Linux has had unprivileged chroot for a while, via user namespaces. Their setup is a bit complicated if you want to support nesting in other container runtimes: https://sourceware.org/git/?p=glibc.git;a=blob;f=support/sup...

After this dance, you can call chroot from within the new namespace. It's often also possible to use unprivileged bind-mount /dev, /sys, /proc, for a more regular execution environment (although some container runtimes block this unfortunately).