Обсуждение: [doc] pg_ctl: fix wrong description for -l
Hi hackers, While investigating codes related with the permissions, I found the below description in the pg_ctl. ``` -l filename --log=filename Append the server log output to filename. If the file does not exist, it is created. The umask is set to 077, so access tothe log file is disallowed to other users by default. ``` But users who are in the same group can also see the log if group permissions are enabled on the data directory. It was extended by c37b3d0 but updating the doc seemed to be missed. Attached patch can fix the issue. Best regards, Hayato Kuroda FUJITSU LIMITED
Вложения
On 3/23/26 11:55 AM, Kuroda, Hayato/黒田 隼人 wrote: > ``` > -l filename > --log=filename > Append the server log output to filename. If the file does not exist, it is created. The umask is set to 077, so accessto the log file is disallowed to other users by default. > ``` > > But users who are in the same group can also see the log if group permissions are > enabled on the data directory. It was extended by c37b3d0 but updating the doc seemed > to be missed. Attached patch can fix the issue. Thanks for the patch. Nicely spotted, but I am not sure I am a fan of the new text. Shouldn't we still mention that "If the file does not exist, it is created."? Also I think the last sentence would flow better as: Access to the log file is disallowed to other users by default, but users in the same group can also read it if group permissions are enabled on the data directory. Best regards, Andreas -- Andreas Karlsson Percona
On Sat, Apr 4, 2026 at 8:16 AM Andreas Karlsson <andreas@proxel.se> wrote: > Nicely spotted, but I am not sure I am a fan of the new text. Shouldn't > we still mention that "If the file does not exist, it is created."? Yes, I think that mention is needed. > Also > I think the last sentence would flow better as: > > Access to the log file is disallowed to other users by default, but > users in the same group can also read it if group permissions are > enabled on the data directory. +1 Regards, -- Fujii Masao
Dear Andres, Fujii-san, Thanks for reviewing. Updated accordingly. Best regards, Hayato Kuroda FUJITSU LIMITED
Вложения
在 2026/4/13 13:20, Hayato Kuroda (Fujitsu) 写道: > Dear Andres, Fujii-san, > > Thanks for reviewing. Updated accordingly. > > Best regards, > Hayato Kuroda > FUJITSU LIMITED > +1 to fix the doc. I just feel the new sentence could be further polished a little bit, like: If the file does not exist, it is created. By default, the log file is not accessible to other users, though members of thesame group may be able to read it depending on the data directory permissions. Regard, Xiaopeng Wang
On Wed, Apr 15, 2026 at 11:28 AM Xiaopeng Wang <wxp_728@163.com> wrote: > > 在 2026/4/13 13:20, Hayato Kuroda (Fujitsu) 写道: > > Dear Andres, Fujii-san, > > > > Thanks for reviewing. Updated accordingly. > > > > Best regards, > > Hayato Kuroda > > FUJITSU LIMITED > > > +1 to fix the doc. > > I just feel the new sentence could be further polished a little bit, like: > > If the file does not exist, it is created. By default, the log file is not accessible to other users, though members ofthe same group may be able to read it depending on the data directory permissions. "other users" and "members of the same group" sound a bit ambiguous to me. Would it be clearer to refer explicitly to the cluster owner? For example: ---------------------- Append the server log output to "filename". If the file does not exist, it is created. By default, only the cluster owner can access the log file. If group access is enabled in the cluster, users in the same group as the cluster owner can also read it. ---------------------- Regards, -- Fujii Masao
Dear Fujii-san, Xiaopeng, Thanks for giving comments but late for the reply. I preferred the Fujii-san's idea, how about Xiaopeng? Best regards, Hayato Kuroda FUJITSU LIMITED
在 2026/4/17 9:58, Hayato Kuroda (Fujitsu) 写道: > Dear Fujii-san, Xiaopeng, > > Thanks for giving comments but late for the reply. > I preferred the Fujii-san's idea, how about Xiaopeng? > > Best regards, > Hayato Kuroda > FUJITSU LIMITED > Fujii-san’s edit looks good to me.
On Fri, Apr 17, 2026 at 12:48 PM Xiaopeng Wang <wxp_728@163.com> wrote: > > 在 2026/4/17 9:58, Hayato Kuroda (Fujitsu) 写道: > > Dear Fujii-san, Xiaopeng, > > > > Thanks for giving comments but late for the reply. > > I preferred the Fujii-san's idea, how about Xiaopeng? > > > > Best regards, > > Hayato Kuroda > > FUJITSU LIMITED > > > Fujii-san’s edit looks good to me. Thanks for the review! So I've updated the patch and pushed it. Regards, -- Fujii Masao