"I guess my question is how to make it ask for root password for maintainance"
I guess that you will have to change the failsafe script to do something else.
There is a table called /etc/initab which describes what script to run for each run level. This varies some from one distribution to another. In my /etc/initab failsafe mode is called single user mode and is defined as run level 1. Here is the appropriate section in my /etc/initab:
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
# System initialization.
This says that whenever Linux decides to go into run level 1 (failsafe) to run a script called /etc/rc.d/rc 1. You could change your initab to run your own script when Linux goes into failsafe mode.
So what should your failsafe mode script look like? You want to create a version of failsafe that requires a password to login. That is possible. Another possibility is to create a script that handles the error automatically. This script would run the appropriate fsck command against each Linux partition, I suggest that you run fsck with the -p option so that fsck does not ask the user any questions, just goes ahead and does its thing. After the script has done the fsck commands then it issues: shutdown -r now
Be prepared. Create a LifeBoat CD.