Some files in /dev require supplementary groups. I use seatd instead of elogind. Seatd can mediate device access, but access to seatd socket requires seatd supplementary group.
guix shell --container drops suppelementary groups. It should provide an option to keep supplementary groups.
