diff --git a/src/DEBIAN/postinst b/src/DEBIAN/postinst
index b59e2c9..024a004 100755
--- a/src/DEBIAN/postinst
+++ b/src/DEBIAN/postinst
@@ -9,10 +9,13 @@ systemctl daemon-reload
 systemctl enable apm-daily-update
 systemctl start apm-daily-update
 systemctl restart apparmor.service || true
+mkdir -p /etc/apparmor.d/disable/
+ln -sv /etc/apparmor.d/bwrap-userns-restrict /etc/apparmor.d/disable/
 
         if [ -f /usr/lib/sysctl.d/apm.conf ];then
                 sysctl -p /usr/lib/sysctl.d/apm.conf
         fi
+systemctl reload apparmor
 		# Send statistics data
 		/var/lib/apm/apm/files/feedback.sh &
         ln -sv / /host
diff --git a/src/var/lib/apm/apm/files/ace-run b/src/var/lib/apm/apm/files/ace-run
index 6335a15..25cf2a6 100755
--- a/src/var/lib/apm/apm/files/ace-run
+++ b/src/var/lib/apm/apm/files/ace-run
@@ -61,7 +61,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / / "
 
 # add_command 函数定义
 function add_command() {
diff --git a/src/var/lib/apm/apm/files/ace-run-pkg b/src/var/lib/apm/apm/files/ace-run-pkg
index 28b711c..44d05f1 100755
--- a/src/var/lib/apm/apm/files/ace-run-pkg
+++ b/src/var/lib/apm/apm/files/ace-run-pkg
@@ -28,7 +28,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / / "
 
 # add_command 函数定义
 function add_command() {
diff --git a/src/var/lib/apm/apm/files/bin/ace-run b/src/var/lib/apm/apm/files/bin/ace-run
index 09361b2..ed76655 100755
--- a/src/var/lib/apm/apm/files/bin/ace-run
+++ b/src/var/lib/apm/apm/files/bin/ace-run
@@ -42,7 +42,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / /"
 
 # add_command 函数定义
 function add_command() {