diff --git a/Dockerfile b/Dockerfile
index 7147ae4..8619e64 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,6 +15,12 @@ RUN apt-get update \
 
 # Make HipChat grsec friendly
 #
+# To build the Docker image, I currently had to disable the following grsec protections:
+# # grep -E "chroot_deny_chmod|chroot_deny_mknod|chroot_caps" /etc/sysctl.d/grsec.conf
+# kernel.grsecurity.chroot_deny_chmod = 0
+# kernel.grsecurity.chroot_deny_mknod = 0
+# kernel.grsecurity.chroot_caps = 0 (relates to a systemd package)
+#
 # (runtime only, since xattrs are not preserved in Docker's final image)
 # m: Disable MPROTECT // grsec: denied RWX mmap of <anonymous mapping>
 # RUN setfattr -n user.pax.flags -v "m" /opt/HipChat4/lib/HipChat.bin /opt/HipChat4/lib/QtWebEngineProcess.bin