diff -ruN checkpolicy/policy_parse.y checkpolicy.new/policy_parse.y
--- checkpolicy/policy_parse.y	Thu Sep 26 13:43:16 2002
+++ checkpolicy.new/policy_parse.y	Thu Sep 26 13:41:49 2002
@@ -99,6 +99,7 @@
 %token U1 U2 R1 R2 T1 T2
 %token NOT AND OR 
 %token IDENTIFIER
+%token USER_IDENTIFIER
 %token NUMBER
 %token EQUALS
 %token NOTEQUAL
@@ -322,10 +323,10 @@
 			| T1 op T2
 			{ $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_TYPE, $2);
 			  if ($$ == 0) return -1; }
-			| U1 op { if (insert_separator(1)) return -1; } names_push
+			| U1 op { if (insert_separator(1)) return -1; } user_names_push
 			{ $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_USER, $2);
 			  if ($$ == 0) return -1; }
-			| U2 op { if (insert_separator(1)) return -1; } names_push
+			| U2 op { if (insert_separator(1)) return -1; } user_names_push
 			{ $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_USER | CEXPR_TARGET, $2);
 			  if ($$ == 0) return -1; }
 			| R1 op { if (insert_separator(1)) return -1; } names_push
@@ -377,7 +378,10 @@
 users			: user_def
 			| users user_def
 			;
-user_def		: USER identifier ROLES names opt_user_ranges ';'
+user_id			: identifier
+			| user_identifier
+			;
+user_def		: USER user_id ROLES names opt_user_ranges ';'
 	                {if (define_user()) return -1;}
 			;
 opt_user_ranges		: RANGES user_ranges 
@@ -470,7 +474,7 @@
 			  $$ = addr;
 			}
     			;
-security_context_def	: identifier ':' identifier ':' identifier opt_mls_range_def
+security_context_def	: user_id ':' identifier ':' identifier opt_mls_range_def
 	                ;
 opt_mls_range_def	: ':' mls_range_def
 			|	
@@ -536,6 +540,21 @@
 identifier		: IDENTIFIER
 			{ if (insert_id(yytext,0)) return -1; }
 			;
+user_identifier		: USER_IDENTIFIER
+			{ if (insert_id(yytext,0)) return -1; }
+			;
+user_identifier_push	: USER_IDENTIFIER
+			{ if (insert_id(yytext, 1)) return -1; }
+			;
+useridentifier_list_push : user_identifier_push
+			| identifier_list_push user_identifier_push
+			;
+user_names_push		: names_push
+			| user_identifier_push
+			| '{' useridentifier_list_push '}'
+			| tilde_push user_identifier_push
+			| tilde_push '{' useridentifier_list_push '}'
+			;
 path     		: PATH
 			{ if (insert_id(yytext,0)) return -1; }
 			;
diff -ruN checkpolicy/policy_scan.l checkpolicy.new/policy_scan.l
--- checkpolicy/policy_scan.l	Thu Sep 26 13:43:17 2002
+++ checkpolicy.new/policy_scan.l	Thu Sep 26 13:41:49 2002
@@ -132,6 +132,7 @@
 T2				{ return(T2); }
 "/"({letter}|{digit}|_|"."|"-"|"/")*	{ return(PATH); }
 {letter}({letter}|{digit}|_)*	{ return(IDENTIFIER); }
+{letter}({letter}|{digit}|_|"."|"-")*	{ return(USER_IDENTIFIER); }
 {digit}{digit}*                 { return(NUMBER); }
 #[^\n]*                         { /* delete comments */ }
 [ \t\f]+			{ /* delete whitespace */ }