mds: client: multifs: auth caps on client->MDS connections to limit by FSCID
When a client is to be limited to a particular filesystem, it needs to not only be restricted to seeing that MDSMap, but also be restricted to only talking to MDSs that are currently holding a rank in the permitted filesystem.
This is the MDS equivalent of (http://tracker.ceph.com/issues/15070). If there is a neat way to avoid the need to duplicate the client's FSCID permissions in both the mon and mds caps then that would be a usability benefit, but currently each server can only see the client's caps for themselves (i.e. the mds can't see the mon caps of the client)