Comment # 10 on bug 1232044 from Giacomo Comes

/dev/ipmi0 does normally exists. What I'm referring to is to the service
started with PrivateDevices=true. In such case the /dev mount contains only:
char core fd full hugepages log mqueue null ptmx pts random shm stderr stdin
stdout tty urandom zero
No impi0.

Looks to me that for this particular use case the setting should be:
  PrivateDevices=false
  DevicePolicy=closed
  DeviceAllow=char-ipmidev rw

systemd.exec(5) says:
When access to some but not all devices must be possible, the DeviceAllow=
setting might be used instead (of PrivateDevices)