diff --git a/refpolicy/policy/users b/refpolicy/policy/users
index 5327ab7..45bcb7e 100644
--- a/refpolicy/policy/users
+++ b/refpolicy/policy/users
@@ -26,7 +26,9 @@ gen_user(system_u, system_r, s0, s0 - s15:c0.c255, c0.c255)
 ifdef(`targeted_policy',`
 gen_user(user_u, user_r sysadm_r system_r, s0, s0 - s15:c0.c255, c0.c255)
 ',`
-gen_user(user_u, user_r, s0, s0 - s15:c0.c255, c0.c255)
+gen_user(user_u, user_r, s0, s0)
+gen_user(staff_u, staff_r secadm_r sysadm_r, s0, s0 - s15:c0.c255, c0.c255)
+gen_user(sysadm_u, sysadm_r, s0, s0 - s15:c0.c255, c0.c255)
 ')
 
 #
@@ -40,8 +42,8 @@ ifdef(`targeted_policy',`
 	gen_user(root, user_r sysadm_r system_r, s0, s0 - s15:c0.c255, c0.c255)
 ',`
 	ifdef(`direct_sysadm_daemon',`
-		gen_user(root, sysadm_r staff_r system_r, s0, s0 - s15:c0.c255, c0.c255)
+		gen_user(root, sysadm_r staff_r secadm_r system_r, s0, s0 - s15:c0.c255, c0.c255)
 	',`
-		gen_user(root, sysadm_r staff_r, s0, s0 - s15:c0.c255, c0.c255)
+		gen_user(root, sysadm_r staff_r secadm_r , s0, s0 - s15:c0.c255, c0.c255)
 	')
 ')