Created openstack-neutron tracking bugs for this issue:

Affects: openstack-rdo [bug 2129211]

Hello:

Since [1], the OSC client checks the project ID before executing a command when listing the security groups. This patch is in the code since U/S version Queens (OSP13). This check has been replicated to other Network commands too.

This is the output when the related command is executed (using a OSP16.2 deployment):
  $ openstack security group list --project None
  No project with a name or ID of 'None' exists.


When an admin user calls the CLI script checks the existence of the project "None" before sending the command to the Neutron server. If the project does not exists, the CLI returns this error message.

If the user is a regular user and the project does not exist or can't be seen from this user, the CLI does not return anything (to avoid providing information to a unauthorized user):
  $ openstack security group list --project <non_existing_project>
  (empty line)
  $ openstack security group list --project <admin_project>
  (empty line)


Can you check when this is happening and what version are you using?

Regards.


[1]https://review.opendev.org/c/openstack/python-openstackclient/+/355405

This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2022:8855 https://access.redhat.com/errata/RHSA-2022:8855

This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.1

Via RHSA-2022:8870 https://access.redhat.com/errata/RHSA-2022:8870

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-3277

This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.0

Via RHSA-2023:0275 https://access.redhat.com/errata/RHSA-2023:0275