diff --git a/CHANGELOG.md b/CHANGELOG.md
index 77351c84b..84f28cea7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,7 +14,8 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
 
 ### Fixed
 
-*
+* certbot-auto no longer prints a blank line when there are no permissions
+  problems.
 
 Despite us having broken lockstep, we are continuing to release new versions of
 all Certbot components during releases for the time being, however, the only
diff --git a/certbot/compat/misc.py b/certbot/compat/misc.py
index 2f4ba0c6b..4f0e22078 100644
--- a/certbot/compat/misc.py
+++ b/certbot/compat/misc.py
@@ -31,7 +31,7 @@ def raise_for_non_administrative_windows_rights(subcommand):
     # Because windll exists only on a Windows runtime, and static code analysis engines
     # do not like at all non existent objects when run from Linux (even if we handle properly
     # all the cases in the code).
-    # So we access windll only by reflection to trick theses engines.
+    # So we access windll only by reflection to trick these engines.
     if hasattr(ctypes, 'windll') and subcommand not in UNPRIVILEGED_SUBCOMMANDS_ALLOWED:
         windll = getattr(ctypes, 'windll')
         if windll.shell32.IsUserAnAdmin() == 0:
@@ -73,7 +73,7 @@ def os_rename(src, dst):
             raise
         if not hasattr(os, 'replace'):  # pragma: no cover
             # We should never go on this line. Either we are on Linux and os.rename has succeeded,
-            # either we are on Windows, and only Python >= 3.4 is supported where os.replace is
+            # or we are on Windows, and only Python >= 3.4 is supported where os.replace is
             # available.
             raise RuntimeError('Error: tried to run os_rename on Python < 3.3. '
                                'Certbot supports only Python 3.4 >= on Windows.')
diff --git a/certbot/compat/os.py b/certbot/compat/os.py
index 0607c9c4e..6ca478880 100644
--- a/certbot/compat/os.py
+++ b/certbot/compat/os.py
@@ -1,6 +1,6 @@
 """
 This compat modules is a wrapper of the core os module that forbids usage of specific operations
-(eg. chown, chmod, getuid) that would be harmful to the Windows file security model of Certbot.
+(e.g. chown, chmod, getuid) that would be harmful to the Windows file security model of Certbot.
 This module is intended to replace standard os module throughout certbot projects (except acme).
 """
 from __future__ import absolute_import
diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto
index 4e1503715..f9f02da62 100755
--- a/letsencrypt-auto-source/letsencrypt-auto
+++ b/letsencrypt-auto-source/letsencrypt-auto
@@ -1593,12 +1593,14 @@ UNLIKELY_EOF
     # ---------------------------------------------------------------------------
     # If the script fails for some reason, don't break certbot-auto.
     set +e
-    # Suppress unexpected error output and only print the script's output if it
-    # ran successfully.
+    # Suppress unexpected error output.
     CHECK_PERM_OUT=$("$LE_PYTHON" "$TEMP_DIR/check_permissions.py" "$0" 2>/dev/null)
     CHECK_PERM_STATUS="$?"
     set -e
-    if [ "$CHECK_PERM_STATUS" = 0 ]; then
+    # Only print output if the script ran successfully and it actually produced
+    # output. The latter check resolves
+    # https://github.com/certbot/certbot/issues/7012.
+    if [ "$CHECK_PERM_STATUS" = 0 -a -n "$CHECK_PERM_OUT" ]; then
       error "$CHECK_PERM_OUT"
     fi
   fi
diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template
index 21db0f908..bff4173d4 100755
--- a/letsencrypt-auto-source/letsencrypt-auto.template
+++ b/letsencrypt-auto-source/letsencrypt-auto.template
@@ -670,12 +670,14 @@ UNLIKELY_EOF
     # ---------------------------------------------------------------------------
     # If the script fails for some reason, don't break certbot-auto.
     set +e
-    # Suppress unexpected error output and only print the script's output if it
-    # ran successfully.
+    # Suppress unexpected error output.
     CHECK_PERM_OUT=$("$LE_PYTHON" "$TEMP_DIR/check_permissions.py" "$0" 2>/dev/null)
     CHECK_PERM_STATUS="$?"
     set -e
-    if [ "$CHECK_PERM_STATUS" = 0 ]; then
+    # Only print output if the script ran successfully and it actually produced
+    # output. The latter check resolves
+    # https://github.com/certbot/certbot/issues/7012.
+    if [ "$CHECK_PERM_STATUS" = 0 -a -n "$CHECK_PERM_OUT" ]; then
       error "$CHECK_PERM_OUT"
     fi
   fi
diff --git a/tests/letstest/scripts/test_leauto_upgrades.sh b/tests/letstest/scripts/test_leauto_upgrades.sh
index d565aa268..d5133ba38 100755
--- a/tests/letstest/scripts/test_leauto_upgrades.sh
+++ b/tests/letstest/scripts/test_leauto_upgrades.sh
@@ -15,8 +15,8 @@ if ! command -v git ; then
         exit 1
     fi
 fi
-# 0.18.0 is the oldest version of letsencrypt-auto that works on Fedora 26+.
-INITIAL_VERSION="0.18.0"
+# 0.33.x is the oldest version of letsencrypt-auto that works on Fedora 29+.
+INITIAL_VERSION="0.33.1"
 git checkout -f "v$INITIAL_VERSION" letsencrypt-auto
 if ! ./letsencrypt-auto -v --debug --version --no-self-upgrade 2>&1 | tail -n1 | grep "^certbot $INITIAL_VERSION$" ; then
     echo initial installation appeared to fail
diff --git a/tests/letstest/scripts/test_letsencrypt_auto_certonly_standalone.sh b/tests/letstest/scripts/test_letsencrypt_auto_certonly_standalone.sh
index 035512ef7..0973bbc03 100755
--- a/tests/letstest/scripts/test_letsencrypt_auto_certonly_standalone.sh
+++ b/tests/letstest/scripts/test_letsencrypt_auto_certonly_standalone.sh
@@ -42,8 +42,8 @@ if ! letsencrypt-auto --help --no-self-upgrade | grep -F "letsencrypt-auto [SUBC
     exit 1
 fi
 
-OUTPUT=$(letsencrypt-auto --install-only --no-self-upgrade --quiet 2>&1)
-if [ -n "$OUTPUT" ]; then
+OUTPUT_LEN=$(letsencrypt-auto --install-only --no-self-upgrade --quiet 2>&1 | wc -c)
+if [ "$OUTPUT_LEN" != 0 ]; then
     echo letsencrypt-auto produced unexpected output!
     exit 1
 fi
diff --git a/tools/pip_install.py b/tools/pip_install.py
index 68268e298..cf0a7aee5 100755
--- a/tools/pip_install.py
+++ b/tools/pip_install.py
@@ -105,12 +105,19 @@ def main(args):
                 certbot_normal_processing(tools_path, test_constraints)
 
             merge_requirements(tools_path, requirements, test_constraints, all_constraints)
-            if requirements:
+            if requirements:  # This branch is executed during the oldest tests
+                # First step, install the transitive dependencies of oldest requirements
+                # in respect with oldest constraints.
                 pip_install_with_print('--constraint "{0}" --requirement "{1}"'
                                        .format(all_constraints, requirements))
+                # Second step, ensure that oldest requirements themselves are effectively
+                # installed using --force-reinstall, and avoid corner cases like the one described
+                # in https://github.com/certbot/certbot/issues/7014.
+                pip_install_with_print('--force-reinstall --no-deps --requirement "{0}"'
+                                       .format(requirements))
 
-            pip_install_with_print('--constraint "{0}" {1}'
-                                   .format(all_constraints, ' '.join(args)))
+            pip_install_with_print('--constraint "{0}" {1}'.format(
+                all_constraints, ' '.join(args)))
     finally:
         if os.environ.get('TRAVIS'):
             print('travis_fold:end:install_certbot_deps')