We have 8 AIX Escalla servers in a cluster using GPFS to share files.
All the necessary "passwd" files are stored on GPFS. We have over 9000
users.

How resilient is the file level locking for the passwd function? Does
this locking work over GPFS?

It's a tricky one to test because of the user interaction required.

We currently have our own file level locking in place, but because
this is around the whole passwd function it results in users being
unable to change their password because one user is taking their time
in coming up with a new password. This restriction is making the
lovely users unhappy.

We have at least one instance of /etc/security/passwd becoming
corrupt, but we don't know the cause of this.

My concern is that the passwd function being called at login when a
passwd has expired is causing this issue because it is not performing
its own internal locking correctly over GPFS - we don't have our own
file locking around password expiry changes. On the other hand it
might just be an Admin editing the file.

Thanks in advance for your wisdom.