mon: client: multifs: auth caps on client->mon connections to limit their access to MDSMaps by FSCID
Currently clients with 'mds allow r' capabilities can see any MDSMap.
We would like to be able to craft client auth caps that restrict them to only being able to see a specific set of MDSMaps. This would also restrict their ability to look up FSCIDs from filesystem names (http://tracker.ceph.com/issues/15067)
I think something like "mds r fscid=<fscid>" would make sense.