I've been trying to debug this for the last few hours and, having solved so many issues already, I seem to have hit a brick wall
I have a Wordpress install using nginx under CentOS7 (AWS Lightsail if that matters). For this I have ensured
wp-content/uploadsdirectory is 766- the directory owned by
apache:apacheand both nginx and php-fpm run under that user - seLinux is
httpd_sys_rw_content_tfor the directory
That got me as far as uploading files successfully. It creates the file and the above permissions propagate properly (ln -Z and running stat as the apache user). Files are 666, but 766 doesn't seem to change anything. The older files I manually put up serve properly. The only difference I can find is the manually uploaded files are set in seLinux as
Context: unconfined_u:object_r:httpd_sys_rw_content_t:s0
While the new 403 file is
Context: system_u:object_r:httpd_sys_rw_content_t:s0
I tried setenforce 0 but no change. Restarted nginx as well and still no change. Logged error is
2019/05/19 22:35:06 [error] 21393#0: *4010 open() "/usr/share/nginx/example/wp-content/uploads/2019/05/file.jpg" failed (13: Permission denied), client: 172.69.44.142, server: example.com, request: "GET /wp-content/uploads/2019/05/file.jpg HTTP/1.1", host: "www.example.com"
Yet /usr/share/nginx/example/wp-content/uploads/2019/04/another_file.jpg works fine, so it doesn't seem related to the nginx config either.
Is there something else I'm missing?
Fix the permissions. 766 is not a valid mode for a directory, at least not if you want to access the files within it.