Thank you very much! Adding CAP_DAC_OVERRIDE solved it for me as well. Not sure how many hours it would have taken for me to figure it out.
Does systemd or the linux kernel log capability violations somewhere? (is it even possible)
smime.p7s
Description: S/MIME Cryptographic Signature
