Here is a workaround for this problem. It is possible to create a file /etc/systemd/system/user@.service.d/override.conf with the following contents:
[Service] SupplementaryGroups=dialout Now, when used in conjunction with pam_group as specified in the bug report, all desktop processes' group permissions are correct. The pam_group-mechanism is responsible for setting the supplementary groups for some processes, and the other processes (which are spawned by the systemd user manager instance, I presume) get the same groups through this other mechanism. The end result is not exactly the same, though, because the pam_group mechanism can be used to set a different set of groups for each pam-service. Juha
