diff --git a/amd64/additional-base-lib/build.sh b/amd64/additional-base-lib/build.sh
index bc73f9c..04cb5a3 100755
--- a/amd64/additional-base-lib/build.sh
+++ b/amd64/additional-base-lib/build.sh
@@ -274,6 +274,19 @@ echo " libstdc++6 download URL: $LIBSTDCxx6_DOWNLOAD_URL" >> ./deb-contents/DEBI
 echo >> ./deb-contents/DEBIAN/control
 check $?
 
+mkdir -p ./deb-contents/usr/lib/sysctl.d/
+
+cat > ./deb-contents/usr/lib/sysctl.d/additional-base-lib.conf << 'EOF'
+
+# ACE app runs in a container, need privileges within user namespace, so we need to set it
+kernel.unprivileged_userns_clone=1
+# Ubuntu 24.04 has more limitation on unprivileged user namespace,so we have to disable them.
+# refer to https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
+kernel.apparmor_restrict_unprivileged_unconfined=0
+kernel.apparmor_restrict_unprivileged_userns=0
+
+EOF
+
 echo
 echo "build deb package:"
 dpkg-deb -Z xz -b ./deb-contents "./additional-base-lib_${GLIBC_VERSION}-${ABL_VERSION}_${DEBIAN_DEB_ARCH}.deb"