You’ve probably seen it in a random GitHub issue or a dusty Stack Overflow thread from 2014. Someone is screaming about permission errors on their Mac, and a "helpful" stranger swoops in with a one-liner: sudo chown -r 501:20.
It looks like magic code. It looks like the ultimate fix for those annoying "You do not have permission to access this file" pop-ups that haunt macOS and Linux users alike. But here is the thing about copying and pasting commands you find on the internet: if you don't know what 501 or 20 actually means, you might be fixing one problem while accidentally breaking your entire user profile's security model.
What is actually happening when you run sudo chown -r 501:20?
Let's break the silence on what these numbers represent. In the world of Unix-based systems—which includes macOS and every flavor of Linux—the computer doesn't really care about your name being "Sarah" or "John." It cares about numbers.
When you type sudo, you are telling the system to run the command with "Super User" privileges. You're the boss. chown is short for change owner. The -r (though usually written as -R for recursive) tells the system to apply this change to every single file and folder inside the directory you've targeted.
Then we get to the cryptic part: 501:20.
On a standard macOS installation, 501 is the User ID (UID) of the very first user account created on the machine. If you bought a MacBook, opened it up, and went through the setup process, you are almost certainly UID 501. The 20 is the Group ID (GID). In macOS, the group 20 corresponds to the staff group. Basically, this command is saying: "Hey computer, take everything in this folder and make it belong to the primary user and the general staff group."
The macOS Legacy: Why 501 and 20 are the "Magic Numbers"
It’s kinda fascinating how these specific integers became the industry standard for troubleshooting. Back in the early days of Mac OS X, Apple decided that user IDs would start at 501. Linux systems, on the other hand, usually start their human users at 1000.
If you migrate files from an old Mac to a new one, or if you're messing around with external hard drives formatted in HFS+ or APFS, the permissions sometimes get "stuck" on the old user's ID. You might be the owner on the old machine, but to the new machine, those files belong to a ghost. By running sudo chown -R 501:20 /path/to/folder, you are effectively "re-claiming" those files for the current primary user.
It's a brute-force fix.
I've seen people use this to fix Plex media libraries that won't scan, or to get Photoshop to finally save a file to an external drive that was originally used on a different iMac. It works because it forces the file system to align with the default identity of a Mac user.
The recursive danger: A cautionary tale
The -r flag is a double-edged sword. It is powerful. It is fast. It is also dangerous if you point it at the wrong place.
Imagine you are in your terminal and you accidentally type a space where there shouldn't be one. Or worse, you run this on a system directory like /usr/bin or /etc. Systems rely on specific, granular permissions to stay secure. If you change the owner of system-critical files to 501 (a regular human user), you might have just opened a massive security hole. Or, you might have just made it impossible for the system to boot because certain processes require "root" ownership to execute.
Honestly, many people use sudo chown -R 501:20 when they should probably be using chmod. While chown changes who owns the file, chmod changes what people can do with it (read, write, execute). If you own the file but still can't edit it, chown isn't your solution.
How to check if you are actually 501
Don't just guess. Before you go running commands that modify your entire file structure, check your own identity. Open the Terminal and type:
id -u
🔗 Read more: Social Media Icons Transparent: Why Your Brand Looks Cheap Without Them
If it spits out 501, then the command is relevant to you. If it says 500 or 1000, running a command for 501 will actually lock you out of your own files. You'd be handing ownership over to a user ID that might not even exist on your system.
To check your group, type:
id -gn
On a Mac, this will likely return staff. On Linux, it will likely return your username. This is why the :20 part is so specific to the Apple ecosystem. Using :20 on a Ubuntu server probably won't do what you think it’s going to do, because group 20 on Ubuntu is often the dialout group (used for serial ports), not the staff group.
Real-world scenarios where this command saves the day
Let’s talk about external drives.
You plug in a drive from your old MacBook Pro. You can see the files, but there is a tiny "red circle" icon on every folder. You try to drag a photo to your desktop and the Mac asks for an admin password, then says "The operation can't be completed." This happens because the files are still "owned" by the UUID of your old account. Even if your name is the same on both Macs, the underlying digital fingerprint is different.
In this specific case, navigating to that drive in the terminal and running the ownership command is the most efficient way to get back to work.
Another common spot? Development environments.
If you've ever run Docker or a web server like Apache/Nginx, sometimes those services create files as the root user. Later, when you try to edit your code in VS Code, the editor complains that it can't save. Why? Because root owns the file, not you. Running a recursive chown back to your user ID (501) and group (20) restores the balance.
✨ Don't miss: Instagram Private Account Posts: What You Can Actually See (and What’s Just a Scam)
The "Permission Denied" myth
There is a common misconception that sudo fixes everything.
It doesn't.
Sometimes, permissions are denied because of "System Integrity Protection" (SIP) on macOS. If you try to chown something in the /System folder, even with sudo, the Mac will tell you to get lost. No amount of recursive ownership changes will bypass the hardware-level protections Apple has put in place to keep the OS from being tampered with.
Also, be careful with the syntax. People often forget the path.
If you type sudo chown -R 501:20 . (note the dot at the end), you are changing everything in the current directory. If you are sitting in your home folder, that's fine. If you accidentally navigated to the root of your hard drive... well, you're going to have a long afternoon of reinstalling macOS.
Expert nuance: Is there a better way?
If you're on a Mac and you're dealing with an external drive, there's actually a "no-code" way to do this. Right-click the drive, hit "Get Info," and look at the bottom of the window. There is a checkbox that says "Ignore ownership on this volume." Checking that box basically tells macOS to treat every file on that drive as if it belongs to whoever is currently logged in. It’s safer than a terminal command because it’s non-destructive. It doesn't actually rewrite the metadata on the disk; it just changes how the OS interprets it.
However, if you are working on internal files or a specific project folder, the command line is still the king of precision.
Actionable Steps for Using sudo chown Safely
- Verify your IDs: Always run
idfirst. Know your UID and GID before you start assigning them to files. - Target specifically: Never run the command on a broad directory if you can target a specific one. Instead of
Documents, targetDocuments/Project-Alpha. - Check for the -R vs -r: While some versions of
chownaccept lowercase-r, the standard POSIX flag for recursive is uppercase-R. Using the uppercase version ensures compatibility across different shells (Zsh, Bash, etc.). - Dry Run (sorta): You can't really "dry run" a chown, but you can look at what you're about to change by running
ls -lnto see the current numeric owners of your files. - Backup: If you are about to run a recursive command on thousands of files, make sure your Time Machine backup is current. One typo can be a disaster.
Ownership issues are one of the most frustrating parts of using a Unix-like operating system. Understanding that 501:20 isn't just a magic string, but a specific pointer to your identity as a Mac user, gives you the control to fix your system without blindly following internet advice.
Next time you see a permissions error, check your UID. If you are 501, and the group is 20, you have the keys to the kingdom. Just make sure you're unlocking the right door.