Created attachment 873845 [details] warnings from sealert Description of problem: The new pcsc-lite in rawhide uses polkit to decide on user access on smart cards. However, selinux-policy prevents that from happening resulting to rejection of any policy decision. The daemon reports: Mar 13 09:22:23 dhcp-2-127.brq.redhat.com pcscd[16052]: 03738058 auth.c:116:IsClientAuthorized() Error in authorization: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: An SELinux policy prevents this sender from sending this message to this recipient, 0 matched rules; type="method_call", sender=":1.3871" (uid=0 pid=16052 comm="/usr/sbin/pcscd --foreground --auto-exit ") interface="org.freedesktop.PolicyKit1.Authority" member="CheckAuthorization" error name="(unset)" requested_reply="0" destination=":1.405" (uid=999 pid=5932 comm="/usr/lib/polkit-1/polkitd --no-debug ") How reproducible: Steps to Reproduce: 1. Install pcsc-lite from rawhide 2. Insert a smart card and try running opensc-tool --list Actual results: No smart cards found. Expected results: Smart cards should be listed. Additional info: Attached is the output of sealert tool.
Should be fixed in the latest release. #============= pcscd_t ============== #!!!! This avc is allowed in the current policy allow pcscd_t unconfined_t:dir search;