Hi there,

We recently decided to upgrade whole our stack from 3.0 to latest version (3.2.0). We went through migration guide from 3.0 -> 3.1 -> 3.2. In logs we don't have any deprecation warnings. However _profiler doesn't work at all.

It loads just fine when everything in cache is cleared. We can see profiler panel. But once you make a request to normal backend and try to check out profiler, an error occurs:

Twig_Error_Runtime: An exception has been thrown during the rendering of a template ("Warning: is_file(): open_basedir restriction in effect. File(/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin) is not within the allowed path(s): (...) in @WebProfiler/Collector/request.html.twig at line 176.   +

Our configuration before the upgrade for open_basedir was:
/var/www/domain-name.com/htdocs:/tmp

After the upgrading we had critical errors about CSPRNG but it was fixed by adding /dev/urandom
So finally open_basedir is:
/var/www/domain-name.com/htdocs:/tmp:/dev/urandom

So first problem was that profiler tried to access our /home/USERNAME directory which in our opinion, it should not have access to because of security reasons. But just for tests we added it to open_basedir and now it tries to access /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin.

The question is - did we miss anything during upgrade?

Information about our stack:
OS - CentOS Linux release 7.2.1511
PHP version - 5.6.27 running with PHP-FPM