This is much more robust because nginx will fail to start after being
killed or crashing due to only removing old Unix domain sockets when it
stops cleanly. It ends up owned by root:root instead of root:http which
is fine because only the master process opens it.
Running nginx as non-root would be possible via CAP_NET_BIND_SERVICE as
an ambient capability but it would be inherited by workers. It's better
to leave the supervisor process as root for the time being unless nginx
was taught to use socket activation or drop capabilities for workers.