Flatpak allows users to manually configure filesystem paths that will get passed into the Flatpak application sandbox via flatpak override
. This feature can also pass in a unix socket, which works to pass in a dynamically started p11-kit-server socket from the host to access PKCS#11 devices. This will let you access web sites requiring smart card certificate authentication from a web browser installed via Flatpak.
- Flatpak installed and working
- Web browser that supports p11-kit installed via Flatpak (ex: Microsoft Edge or Chromium from flathub)
- systemd, pcscd, opensc, and p11-kit packages installed on the host