diff --git a/pmb/helpers/other.py b/pmb/helpers/other.py
new file mode 100644
index 00000000..cf4f9a92
--- /dev/null
+++ b/pmb/helpers/other.py
@@ -0,0 +1,40 @@
+"""
+Copyright 2017 Oliver Smith
+
+This file is part of pmbootstrap.
+
+pmbootstrap is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+pmbootstrap is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with pmbootstrap.  If not, see <http://www.gnu.org/licenses/>.
+"""
+import os
+
+
+def check_grsec():
+    """
+    Check if the current kernel is based on the grsec patchset, and if
+    the chroot_deny_chmod option is enabled. Raise an exception in that
+    case, with a link to a wiki page. Otherwise, do nothing.
+    """
+    path = "/proc/sys/kernel/grsecurity/chroot_deny_chmod"
+    if not os.path.exists(path):
+        return
+
+    with open(path, "r") as handle:
+        status = handle.readlines()[0].rstrip()
+
+    if status != "0":
+        link = "https://github.com/postmarketOS/pmbootstrap/wiki/Troubleshooting:grsec"
+        raise RuntimeError("You're running a kernel based on the grsec"
+                           " patchset. To get pmbootstrap working, you"
+                           " will need to disable some options with"
+                           " sysctl: <" + link + ">")
diff --git a/pmbootstrap.py b/pmbootstrap.py
index 9f3b600a..8bf31bba 100755
--- a/pmbootstrap.py
+++ b/pmbootstrap.py
@@ -34,6 +34,7 @@ import pmb.chroot.initfs
 import pmb.chroot.other
 import pmb.flasher
 import pmb.helpers.logging
+import pmb.helpers.other
 import pmb.helpers.run
 import pmb.parse
 import pmb.install
@@ -46,6 +47,9 @@ def main():
 
     # Wrap everything to display nice error messages
     try:
+        # Sanity check
+        pmb.helpers.other.check_grsec()
+
         # Initialize or require config
         if args.action == "init":
             return pmb.config.init(args)