PCSCD patch from Dan Walsh.

policy/modules/services/pcscd.if

@@ -53,6 +53,5 @@ interface(`pcscd_stream_connect',`
 	')
 
 	files_search_pids($1)
-	allow $1 pcscd_var_run_t:sock_file write;
-	allow $1 pcscd_t:unix_stream_socket connectto;
+	stream_connect_pattern($1, pcscd_var_run_t, pcscd_var_run_t, pcscd_t)
 ')

policy/modules/services/pcscd.te

@@ -1,5 +1,5 @@
 
-policy_module(pcscd, 1.5.0)
+policy_module(pcscd, 1.5.1)
 
 ########################################
 #
@@ -29,9 +29,12 @@ allow pcscd_t self:tcp_socket create_stream_socket_perms;
 
 manage_dirs_pattern(pcscd_t, pcscd_var_run_t, pcscd_var_run_t)
 manage_files_pattern(pcscd_t, pcscd_var_run_t, pcscd_var_run_t)
+manage_fifo_files_pattern(pcscd_t, pcscd_var_run_t, pcscd_var_run_t)
 manage_sock_files_pattern(pcscd_t, pcscd_var_run_t, pcscd_var_run_t)
 files_pid_filetrans(pcscd_t, pcscd_var_run_t, { file sock_file dir })
 
+kernel_read_system_state(pcscd_t)
+
 corenet_all_recvfrom_unlabeled(pcscd_t)
 corenet_all_recvfrom_netlabel(pcscd_t)
 corenet_tcp_sendrecv_generic_if(pcscd_t)
@@ -40,6 +43,7 @@ corenet_tcp_sendrecv_all_ports(pcscd_t)
 corenet_tcp_connect_http_port(pcscd_t)
 
 dev_rw_generic_usb_dev(pcscd_t)
+dev_rw_smartcard(pcscd_t)
 dev_rw_usbfs(pcscd_t)
 dev_search_sysfs(pcscd_t)