Check-BcContainerHelperPermissions.ps1
|
<#
.Synopsis Checks Permissions for BcContainerHelper to run .Description When running BcContainerHelper as administrator, you have access to everything. When running BcContainerHelper as a user, that user needs: - Full control to C:\ProgramData\BcContainerHelper (in order to create and remove containers) - Modify permissions to C:\Windows\System32\drivers\etc\hosts (if you use -updatehosts) - Full control to docker engine pipe (in order to run docker commands) This script checks these permissions and allows you to fix the permissions by specifying -fix .Parameter fix Specify fix in order for this script to attempt to fix permissions .Parameter silent Specify -silent to stay silent on successfull permission checks .Parameter ignoreHosts Specify -ignoreHosts to ignore checking the permissions for the hosts file .Example Check-BcContainerHelperPermissions -fix .Example Check-BcContainerHelperPermissions -fix -ignoreHosts .Example Check-BcContainerHelperPermissions -silent #> function Check-BcContainerHelperPermissions { Param ( [switch] $Fix, [switch] $Silent, [switch] $IgnoreHosts ) if (!$isAdministrator -or $Fix) { $startProcessParams = @{ "Verb" = "RunAs" "Wait" = $true "WindowStyle" = "Hidden" "PassThru" = $true } if ($isPsCore) { $startProcessParams += @{ "FilePath" = "pwsh" } } else { $startProcessParams += @{ "FilePath" = "powershell" } } if (!$silent) { if ($isAdministrator) { Write-Host "Running as administrator" } else { Write-Host "Running as $myUsername" } } # Check access to C:\ProgramData\BcContainerHelper if (!$silent) { Write-Host "Checking permissions to $($bcContainerHelperConfig.hostHelperFolder)" } $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($myUsername,'FullControl', 3, 'InheritOnly', 'Allow') $acl = Get-Acl -Path $bcContainerHelperConfig.hostHelperFolder $access = $acl.Access | Where-Object { $_.IdentityReference -eq $rule.IdentityReference -and $_.FileSystemRights -eq $rule.FileSystemRights -and $_.AccessControlType -eq $rule.AccessControlType -and $_.InheritanceFlags -eq $rule.InheritanceFlags } if ($access) { if (!$silent) { Write-Host -ForegroundColor Green "$myUsername has the right permissions to $($bcContainerHelperConfig.hostHelperFolder)" } } else { Write-Host -ForegroundColor Red "$myUsername does NOT have Full Control to $($bcContainerHelperConfig.hostHelperFolder) and all subfolders" if (!$Fix) { Write-Host -ForegroundColor Red "You need to run as administrator or you can run Check-BcContainerHelperPermissions -Fix to fix permissions" } else { Write-Host -ForegroundColor Yellow "Trying to add permissions" $scriptblock = { Param($myUsername, $hostHelperFolder) try { $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($myUsername,'FullControl', 3, 'InheritOnly', 'Allow') $acl = Get-Acl -Path $hostHelperFolder $acl.AddAccessRule($rule) Set-Acl -Path $hostHelperFolder -AclObject $acl EXIT 0 } catch { EXIT 1 } } $exitCode = (Start-Process @startProcessParams -ArgumentList "-command & {$scriptblock} -myUsername '$myUsername' -hostHelperFolder '$($bcContainerHelperConfig.hostHelperFolder)'").ExitCode if ($exitcode -eq 0) { Write-Host -ForegroundColor Green "Permissions successfully added" } else { Write-Host -ForegroundColor Red "Error adding permissions" } } } if (!$IgnoreHosts) { # check access to c:\windows\system32\drivers\etc\hosts $hostsFile = Join-Path $env:SystemRoot "System32\drivers\etc\hosts" if (!$silent) { Write-Host "Checking permissions to $hostsFile" } $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($myUsername,'Modify', 'Allow') $acl = Get-Acl -Path $hostsFile $access = $acl.Access | Where-Object { $_.IdentityReference -eq $rule.IdentityReference -and $_.FileSystemRights -eq $rule.FileSystemRights -and $_.AccessControlType -eq $rule.AccessControlType } if ($access) { if (!$silent) { Write-Host -ForegroundColor Green "$myUsername has the right permissions to $hostsFile" } } else { Write-Host -ForegroundColor Red "$myUsername does NOT have modify permissions to $hostsFile" if (!$Fix) { Write-Host -ForegroundColor Red "You need to run as administrator or you can run Check-BcContainerHelperPermissions -Fix to fix permissions" } else { Write-Host -ForegroundColor Yellow "Trying to add permissions" $scriptblock = { Param($myUsername, $hostsFile) try { $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($myUsername,'Modify', 'Allow') $acl = Get-Acl -Path $hostsFile $acl.AddAccessRule($rule) Set-Acl -Path $hostsFile -AclObject $acl EXIT 0 } catch { EXIT 1 } } $exitcode = (Start-Process @startProcessParams -ArgumentList "-command & {$scriptblock} -myUsername '$myUsername' -hostsFile '$hostsFile'").ExitCode if ($exitcode -eq 0) { Write-Host -ForegroundColor Green "Permissions successfully added" } else { Write-Host -ForegroundColor Red "Error adding permissions" } } } } # Check Access to Docker Deamon Socket # Thanks to Tobias Fenster, Axians Infoma for this blog post: # https://www.axians-infoma.com/techblog/allow-access-to-the-docker-engine-without-admin-rights-on-windows/ # Pointing me in the right directions wrt. running docker commands without admin rights if (!$silent) { Write-Host "Checking permissions to docker commands" } $npipe = "" $dockerOk = $true $pre = $errorActionPreference $errorActionPreference = 'Continue' try{ $tempFile = [System.IO.Path]::GetTempFileName() $ps = docker ps 2> $tempFile if ($LASTEXITCODE -ne 0) { $dockerOk = $false $err = [System.IO.File]::ReadAllText($tempFile) Write-Host "ERROR: $err" Remove-Item -Path $tempFile -ErrorAction Ignore $npipeStart = $err.IndexOf('\\.\pipe') if ($npipeStart -lt 0) { $npipeStart = $err.IndexOf('//./pipe') } $npipe = $err.Substring($npipeStart) $npipeEnd = $npipe.IndexOf(':') $npipe = $npipe.SubString(0, $npipeEnd) Write-Host "npipe: $npipe" } } catch { $dockerOk = $false } $errorActionPreference = $pre if ($dockerOk) { if (!$silent) { Write-Host -ForegroundColor Green "$myUsername has the right permissions to run docker commands" } } else { Write-Host -ForegroundColor Red "$myUsername does NOT have permissions to run docker commands" if (!$Fix) { Write-Host -ForegroundColor Red "You need to run as administrator or you can run Check-BcContainerHelperPermissions -Fix to fix permissions" } else { if ($npipe -eq "") { Write-Host -ForegroundColor Red "Unable to determine docker deamon socket. Are you sure Docker is running and reachable?" } else { Write-Host -ForegroundColor Yellow "Trying to add permissions" $scriptblock = { Param($myUsername, $npipe) try { $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($myUsername,'FullControl', 'Allow') $acl = Get-Acl -Path $npipe $acl.AddAccessRule($rule) Set-Acl -Path $npipe -AclObject $acl exit 0 } catch { exit 1 } } $exitcode = (Start-Process @startProcessParams -ArgumentList "-command & {$scriptblock} -myUsername '$myUsername' -npipe '$npipe'").ExitCode if ($exitcode -eq 0) { Write-Host -ForegroundColor Green "Permissions successfully added" } else { Write-Host -ForegroundColor Red "Error adding permissions" } } } } } } Set-Alias -Name Check-NavContainerHelperPermissions -Value Check-BcContainerHelperPermissions Export-ModuleMember -Function Check-BcContainerHelperPermissions -Alias Check-NavContainerHelperPermissions # SIG # Begin signature block # MIInRQYJKoZIhvcNAQcCoIInNjCCJzICAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC10R+pve6HLfeF # +2KMDIhuyYKbiLaKW6J5J9LjCA+Yn6CCDLowggX1MIID3aADAgECAhMzAAACHU0Z # yE7XD1dIAAAAAAIdMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBD # b2RlIFNpZ25pbmcgUENBIDIwMjQwHhcNMjYwNDE2MTg1OTQzWhcNMjcwNDE1MTg1 # OTQzWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYD # VQQDExVNaWNyb3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IB # DwAwggEKAoIBAQDQvewXxx9gZZFC6Ys1WBay8BJ8kGA4JQnH5CMafqOASlTpK9H8 # o5ZXTXt0caVQTNMUPt445wXYD+dFtaKWTwDn1I52oUSrC9vJin1Gsqt+zyKJL5Dg # 3eQXbQNR61DmMy20GLTIO3SFed9Rfi/ophgCLGFLDR3r0KvHjwMb/jYWS0celV/4 # Lz27LfAekm8v9E5IXaeiXbAUYZKK090n4CVl3JBtbN+9DtI9SNu/yjvozW52/u7R # X/Ttpa/KDlpuokZ+Zcbvmtd9ur9gFLvZzh41o9MsE/clQtdaFWGvuo6Jua/ntpgk # ey3E5/vBFe+MJPG6phdnuo6r57ZudCudiI1bAgMBAAGjggGbMIIBlzAOBgNVHQ8B # Af8EBAMCB4AwHwYDVR0lBBgwFgYKKwYBBAGCN0wIAQYIKwYBBQUHAwMwHQYDVR0O # BBYEFH6QuMwqcPG0hQlQ6c5jCtTTLrVeMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQL # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xFjAUBgNVBAUTDTIzMDAxMis1MDc1NTkw # HwYDVR0jBBgwFoAUf1k/VCHarU/vBeXmo9ctBpQSCDEwYAYDVR0fBFkwVzBVoFOg # UYZPaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0 # JTIwQ29kZSUyMFNpZ25pbmclMjBQQ0ElMjAyMDI0LmNybDBtBggrBgEFBQcBAQRh # MF8wXQYIKwYBBQUHMAKGUWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # Y2VydHMvTWljcm9zb2Z0JTIwQ29kZSUyMFNpZ25pbmclMjBQQ0ElMjAyMDI0LmNy # dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQBKTbYOjzwTG/DXGaz9 # s6+fQeaTtDcFmMY+5UyVFCyj7Pv+5i37qfX8lSL/tBIfYQfWsMuBQlfZurJD6r4H # VJ2CeH+1fgiq8dcHdVKoZ3Sa2qXoX3cq9iS8cVb06B7+5/XJ7I0OxHH9fDsvJ3T3 # w5V/ZtAIFmLrl+P0CtG+92uzRsn0nTbdFjOkLMLWPLAU3THohKRlSEMgFJpPkm5n # 5UAZ35xX6FWCrDLsSKb555bTifwa8mJBwdlof0bmfYidH+dxZ1FdDxvLnNl9zeKs # A4kejaaIqqIPguhwAti5Ql7BlTNoJNwxCvBmqW2MQLnCkYN/VVUsR3V2x/rcTNzo # Bf/Z/SpROvdaA2ZOOd1uioXJt3tdLQ7vHpqpib0KfWr/FWXW10q38VxfCnRQBqzb # SuztR7nEMuzX7Ck+B/XaPDXd1qh72+QYyB0Z2VzWmO9zsnb9Uq/dwu8LGeQqnyu6 # 7SDGACvnXii2fb9+US492VTnXSnFKyqwgzUyFMtZK1/sHYTv6bG4TtQUygQxTN+Z # V+aJIlKO2MqZ7bKrAnOzS9m6NgoTdWOq11bTOZwKlIEV/EhV9SWkDmdpR/hPPT2v # 6TEj4F8PT/zHjRezIU5c/DGlt/VhY/pK0XkJtEyMmmS1BMtjU/rqBZVMIm3dnxQs # /TBByr+Cf8Z1r7aifQVQ+WSqzjCCBr0wggSloAMCAQICEzMAAAA5O7Y3Gb8GHWcA # AAAAADkwDQYJKoZIhvcNAQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX # YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg # Q29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRl # IEF1dGhvcml0eSAyMDExMB4XDTI0MDgwODIwNTQxOFoXDTM2MDMyMjIyMTMwNFow # VzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEo # MCYGA1UEAxMfTWljcm9zb2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAyNDCCAiIwDQYJ # KoZIhvcNAQEBBQADggIPADCCAgoCggIBANgBnB7jOMeqlRYHNa265v4IY9fH8TKh # emHfPINe1gpLaV3dhg324WwH06LcHbpnsBukCDNitryo0dtS/EW6I/yEL/bLSY8h # KpbfQuWusBPr9qazYcDxCW/qnjb5JsI1s8bNOg3bVATvQVL4tcf03aTycsz8QeCd # M0l/yHRObJ9QqazM1r6VPEOJ7LL+uEEb73w6QCuhs89a1uv1zerOYMnsneRRwCbp # yW11IcggU0cRKDDq1pjVJzIbIF6+oiXXbReOsgeI8zu1FyQfK0fVkaya8SmVHQ/t # Of23mZ4W9k0Ri22QW9p3UgSC5OUDktKxxcCmGL6tXLfOGSWHIIV4YrTJTT6PNty5 # REojHJuZHArkF9VnHTERWoTjAzfI3kP+5b4alUdhgAZ7ttOu1bVnXfHaqPYl2rPs # 20ji03LOVWsh/radgE17es5hL+t6lV0eVHrVhsssROWJuz2MXMCt7iw7lFPG9LXK # Gjsmonn2gotGdHIuEg5JnJMJVmixd5LRlkmgYRZKzhxSCwyoGIq0PhaA7Y+VPct5 # pCHkijcIIDm0nlkK+0KyepolcqGm0T/GYQRMhHJlGOOmVQop36wUVUYklUy++vDW # eEgEo4s7hxN6mIbf2MSIQ/iIfMZgJxC69oukMUXCrOC3SkE/xIkgpfl22MM1itkZ # 35nNXkMolU1lAgMBAAGjggFOMIIBSjAOBgNVHQ8BAf8EBAMCAYYwEAYJKwYBBAGC # NxUBBAMCAQAwHQYDVR0OBBYEFH9ZP1Qh2q1P7wXl5qPXLQaUEggxMBkGCSsGAQQB # gjcUAgQMHgoAUwB1AGIAQwBBMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU # ci06AjGQQ7kUBU7h6qfHMdEjiTQwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2Ny # bC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0MjAx # MV8yMDExXzAzXzIyLmNybDBeBggrBgEFBQcBAQRSMFAwTgYIKwYBBQUHMAKGQmh0 # dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0MjAx # MV8yMDExXzAzXzIyLmNydDANBgkqhkiG9w0BAQwFAAOCAgEAFJQfOChP7onn6fLI # MKrSlN1WYKwDFgAddymOUO3FrM8d7B/W/iQ6DxXsDn7D5W4wMwYeLystcEqfkjz4 # NURRgazyMu5yRzQh4LqjA4tStTcJh1opExo7nn5PuPBYnbu0+THSuVHTe0VTTPVh # ily/piFrDo3axQ9P4C+Ol5yet+2gTfekICS5xS+cYfSIvgn0JksVBVMYVI5QFu/q # hnLhsEFEUzG8fvv0hjgkO+lkpV9ty6GkN4vdnd7ya6Q6aR9y34aiM1qmxaxBi6OU # nyNl6fkuun/diTFnYDLTppOkr/mg5WSfCiDVMNCxtj4wPKC5OmHm1DQIt/MNokbb # H3UGsFP1QbzsLocuSqLCvH09Io3fDPTmscR9Y75G4qX7RTX8AdBPo0I6OEojf39z # uFZt0qOHm65YWQE69cZM2ueE1MB05dNNgHK9gTE7zKvK/fg8B2qjW88MT/WF5V5u # vZGtqa9FSL2RazArA+rDPuf6JGYz4HpgMZHB4S6szWSKYBv0VisCzfxgeU+dquXW # 9bd0auYlOB58DPcOYKdc3Se94g+xL4pcEhbB54JOgAkwYTu/9dLeH2pDqeJZAABV # DWRQCaXfO5LgyKwKCLYXpigrZYCjUSBcr+Ve8PFWMhVTQl0v4q8J/AUmQN5W4n10 # 1cY2L4A7GTQG1h32HHAvfQESWP0xghnhMIIZ3QIBATBuMFcxCzAJBgNVBAYTAlVT # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jv # c29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMjQCEzMAAAIdTRnITtcPV0gAAAAAAh0w # DQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYK # KwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIOxLEnhh # 7/CI90nIrfY//U6wcHae980K3EgW8C+iHPMSMEIGCisGAQQBgjcCAQwxNDAyoBSA # EgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20w # DQYJKoZIhvcNAQEBBQAEggEANogWKZqTsDV+PFsYkeKFDckuIKzP5nUcdVYEd5hm # OlQJwneltAqCVWXrcRHSWUJmw1VM9rmgpvbDtPIGjYZyiKIr3h8qkNIBVvQIbQ+9 # IFcZkwYEXv4c5jdTR2lSVc8M7I4d5ZX2TQZONvIpBaCTeuF9Fb0Z1lh5fn7Mct1b # //WDIDJRySOWwC//t6YlixfyCqU71cs2aAa5myDgNGYmRYetDlf25arn0X6/hYif # hjqIblX131xInwSjp/Jmb1vmIKF3uAzbTyztik1Neyr9FF/jUgDaxN0pOrL1S9eU # jV6oJKRfb1vK9NI08mW7r9oBdSGl3cSfyZxux2XbjUsG4KGCF5MwghePBgorBgEE # AYI3AwMBMYIXfzCCF3sGCSqGSIb3DQEHAqCCF2wwghdoAgEDMQ8wDQYJYIZIAWUD # BAIBBQAwggFRBgsqhkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoD # ATAxMA0GCWCGSAFlAwQCAQUABCA85l92XalnizRa2I4+WhjQVfc8+1rRT+UMzYgk # m5Av+QIGaed7kJm9GBIyMDI2MDQyNzA5MDI1My40NVowBIACAfSggdGkgc4wgcsx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1p # Y3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNT # IEVTTjo4NjAzLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgU2VydmljZaCCEeowggcgMIIFCKADAgECAhMzAAACJYDHN8bNqndJAAEAAAIl # MA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4X # DTI2MDIxOTE5NDAwMVoXDTI3MDUxNzE5NDAwMVowgcsxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjo4NjAzLTA1RTAt # RDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCCAiIw # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKbxEg/R4sDjpVwI+i++aqwiU3qq # SbPkiwdaZRTSd5Sqny4bFp16j5LBYELBDlqVkj8M12ld/KJktlHpdiClE8XN6kiX # s4INvg20SyQkIhkORAw3Csf1jBTK7vUYaKCwsjF6V4e0De62hVN4eNLVvxSfA5FG # 2ScqTKtQCtPpmkHauh0hyZwty/fHfDCBiU6zQUSDkSxWtlvss1z+d3RtcOn4dM5Z # a6Lx6hNXAl4vFxU/zr2gXyWLlJTzVpra0Ynr8mx6OLP0kxbxIlcoFPYMJcw5SQKw # aOic9lGp++gxIhBmC1o5PIAmWu+zLRNnvxesaqjKC1CKZCds4Avgo0tIK5blNkRA # ZMcs5AkaCCBvePmAoLvvz5Eg8kD6f+GYcn/HipP8dNM+hV4wJy4EpatBdHX7+lhq # 7cXB7S1YjIb4tbORGv9k08+6lwDZhyLeqfwdH1HC9CimpI0nCfZGLpqbwBDJ9VXL # 8EHDS3qOmhE+PAq+5SN8LOlp7p247FC1DVcM308DbKX2wOSj/4BdX9I57x5rxChB # y/ezcSuQb4unqGe/Do4w+JqfiCA2RG2C0HuujU6Kik5Rcmf1jkQ7clQBc1y4z2b7 # kzLVUS68bK2AAfe7GayVOdbdhut9rNrJIJJKdaSFo5nfeGBu5RB8fufY0UQBRz9w # XN+YJBSKRaKycljLAgMBAAGjggFJMIIBRTAdBgNVHQ4EFgQUsTjSqhdO4wdfcB9l # S7WfyfHaH3cwHwYDVR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXwYDVR0f # BFgwVjBUoFKgUIZOaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwv # TWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3JsMGwGCCsG # AQUFBwEBBGAwXjBcBggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAx # MCgxKS5jcnQwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAO # BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggIBAAed9zbJTKgdlu+/JUoW # 5eHkfHEci8hpH0lakh8hMmVz8qLTeO5H69yTOre2nl8Ufksvt4gVdEi6h7Ayy9Z4 # Wta5+utbgeGaELCSoCt8DULTGT4dpizY7jxhLExf2WBLWRNMhvdix+gV0Wkq6s9/ # adzZh3jAuD4WDCaTGR7ITcxQpWdrxJl5WkSOdLm5wVyTiys/ArY5EB/vQjbcYbI+ # GqAgpmmE1eFKxxMBCzIioHkbAMx1FXksrfs19ThibG8JiHdMVgT8aHTVDrIm9/0f # GIRmnBb6hSTSCu4ehuDeyAhHmt+BSjyXfS9SdoNgxw8AKVoUwL9BsdlJpSFZdkbU # 45wynSD29hA0sMSoVfaOWq6/NVJLC0e2bUpOV0KNEQP6R0LJtw/Fs9qXAmKBdzUG # wj0KK2dN/SWPBv02Rn8lUjz8PratdfOHPgXe7SJUbPCdwZrFHEcb9e/idOumQ556 # mhhs0FsxZLYbWo/dePulV/T7ipHIConSy2NCOhU4kiZU9ZGPPk9HcOfpp1BUwEkM # zqAOuPWtlMVWAK1OKOoZlIbO9ekaQXe9izITpkOZr+QZ2JR7mxp4jqUfro+JZZeC # rG3uzLYTO/TIiNJW/54w5PZAxSJnpYJzuBW0CZel94i6z42aAW8z4hzVfnx7gj0Q # vhlICJ1KlZbQZlMs0LTaavIuMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAA # AAAAFTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUg # QXV0aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1N # aWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQAD # ggIPADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2 # AX9sSuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpS # g0S3po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2r # rPY2vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k # 45GPsjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSu # eik3rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09 # /SDPc31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR # 6L8FA6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxC # aC4Q6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaD # IV1fMHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMUR # HXLvjflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMB # AAGjggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQq # p1L+ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ # 6XIwXAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0 # cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRt # MBMGA1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBB # MAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP # 6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWlj # cm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2 # LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMu # Y3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2 # Pk5HZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03d # mLq2HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1Tk # eFN1JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kp # icO8F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKp # W99Jo3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrY # UP4KWN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QB # jloZkWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkB # RH58oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0V # iY1w/ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq # 0Z4+7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1V # M1izoXBm8qGCA00wggI1AgEBMIH5oYHRpIHOMIHLMQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBP # cGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046ODYwMy0wNUUwLUQ5 # NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAH # BgUrDgMCGgMVAFNv5so48CMIF+WHPDkRcG5JbF4OoIGDMIGApH4wfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQELBQACBQDtmTl3MCIYDzIw # MjYwNDI3MDEyNTExWhgPMjAyNjA0MjgwMTI1MTFaMHQwOgYKKwYBBAGEWQoEATEs # MCowCgIFAO2ZOXcCAQAwBwIBAAICBp0wBwIBAAICEk8wCgIFAO2aivcCAQAwNgYK # KwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQAC # AwGGoDANBgkqhkiG9w0BAQsFAAOCAQEAemR1wzyo3tY8c+I3UQ3PEW/nKukMqx3o # 0GAQZAE5w/d8T5idjtLWo+0eGb2+qIvqWF/2xBTe2LZ6DglIbOebE1A6wnTC2dbF # 5rYenDx3ftcDvgqu8ejfgiROZtKddzt1gxMam5MQ46+BYPPFCrFCzsN5796Gud3L # TSJQQzk90VoitnnE/S0dL0HmnX+DXHGeSx560e2DoZSaS6F7YRTtaZCRN5udf+Mj # gb3hQmRxDGHDiBgZezZC6PJE5r7t3t5gtUZwVYuMx8gT+7ocSad16qqmF9y6oLRr # YXxFLR1ZDwkM1PNLrhWQoxnoW47NWB5KLyRgg2it5xeGMUZCzsH/GjGCBA0wggQJ # AgEBMIGTMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYD # VQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAk # BgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAACJYDHN8bN # qndJAAEAAAIlMA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZI # hvcNAQkQAQQwLwYJKoZIhvcNAQkEMSIEILGBQarbWmSLlMRBtyaWy5TjZL3BceYw # tR0EF8q7WR4nMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCBvQQgVg3uiHo43fL3 # YKYCX+UXQJjCuNZZA/p0JTFqM9IcoRAwgZgwgYCkfjB8MQswCQYDVQQGEwJVUzET # MBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV # TWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1T # dGFtcCBQQ0EgMjAxMAITMwAAAiWAxzfGzap3SQABAAACJTAiBCCnE6XI+RCW4jzG # avloRnNVBXBdXHFwY71cd0gTuTEEqDANBgkqhkiG9w0BAQsFAASCAgAUAk8hbX54 # zrbjIakhbgCpbpO5ohy7B8dq3eWQSym4n5oORLfi22AuQoSUctimLq+8aVGrftMC # QCGDAxAUxFnvYokiCvUcJPJqZ8Pq/PF/eLM8CEQV1KDa3S9h9ep56QOsXI5EyzZt # AhERDOwhRdzxYlJ0gPzyO2dt2/LA7edbVLQkQodxOvoGVLGNp0XgLBKHKfHPazHl # 1/Ju2lZWR+VnsIINlz1Hr+i0QBcIHsTywjrqQQ7vvE4iafxB8C8TNUSNAT1xYNPE # 3GhzZ+WgKkV0XXqrTjhDpXWaZXt/+jOrABxhs/+Ot4OgbdI/lTQoKP2IafKCIn3w # Om57Uw/G2SIrW7BTO1ED2Vd0sDAa1DuSlVVh+BaXrS1xOY07Ru6gRQoN56IW0BP0 # 9xPPjA0XecJOm37Rvd/32nSUH03H6agum/dH5RTjtTT+bIZ7EcasDfQlgeDJ9KlJ # FOEFjCHhVFzQZv+hl7VNYfM2Xo8LR6G6VJ8fSCH3o+m8lD8yE0sumo/SQSBOwph0 # ks5aezbGcQrOzWwbnLaFaE5P2tpXF3/GysQrJ2rGWPnf5fHlFXU6ymC85IuTODBX # LMqgcTjWDD77rHrTV7paWnNdCnmr2Zs5EX0/dDaogjR6G39uSCbfVsDp3p6CY0Eh # XLf/bbY/KHc8j3c/uPzScwuJ+TNT2vbafA== # SIG # End signature block |