On Unix systems this parameter sets the permissions for log files when logging_collector is enabled.
At a glance
| Property | Value |
|---|---|
| Parameter | log_file_mode |
| Category | Error Reporting and Logging |
| Default | (see documentation) |
| Value type | integer |
| Change scope | Per-session (SET) |
| Available in | PostgreSQL 12, 13, 14, 15, 16, 17, 18, 19 (added in 12) |
What it does
On Unix systems this parameter sets the permissions for log files when logging_collector is enabled. (On Microsoft Windows this parameter is ignored.) The parameter value is expected to be a numeric mode specified in the format accepted by the chmod and umask system calls. (To use the customary octal format the number must start with a 0 (zero).)
The default permissions are 0600, meaning only the server owner can read or write the log files. The other commonly useful setting is 0640, allowing members of the owner’s group to read the files. Note however that to make use of such a setting, you’ll need to alter log_directory to store the files somewhere outside the cluster data directory. In any case, it’s unwise to make the log files world-readable, since they might contain sensitive data.
(Description quoted from the official PostgreSQL documentation.)
How to apply a change
Can be set per session with SET, per role/database with ALTER ROLE/DATABASE ... SET, or globally in postgresql.conf.
Inspect the current value and source with SHOW log_file_mode; or SELECT name, setting, unit, context, source FROM pg_settings WHERE name = 'log_file_mode';.
Tuning guidance
Tune this for observability versus log volume, not for raw performance. More verbose logging helps diagnose problems but costs disk and I/O; quieter logging saves space but hides detail. Pick a level your log pipeline can store and search, and raise verbosity temporarily when investigating an incident.