diff --git a/HACKING.md b/HACKING.md
index 414d79c43..c8d95b3c5 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -34,7 +34,7 @@ and requires about 4.5 GB of disk space.
    cycle during development.
 
     ```
-    $ sudo /vagrant/run --develop
+    $ sudo -u plinth /vagrant/run --develop
     ```
 
 Note: This virtual machine has automatic upgrades disabled by default.
diff --git a/Vagrantfile b/Vagrantfile
index 441d9cc89..3b1baacd8 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -19,6 +19,7 @@
 Vagrant.configure(2) do |config|
   config.vm.box = "freedombox/plinth-dev"
   config.vm.network "forwarded_port", guest: 443, host: 4430
+  config.vm.synced_folder ".", "/vagrant", owner: "plinth", group: "plinth"
   config.vm.provider "virtualbox" do |vb|
     vb.cpus = 2
     vb.memory = 2048
@@ -47,15 +48,21 @@ Vagrant.configure(2) do |config|
 for development. You can run the development version of Plinth using
 the following command.
 $ vagrant ssh
-$ sudo /vagrant/run --develop
+$ sudo -u plinth /vagrant/run --develop
 Plinth will be available at https://localhost:4430/plinth (with
 an invalid SSL certificate).
 "
 
+  config.trigger.after [:up, :resume, :reload] do |trigger|
+    trigger.info = "Set plinth user permissions for development environment"
+    trigger.run_remote = {
+      path: "vagrant-scripts/plinth-user-permissions.py"
+    }
+  end
   config.trigger.before :destroy do |trigger|
     trigger.warn = "Performing cleanup steps"
     trigger.run = {
-      path: "post-box-destroy.py"
+      path: "vagrant-scripts/post-box-destroy.py"
     }
   end
   config.vm.boot_timeout=1200
diff --git a/vagrant-scripts/plinth-user-permissions.py b/vagrant-scripts/plinth-user-permissions.py
new file mode 100755
index 000000000..4fe8991fc
--- /dev/null
+++ b/vagrant-scripts/plinth-user-permissions.py
@@ -0,0 +1,39 @@
+#!/usr/bin/python3
+# -*- mode: python -*-
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Set required permissions for user "plinth" to run plinth in the development
+environment.
+"""
+
+import augeas
+
+sudoers_file = '/etc/sudoers.d/plinth'
+aug = augeas.Augeas(
+    flags=augeas.Augeas.NO_LOAD + augeas.Augeas.NO_MODL_AUTOLOAD)
+
+# lens for shell-script config file
+aug.set('/augeas/load/Shellvars/lens', 'Sudoers.lns')
+aug.set('/augeas/load/Shellvars/incl[last() + 1]', sudoers_file)
+aug.load()
+
+aug.set('/files{}/spec[1]/host_group/command[2]'.format(sudoers_file),
+        '/vagrant/actions/*')
+aug.set('/files{}/spec[1]/host_group/command[1]/tag[2]'.format(sudoers_file),
+        'SETENV')
+aug.save()
diff --git a/post-box-destroy.py b/vagrant-scripts/post-box-destroy.py
similarity index 100%
rename from post-box-destroy.py
rename to vagrant-scripts/post-box-destroy.py