nginx 权限问题提供静态文件 - RedHat 7 SELinux 问题

这是一个新安装，我遵循乘客+nginx指南。这最终将是一个 rails 站点，但现在我正在尝试获取静态文件来提供服务，但无法找出正确的权限组合。

我正在尝试提供 robots.txt 文件，这是 nami 堆栈：

namei -om /var/www/c3d/current/public/robots.txt
f: /var/www/c3d/current/public/robots.txt
 dr-xr-xr-x root root /
 drwxr-xr-x root root var
 drwxr-xr-x root root www
 drwxr-xr-x c3d  c3d  c3d
 lrwxrwxrwx c3d  c3d  current -> /var/www/c3d/releases/20160512102658
   dr-xr-xr-x root root /
   drwxr-xr-x root root var
   drwxr-xr-x root root www
   drwxr-xr-x c3d  c3d  c3d
   drwxrwxr-x c3d  c3d  releases
   drwxrwxr-x c3d  c3d  20160512102658
 drwxrwxr-x c3d  c3d  public
 -rwxrwxr-x c3d  c3d  robots.txt

以下是我网站的 nginx 配置：

server {
    listen 80;
    server_name 52.xx.xx.xx;

    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/c3d/current/public;
}

我/etc/nginx/nginx.conf将用户设置为 c3d：

user  c3d c3d;
worker_processes  1;

error_log  /var/log/nginx/error.log;
...

error.log 输出以下内容：

2016/05/12 08:06:02 [error] 5192#0: *1 open() "/var/www/c3d/current/public/robots.txt" failed
(13: Permission denied), client: 73.135.yy.yy, server: 52.xx.xx.xx, 
request: "GET /robots.txt HTTP/1.1", host: "52.xx.xx.xx"

更新这个看起来像 SELinux 安全问题。 我看到这个/var/log/audit/audit.log

type=AVC msg=audit(1463057724.846:14926): avc:  denied  { read } for  pid=5192 comm="nginx" name="robots.txt" dev="xvda2" ino=444598886 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=file

解决此问题的正确方法是什么？