The vagrant role for Sentry creates a separate user; this results in permission problems (e.g. ImproperlyConfigured: Could not write to directory: /vagrant/logs/sentry.mail.log).
Separating permissions by running each service with its own user is a good practice in general but does not work great with Vagrant because some key directories are actually on the host and mounted to the guest via some sharing protocol which varies based on OS and config; setting permissions for these directories is fragile.
@bd808 recommends to run Sentry as www-data.