#589: Improve security and verbosity of the "Trac Environment needs to be upgraded" message -------------------------+-------------------- Reporter: rjollos | Owner: nobody Type: enhancement | Status: new Priority: major | Milestone: Component: trac core | Version: Keywords: | -------------------------+-------------------- A discussion occurred on the [http://markmail.org/message/2yimvwnaxavxuopt mailing list] regarding the //Trac Environment needs to be upgraded// message. A typical example of the message that displays in the browser after upgrading Bloodhound or Trac, or installing / upgrading a plugin is:
{{{ Error TracError: The Trac Environment needs to be upgraded. Run "trac-admin /home/user/Workspace/bh586/bloodhound/installer/bloodhound/environments/sqlite upgrade" }}} Two suggestions resulted from the discussion: * It would be preferable if the server path was not revealed to a user that doesn't have the `TRAC_ADMIN` permission. Users without `TRAC_ADMIN` might only see a HTTP 503 ''Service unavailable'' response with body //Under maintenance//. * Since Bloodhound will often be installed in a virtualenv (as is suggested in the Installation Instructions), the full path to `trac-admin` should be provided in the message. The specific case that came up in the mailing list discussion was that the user had Trac installed in the global packages directory and was inadvertently running the `trac-admin` associated with that install because they had not run the activate script in their virtualenv or provided the full path to `trac-admin` in the virtualenv. The changes associated with this ticket will most likely be suggested for the Trac core. -- Ticket URL: <https://issues.apache.org/bloodhound/ticket/589> Apache Bloodhound <https://issues.apache.org/bloodhound/> The Apache Bloodhound issue tracker