From abde79348e9251e311e9c0c2b0db56866956c80e Mon Sep 17 00:00:00 2001 From: Charles Zaffery Date: Tue, 10 Dec 2024 13:44:17 -0800 Subject: [PATCH] add noswap to secretdir tmpfs --- client/allocdir/fs_linux.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/allocdir/fs_linux.go b/client/allocdir/fs_linux.go index 7cc0e9d5363..8d2ef694368 100644 --- a/client/allocdir/fs_linux.go +++ b/client/allocdir/fs_linux.go @@ -73,7 +73,8 @@ func createSecretDir(dir string, size int) error { } flags := uintptr(syscall.MS_NOEXEC) - options := fmt.Sprintf("size=%dm", size) + // Permanantly disable swap for tmpfs for SecretDir. + options := fmt.Sprintf("size=%dm,noswap", size) if err := syscall.Mount("tmpfs", dir, "tmpfs", flags, options); err != nil { return os.NewSyscallError("mount", err) }