diff --git a/apparmor.d/groups/browsers/firefox b/apparmor.d/groups/browsers/firefox
index db6c2676..224b4cc7 100644
--- a/apparmor.d/groups/browsers/firefox
+++ b/apparmor.d/groups/browsers/firefox
@@ -119,6 +119,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
   /etc/mailcap r,
   /etc/mime.types r,
   /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
   /etc/sysconfig/proxy r,
   /etc/xdg/* r,
   /etc/xul-ext/kwallet5.js r,
diff --git a/apparmor.d/groups/gnome/gsd-smartcard b/apparmor.d/groups/gnome/gsd-smartcard
index 0b722c5a..4003d175 100644
--- a/apparmor.d/groups/gnome/gsd-smartcard
+++ b/apparmor.d/groups/gnome/gsd-smartcard
@@ -31,6 +31,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
   /usr/share/glib-2.0/schemas/gschemas.compiled r,
 
   /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
 
   owner @{GDM_HOME}/greeter-dconf-defaults r,
   owner @{gdm_config_dirs}/dconf/user r,
diff --git a/apparmor.d/groups/gnome/seahorse b/apparmor.d/groups/gnome/seahorse
index 8c89c058..8987ae31 100644
--- a/apparmor.d/groups/gnome/seahorse
+++ b/apparmor.d/groups/gnome/seahorse
@@ -36,6 +36,8 @@ profile seahorse @{exec_path} {
 
   /etc/pki/trust/blocklist/ r,
   /etc/gcrypt/hwf.deny r,
+  /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
 
   owner @{HOME}/@{XDG_SSH_DIR}/{,**} r,
 
diff --git a/apparmor.d/groups/whonix/torbrowser b/apparmor.d/groups/whonix/torbrowser
index 760b3eda..cb63d603 100644
--- a/apparmor.d/groups/whonix/torbrowser
+++ b/apparmor.d/groups/whonix/torbrowser
@@ -64,6 +64,7 @@ profile torbrowser @{exec_path} flags=(attach_disconnected) {
   /etc/mailcap r,
   /etc/mime.types r,
   /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
   /etc/sysconfig/proxy r,
   /etc/xdg/* r,
   /etc/xul-ext/kwallet5.js r,
@@ -163,4 +164,4 @@ profile torbrowser @{exec_path} flags=(attach_disconnected) {
   deny @{PROC}/@{pid}/net/route r,
 
   include if exists <local/torbrowser>
-}
\ No newline at end of file
+}
diff --git a/apparmor.d/profiles-m-r/pkcs11-register b/apparmor.d/profiles-m-r/pkcs11-register
index 19d335ea..3ca20d32 100644
--- a/apparmor.d/profiles-m-r/pkcs11-register
+++ b/apparmor.d/profiles-m-r/pkcs11-register
@@ -13,6 +13,7 @@ profile pkcs11-register @{exec_path} {
   @{exec_path} mr,
 
   /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
 
   owner @{HOME}/.mozilla/firefox/*/pkcs11.txt rw,
   owner @{HOME}/.mozilla/firefox/profiles.ini r,
@@ -21,4 +22,4 @@ profile pkcs11-register @{exec_path} {
   owner @{HOME}/.thunderbird/profiles.ini r,
 
   include if exists <local/pkcs11-register>
-}
\ No newline at end of file
+}
diff --git a/apparmor.d/profiles-m-r/rngd b/apparmor.d/profiles-m-r/rngd
index 00820b5a..b929f1a7 100644
--- a/apparmor.d/profiles-m-r/rngd
+++ b/apparmor.d/profiles-m-r/rngd
@@ -25,6 +25,7 @@ profile rngd @{exec_path} flags=(attach_disconnected) {
   /etc/conf.d/rngd r,
   /etc/machine-id r,
   /etc/opensc.conf r,
+  /etc/opensc/opensc.conf r,
   /var/lib/dbus/machine-id r,
 
   @{sys}/devices/virtual/misc/hw_random/rng_available r,