diff --git a/client/allocdir/fs_linux.go b/client/allocdir/fs_linux.go
index 7cc0e9d5363..8d2ef694368 100644
--- a/client/allocdir/fs_linux.go
+++ b/client/allocdir/fs_linux.go
@@ -73,7 +73,8 @@ func createSecretDir(dir string, size int) error {
 		}
 
 		flags := uintptr(syscall.MS_NOEXEC)
-		options := fmt.Sprintf("size=%dm", size)
+		// Permanantly disable swap for tmpfs for SecretDir.
+		options := fmt.Sprintf("size=%dm,noswap", size)
 		if err := syscall.Mount("tmpfs", dir, "tmpfs", flags, options); err != nil {
 			return os.NewSyscallError("mount", err)
 		}