diff --git a/nixos/release.nix b/nixos/release.nix
index 3c7cf84c672..9c15b1ea074 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -230,6 +230,7 @@ in rec {
   #tests.gitlab = callTest tests/gitlab.nix {};
   tests.gnome3 = callTest tests/gnome3.nix {};
   tests.gnome3-gdm = callTest tests/gnome3-gdm.nix {};
+  tests.grsecurity = callTest tests/grsecurity.nix {};
   tests.i3wm = callTest tests/i3wm.nix {};
   tests.installer.grub1 = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).grub1.test);
   tests.installer.lvm = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).lvm.test);
diff --git a/nixos/tests/grsecurity.nix b/nixos/tests/grsecurity.nix
new file mode 100644
index 00000000000..14f1aa9ff88
--- /dev/null
+++ b/nixos/tests/grsecurity.nix
@@ -0,0 +1,19 @@
+# Basic test to make sure grsecurity works
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "grsecurity";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ copumpkin ];
+  };
+
+  machine = { config, pkgs, ... }:
+    { boot.kernelPackages = pkgs.linuxPackages_grsec_testing_server; };
+
+  testScript =
+    ''
+      $machine->succeed("uname -a") =~ /grsec/;
+      # FIXME: this seems to hang the whole test. Unclear why, but let's fix it
+      # $machine->succeed("${pkgs.paxtest}/bin/paxtest blackhat");
+    '';
+})
+