Tomasz Ostrowski <tometzky@batory.org.pl> writes:
> And everything I need would be very simple to do if there was an
> option to disable self-change of passwords for ordinary users.
If you are using PAM authentication, the password recorded by Postgres
is irrelevant, so I'm not seeing what the problem is.
regards, tom lane