FUSE works as non-root user but not in Shepherd service under same user

[raingloom]

So, I've been struggling with this for a few days now.

I have a Chez script that waits until a SQL dump is written, cleanly
shuts down the FUSE file system that uses the corresponding database,
deletes the database, undumps it from the newly written SQL script, and
waits for the next write, all in an infinite loop.

To make the system a bit more secure, I run it as the gmnisrv user.

It works fine when I run it with su as:
su -s $(guix build memex-runner)/bin/memex-runner.sps gmnisrv
/path/to/gemini/document/root

Translation, because su's syntax is a bit weird:
`su -s <executable> <username> [args...]`
runs <executable> [args...] as username.

So, should have the same effect as specifying user and group in the
service description, right? But when I run the service I get this error:

```
Mounting to "wiki/tags"
Forked into background PID 1478
fusermount: mount failed: Operation not permitted
```

I have no clue what's going wrong. The mount point is owned by gmnisrv,
the database file too, /dev/fuse has read and write access for user,
group, and other, looking at the strace output doesn't reveal anything
obviously wrong or different between running it with su or with
Shepherd.
I also thought that I might be wrapping memex-runner.sps wrong and it
finding the binaries in /gnu/store before the ones in
/run/setuid-programs, so now wrap-program suffixes the PATH of inputs
instead of prefixing it, but that still didn't fix anything.

I'm out of ideas. Any idea how to proceed, short of going through the
source code for everything that's involved here, including FUSE,
Shepherd, Linux, and Supertag?

Here is my channel, look for raingloom/services/gemini.scm and
raingloom/packages/scheme.scm.
https://git.sr.ht/~raingloom/guix-packages/

My machine configs are private but if needed I can share the relevant
bits, but I don't think there is anything relevant. It's a pretty basic
web server setup with Nginx and Molly Brown.