QZ5q9w5wwDX3OaJdZtB7WZ+oRxKaJyOk
+LY4ng5IgodcVf/EuGO70SH8vf/GhGLWhC5SgYiAynB321O+/TIho
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
+Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow
+TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw
+HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr
+6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV
+L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91
+1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx
+MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ
+QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB
+arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr
+Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi
+FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS
+P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN
+9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP
+AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz
+uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h
+9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s
+A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t
+OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo
++fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7
+KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2
+DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us
+H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ
+I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7
+5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h
+3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz
+Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
+Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow
+TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw
+HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y
+ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E
+N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9
+tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX
+0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c
+/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X
+KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY
+zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS
+O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D
+34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP
+K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3
+AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv
+Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj
+QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV
+cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS
+IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2
+HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa
+O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv
+033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u
+dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE
+kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41
+3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD
+u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq
+4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJTSzET
+MBEGA1UEBxMKQnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UE
+AxMIQ0EgRGlzaWcwHhcNMDYwMzIyMDEzOTM0WhcNMTYwMzIyMDEzOTM0WjBKMQsw
+CQYDVQQGEwJTSzETMBEGA1UEBxMKQnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcg
+YS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCS9jHBfYj9mQGp2HvycXXxMcbzdWb6UShGhJd4NLxs/LxFWYgmGErE
+Nx+hSkS943EE9UQX4j/8SFhvXJ56CbpRNyIjZkMhsDxkovhqFQ4/61HhVKndBpnX
+mjxUizkDPw/Fzsbrg3ICqB9x8y34dQjbYkzo+s7552oftms1grrijxaSfQUMbEYD
+XcDtab86wYqg6I7ZuUUohwjstMoVvoLdtUSLLa2GDGhibYVW8qwUYzrG0ZmsNHhW
+S8+2rT+MitcE5eN4TPWGqvWP+j1scaMtymfraHtuM6kMgiioTGohQBUgDCZbg8Kp
+FhXAJIJdKxatymP2dACw30PEEGBWZ2NFAgMBAAGjgf8wgfwwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUjbJJaJ1yCCW5wCf1UJNWSEZx+Y8wDgYDVR0PAQH/BAQD
+AgEGMDYGA1UdEQQvMC2BE2Nhb3BlcmF0b3JAZGlzaWcuc2uGFmh0dHA6Ly93d3cu
+ZGlzaWcuc2svY2EwZgYDVR0fBF8wXTAtoCugKYYnaHR0cDovL3d3dy5kaXNpZy5z
+ay9jYS9jcmwvY2FfZGlzaWcuY3JsMCygKqAohiZodHRwOi8vY2EuZGlzaWcuc2sv
+Y2EvY3JsL2NhX2Rpc2lnLmNybDAaBgNVHSAEEzARMA8GDSuBHpGT5goAAAABAQEw
+DQYJKoZIhvcNAQEFBQADggEBAF00dGFMrzvY/59tWDYcPQuBDRIrRhCA/ec8J9B6
+yKm2fnQwM6M6int0wHl5QpNt/7EpFIKrIYwvF/k/Ji/1WcbvgAa3mkkp7M5+cTxq
+EEHA9tOasnxakZzArFvITV734VP/Q3f8nktnbNfzg9Gg4H8l37iYC5oyOGwwoPP/
+CBUz91BKez6jPiCp3C9WgArtQVCwyfTssuMmRAAOb54GvCKWU3BlxFAKRmukLyeB
+EicTXxChds6KezfqwzlhA5WYOudsiCUI/HloDYd9Yvi0X/vF2Ey9WLw/Q1vUHgFN
+PGO+I++MzVpQuGhU+QqZMxEA4Z7CRneC9VkGjCFMhwnN5ag=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNV
+BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
+MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQy
+MDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
+EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjEw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy3QRk
+D2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/o
+OI7bm+V8u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3A
+fQ+lekLZWnDZv6fXARz2m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJe
+IgpFy4QxTaz+29FHuvlglzmxZcfe+5nkCiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8n
+oc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTaYVKvJrT1cU/J19IG32PK
+/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6vpmumwKj
+rckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD
+3AjLLhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE
+7cderVC6xkGbrPAXZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkC
+yC2fg69naQanMVXVz0tv/wQFx1isXxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLd
+qvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ04IwDQYJKoZI
+hvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
+xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaA
+SfX8MPWbTx9BLxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXo
+HqJPYNcHKfyyo6SdbhWSVhlMCrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpB
+emOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5GfbVSUZP/3oNn6z4eGBrxEWi1CXYBmC
+AMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85YmLLW1AL14FABZyb
+7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKSds+x
+DzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvk
+F7mGnjixlAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqF
+a3qdnom2piiZk4hA9z7NUaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsT
+Q6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJa7+h89n07eLw4+1knj0vllJPgFOL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV
+BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu
+MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy
+MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx
+EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe
+NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH
+PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I
+x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe
+QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR
+yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO
+QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912
+H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ
+QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD
+i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs
+nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1
+rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI
+hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM
+tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf
+GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb
+lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka
++elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal
+TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i
+nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3
+gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr
+G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os
+zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x
+L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
+MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
+ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
+IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
+AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
+unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
+BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
+7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
+0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
+roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
+A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
+aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
+26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
+BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
+EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
+BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
+aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
+AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
+p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
+1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
+XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
+eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
+tGWaIZDgqtCYvDi1czyL+Nw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
+MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
+NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
+A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
+A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
+Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
+QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
+eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
+B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
+z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
+AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
+ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
+TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
+MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
+VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
+VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
+bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
+AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
+bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
+ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
+VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
+ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
+AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
+CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
+EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
+NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
+MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
+KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
+1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
+1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
+aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
+BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
+MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
+ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
+JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
+gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
+5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
+fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
+2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
+KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
+fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
+3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
+SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
+LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
+XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV
+BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X
+DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ
+BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4
+QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny
+gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw
+zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q
+130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2
+JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw
+ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT
+AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj
+AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG
+9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h
+bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc
+fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu
+HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w
+t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
+WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjET
+MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAk
+BgNVBAMMHUNlcnRpbm9taXMgLSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4
+Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNl
+cnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYwJAYDVQQDDB1DZXJ0
+aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jY
+F1AMnmHawE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N
+8y4oH3DfVS9O7cdxbwlyLu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWe
+rP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K
+/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92NjMD2AR5vpTESOH2VwnHu
+7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9qc1pkIuVC
+28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6
+lSTClrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1E
+nn1So2+WLhl+HPNbxxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB
+0iSVL1N6aaLwD4ZFjliCK0wi1F6g530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql09
+5gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna4NH4+ej9Uji29YnfAgMBAAGj
+WzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQN
+jLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
+KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9s
+ov3/4gbIOZ/xWqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZM
+OH8oMDX/nyNTt7buFHAAQCvaR6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q
+619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40nJ+U8/aGH88bc62UeYdocMMzpXDn
+2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1BCxMjidPJC+iKunqj
+o3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjvJL1v
+nxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG
+5ERQL1TEqkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWq
+pdEdnV1j6CTmNhTih60bWfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZb
+dsLLO7XSAPCjDuGtbkD326C00EauFddEwk01+dIL8hf2rGbVJLJP0RyZwG71fet0
+BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/vgt2Fl43N+bYdJeimUV5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
+MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
+BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz
+MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx
+FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g
+Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2
+fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl
+LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV
+WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF
+TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb
+5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc
+CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri
+wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ
+wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG
+m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4
+F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng
+WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0
+2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF
+AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/
+0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw
+F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS
+g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj
+qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN
+h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/
+ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V
+btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj
+Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
+8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
+gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
+PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
+cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9
+MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz
+IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ
+ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR
+VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL
+kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd
+EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas
+H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0
+HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud
+DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4
+QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu
+Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/
+AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8
+yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR
+FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA
+ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
+kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
+l7+ijrRU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT
+AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD
+QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP
+MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do
+0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ
+UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d
+RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ
+OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv
+JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C
+AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O
+BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ
+LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY
+MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ
+44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I
+Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw
+i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN
+9u6wWk5JRFRYX0KD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
+MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
+jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
+ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
+ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
+Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
+AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
+HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
+uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
+TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
+xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
+CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
+O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
+6GAqm4VKQPNriiTsBhYscw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
+MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
+ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU
+cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3
+WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg
+Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw
+IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH
+UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM
+TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU
+BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM
+kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x
+AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y
+sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL
+I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8
+J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY
+VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
+03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD
+TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx
+MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j
+aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP
+T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03
+sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL
+TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5
+/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp
+7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz
+EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt
+hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP
+a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot
+aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg
+TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV
+PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv
+cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL
+tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd
+BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB
+ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT
+ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL
+jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS
+ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy
+P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19
+xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d
+Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN
+5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe
+/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z
+AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
+5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz
+IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz
+MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj
+dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw
+EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp
+MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9
+28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq
+VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q
+DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR
+5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL
+ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a
+Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl
+UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s
++12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5
+Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj
+ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx
+hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV
+HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1
++HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN
+YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t
+L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy
+ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt
+IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w
+DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW
+PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF
+5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1
+glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH
+FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2
+pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD
+xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG
+tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq
+jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De
+fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg
+OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ
+d0jQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMC
+Q04xMjAwBgNVBAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24g
+Q2VudGVyMUcwRQYDVQQDDD5DaGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0
+aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMgUm9vdDAeFw0xMDA4MzEwNzExMjVa
+Fw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAGA1UECgwpQ2hpbmEg
+SW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMMPkNo
+aW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRp
+ZmljYXRlcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z
+7r07eKpkQ0H1UN+U8i6yjUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//
+DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV98YPjUesWgbdYavi7NifFy2cyjw1l1Vx
+zUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2HklY0bBoQCxfVWhyXWIQ8
+hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23KzhmBsUs
+4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54u
+gQEC7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oY
+NJKiyoOCWTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
+FgQUfHJLOcfA22KlT5uqGDSSosqDglkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3
+j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd50XPFtQO3WKwMVC/GVhMPMdoG
+52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM7+czV0I664zB
+echNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
+ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrI
+zo9uoV1/A3U05K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATy
+wy39FCqQmbkHzJ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJD
+TjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2
+MDcwOTE0WhcNMjcwNDE2MDcwOTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMF
+Q05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzDo+/hn7E7SIX1mlwh
+IhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tizVHa6
+dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZO
+V/kbZKKTVrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrC
+GHn2emU1z5DrvTOTn1OrczvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gN
+v7Sg2Ca+I19zN38m5pIEo3/PIKe38zrKy5nLAgMBAAGjczBxMBEGCWCGSAGG+EIB
+AQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscCwQ7vptU7ETAPBgNVHRMB
+Af8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991SlgrHAsEO
+76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnK
+OOK5Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvH
+ugDnuL8BV8F3RTIMO/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7Hgvi
+yJA/qIYM/PmLXoXLT1tLYhFHxUV8BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fL
+buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
+2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
+YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
+GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
+BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
+3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
+YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
+rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
+ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
+oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
+MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
+QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
+b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
+AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
+GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
+Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
+G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
+l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
+smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw
+MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW
+/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g
+PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY
+SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv
+IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
+RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
+zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
+BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
+ZQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw
+MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
+ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
+T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR
+FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J
+cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
+BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
+BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
+fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
+GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
+MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
+EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
+Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
+6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
+pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
+9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
+/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
+Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
++pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
+qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
+SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
+u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
+Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
+crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
+FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
+/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
+wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
+4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
+2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
+FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
+CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
+boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
+jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
+S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
+QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
+0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
+NVOFBkpdn627G190
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
+ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
+fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
+BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
+cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
+HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
+CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
+3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
+6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
+HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
+EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
+Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
+Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
+DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
+5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
+Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
+gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
+aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
+izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
+MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
+GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
+aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
+MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
+VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
+fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
+TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
+fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
+1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
+kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
+A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
+ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
+dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
+Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
+HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
+pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
+jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
+xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
+dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0
+MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG
+EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT
+CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK
+8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2
+98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb
+2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC
+ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi
+Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB
+o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl
+ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD
+AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL
+AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd
+foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M
+cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq
+8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp
+hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk
+Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U
+AGegcQCCSA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
+A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
+bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE
+ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS
+b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5
+7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS
+J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y
+HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP
+t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz
+FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY
+XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
+MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw
+hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js
+MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA
+A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj
+Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx
+XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o
+omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
+A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
+WL1WMRJOEcgh4LMRkWXbtKaIOM5V
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
+MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
+IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
+IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
+RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
+U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
+IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
+ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
+QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
+rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
+NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
+QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
+txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
+BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
+tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
+IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
+6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
+Cm26OWMohpLzGITY+9HPBVZkVw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c
+JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP
+mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+
+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4
+VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/
+AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB
+AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
+BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun
+pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC
+dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
+fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
+NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
+H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA
+n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc
+biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp
+EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA
+bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu
+YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB
+AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW
+BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI
+QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I
+0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni
+lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9
+B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv
+ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo
+IhNzbM8m9Yop5w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg
+RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf
+Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q
+RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD
+AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY
+JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv
+6pZjamVFkpUBtA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
+2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
+1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
+q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
+tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
+vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
+BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
+5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
+1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
+NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
+Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
+8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
+pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
+MrY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x
+IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF
+K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG
+fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO
+Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
+AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
+oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
+sycX
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
+ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
+xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
+ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
+DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
+jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
+CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
+EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
+fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
+uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
+chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
+9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
+ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
+SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
++SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
+fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
+sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
+cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
+0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
+4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
+r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
+/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
+gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
+ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
+MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
+VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
+FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
+ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
+gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
+fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
+ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
+ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
+c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
+dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
+aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
+hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
+QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
+h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
+nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
+rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
+9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
+PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
+Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
+rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
+OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
+xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
+7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
+aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
+SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
+ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
+AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
+R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
+JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
+Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha
+ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM
+HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03
+UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42
+tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R
+ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM
+lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp
+/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G
+A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G
+A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj
+dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy
+MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl
+cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js
+L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL
+BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni
+acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0
+o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K
+zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8
+PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y
+Johw1+qRzT65ysCQblrGXnRl11z+o+I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw
+NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV
+BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn
+ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0
+3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z
+qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR
+p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8
+HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw
+ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea
+HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw
+Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh
+c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E
+RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt
+dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku
+Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp
+3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05
+nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF
+CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na
+xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX
+KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5zCCA8+gAwIBAgIITK9zQhyOdAIwDQYJKoZIhvcNAQEFBQAwgYAxODA2BgNV
+BAMML0VCRyBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMTcwNQYDVQQKDC5FQkcgQmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXpt
+ZXRsZXJpIEEuxZ4uMQswCQYDVQQGEwJUUjAeFw0wNjA4MTcwMDIxMDlaFw0xNjA4
+MTQwMDMxMDlaMIGAMTgwNgYDVQQDDC9FQkcgRWxla3Ryb25payBTZXJ0aWZpa2Eg
+SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTE3MDUGA1UECgwuRUJHIEJpbGnFn2ltIFRl
+a25vbG9qaWxlcmkgdmUgSGl6bWV0bGVyaSBBLsWeLjELMAkGA1UEBhMCVFIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDuoIRh0DpqZhAy2DE4f6en5f2h
+4fuXd7hxlugTlkaDT7byX3JWbhNgpQGR4lvFzVcfd2NR/y8927k/qqk153nQ9dAk
+tiHq6yOU/im/+4mRDGSaBUorzAzu8T2bgmmkTPiab+ci2hC6X5L8GCcKqKpE+i4s
+tPtGmggDg3KriORqcsnlZR9uKg+ds+g75AxuetpX/dfreYteIAbTdgtsApWjluTL
+dlHRKJ2hGvxEok3MenaoDT2/F08iiFD9rrbskFBKW5+VQarKD7JK/oCZTqNGFav4
+c0JqwmZ2sQomFd2TkuzbqV9UIlKRcF0T6kjsbgNs2d1s/OsNA/+mgxKb8amTD8Um
+TDGyY5lhcucqZJnSuOl14nypqZoaqsNW2xCaPINStnuWt6yHd6i58mcLlEOzrz5z
++kI2sSXFCjEmN1ZnuqMLfdb3ic1nobc6HmZP9qBVFCVMLDMNpkGMvQQxahByCp0O
+Lna9XvNRiYuoP1Vzv9s6xiQFlpJIqkuNKgPlV5EQ9GooFW5Hd4RcUXSfGenmHmMW
+OeMRFeNYGkS9y8RsZteEBt8w9DeiQyJ50hBs37vmExH8nYQKE3vwO9D8owrXieqW
+fo1IhR5kX9tUoqzVegJ5a9KK8GfaZXINFHDk6Y54jzJ0fFfy1tb0Nokb+Clsi7n2
+l9GkLqq+CxnCRelwXQIDAJ3Zo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
+/wQEAwIBBjAdBgNVHQ4EFgQU587GT/wWZ5b6SqMHwQSny2re2kcwHwYDVR0jBBgw
+FoAU587GT/wWZ5b6SqMHwQSny2re2kcwDQYJKoZIhvcNAQEFBQADggIBAJuYml2+
+8ygjdsZs93/mQJ7ANtyVDR2tFcU22NU57/IeIl6zgrRdu0waypIN30ckHrMk2pGI
+6YNw3ZPX6bqz3xZaPt7gyPvT/Wwp+BVGoGgmzJNSroIBk5DKd8pNSe/iWtkqvTDO
+TLKBtjDOWU/aWR1qeqRFsIImgYZ29fUQALjuswnoT4cCB64kXPBfrAowzIpAoHME
+wfuJJPaaHFy3PApnNgUIMbOv2AFoKuB4j3TeuFGkjGwgPaL7s9QJ/XvCgKqTbCmY
+Iai7FvOpEl90tYeY8pUm3zTvilORiF0alKM/fCL414i6poyWqD1SNGKfAB5UVUJn
+xk1Gj7sURT0KlhaOEKGXmdXTMIXM3rRyt7yKPBgpaP3ccQfuJDlq+u2lrDgv+R4Q
+DgZxGhBM/nV+/x5XOULK1+EVoVZVWRvRo68R2E7DpSvvkL/A7IITW43WciyTTo9q
+Kd+FPNMN4KIYEsxVL0e3p5sC/kH2iExt2qkBR4NkJ2IQgtYSe14DHzSpyZH+r11t
+hie3I6p1GMog57AP14kOpmciY/SDQSsGS7tY1dHXt7kQY9iJSrSq3RZj9W6+YKH4
+7ejWkE8axsWgKdOnIaj1Wjz3x0miIZpKlVIglnKaZsv30oZDfCK+lvm9AahH3eU7
+QPl1K5srRmSGjR70j/sHd9DqSaIcjVIUpgqT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG
+EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g
+KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD
+ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu
+bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg
+ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R
+85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm
+4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV
+HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd
+QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t
+lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB
+o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4
+opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo
+dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW
+ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN
+AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y
+/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k
+SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy
+Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS
+Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
+nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1
+MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
+czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
+CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy
+MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl
+ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS
+b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy
+euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO
+bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw
+WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d
+MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE
+1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD
+VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/
+zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB
+BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF
+BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV
+v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG
+E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u
+uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW
+iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v
+GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3
+MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
+LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
+YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
+A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
+K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
+sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
+MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
+XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
+HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
+4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub
+j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo
+U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf
+zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b
+u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+
+bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er
+fF6adulZkMV8gzURZVE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
+VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
+Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
+KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw
+NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
+NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy
+ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV
+BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo
+Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4
+4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9
+KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI
+rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi
+94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB
+sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi
+gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo
+kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE
+vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA
+A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t
+O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua
+AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
+9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/
+eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
+0vdXcDazv/wor3ElhVsT/h5/WrQ8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG
+A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3
+d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu
+dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq
+RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy
+MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD
+VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0
+L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g
+Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt
+ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH
+Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC
+R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
+hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
+VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
+cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
+IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz
+dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy
+NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu
+dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt
+dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0
+aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T
+RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN
+cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW
+wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1
+U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0
+jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN
+BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/
+jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ
+Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v
+1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
+nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH
+VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw
+IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL
+SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH
+SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh
+ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X
+DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1
+TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ
+fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA
+sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU
+WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS
+nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH
+dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip
+NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC
+AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF
+MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH
+ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB
+uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl
+PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP
+JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/
+gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2
+j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6
+5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB
+o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS
+/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z
+Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE
+W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
+hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBT
+ZWN1cmUgZUJ1c2luZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQw
+MDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5j
+LjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENBLTEwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ1MRo
+RvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBu
+WqDZQu4aIZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKw
+Env+j6YDAgMBAAGjZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFEp4MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRK
+eDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQFAAOBgQB1W6ibAxHm6VZM
+zfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5lSE/9dR+
+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN
+/Bf+KpYrtWKmpj29f5JZzVoqgrI3eQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
+ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIw
+MDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0VxdWlmYXggU2Vj
+dXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEdsb2JhbCBlQnVzaW5l
+c3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRVPEnC
+UdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc
+58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/
+o5brhTMhHD4ePmBudpxnhcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAH
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1dr
+aGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUA
+A4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkA
+Z70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv
+8qIYNMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
+BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
+aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV
+BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1
+Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz
+MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+
+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp
+em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN
+ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY
+B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH
+D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF
+Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo
+q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D
+k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH
+fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut
+dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM
+ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8
+zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn
+rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX
+U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6
+Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5
+XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF
+Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR
+HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY
+GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c
+77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3
++GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK
+vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6
+FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
+yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
+AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
+y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
+NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
+IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
+R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
+PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
+Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
+TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
+5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
+S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
+2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
+EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
+EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
+/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
+A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
+abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
+I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
+4iIprn2DQKi6bA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
+R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx
+MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
+Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9
+AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA
+ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0
+7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W
+kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI
+mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ
+KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1
+6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl
+4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K
+oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
+UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
+AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL
+MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
+KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2
+MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV
+BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw
+NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV
+BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL
+So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal
+tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG
+CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT
+qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz
+rD6ogRLQy7rQkgu2npaqBA+K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB
+mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
+MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ
+BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg
+MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0
+BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz
++uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm
+hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn
+5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W
+JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL
+DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC
+huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB
+AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB
+zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN
+kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD
+AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH
+SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G
+spki4cErx5z481+oghLrGREt
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD
+VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1
+c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81
+WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG
+FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq
+XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL
+se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb
+KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd
+IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73
+y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt
+hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc
+QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4
+Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV
+HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ
+KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z
+dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ
+L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr
+Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo
+ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY
+T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz
+GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
+1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV
+OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
+6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
+QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
+c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
+BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0
+IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV
+VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8
+cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT
+QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh
+F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v
+c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w
+mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd
+VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX
+teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ
+f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe
+Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+
+nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB
+/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY
+MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc
+aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX
+IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn
+ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z
+uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN
+Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja
+QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
+koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
+ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
+DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
+bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD
+aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx
+MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy
+cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG
+A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl
+BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed
+KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7
+G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2
+zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4
+ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG
+HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2
+Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V
+yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e
+beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r
+6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh
+wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog
+zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW
+BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr
+ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp
+ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt
+YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC
+CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow
+KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI
+hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ
+UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz
+X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x
+fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz
+a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd
+Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd
+SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O
+AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso
+M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge
+v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z
+09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk
+MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH
+bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
+DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
+QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ
+FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F
+uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX
+kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs
+ewv4n4Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk
+MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH
+bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX
+DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD
+QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc
+8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke
+hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI
+KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg
+515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO
+xwy8p2Fp8fc74SrL+SvzZpA3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
+MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
+RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
+gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
+KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
+QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
+XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
+LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
+RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
+jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
+6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
+mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
+Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
+WD9f
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
+MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
+YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
+MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
+ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
+MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
+ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
+PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
+wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
+EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
+avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
+sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
+/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
+IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
+OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
+TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
+HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
+dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
+ReYNnyicsbkqWletNw+vHX/bvZ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
+EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
+ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz
+NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
+EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE
+AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD
+E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH
+/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy
+DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh
+GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR
+tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA
+AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE
+FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX
+WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu
+9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr
+gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo
+2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO
+LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI
+4uJEvlz36hz1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix
+RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
+dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p
+YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw
+NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK
+EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl
+cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
+c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz
+dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ
+fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns
+bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD
+75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP
+FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp
+5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu
+b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA
+A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p
+6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8
+TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7
+dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys
+Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI
+l7WdmplNsDz4SgCbZN2fOUvRJ9e4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
+FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
+Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG
+A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr
+b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ
+jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn
+PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh
+ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9
+nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h
+q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED
+MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC
+mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3
+7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB
+oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs
+EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
+fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
+AmvZWg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw
+MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw
+JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT
+3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU
++ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp
+S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1
+bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi
+T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL
+vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK
+Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK
+dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT
+c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv
+l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N
+iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD
+ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH
+6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt
+LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93
+nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3
++wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK
+W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT
+AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq
+l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG
+4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ
+mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
+7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
+VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN
+MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0
+MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7
+ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy
+RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS
+bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF
+/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R
+3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw
+EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy
+9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V
+GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ
+2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV
+WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD
+W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
+BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN
+AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj
+t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV
+DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9
+TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G
+lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW
+mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df
+WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5
++bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ
+tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA
+GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv
+8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYT
+AkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQ
+TS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG
+9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMB4XDTAyMTIxMzE0MjkyM1oXDTIw
+MTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAM
+BgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEO
+MAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2
+LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaI
+s9z4iPf930Pfeo2aSVz2TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2
+xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCWSo7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4
+u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYyHF2fYPepraX/z9E0+X1b
+F8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNdfrGoRpAx
+Vs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGd
+PDPQtQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNV
+HSAEDjAMMAoGCCqBegF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAx
+NjAfBgNVHSMEGDAWgBSjBS8YYFDCiQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUF
+AAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RKq89toB9RlPhJy3Q2FLwV3duJ
+L92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3QMZsyK10XZZOY
+YLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg
+Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2a
+NjSaTFR+FwNIlQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R
+0982gaEbeC9xs/FZTEYYKKuF0mBWWg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4
+MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
+ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD
+VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j
+b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq
+scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO
+xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H
+LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX
+uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD
+yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+
+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q
+rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN
+BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L
+hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB
+QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+
+HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu
+Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg
+QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB
+BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx
+MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA
+A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb
+laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56
+awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo
+JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw
+LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT
+VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk
+LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb
+UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/
+QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+
+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
+QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5jCCA86gAwIBAgIEO45L/DANBgkqhkiG9w0BAQUFADBdMRgwFgYJKoZIhvcN
+AQkBFglwa2lAc2suZWUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKExlBUyBTZXJ0aWZp
+dHNlZXJpbWlza2Vza3VzMRAwDgYDVQQDEwdKdXVyLVNLMB4XDTAxMDgzMDE0MjMw
+MVoXDTE2MDgyNjE0MjMwMVowXTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMQsw
+CQYDVQQGEwJFRTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEQ
+MA4GA1UEAxMHSnV1ci1TSzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AIFxNj4zB9bjMI0TfncyRsvPGbJgMUaXhvSYRqTCZUXP00B841oiqBB4M8yIsdOB
+SvZiF3tfTQou0M+LI+5PAk676w7KvRhj6IAcjeEcjT3g/1tf6mTll+g/mX8MCgkz
+ABpTpyHhOEvWgxutr2TC+Rx6jGZITWYfGAriPrsfB2WThbkasLnE+w0R9vXW+RvH
+LCu3GFH+4Hv2qEivbDtPL+/40UceJlfwUR0zlv/vWT3aTdEVNMfqPxZIe5EcgEMP
+PbgFPtGzlc3Yyg/CQ2fbt5PgIoIuvvVoKIO5wTtpeyDaTpxt4brNj3pssAki14sL
+2xzVWiZbDcDq5WDQn/413z8CAwEAAaOCAawwggGoMA8GA1UdEwEB/wQFMAMBAf8w
+ggEWBgNVHSAEggENMIIBCTCCAQUGCisGAQQBzh8BAQEwgfYwgdAGCCsGAQUFBwIC
+MIHDHoHAAFMAZQBlACAAcwBlAHIAdABpAGYAaQBrAGEAYQB0ACAAbwBuACAAdgDk
+AGwAagBhAHMAdABhAHQAdQBkACAAQQBTAC0AaQBzACAAUwBlAHIAdABpAGYAaQB0
+AHMAZQBlAHIAaQBtAGkAcwBrAGUAcwBrAHUAcwAgAGEAbABhAG0ALQBTAEsAIABz
+AGUAcgB0AGkAZgBpAGsAYQBhAHQAaQBkAGUAIABrAGkAbgBuAGkAdABhAG0AaQBz
+AGUAawBzMCEGCCsGAQUFBwIBFhVodHRwOi8vd3d3LnNrLmVlL2Nwcy8wKwYDVR0f
+BCQwIjAgoB6gHIYaaHR0cDovL3d3dy5zay5lZS9qdXVyL2NybC8wHQYDVR0OBBYE
+FASqekej5ImvGs8KQKcYP2/v6X2+MB8GA1UdIwQYMBaAFASqekej5ImvGs8KQKcY
+P2/v6X2+MA4GA1UdDwEB/wQEAwIB5jANBgkqhkiG9w0BAQUFAAOCAQEAe8EYlFOi
+CfP+JmeaUOTDBS8rNXiRTHyoERF5TElZrMj3hWVcRrs7EKACr81Ptcw2Kuxd/u+g
+kcm2k298gFTsxwhwDY77guwqYHhpNjbRxZyLabVAyJRld/JXIWY7zoVAtjNjGr95
+HvxcHdMdkxuLDF2FvZkwMhgJkVLpfKG6/2SSmuz+Ne6ML678IIbsSt4beDI3poHS
+na9aEhbKmVv8b20OxaAehsmR0FyYgl9jDIpaq9iVpszLita/ZEuOyoqysOkhMp6q
+qIWYNIE5ITuoOlIyPfZrN4YGWhWY3PARZv40ILcD9EEQfTmEeZZyY7aWAuVrua0Z
+TbvGRNs2yyqcjg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y
+OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx
+FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp
+Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP
+kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc
+cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U
+fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7
+N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC
+xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1
++rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG
+SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h
+mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk
+ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775
+tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
+2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t
+HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAw
+cjELMAkGA1UEBhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNy
+b3NlYyBMdGQuMRQwEgYDVQQLEwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9z
+ZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0MDYxMjI4NDRaFw0xNzA0MDYxMjI4
+NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVzdDEWMBQGA1UEChMN
+TWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMTGU1p
+Y3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2u
+uO/TEdyB5s87lozWbxXGd36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+
+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/NoqdNAoI/gqyFxuEPkEeZlApxcpMqyabA
+vjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjcQR/Ji3HWVBTji1R4P770
+Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJPqW+jqpx
+62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcB
+AQRbMFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3Aw
+LQYIKwYBBQUHMAKGIWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAP
+BgNVHRMBAf8EBTADAQH/MIIBcwYDVR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIB
+AQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3LmUtc3ppZ25vLmh1L1NaU1ov
+MIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0AdAB2AOEAbgB5
+ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn
+AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABT
+AHoAbwBsAGcA4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABh
+ACAAcwB6AGUAcgBpAG4AdAAgAGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABo
+AHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMAegBpAGcAbgBvAC4AaAB1AC8AUwBa
+AFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6Ly93d3cuZS1zemln
+bm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NOPU1p
+Y3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxP
+PU1pY3Jvc2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZv
+Y2F0aW9uTGlzdDtiaW5hcnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuB
+EGluZm9AZS1zemlnbm8uaHWkdzB1MSMwIQYDVQQDDBpNaWNyb3NlYyBlLVN6aWdu
+w7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhTWjEWMBQGA1UEChMNTWlj
+cm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhVMIGsBgNV
+HSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJI
+VTERMA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDAS
+BgNVBAsTC2UtU3ppZ25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBS
+b290IENBghEAzLjnv04pGv2i3GalHCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS
+8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMTnGZjWS7KXHAM/IO8VbH0jgds
+ZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FEaGAHQzAxQmHl
+7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a
+86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfR
+hUZLphK3dehKyVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/
+MPMMNz7UwiiAc7EBt51alhQBS6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB
+pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz
+IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT
+lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz
+AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5
+VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG
+ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2
+BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG
+AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M
+U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh
+bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C
++C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
+bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F
+uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2
+XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQD
+EylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikgVGFudXNpdHZhbnlraWFkbzAeFw05
+OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5l
+dExvY2sgVXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xK
+gZjupNTKihe5In+DCnVMm8Bp2GQ5o+2So/1bXHQawEfKOml2mrriRBf8TKPV/riX
+iK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr1nGTLbO/CVRY7QbrqHvc
+Q7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8E
+BAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1G
+SUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFu
+b3MgU3pvbGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBh
+bGFwamFuIGtlc3p1bHQuIEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExv
+Y2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGln
+aXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0
+IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh
+c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGph
+biBhIGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJo
+ZXRvIGF6IGVsbGVub3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBP
+UlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmlj
+YXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBo
+dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNA
+bmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06
+sPgzTEdM43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXa
+n3BukxowOR0w2y7jfLKRstE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKS
+NitjrFgBazMpUIaD8QFI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQD
+EytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBDKSBUYW51c2l0dmFueWtpYWRvMB4X
+DTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJBgNVBAYTAkhVMREw
+DwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9u
+c2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMr
+TmV0TG9jayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNA
+OoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3ZW3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC
+2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63euyucYT2BDMIJTLrdKwW
+RMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0P
+AQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEW
+ggJNRklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0
+YWxhbm9zIFN6b2xnYWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFz
+b2sgYWxhcGphbiBrZXN6dWx0LiBBIGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBO
+ZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1iaXp0b3NpdGFzYSB2ZWRpLiBB
+IGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0ZWxlIGF6IGVs
+b2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs
+ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25s
+YXBqYW4gYSBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kg
+a2VyaGV0byBheiBlbGxlbm9yemVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4g
+SU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5kIHRoZSB1c2Ugb2YgdGhpcyBjZXJ0
+aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQUyBhdmFpbGFibGUg
+YXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwgYXQg
+Y3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmY
+ta3UzbM2xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2g
+pO0u9f38vf5NNwgMvOOWgyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4
+Fp1hBWeAyNDYpQcCNJgEjTME1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhV
+MRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMe
+TmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0
+dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFzcyBB
+KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oXDTE5MDIxOTIzMTQ0
+N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhC
+dWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQu
+MRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBL
+b3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSMD7tM9DceqQWC2ObhbHDqeLVu0ThEDaiD
+zl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZz+qMkjvN9wfcZnSX9EUi
+3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC/tmwqcm8
+WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LY
+Oph7tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2Esi
+NCubMvJIH5+hCoR64sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCC
+ApswDgYDVR0PAQH/BAQDAgAGMBIGA1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4
+QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZRUxFTSEgRXplbiB0
+YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRhdGFz
+aSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu
+IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtm
+ZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMg
+ZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVs
+amFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJhc2EgbWVndGFsYWxoYXRv
+IGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBzOi8vd3d3
+Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6
+ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1
+YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3Qg
+dG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRs
+b2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNAbmV0bG9jay5uZXQuMA0G
+CSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5ayZrU3/b39/zcT0mwBQO
+xmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjPytoUMaFP
+0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQ
+QeJBCWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxk
+f1qbFFgBJ34TUMdrKuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK
+8CtmdWOMovsEPoMOmzbwGOQmIMOM8CgHrTwXZoi1/baI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
+b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQD
+EzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVneXpvaSAoQ2xhc3MgUUEpIFRhbnVz
+aXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0bG9jay5odTAeFw0w
+MzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTERMA8G
+A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
+Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5l
+dExvY2sgTWlub3NpdGV0dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZh
+bnlraWFkbzEeMBwGCSqGSIb3DQEJARYPaW5mb0BuZXRsb2NrLmh1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRVCacbvWy5FPSKAtt2/Goq
+eKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e8ia6AFQe
+r7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO5
+3Lhbm+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWd
+vLrqOU+L73Sa58XQ0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0l
+mT+1fMptsK6ZmfoIYOcZwvK9UdPM0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4IC
+wDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwggJ1Bglg
+hkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2YW55IGEgTmV0
+TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh
+biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQg
+ZWxla3Ryb25pa3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywg
+dmFsYW1pbnQgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6
+b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwgYXogQWx0YWxhbm9zIFN6ZXJ6b2Rl
+c2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kgZWxqYXJhcyBtZWd0
+ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczovL3d3
+dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0Bu
+ZXRsb2NrLm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBh
+bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRo
+ZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMgYXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3
+Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0IGluZm9AbmV0bG9jay5u
+ZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3DQEBBQUA
+A4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQ
+MznNwNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+
+NFAwLvt/MpqNPfMgW/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCR
+VCHnpgu0mfVRQdzNo0ci2ccBgcTcR08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY
+83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR5qq5aKrN9p2QdRLqOBrKROi3
+macqaJVmlaut74nLYKkGEsaUR+ko
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
+MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
+MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
+dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV
+UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO
+ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz
+c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP
+OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl
+mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF
+BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4
+qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw
+gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu
+bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp
+dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8
+6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/
+h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
+/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv
+wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
+pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB
+ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly
+aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl
+ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w
+NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G
+A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD
+VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX
+SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR
+VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2
+w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF
+mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg
+4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9
+4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw
+EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx
+SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2
+ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8
+vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa
+hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi
+Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ
+/L7fCg0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
+MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
+Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i
+YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x
+CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG
+b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh
+bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3
+HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx
+WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX
+1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk
+u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P
+99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r
+M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB
+BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh
+cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
+gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
+ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
+aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
+Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
+YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
+dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
+aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
+IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
+KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEw
+MFoXDTIwMTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHBy
+b2NlcnQubmV0LnZlMQ8wDQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGEx
+KjAoBgNVBAsTIVByb3ZlZWRvciBkZSBDZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQG
+A1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9u
+aWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo9
+7BVCwfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74
+BCXfgI8Qhd19L3uA3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38G
+ieU89RLAu9MLmV+QfI4tL3czkkohRqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9
+JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmOEO8GqQKJ/+MMbpfg353bIdD0
+PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG20qCZyFSTXai2
+0b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
+0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/
+6mnbVSKVUyqUtd+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1m
+v6JpIzi4mWCZDlZTOpx+FIywBm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7
+K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvpr2uKGcfLFFb14dq12fy/czja+eev
+bqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/AgEBMDcGA1UdEgQw
+MC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0w
+MB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFD
+gBStuyIdxuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0
+b3JpZGFkIGRlIENlcnRpZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xh
+bm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0
+cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRp
+ZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEg
+ZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkq
+hkiG9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQD
+AgEGME0GA1UdEQRGMESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0w
+MDAwMDKgGwYFYIZeAgKgEgwQUklGLUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEag
+RKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9sY3IvQ0VSVElGSUNBRE8t
+UkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNyYWl6LnN1c2Nl
+cnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
+Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsG
+AQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcN
+AQELBQADggIBACtZ6yKZu4SqT96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS
+1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmNg7+mvTV+LFwxNG9s2/NkAZiqlCxB
+3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4quxtxj7mkoP3Yldmv
+Wb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1n8Gh
+HVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHm
+pHmJWhSnFFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXz
+sOfIt+FTvZLm8wyWuevo5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bE
+qCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq3TNWOByyrYDT13K9mmyZY+gAu0F2Bbdb
+mRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5poLWccret9W6aAjtmcz9
+opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3YeMLEYC/H
+YvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00
+MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV
+wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe
+rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341
+68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh
+4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp
+UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o
+abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc
+3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G
+KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt
+hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO
+Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt
+zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD
+ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC
+MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2
+cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN
+qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5
+YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv
+b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2
+8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k
+NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj
+ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp
+q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt
+nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
+GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
+Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
+WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
+rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
++ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
+ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
+Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
+PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
+/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
+oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
+yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
+EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
+A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
+MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
+ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
+BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
+g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
+fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
+WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
+B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
+hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
+TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
+mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
+ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
+4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00
+MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf
+qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW
+n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym
+c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+
+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1
+o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j
+IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq
+IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz
+8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh
+vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l
+7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG
+cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD
+ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66
+AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC
+roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga
+W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n
+lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE
++V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV
+csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd
+dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg
+KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM
+HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4
+WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM
+V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB
+4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr
+H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd
+8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv
+vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT
+mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe
+btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc
+T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt
+WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ
+c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A
+4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD
+VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG
+CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
+aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0
+aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
+dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw
+czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G
+A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg
+Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0
+7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem
+d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd
++LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B
+4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN
+t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x
+DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57
+k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
+zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
+Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
+mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
+4SVhM7JZG+Ju1zdXtg2pEto=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00
+MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
+aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR
+/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu
+FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR
+U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c
+ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR
+FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k
+A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw
+eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl
+sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp
+VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q
+A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+
+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD
+ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px
+KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI
+FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv
+oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg
+u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP
+0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf
+3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl
+8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+
+DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN
+PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/
+ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
+MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
+IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
+dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
+li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
+rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
+WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
+F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
+xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
+Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
+dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
+ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
+IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
+c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
+ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
+Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
+KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
+KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
+y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
+dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
+VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
+MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
+fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
+7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
+cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
+mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
+xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
+SnQ2+Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJF
+UzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJ
+R1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcN
+MDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3WjBoMQswCQYDVQQGEwJFUzEfMB0G
+A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScw
+JQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+
+WmmmO3I2F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKj
+SgbwJ/BXufjpTjJ3Cj9BZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGl
+u6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQD0EbtFpKd71ng+CT516nDOeB0/RSrFOy
+A8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXteJajCq+TA81yc477OMUxk
+Hl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMBAAGjggM7
+MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBr
+aS5ndmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIIC
+IwYKKwYBBAG/VQIBADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8A
+cgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIA
+YQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIAYQBsAGkAdABhAHQAIABWAGEA
+bABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQByAGEAYwBpAPMA
+bgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA
+aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMA
+aQBvAG4AYQBtAGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQA
+ZQAgAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEA
+YwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBuAHQAcgBhACAAZQBuACAAbABhACAA
+ZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAAOgAvAC8AdwB3AHcA
+LgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0dHA6
+Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+y
+eAT8MIGVBgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQsw
+CQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0G
+A1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVu
+Y2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRhTvW1yEICKrNcda3Fbcrn
+lD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdzCkj+IHLt
+b8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg
+9J63NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XF
+ducTZnV+ZfsBn5OHiJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmC
+IoaZM3Fa6hlXPZHNqcCjbgcTpsnt+GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6
+MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
+dHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAX
+BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAy
+MDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt49VcdKA3Xtp
+eafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7Jylg
+/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGl
+wSMiuLgbWhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnh
+AMFRD0xS+ARaqn1y07iHKrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2
+PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpu
+AWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4EFgQUB8NR
+MKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYc
+HnmYv/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/
+Zb5gEydxiKRz44Rj0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+
+f00/FGj1EVDVwfSQpQgdMWD/YIwjVAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVO
+rSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEkllgVsRch
+6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kApKnXwiJPZ9d3
+7CAFYd4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx
+MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg
+Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ
+iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa
+/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ
+jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI
+HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7
+sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w
+gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw
+KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG
+AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L
+URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO
+H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
+I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
+iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
+f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr
+MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG
+A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0
+MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp
+Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD
+QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz
+i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8
+h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV
+MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9
+UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni
+8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC
+h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
+AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm
+KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ
+X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr
+QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5
+pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN
+QSdJQO7e5iNEOdyhIta6A/I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz
+MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv
+cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz
+Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO
+0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao
+wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj
+7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS
+8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT
+BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg
+JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC
+NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
+6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/
+3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
+D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
+CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
+3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDEl
+MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMh
+U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIz
+MloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09N
+IFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNlY3VyaXR5IENvbW11
+bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSE
+RMqm4miO/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gO
+zXppFodEtZDkBp2uoQSXWHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5
+bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4zZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDF
+MxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4bepJz11sS6/vmsJWXMY1
+VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK9U2vP9eC
+OKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HW
+tWS3irO4G8za+6xmiEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZ
+q51ihPZRwSzJIxXYKLerJRO1RuGGAv8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDb
+EJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnWmHyojf6GPgcWkuF75x3sM3Z+
+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEWT1MKZPlO9L9O
+VL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl
+MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe
+U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX
+DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy
+dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj
+YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV
+OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr
+zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM
+VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ
+hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO
+ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw
+awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs
+OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF
+coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc
+okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8
+t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy
+1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/
+SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
+MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
+dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
+WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
+VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
+9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
+DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
+Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
+QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
+xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
+A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
+kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
+Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
+Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
+JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
+RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAx
+MDQwNjEwNDkxM1oXDTIxMDQwNjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMSBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H887dF+2rDNbS82rDTG
+29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9EJUk
+oVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk
+3w0LBUXl0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBL
+qdReLjVQCfOAl/QMF6452F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIIN
+nvmLVz5MxxftLItyM19yejhW1ebZrgUaHXVFsculJRwSVzb9IjcCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZTiFIwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE928Jj2VuX
+ZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0H
+DjxVyhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VO
+TzF2nBBhjrZTOqMRvq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2Uv
+kVrCqIexVmiUefkl98HVrhq4uz2PqYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4w
+zMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9ZIRlXvVWa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
+MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
+MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV
+BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o
+Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt
+5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s
+3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej
+vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu
+8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil
+zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/
+3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD
+FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
+Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
+ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y
+MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg
+TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS
+b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS
+M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC
+UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d
+Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p
+rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l
+pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb
+j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC
+KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS
+/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X
+cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH
+1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP
+px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7
+MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI
+eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u
+2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS
+v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC
+wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy
+CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e
+vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6
+Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa
+Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL
+eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
+FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
+7uzXLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEy
+MTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVk
+ZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFtvszn
+ExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw71
+9tV2U02PjLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MO
+hXeiD+EwR+4A5zN9RGcaC1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+U
+tFE5A3+y3qcym7RHjm+0Sq7lr7HcsBthvJly3uSJt3omXdozSVtSnA71iq3DuD3o
+BmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn622r+I/q85Ej0ZytqERAh
+SQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRVHSAAMDww
+OgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMv
+cm9vdC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA
+7Jbg0zTBLL9s+DANBgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k
+/rvuFbQvBgwp8qiSpGEN/KtcCFtREytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzm
+eafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbwMVcoEoJz6TMvplW0C5GUR5z6
+u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3ynGQI0DvDKcWy
+7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR
+iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX
+DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291
+qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp
+uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU
+Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE
+pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp
+5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M
+UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN
+GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy
+5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv
+6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK
+eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6
+B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/
+BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov
+L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG
+SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS
+CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen
+5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897
+IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK
+gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL
++63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL
+vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm
+bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk
+N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC
+Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z
+ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX
+DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv
+b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP
+cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW
+IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX
+xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy
+KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR
+9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az
+5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8
+6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7
+Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP
+bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt
+BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt
+XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd
+INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD
+U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp
+LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8
+Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp
+gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh
+/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw
+0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A
+fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq
+4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR
+1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/
+QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
+94B7IWcnMFk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
+MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
+U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
+NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
+ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
+ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
+DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
+8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
++lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
+X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
+K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
+1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
+A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
+zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
+YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
+bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
+L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
+eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
+xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
+VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
+WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
+HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs
+ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw
+MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6
+b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj
+aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp
+Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg
+nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1
+HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N
+Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN
+dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0
+HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G
+CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU
+sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3
+4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg
+8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K
+pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1
+mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
+HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs
+ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5
+MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy
+ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy
+dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p
+OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2
+8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K
+Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe
+hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk
+6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q
+AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI
+bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB
+ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z
+qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd
+iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn
+0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN
+sSi6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul
+F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC
+ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w
+ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk
+aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0
+YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg
+c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93
+d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG
+CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF
+wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS
+Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst
+0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc
+pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl
+CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF
+P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK
+1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm
+KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
+JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ
+8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm
+fyWl8kgAwKQB2j8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
+FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
+ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
+LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
+BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
+Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
+dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
+cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
+YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
+dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
+bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
+YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
+TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
+9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
+jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
+FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
+ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
+ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
+EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
+L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
+yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
+O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
+um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
+NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkgRzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1
+OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEsMCoG
+A1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRzIwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8Oo1XJ
+JZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsD
+vfOpL9HG4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnoo
+D/Uefyf3lLE3PbfHkffiAez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/
+Q0kGi4xDuFby2X8hQxfqp0iVAXV16iulQ5XqFYSdCI0mblWbq9zSOdIxHWDirMxW
+RST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbsO+wmETRIjfaAKxojAuuK
+HDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8HvKTlXcxN
+nw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM
+0D4LnMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/i
+UUjXuG+v+E5+M5iSFGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9
+Ha90OrInwMEePnWjFqmveiJdnxMaz6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHg
+TuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJKoZIhvcNAQEL
+BQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
+2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfX
+UfEpY9Z1zRbkJ4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl
+6/2o1PXWT6RbdejF0mCy2wl+JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK
+9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG/+gyRr61M3Z3qAFdlsHB1b6uJcDJ
+HgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTcnIhT76IxW1hPkWLI
+wpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/XldblhY
+XzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5l
+IxKVCCIcl85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoo
+hdVddLHRDiBYmxOlsGOm7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulr
+so8uBtjRkcfGEvRM/TAXw8HaOFvjqermobp573PYtlNXLfbQ4ddI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEezCCA2OgAwIBAgIQNxkY5lNUfBq1uMtZWts1tzANBgkqhkiG9w0BAQUFADCB
+rjELMAkGA1UEBhMCREUxIDAeBgNVBAgTF0JhZGVuLVd1ZXJ0dGVtYmVyZyAoQlcp
+MRIwEAYDVQQHEwlTdHV0dGdhcnQxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fz
+c2VuIFZlcmxhZyBHbWJIMT4wPAYDVQQDEzVTLVRSVVNUIEF1dGhlbnRpY2F0aW9u
+IGFuZCBFbmNyeXB0aW9uIFJvb3QgQ0EgMjAwNTpQTjAeFw0wNTA2MjIwMDAwMDBa
+Fw0zMDA2MjEyMzU5NTlaMIGuMQswCQYDVQQGEwJERTEgMB4GA1UECBMXQmFkZW4t
+V3VlcnR0ZW1iZXJnIChCVykxEjAQBgNVBAcTCVN0dXR0Z2FydDEpMCcGA1UEChMg
+RGV1dHNjaGVyIFNwYXJrYXNzZW4gVmVybGFnIEdtYkgxPjA8BgNVBAMTNVMtVFJV
+U1QgQXV0aGVudGljYXRpb24gYW5kIEVuY3J5cHRpb24gUm9vdCBDQSAyMDA1OlBO
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bVKwdMz6tNGs9HiTNL1
+toPQb9UY6ZOvJ44TzbUlNlA0EmQpoVXhOmCTnijJ4/Ob4QSwI7+Vio5bG0F/WsPo
+TUzVJBY+h0jUJ67m91MduwwA7z5hca2/OnpYH5Q9XIHV1W/fuJvS9eXLg3KSwlOy
+ggLrra1fFi2SU3bxibYs9cEv4KdKb6AwajLrmnQDaHgTncovmwsdvs91DSaXm8f1
+XgqfeN+zvOyauu9VjxuapgdjKRdZYgkqeQd3peDRF2npW932kKvimAoA0SVtnteF
+hy+S8dF2g08LOlk3KC8zpxdQ1iALCvQm+Z845y2kuJuJja2tyWp9iRe79n+Ag3rm
+7QIDAQABo4GSMIGPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEG
+MCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTVFJvbmxpbmUxLTIwNDgtNTAdBgNV
+HQ4EFgQUD8oeXHngovMpttKFswtKtWXsa1IwHwYDVR0jBBgwFoAUD8oeXHngovMp
+ttKFswtKtWXsa1IwDQYJKoZIhvcNAQEFBQADggEBAK8B8O0ZPCjoTVy7pWMciDMD
+pwCHpB8gq9Yc4wYfl35UvbfRssnV2oDsF9eK9XvCAPbpEW+EoFolMeKJ+aQAPzFo
+LtU96G7m1R08P7K9n3frndOMusDXtk3sU5wPBG7qNWdX4wple5A64U8+wwCSersF
+iXOMy6ZNwPv2AtawB6MDwidAnwzkhYItr5pCHdDHjfhA7p0GVxzZotiAFP7hYy0y
+h9WUUpY6RsZxlj33mA6ykaqP2vROJAA5VeitF7nTNCtKqUDMFypVZUF0Qn71wK/I
+k63yGFs9iQzbRzkk+OBM8h+wPQrKBU6JIRrjKpms/H+h8Q8bHz2eBIPdltkdOpQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB
+hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl
+cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj
+ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy
+MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT
+IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS
+VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p
+dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo
+4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv
+otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv
+WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS
+U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T
+OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20
+S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
+AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG
+9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z
+MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q
+JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R
+UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq
+9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO
+KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
+MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
+Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
+AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
+Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
+m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
+FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
+TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
+EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
+kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
+HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
+vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
+19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
+L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
+bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
+JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
+FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
+BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
+K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
+ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
+Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
+sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
+3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
+ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
+mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
+b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
+rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
+hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
+zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
+MBr1mmz0DlP5OlvRHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk
+MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
+YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
+Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT
+AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
+Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr
+jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r
+0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f
+2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP
+ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF
+y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA
+tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL
+6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0
+uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL
+acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh
+k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q
+VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
+FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
+BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh
+b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R
+fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv
+/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI
+REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx
+srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv
+aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT
+woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n
+Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W
+t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N
+8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2
+9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5
+wSsSnqaeG8XmDtkx2Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw
+ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp
+dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290
+IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD
+VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy
+dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg
+MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx
+UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD
+1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH
+oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR
+HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/
+5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv
+idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL
+OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC
+NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f
+46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB
+UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth
+7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
+MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB
+bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x
+XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T
+PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0
+Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70
+WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL
+Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm
+7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S
+nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN
+vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB
+WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI
+fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb
+I+2ksx0WckNLIOFZfsLorSa/ovc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
+biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
+d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8
+76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+
+bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c
+6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE
+emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd
+MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt
+MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y
+MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y
+FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi
+aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM
+gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB
+qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7
+lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
+8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6
+45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
+UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
+O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
+bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
+GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
+77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
+hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
+92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
+Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
+ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
+Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
+IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw
+WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD
+ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y
+IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn
+IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+
+6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob
+jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw
+izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl
++zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY
+zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP
+pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF
+KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW
+ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB
+AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
+ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW
+IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA
+A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0
+uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+
+FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7
+jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/
+u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D
+YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1
+puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
+icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
+DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
+kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
+Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
+BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
+IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow
+RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY
+U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv
+Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br
+YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF
+nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH
+6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt
+eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/
+c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ
+MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH
+HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf
+jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6
+5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB
+rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
+F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c
+wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0
+cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB
+AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp
+WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9
+xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ
+2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ
+IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8
+aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X
+em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
+dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
+OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
+tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
+MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
+PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR
+IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q
+gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy
+yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts
+F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2
+jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx
+ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC
+VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK
+YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH
+EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN
+Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud
+DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE
+MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK
+UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ
+TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf
+qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK
+ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE
+JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7
+hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1
+EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm
+nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
+udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
+ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
+LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
+pYYsfPQS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL
+MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV
+BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0
+Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1
+OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i
+SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc
+VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW
+Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q
+Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2
+1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq
+ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1
+Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud
+EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX
+XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy
+dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6
+Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz
+JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290
+Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u
+TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN
+irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8
+TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6
+g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB
+95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj
+S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw
+NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
+b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD
+VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2
+MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F
+VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1
+7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X
+Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+
+/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs
+81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm
+dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe
+Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu
+sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4
+pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs
+slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ
+arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD
+VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG
+9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl
+dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx
+0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj
+TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed
+Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7
+Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI
+OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7
+vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW
+t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn
+HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx
+SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
+qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
+Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
+MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
+BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw
+NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j
+LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG
+A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
+IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs
+W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta
+3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk
+6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6
+Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J
+NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP
+r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU
+DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz
+YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
+xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
+/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
+LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
+jVaMaA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp
+IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi
+BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw
+MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh
+d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig
+YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v
+dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/
+BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6
+papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K
+DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3
+KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox
+XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB
+rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
+Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
+MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
+BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa
+Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl
+LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u
+MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl
+ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm
+gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8
+YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf
+b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9
+9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S
+zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk
+OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA
+2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW
+oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu
+t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c
+KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM
+m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu
+MdRAGmI0Nj81Aa6sY6A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
+MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
+ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx
+MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc
+MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+
+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH
+iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj
+vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA
+0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB
+OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E
+FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01
+GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW
+zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4
+1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE
+f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
+jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
+ZetX2fNXlrtIzYE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
+KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
+BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl
+YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1
+OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy
+aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50
+ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd
+AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC
+FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi
+1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq
+jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ
+wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/
+WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy
+NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC
+uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw
+IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6
+g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
+9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
+BSeOE6Fuwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
+KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
+BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl
+YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1
+OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy
+aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50
+ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN
+8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/
+RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4
+hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5
+ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM
+EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1
+A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy
+WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ
+1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30
+6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT
+91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml
+e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p
+TpPDpFQUWw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRS
+MRgwFgYDVQQHDA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJp
+bGltc2VsIHZlIFRla25vbG9qaWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSw
+VEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ryb25payB2ZSBLcmlwdG9sb2ppIEFy
+YcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNVBAsMGkthbXUgU2Vy
+dGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUgS8O2
+ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAe
+Fw0wNzA4MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIx
+GDAWBgNVBAcMD0dlYnplIC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmls
+aW1zZWwgdmUgVGVrbm9sb2ppayBBcmHFn3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBU
+QUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZlIEtyaXB0b2xvamkgQXJh
+xZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2FtdSBTZXJ0
+aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7Zr
+IFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4h
+gb46ezzb8R1Sf1n68yJMlaCQvEhOEav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yK
+O7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1xnnRFDDtG1hba+818qEhTsXO
+fJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR6Oqeyjh1jmKw
+lZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
+hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQID
+AQABo0IwQDAdBgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmP
+NOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4N5EY3ATIZJkrGG2AA1nJrvhY0D7t
+wyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLTy9LQQfMmNkqblWwM
+7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYhLBOh
+gLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5n
+oN+J1q2MdqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUs
+yZyQ2uypQjyttgI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
+UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
+c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
+S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
+SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
+OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
+b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
+VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
+sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
+ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
+KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
++7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
+HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
+IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
+733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
+Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
+AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
+aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
+mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
+XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
+qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE
+BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn
+aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg
+QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg
+SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0
+MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD
+VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8
+dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF
+bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom
+/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR
+Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3
+4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z
+5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0
+hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID
+AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX
+SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l
+VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq
+URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf
+peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF
+Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW
++qtB4Uu2NQvAmxU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQG
+EwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdp
+IMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBB
+LsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBI
+aXptZXQgU2HEn2xhecSxY8Sxc8SxIEg2MB4XDTEzMTIxODA5MDQxMFoXDTIzMTIx
+NjA5MDQxMFowgbExCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExTTBLBgNV
+BAoMRFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2
+ZW5sacSfaSBIaXptZXRsZXJpIEEuxZ4uMUIwQAYDVQQDDDlUw5xSS1RSVVNUIEVs
+ZWt0cm9uaWsgU2VydGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLEgSDYwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdsGjW6L0UlqMACprx9MfMkU1x
+eHe59yEmFXNRFpQJRwXiM/VomjX/3EsvMsew7eKC5W/a2uqsxgbPJQ1BgfbBOCK9
++bGlprMBvD9QFyv26WZV1DOzXPhDIHiTVRZwGTLmiddk671IUP320EEDwnS3/faA
+z1vFq6TWlRKb55cTMgPp1KtDWxbtMyJkKbbSk60vbNg9tvYdDjTu0n2pVQ8g9P0p
+u5FbHH3GQjhtQiht1AH7zYiXSX6484P4tZgvsycLSF5W506jM7NE1qXyGJTtHB6p
+lVxiSvgNZ1GpryHV+DKdeboaX+UEVU0TRv/yz3THGmNtwx8XEsMeED5gCLMxAgMB
+AAGjQjBAMB0GA1UdDgQWBBTdVRcT9qzoSCHK77Wv0QAy7Z6MtTAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAb1gNl0Oq
+FlQ+v6nfkkU/hQu7VtMMUszIv3ZnXuaqs6fvuay0EBQNdH49ba3RfdCaqaXKGDsC
+QC4qnFAUi/5XfldcEQlLNkVS9z2sFP1E34uXI9TDwe7UU5X+LEr+DXCqu4svLcsy
+o4LyVN/Y8t3XSHLuSqMplsNEzm61kod2pLv0kmzOLBQJZo6NrRa1xxsJYTvjIKID
+gI6tflEATseWhvtDmHd9KMeP2Cpu54Rvl0EpABZeTeIT6lnAY2c6RPuY/ATTMHKm
+9ocJV612ph1jmv3XZch4gyt1O6VbuA1df74jrlZVlFjvH4GMKrLN5ptjnhi85WsG
+tAuYSyher4hYyw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx
+EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT
+VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5
+NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF
+10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz
+0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh
+MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH
+zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc
+46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2
+yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi
+laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP
+oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA
+BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE
+qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm
+4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL
+1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn
+LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF
+H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo
+RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+
+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh
+15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW
+6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW
+nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j
+wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz
+aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy
+KwbQBM0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES
+MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU
+V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz
+WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO
+LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE
+AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH
+K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX
+RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z
+rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx
+3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq
+hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC
+MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls
+XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D
+lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn
+aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ
+YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx
+MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg
+VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo
+I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng
+o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G
+A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB
+zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW
+RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw
+MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV
+BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU
+aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B
+3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY
+tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/
+Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2
+VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT
+79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6
+c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT
+Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l
+c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee
+UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE
+Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd
+BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF
+Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO
+VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3
+ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs
+8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR
+iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze
+Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ
+XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/
+qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB
+VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB
+L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG
+jjxDah2nGN59PRbxYvnKkKj9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
+rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt
+Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa
+Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV
+BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
+dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE
+AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B
+YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9
+hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l
+L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm
+SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM
+1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws
+6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50
+aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u
+7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0
+xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ
+rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
+eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
+USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
+lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
+SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
+A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
+MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
+d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
+cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
+0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
+M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
+MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
+oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
+DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
+oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
+VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
+bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
+BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
+//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
+CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
+CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
+3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
+KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
+zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
+TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
+CSqGSIb3DQEBBQUAA4GBAFgVKTk8d6PaXCUDfGD67gmZPCcQcMgMCeazh88K4hiW
+NWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n0a3hUKw8fGJLj7qE1xIV
+Gx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZRjXZ+Hxb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
+VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
+Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0J
+h9ZrbWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul
+uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68
+DzFc6PLZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4
+nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO
+8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV
+ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb
+PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2
+6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr
+n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a
+qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4
+wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3
+ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
+pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
+E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
+YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
+MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
+aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
+Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
+IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
+KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
+eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
+HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
+DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
+nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
+rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
+jBJ7xUS0rg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
+aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s
+IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp
+Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV
+BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp
+Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu
+Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g
+Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
+IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU
+J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO
+JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY
+wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o
+koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN
+qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E
+Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe
+xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u
+7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU
+sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
+sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
+cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i
+2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ
+2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
+BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
+c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
+emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
+DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
+YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
+MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
+pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
+13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
+AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
+U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
+F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
+oJ2daZH9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
+cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
+LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
+aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
+VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
+bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
+IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
+N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
+KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
+kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
+CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
+Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
+imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
+2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
+DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
+/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
+F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
+TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
+ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln
+biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
+U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp
+U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg
+SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln
+biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm
+GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve
+fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw
+AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ
+aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj
+aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW
+kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC
+4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga
+FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
+yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
+ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
+ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
+biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
+U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
+nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
+t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
+SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
+BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
+NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
+BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
+aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
+MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
+p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
+5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
+WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
+4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
+hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB
+vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
+ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0
+IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y
+IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh
+bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF
+9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH
+H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H
+LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN
+/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT
+rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud
+EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw
+WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs
+exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud
+DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4
+sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+
+seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz
+4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+
+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR
+lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3
+7M2CYfE45k+XmCpajQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
+MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
+cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
+bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
+CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
+dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
+cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
+2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
+lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
+ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
+299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
+vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
+dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
+AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
+zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
+LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
+7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
+++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
+398znM/jra6O1I7mT1GvFpLgXPYHDw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMx
+IDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxs
+cyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9v
+dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMjEzMTcwNzU0WhcNMjIxMjE0
+MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdl
+bGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQD
+DC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+r
+WxxTkqxtnt3CxC5FlAM1iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjU
+Dk/41itMpBb570OYj7OeUt9tkTmPOL13i0Nj67eT/DBMHAGTthP796EfvyXhdDcs
+HqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8bJVhHlfXBIEyg1J55oNj
+z7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiBK0HmOFaf
+SZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/Slwxl
+AgMBAAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqG
+KGh0dHA6Ly9jcmwucGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0P
+AQH/BAQDAgHGMB0GA1UdDgQWBBQmlRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0j
+BIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGBi6SBiDCBhTELMAkGA1UEBhMC
+VVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNX
+ZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
+Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEB
+ALkVsUSRzCPIK0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd
+/ZDJPHV3V3p9+N701NX3leZ0bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pB
+A4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSljqHyita04pO2t/caaH/+Xc/77szWn
+k4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+esE2fDbbFwRnzVlhE9
+iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJtylv
+2G0xffX8oRAHh84vWdw+WNs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV
+BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw
+MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl
+ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r
+D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1
+9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf
+v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk
+UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L
+NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb
++gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V
+qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K
+yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G
+AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK
+J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC
+AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
+BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4
+WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
+yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj
+/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6
+jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2
+ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX
+X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n
+FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D
+u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l
+O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le
+ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1
+2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV
+BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw
+MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX
+b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN
+rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U
+fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc
+f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2
+ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M
+x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR
+aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch
+zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar
+uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K
+mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA
+Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv
+HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H
+EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
+LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ
+MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e
+JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN
+g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp
+dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab
+R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ
+PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce
+xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+
+J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl
+OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT
+ee5Ehr7XHuQe+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
+gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
+MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
+UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
+NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
+dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
+dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
+38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
+KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
+DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
+qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
+JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
+PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
+BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
+jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
+eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
+ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
+vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
+qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
+IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
+i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
+O+7ETPTsJ3xCwnR8gooJybQDJbw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIDjCCBfagAwIBAgIJAOiOtsn4KhQoMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHSW5kaWFuYTEVMBMGA1UEBxMMSW5kaWFuYXBvbGlz
+MSgwJgYDVQQKEx9Tb2Z0d2FyZSBpbiB0aGUgUHVibGljIEludGVyZXN0MRMwEQYD
+VQQLEwpob3N0bWFzdGVyMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkx
+JTAjBgkqhkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDgwNTEz
+MDgwNzU2WhcNMTgwNTExMDgwNzU2WjCBvDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdh
+cmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEe
+MBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZo
+b3N0bWFzdGVyQHNwaS1pbmMub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEA3DbmR0LCxFF1KYdAw9iOIQbSGE7r7yC9kDyFEBOMKVuUY/b0LfEGQpG5
+GcRCaQi/izZF6igFM0lIoCdDkzWKQdh4s/Dvs24t3dHLfer0dSbTPpA67tfnLAS1
+fOH1fMVO73e9XKKTM5LOfYFIz2u1IiwIg/3T1c87Lf21SZBb9q1NE8re06adU1Fx
+Y0b4ShZcmO4tbZoWoXaQ4mBDmdaJ1mwuepiyCwMs43pPx93jzONKao15Uvr0wa8u
+jyoIyxspgpJyQ7zOiKmqp4pRQ1WFmjcDeJPI8L20QcgHQprLNZd6ioFl3h1UCAHx
+ZFy3FxpRvB7DWYd2GBaY7r/2Z4GLBjXFS21ZGcfSxki+bhQog0oQnBv1b7ypjvVp
+/rLBVcznFMn5WxRTUQfqzj3kTygfPGEJ1zPSbqdu1McTCW9rXRTunYkbpWry9vjQ
+co7qch8vNGopCsUK7BxAhRL3pqXTT63AhYxMfHMgzFMY8bJYTAH1v+pk1Vw5xc5s
+zFNaVrpBDyXfa1C2x4qgvQLCxTtVpbJkIoRRKFauMe5e+wsWTUYFkYBE7axt8Feo
++uthSKDLG7Mfjs3FIXcDhB78rKNDCGOM7fkn77SwXWfWT+3Qiz5dW8mRvZYChD3F
+TbxCP3T9PF2sXEg2XocxLxhsxGjuoYvJWdAY4wCAs1QnLpnwFVMCAwEAAaOCAg8w
+ggILMB0GA1UdDgQWBBQ0cdE41xU2g0dr1zdkQjuOjVKdqzCB8QYDVR0jBIHpMIHm
+gBQ0cdE41xU2g0dr1zdkQjuOjVKdq6GBwqSBvzCBvDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMf
+U29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1h
+c3RlcjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcN
+AQkBFhZob3N0bWFzdGVyQHNwaS1pbmMub3JnggkA6I62yfgqFCgwDwYDVR0TAQH/
+BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAAcwCQYDVR0SBAIwADAuBglghkgBhvhC
+AQ0EIRYfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDAwBglghkgBhvhC
+AQQEIxYhaHR0cHM6Ly9jYS5zcGktaW5jLm9yZy9jYS1jcmwucGVtMDIGCWCGSAGG
++EIBAwQlFiNodHRwczovL2NhLnNwaS1pbmMub3JnL2NlcnQtY3JsLnBlbTAhBgNV
+HREEGjAYgRZob3N0bWFzdGVyQHNwaS1pbmMub3JnMA4GA1UdDwEB/wQEAwIBBjAN
+BgkqhkiG9w0BAQUFAAOCAgEAtM294LnqsgMrfjLp3nI/yUuCXp3ir1UJogxU6M8Y
+PCggHam7AwIvUjki+RfPrWeQswN/2BXja367m1YBrzXU2rnHZxeb1NUON7MgQS4M
+AcRb+WU+wmHo0vBqlXDDxm/VNaSsWXLhid+hoJ0kvSl56WEq2dMeyUakCHhBknIP
+qxR17QnwovBc78MKYiC3wihmrkwvLo9FYyaW8O4x5otVm6o6+YI5HYg84gd1GuEP
+sTC8cTLSOv76oYnzQyzWcsR5pxVIBcDYLXIC48s9Fmq6ybgREOJJhcyWR2AFJS7v
+dVkz9UcZFu/abF8HyKZQth3LZjQl/GaD68W2MEH4RkRiqMEMVObqTFoo5q7Gt/5/
+O5aoLu7HaD7dAD0prypjq1/uSSotxdz70cbT0ZdWUoa2lOvUYFG3/B6bzAKb1B+P
++UqPti4oOxfMxaYF49LTtcYDyeFIQpvLP+QX4P4NAZUJurgNceQJcHdC2E3hQqlg
+g9cXiUPS1N2nGLar1CQlh7XU4vwuImm9rWgs/3K1mKoGnOcqarihk3bOsPN/nOHg
+T7jYhkalMwIsJWE3KpLIrIF0aGOHM3a9BX9e1dUCbb2v/ypaqknsmHlHU5H2DjRa
+yaXG67Ljxay2oHA1u8hRadDytaIybrw/oDc5fHE2pgXfDBLkFqfF1stjo5VwP+YE
+o2A=
+-----END CERTIFICATE-----
--- /dev/null
+ePKI_Root_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+E-Tugra_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Global_Chambersign_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Global_CA_2.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Root_Certificate_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Izenpe.com.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium_ECC.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_RootCA2.pem
\ No newline at end of file
--- /dev/null
+Staat_der_Nederlanden_Root_CA.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt
\ No newline at end of file
--- /dev/null
+SecureTrust_CA.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_2_CA_1.pem
\ No newline at end of file
--- /dev/null
+T-TeleSec_GlobalRoot_Class_2.pem
\ No newline at end of file
--- /dev/null
+Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Commercial_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+COMODO_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_EV_2009.pem
\ No newline at end of file
--- /dev/null
+CA_WoSign_ECC_Root.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_RootCA2.pem
\ No newline at end of file
--- /dev/null
+COMODO_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+CA_Disig.pem
\ No newline at end of file
--- /dev/null
+TURKTRUST_Certificate_Services_Provider_Root_2007.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Root_CA.pem
\ No newline at end of file
--- /dev/null
+D-TRUST_Root_Class_3_CA_2_EV_2009.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_2.pem
\ No newline at end of file
--- /dev/null
+Trustis_FPS_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Certinomis_-_Autorité_Racine.pem
\ No newline at end of file
--- /dev/null
+NetLock_Notary_=Class_A=_Root.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Premium.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G3.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GB_CA.pem
\ No newline at end of file
--- /dev/null
+Certigna.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3_G3.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Low-Value_Services_Root.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Atos_TrustedRoot_2011.pem
\ No newline at end of file
--- /dev/null
+QuoVadis_Root_CA_3_G3.pem
\ No newline at end of file
--- /dev/null
+AffirmTrust_Commercial.pem
\ No newline at end of file
--- /dev/null
+AddTrust_Qualified_Certificates_Root.pem
\ No newline at end of file
--- /dev/null
+Swisscom_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+OISTE_WISeKey_Global_Root_GB_CA.pem
\ No newline at end of file
--- /dev/null
+GeoTrust_Universal_CA.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_eBusiness_CA_1.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA_2009.pem
\ No newline at end of file
--- /dev/null
+Buypass_Class_3_Root_CA.pem
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt
\ No newline at end of file
--- /dev/null
+ACEDICOM_Root.pem
\ No newline at end of file
--- /dev/null
+spi-cacert-2008.pem
\ No newline at end of file
--- /dev/null
+DigiCert_Global_Root_G3.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
\ No newline at end of file
--- /dev/null
+Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
\ No newline at end of file
--- /dev/null
+Comodo_AAA_Services_root.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Chambers_of_Commerce_Root.pem
\ No newline at end of file
--- /dev/null
+StartCom_Certification_Authority_G2.pem
\ No newline at end of file
--- /dev/null
+COMODO_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Equifax_Secure_Global_eBusiness_CA.pem
\ No newline at end of file
--- /dev/null
+IdenTrust_Commercial_Root_CA_1.pem
\ No newline at end of file
--- /dev/null
+Certplus_Class_2_Primary_CA.pem
\ No newline at end of file
--- /dev/null
+Go_Daddy_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+USERTrust_ECC_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Security_Communication_Root_CA.pem
\ No newline at end of file
--- /dev/null
+Starfield_Class_2_CA.pem
\ No newline at end of file
--- /dev/null
+Certification_Authority_of_WoSign_G2.pem
\ No newline at end of file
--- /dev/null
+SecureTrust_CA.pem
\ No newline at end of file
--- /dev/null
+S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
\ No newline at end of file
--- /dev/null
+Microsec_e-Szigno_Root_CA.pem
\ No newline at end of file
--- /dev/null
+EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem
\ No newline at end of file
--- /dev/null
+Camerfirma_Chambers_of_Commerce_Root.pem
\ No newline at end of file
--- /dev/null
+ApplicationCA_-_Japanese_Government.pem
\ No newline at end of file
--- /dev/null
+VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
\ No newline at end of file
--- /dev/null
+Root_CA_Generalitat_Valenciana.pem
\ No newline at end of file
--- /dev/null
+USERTrust_RSA_Certification_Authority.pem
\ No newline at end of file
--- /dev/null
+Juur-SK.pem
\ No newline at end of file
--- /dev/null
+Certigna.pem
\ No newline at end of file
--- /dev/null
+ComSign_CA.pem
\ No newline at end of file
--- /dev/null
+UTN_USERFirst_Hardware_Root_CA.pem
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIEITCCAwmgAwIBAgIJAO1/11lddDeiMA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
+VQQGEwJDTjESMBAGA1UECAwJR3VhbmdEb25nMREwDwYDVQQHDAhTaGVuWmhlbjEc
+MBoGA1UECgwTc2FyYWgudWh1LWJhbmFuZS5kZTELMAkGA1UECwwCSVQxHDAaBgNV
+BAMME3NhcmFoLnVodS1iYW5hbmUuZGUxJzAlBgkqhkiG9w0BCQEWGHJvb3RAc2Fy
+YWgudWh1LWJhbmFuZS5kZTAeFw0xNjA3MjAwOTAyNDlaFw0yNjA3MTgwOTAyNDla
+MIGmMQswCQYDVQQGEwJDTjESMBAGA1UECAwJR3VhbmdEb25nMREwDwYDVQQHDAhT
+aGVuWmhlbjEcMBoGA1UECgwTc2FyYWgudWh1LWJhbmFuZS5kZTELMAkGA1UECwwC
+SVQxHDAaBgNVBAMME3NhcmFoLnVodS1iYW5hbmUuZGUxJzAlBgkqhkiG9w0BCQEW
+GHJvb3RAc2FyYWgudWh1LWJhbmFuZS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKSmxnFCImMcH4E1kOtiX+buRrbwtKpi/ETu0iNgNr/5GvrKdlHG
+06L45DkcFK54D82y76+gcDQOikTz499w5HGy0yBw/fHl9kvk2eMEvjkkIKFNzkin
+NjD7b+LnzVDgGzLBOLsWQeu5Q+g+lfQqYOkMv0Y9g2SDsUJHVULrO4YXG2d4c4H9
+1oqvbZptmqDuKZ/kTMuNrIL77FxFen6WNRhJgWSDZLEZ5ggj9kuG5DqdSASTdbEh
+sCqMLoF8NRbegrvOsWHQu98zUPGYzme66QZaWVFLz2t4h/HHCsCNSASMlgc33+Ar
+IcgGbuI186IngFtTij+pAfM7mTHCXcsBkjMCAwEAAaNQME4wHQYDVR0OBBYEFLHr
+O5L8L1vHAiFdungBIEodsUUFMB8GA1UdIwQYMBaAFLHrO5L8L1vHAiFdungBIEod
+sUUFMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJsZTaFpX1qof1wH
+XoiAnoJh8xsT4toh0Sm63678X7IcwbGhgfF1Ran+N/w3i6VcV1LDGMTR9Y+Ti+kD
+lpLFUwwU/dptJWZ26ztPxeKJUqGGQospsG4WZMPGjSa2ygsg9NURV7hKR1N2P8j1
+P8L4M4lJ7IuQ4PcLaqK/vzHsKYO8p/C7cEzo9QSk73WZ/8iMF0ipNRepC9J0wmRK
+Cf17Y5ApW2Ytxz2VnsnRWzEOcbkDAgqM/rc3ruTmrFh6GzfKdEqE5YPECnKu8oCa
+gulDLVAfwT1230VOqMcCODCg4kyhnMl7U4Ituqqt3Dy+uMUMIUD6N/kkK8YdtdJ+
+NF+BnDo=
+-----END CERTIFICATE-----
--- /dev/null
+/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICzDCCAbSgAwIBAgIJAPOsZQho29nRMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
+BAMME3NhcmFoLnVodS1iYW5hbmUuZGUwHhcNMTYwNzIwMDkwMjA0WhcNMjYwNzE4
+MDkwMjA0WjAeMRwwGgYDVQQDDBNzYXJhaC51aHUtYmFuYW5lLmRlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRHHpHwUG+m6cj8BoNLlOVMwJpAsr1qy
+PBnX1eKB/fkKYouZqFP3TtE9lrRdwVvXoYoCPFbA91wJAvaf5yd8klj2myC9Kzgu
+rbbniUSh4TCr3ERM9HKqF/ObN8El3uZCk6S/kDDprMwN4vcP3rY2IBBxXTQADUKV
+e8Jw/JNzTw3iH9DXMzFC8P7yILsf9o/6qY8+JjuvbcVevQij4YyQ7rx2vFzWpXF6
+qV0rlrmIrTfJJeY/gs8iqhWiXos6N4K6zcuprc7utjojrSVMYq/bi+OwuWSwHYNU
+hNqckmSsC2m5TpFt3F0Zb+CKCF/R/myV6Ta1wKHy72OLRFhGB9od8wIDAQABow0w
+CzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCfY16N0UoxGZSRmEaX5r5d
+X+xp07EHx5/GodSkhIdzkBE+tYcODRSSXm8MM1hA2e0DDujd6EzWfkDpEGrQW3kG
+7xlw+rFHCNCmEuS39OQdfJoHCfds9lNbd08nFZMrBTlqcPtHx5jJXwTnq4DpnlHH
+fRjj+pc4WOi7KliKfOc778p54d/Tp3dlMvYIUSkEEM7eAo0VlDu+nhG7nwPXSS0u
+oKaNqHolWycIgLr+TISutqS6qLe7c7IVMV/4frykbtElAmG2aW7fB0G4TvcuoAJc
+vZ01AhPyzTEdJFmmD6rJmP9hCEwq+kBzNEH1nheqCa+m++8sTGxoSeuHR1Z0OHiW
+-----END CERTIFICATE-----
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt
\ No newline at end of file
--- /dev/null
+/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt
\ No newline at end of file
--- /dev/null
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAiJ4dQnklHH/lLqI/uoHEmGHTEYMrXidRvMbROdsyBprTIetPWogx
+zpe0OwyHaeynego2fDCYCpguK+/XquuUKVYHFpDInqMv8MhUI4QHbkbsb0Dypb2z
+HyTPsp5OX7TooT/87CufJi5kTs0lmy5aQverGZPm2PgzxlQe42E1PcECTWhf+gVP
+vjFaQdVndqO2OfmzvQWHPwQXmC1/0RWGXQHqiK4X3rU/gaG/zb9A53HuBWhM8ORo
+4C89tIS0o8ZwKu5jkqsnOaUbNjlOFgjfg2hV0NSaKrwczee5eNNuWa7ucXDMmDYq
+Pr6U++HsKEmWI/jRoWTtH+c6nJJ6jDyG2wIBAg==
+-----END DH PARAMETERS-----
--- /dev/null
+-----BEGIN DH PARAMETERS-----
+MEYCQQC/cJ4kY/2zcWWyk0YQoL4Gz8+Af6ziIpggse94kCLVyQL6oxGi0GFnqIr0
+O2SGd5N4UK0ALqs7KD1atgx2/6dbAgEC
+-----END DH PARAMETERS-----
--- /dev/null
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file = $ENV::HOME/.oid
+oid_section = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions =
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+#unique_subject = no # Set to 'no' to allow creation of
+ # several ctificates with same subject.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crlnumber = $dir/crlnumber # the current crl number
+ # must be commented out to leave a V1 CRL
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/cakey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+x509_extensions = usr_cert # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt = ca_default # Subject Name options
+cert_opt = ca_default # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions = crl_ext
+
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = default # use public key default MD
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Some-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = World Wide Web Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName = Common Name (e.g. server FQDN or YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+# SET-ex3 = SET extension number 3
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = ./demoCA # TSA root directory
+serial = $dir/tsaserial # The current serial number (mandatory)
+crypto_device = builtin # OpenSSL engine to use for signing
+signer_cert = $dir/tsacert.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/cacert.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+clock_precision_digits = 0 # number of digits after dot. (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = no # Must the ESS cert id chain be included?
+ # (optional, default: no)
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCkpsZxQiJjHB+B
+NZDrYl/m7ka28LSqYvxE7tIjYDa/+Rr6ynZRxtOi+OQ5HBSueA/Nsu+voHA0DopE
+8+PfcORxstMgcP3x5fZL5NnjBL45JCChTc5IpzYw+2/i581Q4BsywTi7FkHruUPo
+PpX0KmDpDL9GPYNkg7FCR1VC6zuGFxtneHOB/daKr22abZqg7imf5EzLjayC++xc
+RXp+ljUYSYFkg2SxGeYII/ZLhuQ6nUgEk3WxIbAqjC6BfDUW3oK7zrFh0LvfM1Dx
+mM5nuukGWllRS89reIfxxwrAjUgEjJYHN9/gKyHIBm7iNfOiJ4BbU4o/qQHzO5kx
+wl3LAZIzAgMBAAECggEAFtb3ohBdesgU6rSGhNBho0QcVRYwyY3vlpRWXAflsF2a
+y304SoG9K9dAuVdW2xjWgF849nDX/7Cgp435Zy5e0hLPTKm/4EVZFBAL1Xz78is7
+x4RmgBeJ4eOPEre6+GQOAc1h1DnzLQLHE7lSzcrvJITbJ6Ay0Mef2CTTA/Rjjmb/
+MAiLLNfsTAV60xxbli9P/ZJzE/3pZOnq8xEqhLcMPlp7WT5q3Of+fxowxx8B0et4
+TSjcSwL91UBfdD9sUqSBpKvKmYpQIwdQ1OqC1OnLhtFYdXAfUiPFKwJ1F68jvQuv
+vtAPNA45DVfLjUplUG788aMIEB+zHpfgM3iLOU/rEQKBgQDTDoD6Kpue4oG76UJ2
+Ysb9EJEl14TguatweEZ1tkxHXUnQQa2Hvxo16NmSB1sZSsu474Wo3OY0HGqhH9jh
+i7j2wZRDSuQCoa7VXdzX/BA33xMLYtAb2ZvTA5phwTzTzJ/F7GT87tQVIDt6YF1D
+Wsi9aiYjQZZlG7DGX+i1oAxv+QKBgQDHtoyLsMm6hEf4sboBHMIpA9ZbrxmDFTll
+lqqUUNjz+Hqsf1i/Fj6Oqm/DUyFDPLbxFqeKGBbaaVzdbAhKgJ6nV/zkt5QOx6gG
+M2sYUBvhtjFVAXmDA9mg8XOXcyglQN4s/ViWoGzXjvXRMUhv/rWm2WlHQIlMjOQY
+eiPPXsR2iwKBgHoZV/BiGemPLHKjfXmzp17b6Ly1s/+2KkJEsq6CqhpXE87RUCzK
+F8W8UbIzYzZ8mOMCXpbURLE9B0rze6rwBC9syfMsLkB/fP+e75ZcEp3gBcp+fdq+
+x3EKEpQfEKuPI5eDLOFO4Y7fOMmRWiMPMDa0ZB/dX75aiKga8Cuyzb8xAoGAbpyy
+1yPBdyaQ3jNBfCA7gY/4h6tBjBKTSarbK25j2yyCdUvLEXr2hvnrENnYEG9uO7V6
+ccfJ0IqOvqx5Ixp9xN282ci7njwC2fxckoi8CJVqWVSJwoC9ZqCUjwte7tMwuuZO
+zI5p+jHaAFU1c6I1ZgYAg1BBOz7FjrEHaHFqiuUCgYAxsh5KBPC5tzC1XEuEIs7p
+NuDiPqo+fzZ4PbppggOEL3bJu75mo3Csgf8Nn50PestlSlQGqYpytrJZ9hPc6ryT
+y3nNyFuXQddX7i2HYN094aSx1s3ZU1bCm6B7OORSJ6vkH6l+LMAnKvobjwwSWVYk
+oyciZYsG85rxy4IFA0G7bg==
+-----END PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9EcekfBQb6bpy
+PwGg0uU5UzAmkCyvWrI8GdfV4oH9+Qpii5moU/dO0T2WtF3BW9ehigI8VsD3XAkC
+9p/nJ3ySWPabIL0rOC6ttueJRKHhMKvcREz0cqoX85s3wSXe5kKTpL+QMOmszA3i
+9w/etjYgEHFdNAANQpV7wnD8k3NPDeIf0NczMULw/vIgux/2j/qpjz4mO69txV69
+CKPhjJDuvHa8XNalcXqpXSuWuYitN8kl5j+CzyKqFaJeizo3grrNy6mtzu62OiOt
+JUxir9uL47C5ZLAdg1SE2pySZKwLablOkW3cXRlv4IoIX9H+bJXpNrXAofLvY4tE
+WEYH2h3zAgMBAAECggEAJAkefwgzIPrUUXAW1Fs920YyuDbkfWuQ6wmV7KsmUYzE
+4PFwkPen/Dq/PVkVQYRKvfw63ts+HidJhGoTIhCRmqcgIYME6xbjNrLUwIH3RJ9t
+MidGb5TnPHduzxqeKDTE3bUZ2daowwmFYAvs12rtOAFKShReKijVquftdwZ3hMpx
+mgEBUwTyHCKWwOKF7p9B926m1io/Da6178WiOMaGinZnq61BHIhmcZf/7VwzX4J7
+S6Hl74LwSQbG0FO6AVNGu/PFUBEzq2kLOWRRq6DIdMTYjLEV9lJm5f/52fIYCJ8Y
+hoCfKVe5g7Ed/rfSECDvPrjNJFxsvMt8hEugvxWsYQKBgQDplbHAJfcqbfLfVmzC
+01wkkFgj+08ySmNK6kno6OY+pddERSL9axSI+UWn6E4ZzoTH7MDMcZSsgdRTSIC9
+/g7d8xZXV2ajbY2O8QBU4rr3H7BtGx/u9Wtx5tuMIGhbf4iNC3uJ/dwiGy5jcQp5
+ijintl6xfLojBg8APw7h83g6QwKBgQDPNoLKUZzGfX/PQBV0ITCrBl4uIiE843w8
+jpFa52s1Q7DUjpytuNNiPsRq/45HlmBP+3P+hpV7oUu+eRS/DofihtVZeRgvev6h
+BdpYF7tCYTq3uwJ7SBlA/L8Fa7Hgy1lkYoq8087O4trmluLjBR8PJAZwqKApFGKY
+l7gAEjOKkQKBgA7DRT6tp5do54ayAaG2lgZBkTCE+5ZkGS5s7ErqHVMsTBSmgfWe
+ROf7SSm5huYepUm1buH887aLZg31cR2Q5wOkD29puLTvgZjdJnY29jYULKRYqIYD
+wMysGIgcrDvMLacsaJxqDPWi3iWuyUixMa932ThCd8kq4tvTIG+rYZfdAoGAaEwc
+uu8nRTVIDq5H3iMSlxLmdrwRFM+/6c8s1J+k87N1nxeFP1/Hbiz/uoeVOu0y3y9G
+7DcbqJXARUg2rBAJT3jkjFuKU+PJpI0IoMyZIclEv9PuZNUeePp+v6C8cNSJ0yBS
+isbl0naXDfemjfQ29O0CHNSTgPnUws+i+s4uiTECgYEAykbmDj2d12LL7nASiV0H
+oQQ2I96ujrb5WC3vPFFLqlYdXjLepDzqUMJUgcY+OcnhDK0rcuCe5AJ6Ld6ysYhY
+HygynSIe5MKAlbL3r5BLEQ66LD9z98L5SWXnQ69lr4OAlSHtgvpP74ty+oAv6r5Y
+1DHatQDE/fRzUXSXLxQ0elM=
+-----END PRIVATE KEY-----
--- /dev/null
+Current policy mandates that directories in /usr/local should be owned
+by group staff and mode 2775.
+
+The purpose of this file is to tell the system, when it's removed, that we
+want directories in /usr/local to be 755 and owned by group root.
+
+At this moment, this does not work at all, but the plan is to modify
+packages during the development stage of wheezy+1, so that whenever we
+release wheezy+1 as stable, all packages that need it check that this
+file exists before using those special permissions for /usr/local.
+
+This file is created by base-files on the initial install, and it's
+also created on upgrades from any base-files release before 6.10, which
+means it will be created on upgrades from squeeze to wheezy.
+
+See http://bugs.debian.org/299007 for details.
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+messagebus:427680:65536
+mysql:493216:65536
+postfix:558752:65536
+clamav:624288:65536
+dovecot:689824:65536
+dovenull:755360:65536
+amavis:820896:65536
+debian-spamd:886432:65536
+vmail:951968:65536
+iredadmin:1017504:65536
+iredapd:1083040:65536
+ulog:1148576:65536
+frank:1214112:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+messagebus:427680:65536
+mysql:493216:65536
+postfix:558752:65536
+clamav:624288:65536
+dovecot:689824:65536
+dovenull:755360:65536
+amavis:820896:65536
+debian-spamd:886432:65536
+vmail:951968:65536
+iredadmin:1017504:65536
+iredapd:1083040:65536
+ulog:1148576:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+messagebus:427680:65536
+mysql:493216:65536
+postfix:558752:65536
+clamav:624288:65536
+dovecot:689824:65536
+dovenull:755360:65536
+amavis:820896:65536
+debian-spamd:886432:65536
+vmail:951968:65536
+iredadmin:1017504:65536
+iredapd:1083040:65536
+ulog:1148576:65536
+frank:1214112:65536
--- /dev/null
+systemd-timesync:100000:65536
+systemd-network:165536:65536
+systemd-resolve:231072:65536
+systemd-bus-proxy:296608:65536
+sshd:362144:65536
+messagebus:427680:65536
+mysql:493216:65536
+postfix:558752:65536
+clamav:624288:65536
+dovecot:689824:65536
+dovenull:755360:65536
+amavis:820896:65536
+debian-spamd:886432:65536
+vmail:951968:65536
+iredadmin:1017504:65536
+iredapd:1083040:65536
+ulog:1148576:65536
--- /dev/null
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults env_reset
+Defaults mail_badpass
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root ALL=(ALL:ALL) NOPASSWD: ALL
+
+# Allow members of group sudo to execute any command
+%sudo ALL=(ALL:ALL) ALL
+%root ALL=(ALL:ALL) NOPASSWD: ALL
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
--- /dev/null
+#
+# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
+# installation of the package now includes the directive:
+#
+# #includedir /etc/sudoers.d
+#
+# This will cause sudo to read and parse any files in the /etc/sudoers.d
+# directory that do not end in '~' or contain a '.' character.
+#
+# Note that there must be at least one file in the sudoers.d directory (this
+# one will do), and all files in this directory should be mode 0440.
+#
+# Note also, that because sudoers contents can vary widely, no attempt is
+# made to add this directive to existing sudoers files on upgrade. Feel free
+# to add the above directive to the end of your /etc/sudoers file to enable
+# this functionality for existing installations if you wish!
+#
+# Finally, please note that using the visudo command is the recommended way
+# to update sudoers content, since it protects against many failure modes.
+# See the man page for visudo for more information.
+#
--- /dev/null
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See /etc/sysctl.d/ for additional system variables.
+# See sysctl.conf (5) for information.
+#
+
+#kernel.domainname = example.com
+
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 3 4 1 3
+
+##############################################################3
+# Functions previously found in netbase
+#
+
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+#net.ipv4.conf.default.rp_filter=1
+#net.ipv4.conf.all.rp_filter=1
+
+# Uncomment the next line to enable TCP/IP SYN cookies
+# See http://lwn.net/Articles/277146/
+# Note: This may impact IPv6 TCP sessions too
+#net.ipv4.tcp_syncookies=1
+
+# Uncomment the next line to enable packet forwarding for IPv4
+#net.ipv4.ip_forward=1
+
+# Uncomment the next line to enable packet forwarding for IPv6
+# Enabling this option disables Stateless Address Autoconfiguration
+# based on Router Advertisements for this host
+#net.ipv6.conf.all.forwarding=1
+
+
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+#net.ipv4.conf.all.log_martians = 1
+#
--- /dev/null
+../sysctl.conf
\ No newline at end of file
--- /dev/null
+Kernel system variables configuration files
+
+Files found under the /etc/sysctl.d directory that end with .conf are
+parsed within sysctl(8) at boot time. If you want to set kernel variables
+you can either edit /etc/sysctl.conf or make a new file.
+
+The filename isn't important, but don't make it a package name as it may clash
+with something the package builder needs later. It must end with .conf though.
+
+My personal preference would be for local system settings to go into
+/etc/sysctl.d/local.conf but as long as you follow the rules for the names
+of the file, anything will work. See sysctl.conf(8) man page for details
+of the format.
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See bootchart.conf(5) for details
+
+[Bootchart]
+#Samples=500
+#Frequency=25
+#Relative=no
+#Filter=yes
+#Output=<folder name, defaults to /run/log>
+#Init=/path/to/init-binary
+#PlotMemoryUsage=no
+#PlotEntropyGraph=no
+#ScaleX=100
+#ScaleY=20
+#ControlGroup=no
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See journald.conf(5) for details
+
+[Journal]
+#Storage=auto
+#Compress=yes
+#Seal=yes
+#SplitMode=uid
+#SyncIntervalSec=5m
+#RateLimitInterval=30s
+#RateLimitBurst=1000
+#SystemMaxUse=
+#SystemKeepFree=
+#SystemMaxFileSize=
+#RuntimeMaxUse=
+#RuntimeKeepFree=
+#RuntimeMaxFileSize=
+#MaxRetentionSec=
+#MaxFileSec=1month
+#ForwardToSyslog=yes
+#ForwardToKMsg=no
+#ForwardToConsole=no
+#ForwardToWall=yes
+#TTYPath=/dev/console
+#MaxLevelStore=debug
+#MaxLevelSyslog=debug
+#MaxLevelKMsg=notice
+#MaxLevelConsole=info
+#MaxLevelWall=emerg
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See logind.conf(5) for details
+
+[Login]
+#NAutoVTs=6
+#ReserveVT=6
+#KillUserProcesses=no
+#KillOnlyUsers=
+#KillExcludeUsers=root
+#InhibitDelayMaxSec=5
+#HandlePowerKey=poweroff
+#HandleSuspendKey=suspend
+#HandleHibernateKey=hibernate
+#HandleLidSwitch=suspend
+#PowerKeyIgnoreInhibited=no
+#SuspendKeyIgnoreInhibited=no
+#HibernateKeyIgnoreInhibited=no
+#LidSwitchIgnoreInhibited=yes
+#IdleAction=ignore
+#IdleActionSec=30min
+#RuntimeDirectorySize=10%
+#RemoveIPC=yes
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+#DNS=
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See systemd-system.conf(5) for details
+
+[Manager]
+#LogLevel=info
+#LogTarget=journal-or-kmsg
+#LogColor=yes
+#LogLocation=no
+#DumpCore=yes
+#CrashShell=no
+#ShowStatus=yes
+#CrashChVT=1
+#CPUAffinity=1 2
+#JoinControllers=cpu,cpuacct net_cls,net_prio
+#RuntimeWatchdogSec=0
+#ShutdownWatchdogSec=10min
+#CapabilityBoundingSet=
+#SystemCallArchitectures=
+#TimerSlackNSec=
+#DefaultTimerAccuracySec=1min
+#DefaultStandardOutput=journal
+#DefaultStandardError=inherit
+#DefaultTimeoutStartSec=90s
+#DefaultTimeoutStopSec=90s
+#DefaultRestartSec=100ms
+#DefaultStartLimitInterval=10s
+#DefaultStartLimitBurst=5
+#DefaultEnvironment=
+#DefaultCPUAccounting=no
+#DefaultBlockIOAccounting=no
+#DefaultMemoryAccounting=no
+#DefaultLimitCPU=
+#DefaultLimitFSIZE=
+#DefaultLimitDATA=
+#DefaultLimitSTACK=
+#DefaultLimitCORE=
+#DefaultLimitRSS=
+#DefaultLimitNOFILE=
+#DefaultLimitAS=
+#DefaultLimitNPROC=
+#DefaultLimitMEMLOCK=
+#DefaultLimitLOCKS=
+#DefaultLimitSIGPENDING=
+#DefaultLimitMSGQUEUE=
+#DefaultLimitNICE=
+#DefaultLimitRTPRIO=
+#DefaultLimitRTTIME=
--- /dev/null
+[Socket]
+ListenStream=
+SocketUser=clamav
+ListenStream=/var/run/clamav/clamd.ctl
+SocketGroup=clamav
+SocketMode=666
--- /dev/null
+/lib/systemd/system/haveged.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/getty@.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-activation-early.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-activation.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/atd.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/clamav-daemon.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/clamav-freshclam.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/cron.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/dovecot.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/netfilter-persistent.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/nginx.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/php5-fpm.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/remote-fs.target
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/rsyslog.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/salt-minion.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ssh.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ulogd2.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/acpid.path
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/hwclock-save.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/acpid.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/clamav-daemon.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/dm-event.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/dovecot.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ssh.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-lvmetad.socket
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/lvm2-monitor.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/rsyslog.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/ulogd2.service
\ No newline at end of file
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See timesyncd.conf(5) for details
+
+[Time]
+#Servers=0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
--- /dev/null
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# See systemd-user.conf(5) for details
+
+[Manager]
+#LogLevel=info
+#LogTarget=console
+#LogColor=yes
+#LogLocation=no
+#SystemCallArchitectures=
+#TimerSlackNSec=
+#DefaultTimerAccuracySec=1min
+#DefaultStandardOutput=inherit
+#DefaultStandardError=inherit
+#DefaultTimeoutStartSec=90s
+#DefaultTimeoutStopSec=90s
+#DefaultRestartSec=100ms
+#DefaultStartLimitInterval=10s
+#DefaultStartLimitBurst=5
+#DefaultEnvironment=
+#DefaultLimitCPU=
+#DefaultLimitFSIZE=
+#DefaultLimitDATA=
+#DefaultLimitSTACK=
+#DefaultLimitCORE=
+#DefaultLimitRSS=
+#DefaultLimitNOFILE=
+#DefaultLimitAS=
+#DefaultLimitNPROC=
+#DefaultLimitMEMLOCK=
+#DefaultLimitLOCKS=
+#DefaultLimitSIGPENDING=
+#DefaultLimitMSGQUEUE=
+#DefaultLimitNICE=
+#DefaultLimitRTPRIO=
+#DefaultLimitRTTIME=
--- /dev/null
+This directory is for system-local terminfo descriptions. By default,
+ncurses will search ${HOME}/.terminfo first, then /etc/terminfo (this
+directory), then /lib/terminfo, and last not least /usr/share/terminfo.
--- /dev/null
+#
+# This file is a bourne shell snippet, and is sourced by the
+# ucf script for configuration.
+#
+
+# Debugging information: The default value is 0 (no debugging
+# information is printed). To change the default behavior, uncomment
+# the following line and set the value to 1.
+#
+# DEBUG=0
+
+# Verbosity: The default value is 0 (quiet). To change the default
+# behavior, uncomment the following line and set the value to 1.
+#
+# VERBOSE=0
+
+
+# The src directory. This is the directory where the historical
+# md5sums for a file are looked for. Specifically, the historical
+# md5sums are looked for in the subdirectory ${filename}.md5sum.d/
+#
+# conf_source_dir=/some/path/
+
+# Force the installed file to be retained. The default is have this
+# variable unset, which makes the script ask in case of doubt. To
+# change the default behavior, uncomment the following line and set
+# the value to YES
+#
+# conf_force_conffold=YES
+
+# Force the installed file to be overridden. The default is have this
+# variable unset, which makes the script ask in case of doubt. To
+# change the default behavior, uncomment the following line and set
+# the value to YES
+#
+# conf_force_conffnew=YES
+
+# Please note that only one of conf_force_conffold and
+# conf_force_conffnew should be set.
--- /dev/null
+ACTION=="add", SUBSYSTEM=="cpu", KERNEL!="cpu0", ATTR{online}="1"
--- /dev/null
+ACTION=="add", SUBSYSTEM=="memory", ATTR{state}="online"
--- /dev/null
+# see udev(7) for details
+#
+# udevd is started in the initramfs, so when this file is modified the
+# initramfs should be rebuilt.
+
+#udev_log="info"
--- /dev/null
+[Nginx HTTP]
+title=Web Server (Nginx, HTTP)
+description=Small, but very powerful and efficient web server
+ports=80/tcp
+
+[Nginx HTTPS]
+title=Web Server (Nginx, HTTPS)
+description=Small, but very powerful and efficient web server
+ports=443/tcp
+
+[Nginx Full]
+title=Web Server (Nginx, HTTP + HTTPS)
+description=Small, but very powerful and efficient web server
+ports=80,443/tcp
--- /dev/null
+[OpenSSH]
+title=Secure shell server, an rshd replacement
+description=OpenSSH is a free implementation of the Secure Shell protocol.
+ports=22/tcp
--- /dev/null
+[Postfix]
+title=Mail server (SMTP)
+description=Postfix is a high-performance mail transport agent
+ports=25/tcp
+
+[Postfix SMTPS]
+title=Mail server (SMTPS)
+description=Postfix is a high-performance mail transport agent
+ports=465/tcp
+
+[Postfix Submission]
+title=Mail server (Submission)
+description=Postfix is a high-performance mail transport agent
+ports=587/tcp
--- /dev/null
+# Example configuration for ulogd
+# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+
+# logfile for status messages
+logfile="syslog"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
+loglevel=3
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_NFLOG.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_ULOG.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inppkt_UNIXSOCK.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2BIN.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2HBIN.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTPKT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_HWHDR.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_PRINTFLOW.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_MARK.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_LOGEMU.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SYSLOG.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_SQLITE3.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GPRINT.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_NACCT.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PCAP.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_PGSQL.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_MYSQL.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_DBI.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_raw2packet_BASE.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFACCT.so"
+plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_JSON.so"
+
+# this is a stack for logging packet send by system via LOGEMU
+stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for ULOG packet-based logging via LOGEMU
+#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via GPRINT
+#stack=log1:NFLOG,gp1:GPRINT
+
+# this is a stack for flow-based logging via LOGEMU
+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+
+# this is a stack for flow-based logging via GPRINT
+#stack=ct1:NFCT,gp1:GPRINT
+
+# this is a stack for flow-based logging via XML
+#stack=ct1:NFCT,xml1:XML
+
+# this is a stack for logging in XML
+#stack=log1:NFLOG,xml1:XML
+
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
+# this is a stack for accounting-based logging to a Graphite server
+#stack=acct1:NFACCT,graphite1:GRAPHITE
+
+# this is a stack for NFLOG packet-based logging to PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
+
+# this is a stack for logging packet to MySQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
+
+# this is a stack for logging packet to PGsql after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
+# this is a stack for logging packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for logging packets to syslog after a collect via NuFW
+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for flow-based logging to MySQL
+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
+
+# this is a stack for flow-based logging to PGSQL
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
+
+# this is a stack for flow-based logging to PGSQL without local hash
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+
+# this is a stack for flow-based logging to SQLITE3
+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
+
+# this is a stack for logging packet to SQLITE3
+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
+
+# this is a stack for flow-based logging in NACCT compatible format
+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+
+# this is a stack for accounting-based logging via GPRINT
+#stack=acct1:NFACCT,gp1:GPRINT
+
+[ct1]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
+#pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
+#accept_proto_filter=tcp,sctp # layer 4 proto of connections
+
+[ct2]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
+hash_enable=0
+
+# Logging of system packet through NFLOG
+[log1]
+# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
+group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# set number of packet to queue inside kernel
+#netlink_qthreshold=1
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
+
+# packet logging through NFLOG for group 1
+[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=1 # Group has to be different from the one use in log1
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
+#bind=1
+
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
+[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=2 # Group has to be different from the one use in log1/log2
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#bind=1
+
+[ulog1]
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+#numeric_label=0 # optional argument
+
+[nuauth1]
+socket_path="/tmp/nuauth_ulogd2.sock"
+
+[emu1]
+file="/var/log/ulog/syslogemu.log"
+sync=1
+
+[op1]
+file="/var/log/ulog/oprint.log"
+sync=1
+
+[gp1]
+file="/var/log/ulog/gprint.log"
+sync=1
+timestamp=1
+
+[xml1]
+directory="/var/log//ulog/"
+sync=1
+
+[json1]
+sync=1
+#file="/var/log/ulog/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
+[pcap1]
+#default file is /var/log/ulogd.pcap
+#file="/var/log/ulog/ulogd.pcap"
+sync=1
+
+[mysql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+# backlog configuration:
+# set backlog_memcap to the size of memory that will be
+# allocated to store events in memory if data is temporary down
+# and insert them when the database came back.
+#backlog_memcap=1000000
+# number of events to insert at once when backlog is not empty
+#backlog_oneshot_requests=10
+
+[mysql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="conntrack"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+#schema="public"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+# connstring can be used to define PostgreSQL connection string which
+# contains all parameters of the connection. If set, this value has
+# precedence on other variables used to build the connection string.
+# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
+# for a complete description of options.
+#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
+#backlog_memcap=1000000
+#backlog_oneshot_requests=10
+# If superior to 1 a thread dedicated to SQL request execution
+# is created. The value stores the number of SQL request to keep
+# in the ring buffer
+#ring_buffer_size=1000
+
+[pgsql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql3]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_OR_REPLACE_CT"
+
+[pgsql4]
+db="nulog"
+host="localhost"
+user="nupik"
+table="nfacct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_NFACCT"
+
+[dbi1]
+db="ulog2"
+dbtype="pgsql"
+host="localhost"
+user="ulog2"
+table="ulog"
+pass="ulog2"
+procedure="INSERT_PACKET_FULL"
+
+[sqlite3_ct]
+table="ulog_ct"
+db="/var/log/ulog/ulogd.sqlite3db"
+buffer=200
+
+[sqlite3_pkt]
+table="ulog_pkt"
+db="/var/log/ulog/ulogd.sqlite3db"
+buffer=200
+
+[sys2]
+facility=LOG_LOCAL2
+
+[nacct1]
+sync = 1
+#file = /var/log/ulog/nacct.log
+
+[mark1]
+mark = 1
+
+[acct1]
+pollinterval = 2
+# If set to 0, we don't reset the counters for each polling (default is 1).
+#zerocounter = 0
+# Set timestamp (default is 0, which means not set). This timestamp can be
+# interpreted by the output plugin.
+#timestamp = 1
+
+[graphite1]
+host="127.0.0.1"
+port="2003"
+# Prefix of data name sent to graphite server
+prefix="netfilter.nfacct"
--- /dev/null
+PRUNE_BIND_MOUNTS="yes"
+# PRUNENAMES=".git .bzr .hg .svn"
+PRUNEPATHS="/tmp /var/spool /media"
+PRUNEFS="NFS nfs nfs4 rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre tmpfs usbfs udf fuse.glusterfs fuse.sshfs curlftpfs"
--- /dev/null
+This is staging directory for uWSGI configuration files.
+
+You should place configuration files here and create soft links to them in
+/etc/uwsgi/apps-enabled directory.
+
+See also /etc/uwsgi/apps-enabled/README.
--- /dev/null
+[uwsgi]
+plugins = python
+vhost = true
+socket = /var/run/uwsgi_iredadmin.socket
+#pidfile = /var/run/uwsgi_iredadmin.pid
+chown-socket = www-data:www-data
+chmod-socket = 660
+uid = iredadmin
+gid = iredadmin
+enable-threads = true
--- /dev/null
+Some files found in this directory are processed by uWSGI init.d script as
+uWSGI configuration files.
+
+On system boot for each configuration file new uWSGI daemon instance is started
+with additional option. Name of this option is based on configuration file
+extension. Path to configuration files is passed as option value.
+
+See more detailed information at:
+ * /usr/share/doc/uwsgi/README.Debian.gz
+ * /etc/default/uwsgi
--- /dev/null
+/etc/uwsgi/apps-available/iredadmin.ini
\ No newline at end of file
--- /dev/null
+" All system-wide defaults are set in $VIMRUNTIME/debian.vim and sourced by
+" the call to :runtime you can find below. If you wish to change any of those
+" settings, you should do it in this file (/etc/vim/vimrc), since debian.vim
+" will be overwritten everytime an upgrade of the vim packages is performed.
+" It is recommended to make changes after sourcing debian.vim since it alters
+" the value of the 'compatible' option.
+
+" This line should not be removed as it ensures that various options are
+" properly set to work with the Vim-related packages available in Debian.
+runtime! debian.vim
+
+" Uncomment the next line to make Vim more Vi-compatible
+" NOTE: debian.vim sets 'nocompatible'. Setting 'compatible' changes numerous
+" options, so any other options should be set AFTER setting 'compatible'.
+"set compatible
+
+" Vim5 and later versions support syntax highlighting. Uncommenting the next
+" line enables syntax highlighting by default.
+"syntax on
+
+" If using a dark background within the editing area and syntax highlighting
+" turn on this option as well
+"set background=dark
+
+" Uncomment the following to have Vim jump to the last position when
+" reopening a file
+"if has("autocmd")
+" au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
+"endif
+
+" Uncomment the following to have Vim load indentation rules and plugins
+" according to the detected filetype.
+"if has("autocmd")
+" filetype plugin indent on
+"endif
+
+" The following are commented out as they cause vim to behave a lot
+" differently from regular Vi. They are highly recommended though.
+"set showcmd " Show (partial) command in status line.
+"set showmatch " Show matching brackets.
+"set ignorecase " Do case insensitive matching
+"set smartcase " Do smart case matching
+"set incsearch " Incremental search
+"set autowrite " Automatically save before commands like :next and :make
+"set hidden " Hide buffers when they are abandoned
+"set mouse=a " Enable mouse usage (all modes)
+
+" Source a global configuration file if available
+if filereadable("/etc/vim/vimrc.local")
+ source /etc/vim/vimrc.local
+endif
+
--- /dev/null
+set noai
+set nohlsearch
+set fo="tcq"
+set modeline
+set showmatch
+set ignorecase
+
+autocmd FileType sls set tabstop=2 expandtab shiftwidth=2 softtabstop=2
+autocmd FileType python set tabstop=4 expandtab shiftwidth=4 softtabstop=4
+autocmd FileType sh set tabstop=4 expandtab shiftwidth=4 softtabstop=4
+autocmd FileType perl set tabstop=4 noexpandtab shiftwidth=4
+
+set listchars=tab:»·,trail:·
+" set list
+
+if has("multi_byte")
+ set encoding=utf-8
+ setglobal fileencoding=utf-8
+else
+ echoerr "Sorry, this version of (g)vim was not compiled with +multi_byte"
+endif
+
+if has("autocmd")
+ " Jump to the last position on opening
+ autocmd BufReadPost *
+ \ if ! exists("g:leave_my_cursor_position_alone") |
+ \ if line("'\"") > 0 && line ("'\"") <= line("$") |
+ \ exe "normal g'\"" |
+ \ endif |
+ \ endif
+endif " has("autocmd")
+
+
+filetype plugin off
+
+color delek
+
+syntax on
+
--- /dev/null
+" Vim configuration file, in effect when invoked as "vi". The aim of this
+" configuration file is to provide a Vim environment as compatible with the
+" original vi as possible. Note that ~/.vimrc configuration files as other
+" configuration files in the runtimepath are still sourced.
+" When Vim is invoked differently ("vim", "view", "evim", ...) this file is
+" _not_ sourced; /etc/vim/vimrc and/or /etc/vim/gvimrc are.
+
+" Debian system-wide default configuration Vim
+set runtimepath=~/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,~/.vim/after
+
+set compatible
+
+" vim: set ft=vim:
--- /dev/null
+###
+### Sample Wget initialization file .wgetrc
+###
+
+## You can use this file to change the default behaviour of wget or to
+## avoid having to type many many command-line options. This file does
+## not contain a comprehensive list of commands -- look at the manual
+## to find out what you can put into this file. You can find this here:
+## $ info wget.info 'Startup File'
+## Or online here:
+## https://www.gnu.org/software/wget/manual/wget.html#Startup-File
+##
+## Wget initialization file can reside in /etc/wgetrc
+## (global, for all users) or $HOME/.wgetrc (for a single user).
+##
+## To use the settings in this file, you will have to uncomment them,
+## as well as change them, in most cases, as the values on the
+## commented-out lines are the default values (e.g. "off").
+
+
+##
+## Global settings (useful for setting up in /etc/wgetrc).
+## Think well before you change them, since they may reduce wget's
+## functionality, and make it behave contrary to the documentation:
+##
+
+# You can set retrieve quota for beginners by specifying a value
+# optionally followed by 'K' (kilobytes) or 'M' (megabytes). The
+# default quota is unlimited.
+#quota = inf
+
+# You can lower (or raise) the default number of retries when
+# downloading a file (default is 20).
+#tries = 20
+
+# Lowering the maximum depth of the recursive retrieval is handy to
+# prevent newbies from going too "deep" when they unwittingly start
+# the recursive retrieval. The default is 5.
+#reclevel = 5
+
+# By default Wget uses "passive FTP" transfer where the client
+# initiates the data connection to the server rather than the other
+# way around. That is required on systems behind NAT where the client
+# computer cannot be easily reached from the Internet. However, some
+# firewalls software explicitly supports active FTP and in fact has
+# problems supporting passive transfer. If you are in such
+# environment, use "passive_ftp = off" to revert to active FTP.
+#passive_ftp = off
+passive_ftp = on
+
+# The "wait" command below makes Wget wait between every connection.
+# If, instead, you want Wget to wait only between retries of failed
+# downloads, set waitretry to maximum number of seconds to wait (Wget
+# will use "linear backoff", waiting 1 second after the first failure
+# on a file, 2 seconds after the second failure, etc. up to this max).
+#waitretry = 10
+
+
+##
+## Local settings (for a user to set in his $HOME/.wgetrc). It is
+## *highly* undesirable to put these settings in the global file, since
+## they are potentially dangerous to "normal" users.
+##
+## Even when setting up your own ~/.wgetrc, you should know what you
+## are doing before doing so.
+##
+
+# Set this to on to use timestamping by default:
+#timestamping = off
+
+# It is a good idea to make Wget send your email address in a `From:'
+# header with your request (so that server administrators can contact
+# you in case of errors). Wget does *not* send `From:' by default.
+#header = From: Your Name <username@site.domain>
+
+# You can set up other headers, like Accept-Language. Accept-Language
+# is *not* sent by default.
+#header = Accept-Language: en
+
+# You can set the default proxies for Wget to use for http, https, and ftp.
+# They will override the value in the environment.
+#https_proxy = http://proxy.yoyodyne.com:18023/
+#http_proxy = http://proxy.yoyodyne.com:18023/
+#ftp_proxy = http://proxy.yoyodyne.com:18023/
+
+# If you do not want to use proxy at all, set this to off.
+#use_proxy = on
+
+# You can customize the retrieval outlook. Valid options are default,
+# binary, mega and micro.
+#dot_style = default
+
+# Setting this to off makes Wget not download /robots.txt. Be sure to
+# know *exactly* what /robots.txt is and how it is used before changing
+# the default!
+#robots = on
+
+# It can be useful to make Wget wait between connections. Set this to
+# the number of seconds you want Wget to wait.
+#wait = 0
+
+# You can force creating directory structure, even if a single is being
+# retrieved, by setting this to on.
+#dirstruct = off
+
+# You can turn on recursive retrieving by default (don't do this if
+# you are not sure you know what it means) by setting this to on.
+#recursive = off
+
+# To always back up file X as X.orig before converting its links (due
+# to -k / --convert-links / convert_links = on having been specified),
+# set this variable to on:
+#backup_converted = off
+
+# To have Wget follow FTP links from HTML files by default, set this
+# to on:
+#follow_ftp = off
+
+# To try ipv6 addresses first:
+#prefer-family = IPv6
+
+# Set default IRI support state
+#iri = off
+
+# Force the default system encoding
+#locale = UTF-8
+
+# Force the default remote server encoding
+#remoteencoding = UTF-8
+
+# Turn on to prevent following non-HTTPS links when in recursive mode
+#httpsonly = off
+
+# Tune HTTPS security (auto, SSLv2, SSLv3, TLSv1, PFS)
+#secureprotocol = auto
--- /dev/null
+-- init.lua
+--
+-- initialize wireshark's lua
+--
+-- This file is going to be executed before any other lua script.
+-- It can be used to load libraries, disable functions and more.
+--
+-- $Id$
+--
+-- Wireshark - Network traffic analyzer
+-- By Gerald Combs <gerald@wireshark.org>
+-- Copyright 1998 Gerald Combs
+--
+-- This program is free software; you can redistribute it and/or
+-- modify it under the terms of the GNU General Public License
+-- as published by the Free Software Foundation; either version 2
+-- of the License, or (at your option) any later version.
+--
+-- This program is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+-- Set disable_lua to true to disable Lua support.
+disable_lua = false
+
+if disable_lua then
+ return
+end
+
+-- If set and we are running with special privileges this setting
+-- tells whether scripts other than this one are to be run.
+run_user_scripts_when_superuser = false
+
+
+-- disable potentialy harmful lua functions when running superuser
+if running_superuser then
+ local hint = "has been disabled due to running Wireshark as superuser. See http://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user."
+ local disabled_lib = {}
+ setmetatable(disabled_lib,{ __index = function() error("this package ".. hint) end } );
+
+ dofile = function() error("dofile " .. hint) end
+ loadfile = function() error("loadfile " .. hint) end
+ loadlib = function() error("loadlib " .. hint) end
+ require = function() error("require " .. hint) end
+ os = disabled_lib
+ io = disabled_lib
+ file = disabled_lib
+end
+
+-- to avoid output to stdout which can cause problems lua's print ()
+-- has been suppresed so that it yields an error.
+-- have print() call info() instead.
+if gui_enabled() then
+ print = info
+end
+
+function typeof(obj)
+ local mt = getmetatable(obj)
+ return mt and mt.__typeof or obj.__typeof or type(obj)
+end
+
+-- the following function checks if a file exists
+-- since 1.11.3
+function file_exists(name)
+ local f = io.open(name,"r")
+ if f ~= nil then io.close(f) return true else return false end
+end
+
+-- the following function prepends the given directory name to
+-- the package.path, so that a 'require "foo"' will work if 'foo'
+-- is in the directory name given to this function. For example,
+-- if your Lua file will do a 'require "foo"' and the foo.lua
+-- file is in a local directory (local to your script) named 'bar',
+-- then call this function before doing your 'require', by doing
+-- package.prepend_path("bar")
+-- and that will let Wireshark's Lua find the file "bar/foo.lua"
+-- when you later do 'require "foo"'
+--
+-- Because this function resides here in init.lua, it does not
+-- have the same environment as your script, so it has to get it
+-- using the debug library, which is why the code appears so
+-- cumbersome.
+--
+-- since 1.11.3
+function package.prepend_path(name)
+ local debug = require "debug"
+ -- get the function calling this package.prepend_path function
+ local dt = debug.getinfo(2, "f")
+ if not dt then
+ error("could not retrieve debug info table")
+ end
+ -- get its upvalue
+ local _, val = debug.getupvalue(dt.func, 1)
+ if not val or type(val) ~= 'table' then
+ error("No calling function upvalue or it is not a table")
+ end
+ -- get the __DIR__ field in its upvalue table
+ local dir = val["__DIR__"]
+ -- get the platform-specific directory separator character
+ local sep = package.config:sub(1,1)
+ -- prepend the dir and given name to path
+ if dir and dir:len() > 0 then
+ package.path = dir .. sep .. name .. sep .. "?.lua;" .. package.path
+ end
+ -- also prepend just the name as a directory
+ package.path = name .. sep .. "?.lua;" .. package.path
+end
+
+-- -- Wiretap encapsulations XXX
+wtap_encaps = {
+ ["PER_PACKET"] = -1,
+ ["UNKNOWN"] = 0,
+ ["ETHERNET"] = 1,
+ ["TOKEN_RING"] = 2,
+ ["SLIP"] = 3,
+ ["PPP"] = 4,
+ ["FDDI"] = 5,
+ ["FDDI_BITSWAPPED"] = 6,
+ ["RAW_IP"] = 7,
+ ["ARCNET"] = 8,
+ ["ARCNET_LINUX"] = 9,
+ ["ATM_RFC1483"] = 10,
+ ["LINUX_ATM_CLIP"] = 11,
+ ["LAPB"] = 12,
+ ["ATM_PDUS"] = 13,
+ ["ATM_PDUS_UNTRUNCATED"] = 14,
+ ["NULL"] = 15,
+ ["ASCEND"] = 16,
+ ["ISDN"] = 17,
+ ["IP_OVER_FC"] = 18,
+ ["PPP_WITH_PHDR"] = 19,
+ ["IEEE_802_11"] = 20,
+ ["IEEE_802_11_PRISM"] = 21,
+ ["IEEE_802_11_WITH_RADIO"] = 22,
+ ["IEEE_802_11_RADIOTAP"] = 23,
+ ["IEEE_802_11_AVS"] = 24,
+ ["SLL"] = 25,
+ ["FRELAY"] = 26,
+ ["FRELAY_WITH_PHDR"] = 27,
+ ["CHDLC"] = 28,
+ ["CISCO_IOS"] = 29,
+ ["LOCALTALK"] = 30,
+ ["OLD_PFLOG"] = 31,
+ ["HHDLC"] = 32,
+ ["DOCSIS"] = 33,
+ ["COSINE"] = 34,
+ ["WFLEET_HDLC"] = 35,
+ ["SDLC"] = 36,
+ ["TZSP"] = 37,
+ ["ENC"] = 38,
+ ["PFLOG"] = 39,
+ ["CHDLC_WITH_PHDR"] = 40,
+ ["BLUETOOTH_H4"] = 41,
+ ["MTP2"] = 42,
+ ["MTP3"] = 43,
+ ["IRDA"] = 44,
+ ["USER0"] = 45,
+ ["USER1"] = 46,
+ ["USER2"] = 47,
+ ["USER3"] = 48,
+ ["USER4"] = 49,
+ ["USER5"] = 50,
+ ["USER6"] = 51,
+ ["USER7"] = 52,
+ ["USER8"] = 53,
+ ["USER9"] = 54,
+ ["USER10"] = 55,
+ ["USER11"] = 56,
+ ["USER12"] = 57,
+ ["USER13"] = 58,
+ ["USER14"] = 59,
+ ["USER15"] = 60,
+ ["SYMANTEC"] = 61,
+ ["APPLE_IP_OVER_IEEE1394"] = 62,
+ ["BACNET_MS_TP"] = 63,
+ ["NETTL_RAW_ICMP"] = 64,
+ ["NETTL_RAW_ICMPV6"] = 65,
+ ["GPRS_LLC"] = 66,
+ ["JUNIPER_ATM1"] = 67,
+ ["JUNIPER_ATM2"] = 68,
+ ["REDBACK"] = 69,
+ ["NETTL_RAW_IP"] = 70,
+ ["NETTL_ETHERNET"] = 71,
+ ["NETTL_TOKEN_RING"] = 72,
+ ["NETTL_FDDI"] = 73,
+ ["NETTL_UNKNOWN"] = 74,
+ ["MTP2_WITH_PHDR"] = 75,
+ ["JUNIPER_PPPOE"] = 76,
+ ["GCOM_TIE1"] = 77,
+ ["GCOM_SERIAL"] = 78,
+ ["NETTL_X25"] = 79,
+ ["K12"] = 80,
+ ["JUNIPER_MLPPP"] = 81,
+ ["JUNIPER_MLFR"] = 82,
+ ["JUNIPER_ETHER"] = 83,
+ ["JUNIPER_PPP"] = 84,
+ ["JUNIPER_FRELAY"] = 85,
+ ["JUNIPER_CHDLC"] = 86,
+ ["JUNIPER_GGSN"] = 87,
+ ["LINUX_LAPD"] = 88,
+ ["CATAPULT_DCT2000"] = 89,
+ ["BER"] = 90,
+ ["JUNIPER_VP"] = 91,
+ ["USB"] = 92,
+ ["IEEE802_16_MAC_CPS"] = 93,
+ ["NETTL_RAW_TELNET"] = 94,
+ ["USB_LINUX"] = 95,
+ ["MPEG"] = 96,
+ ["PPI"] = 97,
+ ["ERF"] = 98,
+ ["BLUETOOTH_H4_WITH_PHDR"] = 99,
+ ["SITA"] = 100,
+ ["SCCP"] = 101,
+ ["BLUETOOTH_HCI"] = 102,
+ ["IPMB"] = 103,
+ ["IEEE802_15_4"] = 104,
+ ["X2E_XORAYA"] = 105,
+ ["FLEXRAY"] = 106,
+ ["LIN"] = 107,
+ ["MOST"] = 108,
+ ["CAN20B"] = 109,
+ ["LAYER1_EVENT"] = 110,
+ ["X2E_SERIAL"] = 111,
+ ["I2C"] = 112,
+ ["IEEE802_15_4_NONASK_PHY"] = 113,
+ ["TNEF"] = 114,
+ ["USB_LINUX_MMAPPED"] = 115,
+ ["GSM_UM"] = 116,
+ ["DPNSS"] = 117,
+ ["PACKETLOGGER"] = 118,
+ ["NSTRACE_1_0"] = 119,
+ ["NSTRACE_2_0"] = 120,
+ ["FIBRE_CHANNEL_FC2"] = 121,
+ ["FIBRE_CHANNEL_FC2_WITH_FRAME_DELIMS"] = 122,
+ ["JPEG_JFIF"] = 123,
+ ["IPNET"] = 124,
+ ["SOCKETCAN"] = 125,
+ ["IEEE_802_11_NETMON"] = 126,
+ ["IEEE802_15_4_NOFCS"] = 127,
+ ["RAW_IPFIX"] = 128,
+ ["RAW_IP4"] = 129,
+ ["RAW_IP6"] = 130,
+ ["LAPD"] = 131,
+ ["DVBCI"] = 132,
+ ["MUX27010"] = 133,
+ ["MIME"] = 134,
+ ["NETANALYZER"] = 135,
+ ["NETANALYZER_TRANSPARENT"] = 136,
+ ["IP_OVER_IB"] = 137,
+ ["MPEG_2_TS"] = 138,
+ ["PPP_ETHER"] = 139,
+ ["NFC_LLCP"] = 140,
+ ["NFLOG"] = 141,
+ ["V5_EF"] = 142,
+ ["BACNET_MS_TP_WITH_PHDR"] = 143,
+ ["IXVERIWAVE"] = 144,
+ ["IEEE_802_11_AIROPEEK"] = 145,
+ ["SDH"] = 146,
+ ["DBUS"] = 147,
+ ["AX25_KISS"] = 148,
+ ["AX25"] = 149,
+ ["SCTP"] = 150,
+ ["INFINIBAND"] = 151,
+ ["JUNIPER_SVCS"] = 152,
+ ["USBPCAP"] = 153,
+ ["RTAC_SERIAL"] = 154,
+ ["BLUETOOTH_LE_LL"] = 155,
+ ["WIRESHARK_UPPER_PDU"] = 156,
+ ["STANAG_4607"] = 157,
+ ["STANAG_5066_D_PDU"] = 158,
+ ["NETLINK"] = 159,
+ ["BLUETOOTH_LINUX_MONITOR"] = 160,
+ ["BLUETOOTH_BREDR_BB"] = 161,
+ ["BLUETOOTH_LE_LL_WITH_PHDR"] = 162,
+ ["NSTRACE_3_0"] = 163,
+ ["LOGCAT"] = 164,
+ ["LOGCAT_BRIEF"] = 165,
+ ["LOGCAT_PROCESS"] = 166,
+ ["LOGCAT_TAG"] = 167,
+ ["LOGCAT_THREAD"] = 168,
+ ["LOGCAT_TIME"] = 169,
+ ["LOGCAT_THREADTIME"] = 170,
+ ["LOGCAT_LONG"] = 171,
+ ["PKTAP"] = 172,
+ ["EPON"] = 173,
+ ["IPMI_TRACE"] = 174
+}
+wtap = wtap_encaps -- for bw compatibility
+
+
+-- -- Wiretap file types
+wtap_filetypes = {
+ ["UNKNOWN"] = 0,
+ ["PCAP"] = 1,
+ ["PCAPNG"] = 2,
+ ["PCAP_NSEC"] = 3,
+ ["PCAP_AIX"] = 4,
+ ["PCAP_SS991029"] = 5,
+ ["PCAP_NOKIA"] = 6,
+ ["PCAP_SS990417"] = 7,
+ ["PCAP_SS990915"] = 8,
+ ["5VIEWS"] = 9,
+ ["IPTRACE_1_0"] = 10,
+ ["IPTRACE_2_0"] = 11,
+ ["BER"] = 12,
+ ["HCIDUMP"] = 13,
+ ["CATAPULT_DCT2000"] = 14,
+ ["NETXRAY_OLD"] = 15,
+ ["NETXRAY_1_0"] = 16,
+ ["COSINE"] = 17,
+ ["CSIDS"] = 18,
+ ["DBS_ETHERWATCH"] = 19,
+ ["ERF"] = 20,
+ ["EYESDN"] = 21,
+ ["NETTL"] = 22,
+ ["ISERIES"] = 23,
+ ["ISERIES_UNICODE"] = 24,
+ ["I4BTRACE"] = 25,
+ ["ASCEND"] = 26,
+ ["NGSNIFFER_UNCOMPRESSED"] = 29,
+ ["NGSNIFFER_COMPRESSED"] = 30,
+ ["NETXRAY_1_1"] = 31,
+ ["NETWORK_INSTRUMENTS"] = 33,
+ ["LANALYZER"] = 34,
+ ["PPPDUMP"] = 35,
+ ["RADCOM"] = 36,
+ ["SNOOP"] = 37,
+ ["SHOMITI"] = 38,
+ ["VMS"] = 39,
+ ["K12"] = 40,
+ ["TOSHIBA"] = 41,
+ ["VISUAL_NETWORKS"] = 42,
+ ["PEEKCLASSIC_V56"] = 43,
+ ["PEEKCLASSIC_V7"] = 44,
+ ["PEEKTAGGED"] = 45,
+ ["MPEG"] = 46,
+ ["K12TEXT"] = 47,
+ ["NETSCREEN"] = 48,
+ ["COMMVIEW"] = 49,
+ ["BTSNOOP"] = 50,
+ ["TNEF"] = 51,
+ ["DCT3TRACE"] = 52,
+ ["PACKETLOGGER"] = 53,
+ ["DAINTREE_SNA"] = 54,
+ ["NETSCALER_1_0"] = 55,
+ ["NETSCALER_2_0"] = 56,
+ ["JPEG_JFIF"] = 57,
+ ["IPFIX"] = 58,
+ ["MIME"] = 59,
+ ["AETHRA"] = 60,
+ ["MPEG_2_TS"] = 61,
+ ["VWR_80211"] = 62,
+ ["VWR_ETH"] = 63,
+ ["CAMINS"] = 64,
+ ["STANAG_4607"] = 65,
+ ["NETSCALER_3_0"] = 66,
+ ["LOGCAT"] = 67,
+ ["LOGCAT_BRIEF"] = 68,
+ ["LOGCAT_PROCESS"] = 69,
+ ["LOGCAT_TAG"] = 70,
+ ["LOGCAT_THREAD"] = 71,
+ ["LOGCAT_TIME"] = 72,
+ ["LOGCAT_THREADTIME"] = 73,
+ ["LOGCAT_LONG"] = 74,
+ ["TSPREC_SEC"] = 0,
+ ["TSPREC_DSEC"] = 1,
+ ["TSPREC_CSEC"] = 2,
+ ["TSPREC_MSEC"] = 3,
+ ["TSPREC_USEC"] = 6,
+ ["TSPREC_NSEC"] = 9
+}
+
+
+-- -- Wiretap file comment types
+wtap_comments = {
+ ["PER_SECTION"] = 0x00000001,
+ ["PER_INTERFACE"] = 0x00000002,
+ ["PER_PACKET"] = 0x00000004
+}
+
+
+-- -- Field Types
+ftypes = {
+ ["NONE"] = 0,
+ ["PROTOCOL"] = 1,
+ ["BOOLEAN"] = 2,
+ ["UINT8"] = 3,
+ ["UINT16"] = 4,
+ ["UINT24"] = 5,
+ ["UINT32"] = 6,
+ ["UINT64"] = 7,
+ ["INT8"] = 8,
+ ["INT16"] = 9,
+ ["INT24"] = 10,
+ ["INT32"] = 11,
+ ["INT64"] = 12,
+ ["FLOAT"] = 13,
+ ["DOUBLE"] = 14,
+ ["ABSOLUTE_TIME"] = 15,
+ ["RELATIVE_TIME"] = 16,
+ ["STRING"] = 17,
+ ["STRINGZ"] = 18,
+ ["UINT_STRING"] = 19,
+ ["ETHER"] = 20,
+ ["BYTES"] = 21,
+ ["UINT_BYTES"] = 22,
+ ["IPv4"] = 23,
+ ["IPv6"] = 24,
+ ["IPXNET"] = 25,
+ ["FRAMENUM"] = 26,
+ ["PCRE"] = 27,
+ ["GUID"] = 28,
+ ["OID"] = 29,
+ ["EUI64"] = 30,
+ ["AX25"] = 31,
+ ["VINES"] = 32,
+ ["REL_OID"] = 33,
+ ["SYSTEM_ID"] = 34,
+ ["STRINGZPAD"] = 35
+}
+
+
+-- the following table is since 1.12
+-- -- Wiretap record_types
+wtap_rec_types = {
+ ["PACKET"] = 0, -- packet
+ ["FT_SPECIFIC_EVENT"] = 1, -- file-type-specific event
+ ["FT_SPECIFIC_REPORT"] = 2, -- file-type-specific report
+}
+
+
+-- the following table is since 1.11.3
+-- -- Wiretap presence flags
+wtap_presence_flags = {
+ ["TS"] = 1, -- time stamp
+ ["CAP_LEN"] = 2, -- captured length separate from on-the-network length
+ ["INTERFACE_ID"] = 4, -- interface ID
+ ["COMMENTS"] = 8, -- comments
+ ["DROP_COUNT"] = 16, -- drop count
+ ["PACK_FLAGS"] = 32, -- packet flags
+}
+
+
+-- -- Display Bases
+ base = {
+ ["NONE"] = 0,
+ ["DEC"] = 1,
+ ["HEX"] = 2,
+ ["OCT"] = 3,
+ ["DEC_HEX"] = 4,
+ ["HEX_DEC"] = 5,
+ ["CUSTOM"] = 6,
+}
+
+
+
+-- -- Encodings
+ENC_BIG_ENDIAN = 0
+ENC_LITTLE_ENDIAN = 2147483648
+ENC_TIME_TIMESPEC = 0
+ENC_TIME_NTP = 2
+ENC_TIME_TOD = 4
+ENC_CHARENCODING_MASK = 2147483646
+ENC_ASCII = 0
+ENC_UTF_8 = 2
+ENC_UTF_16 = 4
+ENC_UCS_2 = 6
+ENC_UCS_4 = 8
+ENC_ISO_8859_1 = 10
+ENC_ISO_8859_2 = 12
+ENC_ISO_8859_3 = 14
+ENC_ISO_8859_4 = 16
+ENC_ISO_8859_5 = 18
+ENC_ISO_8859_6 = 20
+ENC_ISO_8859_7 = 22
+ENC_ISO_8859_8 = 24
+ENC_ISO_8859_9 = 26
+ENC_ISO_8859_10 = 28
+ENC_ISO_8859_11 = 30
+ENC_ISO_8859_13 = 34
+ENC_ISO_8859_14 = 36
+ENC_ISO_8859_15 = 38
+ENC_ISO_8859_16 = 40
+ENC_WINDOWS_1250 = 42
+ENC_3GPP_TS_23_038_7BITS = 44
+ENC_EBCDIC = 46
+ENC_MAC_ROMAN = 48
+ENC_CP437 = 50
+ENC_ASCII_7BITS = 52
+ENC_NA = 0
+ENC_STR_NUM = 16777216
+ENC_STR_HEX = 33554432
+ENC_STRING = 50331648
+ENC_STR_MASK = 65534
+ENC_NUM_PREF = 2097152
+ENC_SEP_NONE = 65536
+ENC_SEP_COLON = 131072
+ENC_SEP_DASH = 262144
+ENC_SEP_DOT = 524288
+ENC_SEP_SPACE = 1048576
+ENC_SEP_MASK = 2031616
+ENC_ISO_8601_DATE = 65536
+ENC_ISO_8601_TIME = 131072
+ENC_ISO_8601_DATE_TIME = 196608
+ENC_RFC_822 = 262144
+ENC_RFC_1123 = 524288
+ENC_STR_TIME_MASK = 983040
+
+
+
+
+-- -- Expert flags and facilities (deprecated - see 'expert' table below)
+PI_SEVERITY_MASK = 15728640
+PI_COMMENT = 1048576
+PI_CHAT = 2097152
+PI_NOTE = 4194304
+PI_WARN = 6291456
+PI_ERROR = 8388608
+PI_GROUP_MASK = 4278190080
+PI_CHECKSUM = 16777216
+PI_SEQUENCE = 33554432
+PI_RESPONSE_CODE = 50331648
+PI_REQUEST_CODE = 67108864
+PI_UNDECODED = 83886080
+PI_REASSEMBLE = 100663296
+PI_MALFORMED = 117440512
+PI_DEBUG = 134217728
+PI_PROTOCOL = 150994944
+PI_SECURITY = 167772160
+PI_COMMENTS_GROUP = 184549376
+
+
+
+-- the following table is since 1.11.3
+-- -- Expert flags and facilities
+expert = {
+ -- Expert event groups
+ group = {
+ -- The protocol field has a bad checksum, usually uses PI_WARN severity
+ ["CHECKSUM"] = 16777216,
+ -- The protocol field indicates a sequence problem (e.g. TCP window is zero)
+ ["SEQUENCE"] = 33554432,
+ -- The protocol field indicates a bad application response code (e.g. HTTP 404), usually PI_NOTE severity
+ ["RESPONSE_CODE"] = 50331648,
+ -- The protocol field indicates an application request (e.g. File Handle == xxxx), usually PI_CHAT severity
+ ["REQUEST_CODE"] = 67108864,
+ -- The data is undecoded, the protocol dissection is incomplete here, usually PI_WARN severity
+ ["UNDECODED"] = 83886080,
+ -- The protocol field indicates a reassemble (e.g. DCE/RPC defragmentation), usually PI_CHAT severity (or PI_ERROR)
+ ["REASSEMBLE"] = 100663296,
+ -- The packet data is malformed, the dissector has "given up", usually PI_ERROR severity
+ ["MALFORMED"] = 117440512,
+ -- A generic debugging message (shouldn't remain in production code!), usually PI_ERROR severity
+ ["DEBUG"] = 134217728,
+ -- The protocol field violates a protocol specification, usually PI_WARN severity
+ ["PROTOCOL"] = 150994944,
+ -- The protocol field indicates a security problem (e.g. insecure implementation)
+ ["SECURITY"] = 167772160,
+ -- The protocol field indicates a packet comment
+ ["COMMENTS_GROUP"] = 184549376,
+ },
+ -- Expert severity levels
+ severity = {
+ -- Packet comment
+ ["COMMENT"] = 1048576,
+ -- Usual workflow, e.g. TCP connection establishing
+ ["CHAT"] = 2097152,
+ -- Notable messages, e.g. an application returned an "unusual" error code like HTTP 404
+ ["NOTE"] = 4194304,
+ -- Warning, e.g. application returned an "unusual" error code
+ ["WARN"] = 6291456,
+ -- Serious problems, e.g. a malformed packet
+ ["ERROR"] = 8388608,
+ },
+}
+
+
+
+-- -- menu groups for register_menu
+MENU_ANALYZE_UNSORTED = 0
+MENU_ANALYZE_CONVERSATION = 1
+MENU_STAT_UNSORTED = 2
+MENU_STAT_GENERIC = 3
+MENU_STAT_CONVERSATION = 4
+MENU_STAT_ENDPOINT = 5
+MENU_STAT_RESPONSE = 6
+MENU_STAT_TELEPHONY = 7
+MENU_STAT_TELEPHONY_GSM = 8
+MENU_STAT_TELEPHONY_LTE = 9
+MENU_STAT_TELEPHONY_SCTP = 10
+MENU_TOOLS_UNSORTED = 11
+
+
+-- other useful constants
+GUI_ENABLED = gui_enabled()
+DATA_DIR = Dir.global_config_path()
+USER_DIR = Dir.personal_config_path()
+
+-- deprecated function names
+datafile_path = Dir.global_config_path
+persconffile_path = Dir.personal_config_path
+
+
+dofile(DATA_DIR.."console.lua")
+--dofile(DATA_DIR.."dtd_gen.lua")
--- /dev/null
+../../systemd/user
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE catalog PUBLIC "-//OASIS//DTD XML Catalogs V1.0//EN"
+ "file:///usr/share/xml/schema/xml-core/catalog.dtd">
+<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
+<delegateSystem systemIdStartString="http://globaltranscorp.org/oasis/catalog/xml/tr9401.dtd" catalog="file:///etc/xml/xml-core.xml"/>
+<delegateSystem systemIdStartString="http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd" catalog="file:///etc/xml/xml-core.xml"/>
+<delegatePublic publicIdStartString="-//OASIS//DTD XML Catalogs V1.0//EN" catalog="file:///etc/xml/xml-core.xml"/>
+<delegatePublic publicIdStartString="-//GlobalTransCorp//DTD XML Catalogs V1.0-Based Extension V1.0//EN" catalog="file:///etc/xml/xml-core.xml"/>
+</catalog>
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE catalog PUBLIC "-//OASIS//DTD XML Catalogs V1.0//EN"
+ "file:///usr/share/xml/schema/xml-core/catalog.dtd">
+<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
+<delegatePublic publicIdStartString="-//OASIS//DTD XML Catalogs V1.0//EN" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegateSystem systemIdStartString="http://globaltranscorp.org/oasis/catalog/xml/tr9401.dtd" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegateSystem systemIdStartString="http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+<delegatePublic publicIdStartString="-//GlobalTransCorp//DTD XML Catalogs V1.0-Based Extension V1.0//EN" catalog="file:///usr/share/xml/schema/xml-core/catalog.xml"/>
+</catalog>
--- /dev/null
+# Set up the prompt
+
+autoload -Uz promptinit
+promptinit
+prompt adam1
+
+setopt histignorealldups sharehistory
+
+# Use emacs keybindings even if our EDITOR is set to vi
+bindkey -e
+
+# Keep 1000 lines of history within the shell and save it to ~/.zsh_history:
+HISTSIZE=1000
+SAVEHIST=1000
+HISTFILE=~/.zsh_history
+
+# Use modern completion system
+autoload -Uz compinit
+compinit
+
+zstyle ':completion:*' auto-description 'specify: %d'
+zstyle ':completion:*' completer _expand _complete _correct _approximate
+zstyle ':completion:*' format 'Completing %d'
+zstyle ':completion:*' group-name ''
+zstyle ':completion:*' menu select=2
+eval "$(dircolors -b)"
+zstyle ':completion:*:default' list-colors ${(s.:.)LS_COLORS}
+zstyle ':completion:*' list-colors ''
+zstyle ':completion:*' list-prompt %SAt %p: Hit TAB for more, or the character to insert%s
+zstyle ':completion:*' matcher-list '' 'm:{a-z}={A-Z}' 'm:{a-zA-Z}={A-Za-z}' 'r:|[._-]=* r:|=* l:|=*'
+zstyle ':completion:*' menu select=long
+zstyle ':completion:*' select-prompt %SScrolling active: current selection at %p%s
+zstyle ':completion:*' use-compctl false
+zstyle ':completion:*' verbose true
+
+zstyle ':completion:*:*:kill:*:processes' list-colors '=(#b) #([0-9]#)*=0=01;31'
+zstyle ':completion:*:kill:*' command 'ps -u $USER -o pid,%cpu,tty,cputime,cmd'
--- /dev/null
+# /etc/zsh/zlogin: system-wide .zlogin file for zsh(1).
+#
+# This file is sourced only for login shells. It
+# should contain commands that should be executed only
+# in login shells. It should be used to set the terminal
+# type and run a series of external commands (fortune,
+# msgs, from, etc.)
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
--- /dev/null
+# /etc/zsh/zlogout: system-wide .zlogout file for zsh(1).
--- /dev/null
+# /etc/zsh/zprofile: system-wide .zprofile file for zsh(1).
+#
+# This file is sourced only for login shells (i.e. shells
+# invoked with "-" as the first character of argv[0], and
+# shells invoked with the -l flag.)
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
--- /dev/null
+# /etc/zsh/zshenv: system-wide .zshenv file for zsh(1).
+#
+# This file is sourced on all invocations of the shell.
+# If the -f flag is present or if the NO_RCS option is
+# set within this file, all other initialization files
+# are skipped.
+#
+# This file should contain commands to set the command
+# search path, plus other important environment variables.
+# This file should not contain commands that produce
+# output or assume the shell is attached to a tty.
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
+
+if [[ -z "$PATH" || "$PATH" == "/bin:/usr/bin" ]]
+then
+ export PATH="/usr/local/bin:/usr/bin:/bin:/usr/games"
+fi
--- /dev/null
+# /etc/zsh/zshrc: system-wide .zshrc file for zsh(1).
+#
+# This file is sourced only for interactive shells. It
+# should contain commands to set up aliases, functions,
+# options, key bindings, etc.
+#
+# Global Order: zshenv, zprofile, zshrc, zlogin
+
+READNULLCMD=${PAGER:-/usr/bin/pager}
+
+# An array to note missing features to ease diagnosis in case of problems.
+typeset -ga debian_missing_features
+
+if [[ -z "$DEBIAN_PREVENT_KEYBOARD_CHANGES" ]] &&
+ [[ "$TERM" != 'emacs' ]]
+then
+
+ typeset -A key
+ key=(
+ BackSpace "${terminfo[kbs]}"
+ Home "${terminfo[khome]}"
+ End "${terminfo[kend]}"
+ Insert "${terminfo[kich1]}"
+ Delete "${terminfo[kdch1]}"
+ Up "${terminfo[kcuu1]}"
+ Down "${terminfo[kcud1]}"
+ Left "${terminfo[kcub1]}"
+ Right "${terminfo[kcuf1]}"
+ PageUp "${terminfo[kpp]}"
+ PageDown "${terminfo[knp]}"
+ )
+
+ function bind2maps () {
+ local i sequence widget
+ local -a maps
+
+ while [[ "$1" != "--" ]]; do
+ maps+=( "$1" )
+ shift
+ done
+ shift
+
+ sequence="${key[$1]}"
+ widget="$2"
+
+ [[ -z "$sequence" ]] && return 1
+
+ for i in "${maps[@]}"; do
+ bindkey -M "$i" "$sequence" "$widget"
+ done
+ }
+
+ bind2maps emacs -- BackSpace backward-delete-char
+ bind2maps viins -- BackSpace vi-backward-delete-char
+ bind2maps vicmd -- BackSpace vi-backward-char
+ bind2maps emacs -- Home beginning-of-line
+ bind2maps viins vicmd -- Home vi-beginning-of-line
+ bind2maps emacs -- End end-of-line
+ bind2maps viins vicmd -- End vi-end-of-line
+ bind2maps emacs viins -- Insert overwrite-mode
+ bind2maps vicmd -- Insert vi-insert
+ bind2maps emacs -- Delete delete-char
+ bind2maps viins vicmd -- Delete vi-delete-char
+ bind2maps emacs viins vicmd -- Up up-line-or-history
+ bind2maps emacs viins vicmd -- Down down-line-or-history
+ bind2maps emacs -- Left backward-char
+ bind2maps viins vicmd -- Left vi-backward-char
+ bind2maps emacs -- Right forward-char
+ bind2maps viins vicmd -- Right vi-forward-char
+
+ # Make sure the terminal is in application mode, when zle is
+ # active. Only then are the values from $terminfo valid.
+ if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then
+ function zle-line-init () {
+ emulate -L zsh
+ printf '%s' ${terminfo[smkx]}
+ }
+ function zle-line-finish () {
+ emulate -L zsh
+ printf '%s' ${terminfo[rmkx]}
+ }
+ zle -N zle-line-init
+ zle -N zle-line-finish
+ else
+ for i in {s,r}mkx; do
+ (( ${+terminfo[$i]} )) || debian_missing_features+=($i)
+ done
+ unset i
+ fi
+
+ unfunction bind2maps
+
+fi # [[ -z "$DEBIAN_PREVENT_KEYBOARD_CHANGES" ]] && [[ "$TERM" != 'emacs' ]]
+
+zstyle ':completion:*:sudo:*' command-path /usr/local/sbin \
+ /usr/local/bin \
+ /usr/sbin \
+ /usr/bin \
+ /sbin \
+ /bin \
+ /usr/X11R6/bin
+
+(( ${+aliases[run-help]} )) && unalias run-help
+autoload -Uz run-help
projects / config / sarah / etc.git / commitdiff