How not to reset the root password?

With physical access? No way.

2. How to check the integrity of some directories/files when loading a VM?

Try to write down their hashes and check them.
Linux and protection are incompatible concepts, the code is open, the standards are known, and with physical access, any protection can be bypassed.
If I were you, I would set a password for root and write a script that would monitor /etc/shadow and kill the root partition if the root password changes.

but to climb inside - nothing!

It is rather strange to use an open-source thing that basically does not have such protection mechanisms - for such purposes.
Potentially, disk encryption and a password-protected hornbeam can help, but you yourself understand - every tricky #opu has its own MPH with a left-hand thread :) Although this will scare away script kiddies.
But if you have physical access to the machine, the question "do not give access" is not worth it. The question is "to make it as difficult as possible to get it", because the time to get it will be directly proportional to the user's skill and desire to get there.

How to check the integrity of some directories/files when loading a VM?

Require access to the tyrnet and check the checksums of the files with the checksums on your server, if they do not match, destroy the system. This moment is better reflected in the contract :) When updating the VM (if it is supposed), of course, do not forget to update the checksums.
Of course, all this will not help anyway :) You actually want to do the same thing as Google with android - let it be used, but not give root. How many ways to get root have already come up with a grateful cunning humanity?

Why don't you like tokens or LMS (FlexLM) for example?