That's the thing, I've never needed to set an SELinux policy. These are single purpose servers, they run Nginx and that's it. I've always installed Nginx, configured the .conf files for Nginx, and off it went. I've never needed to disable SELinux and actually, since I perform a minimal install of SELinux, the policy control tools aren't even installed.
If it were a policy issue, why doesn't a restorecon -v -R fix it? Why would upgrading from CentOS 6.5 to 6.6 break a policy that I never touched? And lastly, why wouldn't an uninstall and reinstall of the Nginx package fix it?
I'm genuinely stumped.
FWIW, it looks like the files that I created have a different security context than the files that Nginx drops:
ls -lZ /etc/nginx/conf.d
-rw-r--r--. root root system_u:object_r:httpd_config_t:s0 default.conf
-rw-r--r--. root root unconfined_u:object_r:httpd_config_t:s0 default.conf.orig
-rw-r--r--. root root unconfined_u:object_r:httpd_config_t:s0 dev-ls.conf
-rw-r--r--. root root unconfined_u:object_r:httpd_config_t:s0 dev-web.conf
-rw-r--r--. root root system_u:object_r:httpd_config_t:s0 example_ssl.conf
-rw-r--r--. root root unconfined_u:object_r:httpd_config_t:s0 example_ssl.conf.orig
The reason I am posting here as well as the CentOS forums, is that we upgraded our entire development environment to 6.6 and the only 3rd party program that is having issues is Nginx. Our Java servers are fine, mail daemons, monitoring servers, etc.