From 4198b2d04b3a290793ca52aebe025cb1b138c85c Mon Sep 17 00:00:00 2001
From: Fujii Masao <fujii@postgresql.org>
Date: Fri, 17 Apr 2026 15:30:59 +0900
Subject: [PATCH] doc: Improve description of pg_ctl -l log file permissions

The documentation stated only that the log file created by pg_ctl -l is
inaccessible to other users by default. However, since commit c37b3d0,
the actual behavior is that only the cluster owner has access by default,
but users in the same group as the cluster owner may also read the file
if group access is enabled in the cluster.

This commit updates the documentation to describe this behavior
more clearly.

Backpatch to all supported versions.

Author: Hayato Kuroda <kuroda.hayato@fujitsu.com>
Reviewed-by: Andreas Karlsson <andreas@proxel.se>
Reviewed-by: Xiaopeng Wang <wxp_728@163.com>
Reviewed-by: Fujii Masao <masao.fujii@gmail.com>
Discussion: https://postgr.es/m/OS9PR01MB1214959BE987B4839E3046050F54BA@OS9PR01MB12149.jpnprd01.prod.outlook.com
Backpatch-through: 14
---
 doc/src/sgml/ref/pg_ctl-ref.sgml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/src/sgml/ref/pg_ctl-ref.sgml b/doc/src/sgml/ref/pg_ctl-ref.sgml
index a0287bb81d6..b762b002c02 100644
--- a/doc/src/sgml/ref/pg_ctl-ref.sgml
+++ b/doc/src/sgml/ref/pg_ctl-ref.sgml
@@ -299,8 +299,9 @@ PostgreSQL documentation
        <para>
         Append the server log output to
         <replaceable>filename</replaceable>.  If the file does not
-        exist, it is created.  The <systemitem>umask</systemitem> is set to 077,
-        so access to the log file is disallowed to other users by default.
+        exist, it is created.  By default, only the cluster owner can
+        access the log file.  If group access is enabled in the cluster,
+        users in the same group as the cluster owner can also read it.
        </para>
       </listitem>
      </varlistentry>