vm.swappiness=1

import from swappiness-lowest

https://forums.whonix.org/t/vm-swappiness-1-set-swapiness-to-lowest-setting-still-useful-swappiness-lowest/9278

debian/control

@@ -15,7 +15,7 @@ Package: security-misc
 Architecture: all
 Depends: python3, libglib2.0-bin, libpam-runtime, sudo, adduser, libcap2-bin,
  apparmor-profile-dist, helper-scripts, ${misc:Depends}
-Replaces: tcp-timestamps-disable, anon-gpg-tweaks
+Replaces: tcp-timestamps-disable, anon-gpg-tweaks, swappiness-lowest
 Description: enhances misc security settings
  Inspired by Kernel Self Protection Project (KSPP)
  .
@@ -280,6 +280,9 @@ Description: enhances misc security settings
  `/etc/systemd/system/emergency.service.d/override.conf`
  `/etc/systemd/system/rescue.service.d/override.conf`
  .
+ Let the kernel only swap if it is absolutely necessary.
+ `/etc/sysctl.d/30_security-misc.conf`
+ .
  Disables TCP Time Stamps:
  .
  TCP time stamps (RFC 1323) allow for tracking clock

etc/sysctl.d/30_security-misc.conf

@@ -139,3 +139,10 @@ dev.tty.ldisc_autoload=0
 ##
 ## https://duasynt.com/blog/linux-kernel-heap-spray
 vm.unprivileged_userfaultfd=0
+
+## Let the kernel only swap if it is absolutely necessary.
+## Better not be set to zero:
+## - https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Performance_Tuning_Guide/s-memory-tunables.html
+## - https://en.wikipedia.org/wiki/Swappiness
+vm.swappiness=1
+