Linux provides so-called "single user mode" or "rescue mode" in which a multi-user Linux system boots into a single user environment with superuser privilege. The single user mode is useful when you need exclusive access to shared system resources, e.g., when conducting maintenance or security audit of root file system, and updating critical system settings such as resetting root passwords.
If you are using GRUB bootloader, you can boot into single user mode by interrupting the bootloader and dropping in additional special parameter (e.g., "single"). The single user mode will be booting Linux under runlevel 1, in which you will directly get a bash command prompt without entering root password.
If you would like to force a login password prompt even in single user mode, you can add the following to /etc/inittab.
In this setup, you will be prompted to enter root password when entering single user mode. Without entering a correct root password, you will not get a bash command prompt.
Note that the above setup is still not a proper protection mechanism against unauthorized users gaining access to the root file system of your Linux system. Unauthorized user could still boot into a live CD, mount the root file system from the live CD, and then modify /etc/inittab. To prevent this kind of attack, you may want to consider full disk encryption.
Subscribe to Xmodulo
You can have daily Linux tutorials and FAQs delivered to your email inbox. Simply enter your email address below to subscribe to our mailing list. You will receive hands-on guides and carefully written tutorials related to Linux, everything for free.