Selinux blocking gpg-agent from read smartcard
I am having a problem with selinux blocking reads to a smartcard from gpg-agent. I know this is the case because with setenforce 0 it works ok but not with setenforce 1.
I have already done the obvious steps to check setroubleshooter and ausearch -c "gpg" --raw | audit2allow -M my-gpg and the same again with "scdaemon" in place of "gpg". When I use ausearch now I don't see any denials for gpg-agent or scdaemon yet the situation remains the same. It works in permissive mode but fails in enforcing mode. What to do next?
|