Strange directory creation error on Arch Linux

I have nginx and php-fpm running on Arch with uid/gid www-data/www-data, all fine. All the other virtual hosts on the system run fine. The grav directory system is correctly chown’d to www-data:www-data. And yet, when attempting to access the grav home page, I get a blank page and this error from nginx:

2020/07/29 22:38:08 [error] 6056#6056: *12 FastCGI sent in stderr: “PHP message: PHP Fatal error: Uncaught RuntimeException: Creating directory failed for /usr/share/nginx/html/grav-admin/cache/compiled/files/6598fc8a56ebd3acd5f9ca605d5a430b.yaml.php in /usr/share/nginx/html/grav-admin/vendor/rockettheme/toolbox/File/src/File.php:325
Stack trace:
#0 /usr/share/nginx/html/grav-admin/vendor/rockettheme/toolbox/File/src/PhpFile.php(31): RocketTheme\Toolbox\File\File->save()
#1 /usr/share/nginx/html/grav-admin/system/src/Grav/Common/File/CompiledFile.php(65): RocketTheme\Toolbox\File\PhpFile->save()
#2 /usr/share/nginx/html/grav-admin/system/src/Grav/Common/Config/Setup.php(215): Grav\Common\File\CompiledYamlFile->content()
#3 /usr/share/nginx/html/grav-admin/system/src/Grav/Common/Service/ConfigServiceProvider.php(30): Grav\Common\Config\Setup->init()
#4 /usr/share/nginx/html/grav-admin/vendor/pimple/pimple/src/Pimple/Container.php(118): Grav\Common\Service\ConfigServiceProvider->Grav\Common\Service{closure}()
#5 /usr/share/nginx/h” while reading response header from upstream, client:, server: _, request: “GET /grav-admin/ HTTP/1.1”, upstream: “fastcgi://unix:/var/run/php-fpm/php-fpm.sock:”, host: “localhost”

I am not running SELinux. A call to phpinfo() shows all the requirements are present. I have an exact same installation Ubuntu 20 in production and tri works fine.

What can be causing this on Arch Linux? I am baffled.

Using Grav 1.6.2.

did you already check (recursive) all file/directory ownership/permissions in /usr/share/nginx/html/grav-admin/cache/compiled/ ?

For some unknown reason my own reply did not get posted.

I had indeed checked all permissions a dozen times, very rigorously, as mentioned in the post. I was nothing to do with that. The systemd unit for php-fpm had the exec option ProtectSystem=full on, and that means all the filesystems become read only to the process. This explains why I saw the problem on Arch and not Ubuntu, as there is wide variation in the systemd unit files supplied.

I hope this small piece of information may help people in the future and spare the pain of such a subtle problem, coming from not checking the systemd unit behaviour fully.