Sam,
I tried getting podman to run unpacked "sandbox" mode singularity
containers, including getting advice from a podman developer.
Theoretically it should be able to be done but I ran into some practical
problems that have perhaps been fixed since then. One of the biggest
problems in my opinion is that podman requires there to be at least two
user ids available in the container. If podman works already though
you probably won't have an issue with that. I got the furthest with
the options
podman run --rm -it --userns=keep-id --cgroup-manager cgroupfs \
--events-backend file --rootfs $(pwd)/rootfs bash
where $(pwd)/rootfs contained an unpacked singularity container.
On the other hand, if podman works, you could install and run
singularity as an unprivileged user yourself. Currently unprivileged
singularity also requires the containers to be sandbox mode, not a .sif
file. If you don't want to compile it from source, and your HPC is
based on RHEL7 or later, you might want to check out my tool cvmfsexec
https://github.com/cvmfs-contrib/cvmfsexec
If that works then you should be able to run
cvmfsexec
oasis.opensciencegrid.org -- \
/cvmfs/
oasis.opensciencegrid.org/mis/singularity/bin/singularity
and as a bonus will have access to everything else installed in cvmfs
including a bunch of containers in /cvmfs/
singularity.opensciencegrid.org.
Dave