Ran across this one today. Upgrading a site with some custom work from 4.7 to 5.6. Obviously the testing of the upgrade is going on is a development environment but we ran into a problem with anonymous users being denied access.
Well, a quick check of the access control records proved that anonymous users did in fact have the Access Content permission. Hmmmm…. what else could it be.
As a side note, originally on pages where the user was denied access all you got in the content body was a “2”. No access denied message, just the numeral “2”. Thanks to the good folks on irc #drupal-support it was found this this is typical of an access denied issue. Atleast that led us down the right path.
Long story short, the tac_lite module had been previously installed on this site but was no longer being used. Apparently the disabling of the module did not properly clean up the node access data.
Again, thanks to the great folks on #irc, this time BDragon, and a quick search on drupal.org, the solution was easy. The default access row was missing. Adding the following to the table resolved the issue:
INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);
Yeah Drupal community! Yet another great reason to love Drupal.