Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> writes:
> And everything I need would be very simple to do if there was an
> option to disable self-change of passwords for ordinary users.
If you are using PAM authentication, the password recorded by Postgres
is irrelevant, so I'm not seeing what the problem is.
regards, tom lane